The Cellar - View Single Post - Do you trust Diebold to elect our President?

mbpark · 08-26-2008, 11:04 AM

TW,

Scantron has existed since the 1960's, and was good enough for every standardized test in school.

Diebold cared about bells and whistles, and it shows, since they used Windows, a desktop productivity OS, and Office, a desktop productivity solution, to attempt to build a secure device.

Unfortunately, since it's a computer, they approached it the wrong way, and also had a ton of government regulations to deal with along the way. They attempted to use standard PC hardware and software to build a tamper-proof system, which is a problem IBM solved in the 1970's with their cryptographic solutions that self-destruct when tampered with.

Their use of a standard PC-based system self-destructed. It would have actually been simpler to use a purpose-based system based off of an embedded processor with a parallel port to hang an Epson dot matrix printer off of that can print multi-part forms. Give me a decent embedded OS like VXWorks or QNX, a good mass-produced Freescale embedded motherboard, a parallel port on said motherboard, and a mass storage device (if you're paranoid, use an IBM crypto PCI card or smart card to encrypt the data), and I could have led a team of developers and engineers to pull this off in 6 months, fancy GUI included if needed.

Using what appeared to be a standard solution, Windows, led to more problems than a bespoke solution because it led to:

1. More parts to audit.
2. More code to audit.
3. More things that can break.
4. More configuration management nightmares (How are the Microsoft patches going to affect the machine?).
5. More work to do (Microsoft patches for the machines? Patching the machines after 6-9 months in storage?).

Diebold made a system that looks like it had all the bells and whistles, and met all of the "requirements", yet they built something so insecure and non-functional that it turned out to be their greatest embarrassment yet! This system is not simple, which in my mind, means that it's not secure by design. It means that it can be subverted to the means of those that do not wish to do good.

I believe that Diebold didn't approach this project with the same discipline that they would an ATM machine, nor did they care to. They made something which was clearly not designed for the task work as a voting machine. They made it appear to get past the government contracting officers by citing regulations which have nothing to do with the accuracy of the voting mechanism itself, and they built it on a horribly complex framework that has a ton of security holes, and is not designed for security.

Clearly an example of goverment largesse at work. They rushed something out to market to fill a perceived need, and may have irrevocably destroyed the rest of their company's reputation in the process.

08-26-2008, 11:04 AM	#19
mbpark Lecturer Join Date: Jan 2001 Location: Carmel, Indiana Posts: 761	TW, you're trying to actually apply logic to this TW, Scantron has existed since the 1960's, and was good enough for every standardized test in school. Diebold cared about bells and whistles, and it shows, since they used Windows, a desktop productivity OS, and Office, a desktop productivity solution, to attempt to build a secure device. Unfortunately, since it's a computer, they approached it the wrong way, and also had a ton of government regulations to deal with along the way. They attempted to use standard PC hardware and software to build a tamper-proof system, which is a problem IBM solved in the 1970's with their cryptographic solutions that self-destruct when tampered with. Their use of a standard PC-based system self-destructed. It would have actually been simpler to use a purpose-based system based off of an embedded processor with a parallel port to hang an Epson dot matrix printer off of that can print multi-part forms. Give me a decent embedded OS like VXWorks or QNX, a good mass-produced Freescale embedded motherboard, a parallel port on said motherboard, and a mass storage device (if you're paranoid, use an IBM crypto PCI card or smart card to encrypt the data), and I could have led a team of developers and engineers to pull this off in 6 months, fancy GUI included if needed. Using what appeared to be a standard solution, Windows, led to more problems than a bespoke solution because it led to: 1. More parts to audit. 2. More code to audit. 3. More things that can break. 4. More configuration management nightmares (How are the Microsoft patches going to affect the machine?). 5. More work to do (Microsoft patches for the machines? Patching the machines after 6-9 months in storage?). Diebold made a system that looks like it had all the bells and whistles, and met all of the "requirements", yet they built something so insecure and non-functional that it turned out to be their greatest embarrassment yet! This system is not simple, which in my mind, means that it's not secure by design. It means that it can be subverted to the means of those that do not wish to do good. I believe that Diebold didn't approach this project with the same discipline that they would an ATM machine, nor did they care to. They made something which was clearly not designed for the task work as a voting machine. They made it appear to get past the government contracting officers by citing regulations which have nothing to do with the accuracy of the voting mechanism itself, and they built it on a horribly complex framework that has a ton of security holes, and is not designed for security. Clearly an example of goverment largesse at work. They rushed something out to market to fill a perceived need, and may have irrevocably destroyed the rest of their company's reputation in the process.