The reports deal strictly with the flaws in the current electronic voting system. I know for a fact that there is no operating system that cannot be hacked in one way or another. With that in mind, one needs to remember that there are external systems that can help secure. Examples of these are using firewalls and access lists on standard computer networks. There are several things that need to be taken into account when it comes to security.
1. Security at the user interface. (sitting at the machine)
2. Ability to access the machine remotely.
3. Transmission medium.
4. Level of encryption used.
Security at the user interface should be a relative easy fix. Ability to access the machines remotely can also be fixed easily. All it takes is using a dedicated fiber backbone, or using encrypted channels. Transmission medium must be considered in conjuntion with the second and fourth point of consideration. The last is where my personal expierence comes into play. I know of no cellular phones that use 128bit encryption. I also know that it takes a long time for a very strong computer (read a beowulf cluster) to crack a good encryption algorithim. Using something like double encryption with different size keys goes a long way. Pair that with using multiplexed signals and you have gone further.
You can label me a troll all you wish. Hell I don't care. I do know that I can use proper security measures and secure any os from the outside. I could even do this over wifi (wouldnt want to do to bandwidth considerations though).
I agree that a paper print out would be a good additional step, but you can rest assured that if someone really wants to protect this data, it can and will be no matter what the limitations of the actual voting machines limitations are.
Dont believe me, email me. Alan.Dike@us.army.mil
I sorry, but I can just see this guy going, be one with the code. The computer is his home, just send him home happy.
Enough of my sarcasm. I think it is good to see RH makeing money. I agree with mr software exists on its own. It is not an affront to people who write software to be free if someone else charges for it... provided you say its ok. It is a lot of work maintaining a stable distrobution. I personally dont use RH, I find suse allows me to be more lazy. Before everybody flames me, I can do it manually, but why when I dont need to? I support RH because they support the open source community.
No, SCO isnt.
IANAL, but , afaik a corporation is required to do everthing it can to mitigate losses due to any form of infringment before it goes to the courts. There was no release to the public that is supposedly using thier code to inform them properly before the case was filed. Second, the case is a contract dispute, so who gives a crap about the supposedly infringing code. The only reason they brought that into the whole fray is to try to prove that IBM actually inserted code. From their press releases though, they do look like they are setting up to sue everyone. I dont think Unixware will survive the patent suit from IBM though.
Innocent untill proven guilty. Untill they prove that the 2.4-2.6 kernel is infringing, I will use it and be considered innocent, when I find out that I am not (unlikely, but SCO does have an odd way of sueing and winning), I will just change to 2.2 untill there is a clean room version of the kernel to dl.
This has already been done. All one need to do is generate a set of keys and send from end user to end user. The thing that is so interesting is that the mail server is supposedly encrypting this as well. Why dont they just use a NES (network encryption system) that can have umteen connections or a TACLANE that can have up to 6 connections while using hardware encryption? Combine a system like that with a eprom usb device that has the private key on it and the public key on one of many public accessable ldap servers and your set. Just have the email programs check one of the mirrors for a valid key, and off goes your email. You just have to make sure you log in to your eprom. 128 bit encryption is not hard on massive networks, its getting it to be accepted by the home user that you cant control that is going to be the issue. Make the eprom a package deal with your isp connections, and your set. Get a net connection, get a usb token that encrypts your email for you automagically. DoD has been doing that crap for years, just do a google search on DMS (defense messaging system). You shouldnt be able to get down to the nitty gritty, but you should be able to get an idea.
Slashdot Mirror
The reports deal strictly with the flaws in the current electronic voting system. I know for a fact that there is no operating system that cannot be hacked in one way or another. With that in mind, one needs to remember that there are external systems that can help secure. Examples of these are using firewalls and access lists on standard computer networks. There are several things that need to be taken into account when it comes to security. 1. Security at the user interface. (sitting at the machine) 2. Ability to access the machine remotely. 3. Transmission medium. 4. Level of encryption used. Security at the user interface should be a relative easy fix. Ability to access the machines remotely can also be fixed easily. All it takes is using a dedicated fiber backbone, or using encrypted channels. Transmission medium must be considered in conjuntion with the second and fourth point of consideration. The last is where my personal expierence comes into play. I know of no cellular phones that use 128bit encryption. I also know that it takes a long time for a very strong computer (read a beowulf cluster) to crack a good encryption algorithim. Using something like double encryption with different size keys goes a long way. Pair that with using multiplexed signals and you have gone further. You can label me a troll all you wish. Hell I don't care. I do know that I can use proper security measures and secure any os from the outside. I could even do this over wifi (wouldnt want to do to bandwidth considerations though). I agree that a paper print out would be a good additional step, but you can rest assured that if someone really wants to protect this data, it can and will be no matter what the limitations of the actual voting machines limitations are. Dont believe me, email me. Alan.Dike@us.army.mil
I sorry, but I can just see this guy going, be one with the code. The computer is his home, just send him home happy. Enough of my sarcasm. I think it is good to see RH makeing money. I agree with mr software exists on its own. It is not an affront to people who write software to be free if someone else charges for it... provided you say its ok. It is a lot of work maintaining a stable distrobution. I personally dont use RH, I find suse allows me to be more lazy. Before everybody flames me, I can do it manually, but why when I dont need to? I support RH because they support the open source community.
No, SCO isnt. IANAL, but , afaik a corporation is required to do everthing it can to mitigate losses due to any form of infringment before it goes to the courts. There was no release to the public that is supposedly using thier code to inform them properly before the case was filed. Second, the case is a contract dispute, so who gives a crap about the supposedly infringing code. The only reason they brought that into the whole fray is to try to prove that IBM actually inserted code. From their press releases though, they do look like they are setting up to sue everyone. I dont think Unixware will survive the patent suit from IBM though. Innocent untill proven guilty. Untill they prove that the 2.4-2.6 kernel is infringing, I will use it and be considered innocent, when I find out that I am not (unlikely, but SCO does have an odd way of sueing and winning), I will just change to 2.2 untill there is a clean room version of the kernel to dl.
This has already been done. All one need to do is generate a set of keys and send from end user to end user. The thing that is so interesting is that the mail server is supposedly encrypting this as well. Why dont they just use a NES (network encryption system) that can have umteen connections or a TACLANE that can have up to 6 connections while using hardware encryption? Combine a system like that with a eprom usb device that has the private key on it and the public key on one of many public accessable ldap servers and your set. Just have the email programs check one of the mirrors for a valid key, and off goes your email. You just have to make sure you log in to your eprom. 128 bit encryption is not hard on massive networks, its getting it to be accepted by the home user that you cant control that is going to be the issue. Make the eprom a package deal with your isp connections, and your set. Get a net connection, get a usb token that encrypts your email for you automagically. DoD has been doing that crap for years, just do a google search on DMS (defense messaging system). You shouldnt be able to get down to the nitty gritty, but you should be able to get an idea.