Slashdot Mirror
Feds to Open BlackBoxVoting User Logs?
Doc Ruby writes "Investigating a crack of eVoting company VoteHere, the FBI is said to be issuing a subpoena for the traffic logs of journalist Beverly Harris' BlackBoxVoting website. The FBI is pursuing Harris on the theory that her site is the connection between incriminating memos leaked from (VoteHere competitor) Diebold and the intrusion into VoteHere's servers. Are you on the list?"
They can't subpoena something that doesn't exist...if sites with potentially controversial content make a policy of not keeping logs more than 24 hours (or even better, simply write the logs to /dev/null) then there's nothing at all for the FBI, NSA, etc. to subpoena.
I'm surprised they don't do this already.
Thanks for the link, you dirty rotten #%@&@$#!!
Apparently a judge somewhere has been shown enough information to think that a search of the site is warranted...
Tampering with the election companies is a great way to prove that they're insecure, but it's still illegal...
Actually, if this were a slashdot article eons ago, it probably got slashdotted, and thus have lots of slashketeers on their list. Those that cared to RTFA, anyway...so that drops it down to a handful. :)
Guess here's one of those instances where it pays NOT to RTFA. Like we ever do anyway.
How about the feds crack down on the companies that make this terrible software in the first place?
So how would they prosecute this if the blame falls on VoteHere via BlackBoxVoting? Is this something that would be considered industrial espionage and prosecuted under trade secret law? What about BlackBoxVoting being labeled the "middleman" in the leak?
-- Stu
/. ID under 2,000. I feel old now.
Glad I gave up cracking for Lent. I wouldn't want THE MAN to rain on my parade.
Nice way to give the feds a bit more work, slashdot the site, fill up the logs pretty good...
"Sic Semper Tyrannosaurus Rex."
...there isn't enough epithets I could hurl right now at the level of inanity at this. You have a case where the firms entrusted to provide equipment & services to THE most critical democratic process are in need of investigation more than anything else. The hubris and incompetance is fucking staggering.
This administration is easily outpacing the chicanery of Harding, Fillmore, and Tyler combined.
For a site about security and privacy, they make a point of displaying in their message boards that the submitting IP address of every post is logged. Well, guess what, the Feds have reason to want to see those logs now.
This is so wrong. We're talking about electronic voting, something which demands security (and transparency, but never mind the apparent paradox just now) and they're not concerned that someone has broken into their network? That's like the police not being worried that someone has been wandering around the evidence room.
Next, "A crime is a crime is a crime". Not only is that redundant but unless you're speaking algebraically it's a bunch of bullshit. In court, your method, your motive, and whether or not your hair is neatly parted and whether or not you've flossed that morning all have a profound effect upon the results of your trial. Furthermore there is a big difference between (say) accessing someone's network for monetary gain, accessing someone's network for the purposes of just defacing it, or accessing someone's network in the pursuit of liberty. Today, that sounds cheesy and fake, which makes me sad. There are valid reasons to break the law. Sometimes when you break the law for a valid reason you are punished anyway, and sometimes not, which is a risk you take - but please allow me to remind you or inform you all (as appropriate) that here in the US of A evidence gathered during the comission of a crime by a private party is admissable in court, but evidence gathered by a police officer which he has to commit a crime to collect is not (typically) so clearly society recognizes some cases in which it might be a good idea to allow selective enforcement of the law.
Maybe I just rant too readily, but I don't like this guy already.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Bev Harris Speaks on Secret Service Issue
The investigation began last October, when VoteHere, an electronic voting software company in Bellevue, reported that a hacker broke into its computer network. VoteHere founder and Chief Executive Officer Jim Adler says, "We didn't think it was a big deal."
And they want us to put our democracy in their hands??? Yikes!
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
Apparently a judge somewhere has been shown enough information to think that a search of the site is warranted...
Not judge. Grand Jury.
"Just a bunch of citizens" meeting in secret and nosing into anything a prosecurot thinks might be a sign that a crime might have been committed.
Because their proceedings are (allegedly) secret and the details of their deliberations do NOT become either public record or evidence usable at a trial, claims of privilege and immunity to search do not pull much weight.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
There is a difference you know. With a warrant, jack boot thugs kick in your door and take what they want. With a subpoena, they simply hold a gun to your head and ask nicely ;-)
I think young people might get more engaged in the political process if they worked as scrutineers and staff at polling booths, but automating everything down to "push button A for war, button B for peace" won't help a bit.
Everybody's a libertarian 'till their neighbour's becomes a crack house.
...but my logs would have long been rotated out from January. They couldn't even imply there was something being hidden by being deleted.
However, as we saw in the Steve Jackson case, the seizure is more to punish than to glean any info.
Yeah, maybe as little as a year or two ago. Now the site is run by Microsoft Fanboy's as sad I am to say it.
This post will be modded down just for saying it. Any pro linux or anti microsoft sentiment expressed on slashdot anymore is modded down. Any post which reflects negatively on the security of closed source is modded down.
Hell I'm starting to believe that the rumors that Microsoft has bought a chunk of Slashdot are true (90% of the ads on the site are Microsoft AD's, some are even TCO FUD links).
Just a test, try submitting 12 stories about new microsoft vulnerabilities after one has been ran. It's fairly easy to do, dozens of MS vulnerabilities are discovered weekly if you watch cert and other similar sites. Watch as all 12 are rejected.
If you pay attention the ratio of Microsoft Vul's which make the page is about 2 for every open source vul reported. As opposed to the 5 or so it used to be. But if you watch the advisory pages nothing has changed in the number of vulnerabilities reported, there is no lower ratio in reality. Stories are being accepted in such a way that it makes it appear that's the case.
I genuinely believe now that Microsoft is exerting at least some influence on the slashdot staff (maybe using their ad dollars as leverage) and definately believe that Microsoft has plenty of moles in the readership.
Truly, I am all over anyone who hacks, destroys, or otherwise wakes the public up to the dangers of e-voting. Of course, I'm now marked for GitMo by the Bush Administration, so I probably won't be posting as often...
Now you are; shouldn't have clicked that link.
Traditional Republicans yes, but the neo-cons in power are anything but traiditional Republicans. And thanks to them, the USA is a lot closer to fascism than we think:
Fascism: A system of government marked by centralization of authority under a dictator, stringent socioeconomic controls, suppression of the opposition through terror and censorship, and typically a policy of belligerent nationalism and racism.
OK, the control is there, the suppression of opposition through terror and censorship is growing, belligerent nationalism is very evident, racism has always been there and now is more prominent in the "war" against terror. The only thing lacking is the true centralization of authority, although the way the President was given a free hand to declare war it's not too far off. We're just one more major attack, followed by a declaration of martial law, away from fascism.
Furthermore, as Mussolini said, fascism should more properly be called corporatism. Corporatism. Ring a bell in today's USA?
From the VoteHere site (http://votehere.com/vhti.html):
"VHTi proves that electronic voting machines worked correctly and did not cheat in every election. "
So . . . only in a few elections?
She dismisses open source software as a solution to electronic voting because bugs can remain hidden even after many reviews. While this is true, it misses the point that we should assume no system will provide a complete answer and therefore use a combination of source code auditing (best if the code is open), certification and what I believe is the most important: paper ballots that can be re-counted to provide an alternative to the electronic counting.
The real "Libtards" are the Libertarians!
It has been said before:
Question Authority
and Authority will question you.
But in the past, for most of us, that was just a quaint saying to chuckle over in the dorm lounge. This is the first time this shit is coming HOME for many of us. If you think this list of users isn't going to go into a database somewhere, you probably aren't on the list in the first place.
When information is power, privacy is freedom.
I think that you are reading way too much into the situation.
/. editors are sick of seeing MS vulnerabilities appear in the submission list? Or they believe that adding YAMV (Yet Another Microsoft Vulnerability) to the main story page will not add much value to the site. The only thing it would add is old MS bashing will be repeated yet again.
Have you considered the possibility that the
On the other hand, I could be wrong and MS could own OSDN wholly, the shares are cheap enough...
If I point out that you are incorrect, making me a foe does not make you any more correct.
If Robert Novak can continue to avoid naming his source in the CIA Officer identity leak, then Bev should have no problem. Plus what she's doing bears a much greater resemblance to journalism than whatever Novak spews.
Lo and behold, looky who is writing for MSN Slate. None other than Slashdot's beloved Jon Katz. Writing the same half-informed stuff, and as always with the misrepresentative tone of having first hand experience with the subject at hand.
That's possible. But if that were the case I'd disagree with them.
n issue/or anything else which will likely have an impact on a large number of computers and the way they are supported, article is submitted I'd sure like to see it.
Throughout the day I don't have time to read slashdot and browse the comments at work (yes I actually have to *work* at work, the nerve of those people). But I certainly load up the page and scan for vulnerability/worm/etc headlines because slashdot is the one place that generally covers all the majors fairly fast (using an open source type method so to speak) which will point me to the individual site covering the issue. Or make me aware of said issue so I can hunt out more information.
For blaster for instance, this was extremely useful, I knew about blaster right away, and although there wasn't a fix out yet when it first hit until about noon that day, because I'd found out that this beast existed on slashdot we didn't spend hours trying to fix these issues before realizing it was a new worm.
The same is true for the linux systems we have out there. Granted I've never had a linux update break anything yet, but the Windows world has me paranoid enough that I haven't set automatic update downloading. And although I update routinely if I hear about a certainly especially critical issue I make it a point to update the systems affected IMMEDIATELY.
Throughout the day I generally have 2 or 3 30second windows in which I can check a site for information about current issues, that means I have time to check ONE site. I imagine alot of people are in this boat.
Either slashdot covers vulnerabilities or it doesn't, either it covers worms or it doesn't. Perhaps not on the main page for every single one... but I have EVERYTHING turned on for what is supposed to come up on my slashdot page, so if a legitimate vulnerability/virus/worm/trojan/spyware/activatio
That said, I think your mistaken though. I still find it suspicious that this started occuring right about the time the volume was seriously cranked up on the Microsoft ads (not when Microsoft ads first started appearing, there used to be some, now almost all the ads are).
Another Microsoft vulnerability is not news. Boring, boring.
You need a significant new Microsoft vulnerability to make it news.
An Open Source vulnerability generally is news.
The Microsoft ads indicate that Micrsoft is feeling pressure. Be aware that ads are targeted not to the customers of the product but to the management of the company that approves the ad. The TCO ad just means that Microsoft found somebody who could figure out that a mainframe was more expensive than a dual Xeon Intel box. I'm sure an extended cab pickup is cheaper than an 85-ton earthmover.
All software has bugs. But you knew that already.
We found another one. This not the first. It won't be the last.
You need to update to keep your system secure.
If there ever will be a hole, your system is not secure.
Not knowing of any insecurities is not equivalent to being secure.
I was about to correct you, but it seems both I and the last poster were taught wrong. I checked your link, and verified by digging up several others. You do indeed add 's to non-plural possesive nouns like James's.
Nothing makes me madder than discovering that along the way, one of my teachers drilled the wrong thing into me. We all depend on what we were taught in things like grammar. Unlike math, there's no "going back to first principles" or "proving it for yourself." If we were taught wrong, we end up making fools of ourselves later,. Of course, it might help if we paid teachers more than a pittance, or if more than a tiny fraction of students cared, but that's another gripe for another time.
And then, of course, there's the possibility that all three sites I checked on the 'net are wrong-- lord knows the internet isn't exactly edited for accuracy. For now, I'll just have to take your word for it.
My name is 63.161.169.137, and I approve this message.
Literalism isn't a form of humor, it's you being irritating.
Excellent point you just made, and if people are really paying attention, the Steve Jackson case is only one of MANY such instances in the "computer crimes" saga.
There's a pretty amazingly large list of computer bulletin board systems that listed "FBI raid/seizure" as their reason for finally going offline - yet no prosecutions were made in the vast majority of these cases. People simply dialed up one day, got a "number has been disconnected" message, and assumed the sysop didn't want to run his/her BBS anymore.
I first realized this when looking over one of the old collections of BBS numbers found on the Internet. (I think this was someplace on the www.bbsdocumentary.com web site, but as I look there right now - I only see lists of BBS names with phone numbers and sysops, but no notes as to why they went offline.)
It seems to me that right before the Internet really went mainstream, the feds were spending an awful lot of time seizing people's BBS hardware and software, with no real motivation other than attempting to break up the "BBS scene".
With the number of U.S. slashdotters out there, we can certainly bump this in the thousands, go sign the petition:
h tml
http://www.blackboxvoting.org/BlackBoxVoting.org.
Go and show that it's not just a dozen paranoid freaks out there that think the system is broken.
If journalistic privilege didn't exist, would Novak really have been able to get away with publishing the identity of a CIA operative, and been able to shield the source of the leak by claiming journalistic privilege?
There are dozens, if not hundreds of pieces of caselaw which point to a journalistic privilege existing. However, this journalistic privilege is not absolute. (Then again, no privilege is absolute! Even before USA PATRIOT was passed, attorney-client privilege wasn't absolute. Doctor-client privilege isn't absolute. Priest-penitent privilege isn't absolute.) This means that, under very specific circumstances, a court can order a journalist to cough up a source, evidence, etc.
But it's an uphill battle and it usually ends very, very poorly for prosecutors. It's a lose-lose situation. If they lose, then they look like jackasses in public and they don't want that. If they win, then the next time they're up for re-election every newspaper will endorse the other guy, and they don't want that.
In the article, she's confident that the person who was offering her the VoteHere information was NOT the person who was a contact regarding Diebold.
She also states that the investigators rarely even ask her about VoteHere, that they seem to be fishing for something else...what else is there?
Diebold gets kicked out of California. There are reasons why that company/industry would want to see her/her website/whistleblowers to go away.
I'd be really sad, if we've reached a point in our history, where the FBI gets involved in covering up the Diebold mess. Diebold has *more* than earned its place of shame, and electronic voting needs more watchdogs and whistleblowers...not less.
If it becomes a trend that users get in trouble for visiting specific websites, I could screw over everyone I hate just by lugging my laptop within range of their unprotected wireless network
I think I just had a lightbulb go off in my head. This is how I shall eventually rule the world... eliminating my enemies via paranoid government... muhahahaha!
So the FBI is only after *selected* log info. Trusting the government to excercise restraint is exactly what the founding fathers steeled this nation against. Why on earth would intelligence agencies that have been funded by our representatives to compile massive databases NOT keep all of the information therein? You mean the agency doesn't care what *else* is in the log as long as I didn't do anything wrong? Wake up and smell the erosion of democracy!
The US Constitution specifies a peaceful "overthrow" of the government every two years: every 4 years an election allows the Executive branch to be replaced, and requires at least partial replacement every 8 (maximum 2 consecutive presidential terms); every 6 years an election allows 1/3 of Congress to be replaced, staggered by 2 years. The remaining Judicial branch is appointed at the Federal level, rather than elected, with the 9 Supreme Justices appointed for life. Some say that lifetime appointment protects a career of malfeasance. Some say the local justices elections are a worse reward for bias. And some say that the Judicial branch's increasing power to decide elections, by constraining candidates' access ballots, and voters' access to ballots, is a problem almost as serious as corporate secrecy constraining everyone's access to the voting machines inner mechanisms.
"Ours is a government built not on trust, but suspicion."
- Thomas Jefferson (paraphrase)
--
make install -not war
I not only visted her website on several occasions but I also purchased a copy of her book. It is titled "Black Box Voting: Ballot Tampering in the 21st Century." I look forward to reading it soon. I also once listen to her when she appeared on on a radio talk show. I even went so far as to write to my elected representatives on this subject. Does that mean that I will soon be on the FBI's long list of suspects?
I first started following what she and others had to say when the Swathmore College sudents launched their electronic civil disobedience campaign against Diebold. The students were trying to bring attention to internal Diebold memos which showed that Diebold employees knew how insecure their voting machines and the software was. The students were fighting Diebold's cease-and-desist letters that were forcing websites to take down the memos. For a few hours at a time websites would appear with the information and then the would quickly be shut down and dissappear. The websites not only had the internal Diebold memos but some even had the actual GEMS software and sample voting data files to play with.
The webpages included instructions on how to intall the software on your Windows computer and then use Microsoft Access to easily bypass the all security features. As I recall, it also explained how to modify the "AuditLog" and bypass the audit trail. Keep in mind that the internal memos showed that Diebold knew about most of those problems and did not seem to want to bother fixing the security flaws. Many polling places are now using Diebold voting machines here in the United States.
I did not downlaod the GEMS election software and the memos from the websites. The files would have been to large to be downloaded with my slow dial-up connecton. But, I am sure that many people around the world did. I have not kept up with what is going on lately but apparently the FBI claims to be investigating an alleged break-in at the VoteHere electronic voting software company. The FBI also seem to still be interested in the Diebold memos.
What Bev Harris and others want is for us to use voting machines that print out a stub which can be inserted into the ballot box as a backup in case a recount is needed. Machines of that type exist now but for some reason there has been less of a push for using them. Correct me if I am wrong but, I have heard that several of the voting machine companies have several lobbyists busy in Washington and have made a number of political contributions. Perhaps the main problem is that Bev Harris is trying to bring all that to everyone's attention. She and others are guilty of trying to protectly the integrity of the voting process here in the USA.
Lazy, paranoid and helpfull.
wget -m http://www.blackboxvoting.org ; chmod -R a+rx *
At your service. As we speak. Univeristy-class hosting.
You might notice a slight glitch, but I'll have that corrected.
Not Buzzword 2.0 compliant. Please speak english.
"Just a bunch of citizens" meeting in secret and nosing into anything a prosecurot thinks might be a sign that a crime might have been committed.
Alas poor justice i knew it well. Justice must be done and be seen to be done, other wise how can you have faith and trust in it?
Saying Apple is better than MS is like saying Botulism is better than rabies.
I am now.
;)
Lets see how the feds handle a slashdotting log
This comment does not represent the views or opinions of the user.
Grand Juries aren't about doing whatever the Prosecutor wants. Usually, they're about doing whatever the citizens want - the Prosecutor can ask them to investigate something, but there is no requirement that they do so. The Prosecutor can present all sorts of evidence that a crime has occurred, and the Grand Jury can vote not to indict (we did, in one case), and the Prosecutor can tell the Grand Jury not to indict someone, and have them indicted anyway (we did that too).
The reason Grand Juries are secret is that there are no Fifth Amendment protections when facing a Grand Jury. Yes, a Grand Jury can require you to answer a question you'd rather not (like, "Did you kill your wife?"). That said, testifying before a Grand Jury grants immunity to prosecution for any crimes discussed in your testimony. So, we had to be VERY careful about who we "invited" to talk to us. Wouldn't do at all to accidently invite the murderer to testify, thinking he was just a material witness....
It should further be noted that the Grand Jury concept came about to protect people from abuses by the government. No matter what the government says, the Grand Jury can indict or not at its whim - and if it refuses to indict, the Prosecutor/DA is just SOL, no matter how bad he wants a trial.
And finally, even if this person whose logs are being subpoena'd is considered "one of the good guys", and even if Diebold and the Republicans are "bad guys", stealing things is still illegal, so the Grand Jury investigation may be warranted.
And even more finally, why are you people whinging about this? The lady is a journalist, which means she can invoke Source Protection laws, if applicable, and refuse to turn over any information....
"I do not agree with what you say, but I will defend to the death your right to say it"
I don't usually curse in my /. posts, but that is just fucking priceless.
Reminds me of the justice department investigation (and criminal proceedings against) Greenpeace.
Greenpeace found a ship that was bringing illegal timber from the Amazonian rainforests. So they sent a couple guys to put up a banner on the ship, that said something like "Stop illegal logging now".
So they got caught the Justice department is using a "sailor mongering" law over 100 years old to prosecute **the entire Greenpeace organization**, not just the two chaps who trespassed on the boat. The law was intended to stop prostitutes and bookies and other "low moral characters" from getting on boats at sea.
Never mind the illegal loggers. The justice department is not investigating them, nor suing them, nor prosecuting them. Just the whistleblowers.
Let's get behind Beverly! I for one will be donating money asap!
WWJD? JWRTFA!
Yesterday, a judge threw out the case against Greenpeace. Still, it shows just what a corrupt, authoritarian bunch of crooks are in charge in the administration.
Oh, no! You have walked into the slavering fangs of a lurking grue!
That matches up with just about everything I have heard about the "protections" offered by the Grand Jury system.
sPh
Nothing makes me madder than discovering that along the way, one of my teachers drilled the wrong thing into me.
Amen. I, myself, was terribly confused when my teacher insisted that there were seven colors in the spectrum (ye olde ROY G BIV) when I could only see six (ROY G BV).
I looked for indigo for years, and just couldn't find it. It was only much later that I learned that Newton had felt the need for the spectrum to have seven colors, and so had made one up.
As a sidenote, I wonder if I can moderate myself "Offtopic."
If Robert Novak can continue to avoid naming his source in the CIA Officer identity leak, then Bev should have no problem. Plus what she's doing bears a much greater resemblance to journalism than whatever Novak spews.
... any investigation of Bev is likely to resemble a search and destroy mission.
The key difference is that Robert Novak was doing the administration's dirty work in outing the CIA operative as payback for comments critical of the administration. Any investigation of Navak is going to be for show
Bev was exposing a weakness in the voting system the administration could have used to steal another election, may well have been planning to use for just such purposes (remember Diebold's promise to "deliver Ohio" to Bush?), and quite possibly used during the last election (remember the 80,000 votes that disapppeared from Diebold machines in Florida and were never accounted for?).
This is standard Bush administration intimidation tactics, using the tried and true method of unleashing the FBI's overly broad investigative authority (even pre-9/11 it was overbroad, now it is doubly so) to harrass, intimidate, and even destroy the lives of troublesome pests who still insist on democracy in Bush's America.
While she should get the best lawyer possible, I suspect we are seeing the full weight of the federal government come down on her not because her web site might have been used by someone breaking into another server, but because she shined the light of publicity on one of their dirty little secrets. In the current environment, no amount of legalese is going to protect someone from an administration with a demonstrated willingness to step outside the law whenever it suits them.
Now cue the neo-con right's accusations of tin-foil hats and weeping democrats sore of having an election stolen from them (HINT: I didn't vote for Gore last time around, but that doesn't change the shameful facts of the 2000 election one bit).
The Future of Human Evolution: Autonomy