Diebold Fumbles Attempt to Stop HBO Airing of 'Hacking Democracy'!

[NewsBoy]

In Hilarious Statement, Company Claims Documentary — Which They Haven't Seen — Has Facts Wrong... But They're Referring to a Completely Different Documentary!

More at link...

 

[Blackflag]

Hahha good stuff.

 

[uscitizen]

And Diebold has no security issues ? It is sort of easy to see why they do.
They don't seem to be able to tell the difference between their anal orifice and an excavation in the ground.

 

[OrnotBitwise]

I look for them to issue a statement that John Kerry hates our troops at any moment.

 

[LadyT]

I saw this last night. I have a feeling within the next two or three years, a lot of people on this board are going to owe Desh huge apologies.

 

[uscitizen]

You watched it ladyT ? Was it good ?

 

[Prakosh]

It certainly lends credibility to Ornot's recent claim regarding HBO's overall excellence and relevance.

 

[OrnotBitwise]

It certainly lends credibility to Ornot's recent claim regarding HBO's overall excellence and relevance.

I thank you, kind sir.

Seriously, I'm glad HBO aired it. That was some scary shit, that was. There was nothing I wasn't already aware of but sometimes watching someone else connect the dots can be instructive.

And I agree with LadyT: Desh may get to serve up a crow buffet someday. Maybe not, too, but it's more likely today than it was yesterday.

 

[Damocles]

I'll say here what I said in the other Diebold thread that has somehow died...

Well, Deibold, if you just fix the damned machines and add a paper trail nobody will be making documentaries!

 

[OrnotBitwise]

I'll say here what I said in the other Diebold thread that has somehow died...

Well, Deibold, if you just fix the damned machines and add a paper trail nobody will be making documentaries!

One of the points in the documentary is that a paper trail alone is not sufficient to ensure security.

 

[Damocles]

One of the points in the documentary is that a paper trail alone is not sufficient to ensure security.

Hence the reason I started with "fix the damn things" first, eh?

 

[Prakosh]

I thank you, kind sir.

Seriously, I'm glad HBO aired it. That was some scary shit, that was. There was nothing I wasn't already aware of but sometimes watching someone else connect the dots can be instructive.

And I agree with LadyT: Desh may get to serve up a crow buffet someday. Maybe not, too, but it's more likely today than it was yesterday.

You're very welcome. Your hearty and unreserved endorsement made me want it. If I could have afforded it and had any faith in my ability to pay for it next month or the month after that, I would have rushed right out and hooked up.

 

[LadyT]

It was good. Disheartening, but good. The funny thing is, I have to thank Desh, because a lot of what they were reporting, I already knew as direct result of what a lot you labeled as annoying "spam". But I must say, I have not a clue on where who and what to start with because there really is a catch 22. On the one hand I understand the need for secrecy in the source code for the machines but on the other, we need to have visibility and the ability to freely audit these things. Otherwise, as we've clearly seen, people get screwed and our democracy is highly compromised.

Here's my contingency:

You vote you get a ticket with a barcode and name that prints out for your own verification (2 halves). You split the ticket for your records and you place the ticket in a box outside the booth. Volunteers should be standing by to count said stubs and if there is significant discprepancy between the stubs and the official tally from the voter machines, then houston, we have a problem. Each district should decide whether they are going to hand recount the stubs and go with that or have a revote.

 

[OrnotBitwise]

It was good. Disheartening, but good. The funny thing is, I have to thank Desh, because a lot of what they were reporting, I already knew as direct result of what a lot you labeled as annoying "spam". But I must say, I have not a clue on where who and what to start with because there really is a catch 22. On the one hand I understand the need for secrecy in the source code for the machines but on the other, we need to have visibility and the ability to freely audit these things. Otherwise, as we've clearly seen, people get screwed and our democracy is highly compromised.

Here's my contingency:

You vote you get a ticket with a barcode and name that prints out for your own verification (2 halves). You split the ticket for your records and you place the ticket in a box outside the booth. Volunteers should be standing by to count said stubs and if there is significant discprepancy between the stubs and the official tally from the voter machines, then houston, we have a problem. Each district should decide whether they are going to hand recount the stubs and go with that or have a revote.

Need for secrecy? I beg to differ. That's a line that the companies can use because most people don't understand what "source code" really is. And I mean no criticism of you or anyone else by that: there's no particular reason you should know.

Having the source code available for review is NOT (necessarily) a security risk. The encryption keys can't be made public, no, but the source code could be. Or, if not public, at least made available to the companies and/or agencies that certify the systems.

Mostly, they claim it can't be reviewed because they don't want to reveal their "trade secrets." My response to that is tough taters. If you want to sell in this market you shouldn't have to rely on trade secrets.

 

[LadyT]

Need for secrecy? I beg to differ. That's a line that the companies can use because most people don't understand what "source code" really is. And I mean no criticism of you or anyone else by that: there's no particular reason you should know.

Having the source code available for review is NOT (necessarily) a security risk. The encryption keys can't be made public, no, but the source code could be. Or, if not public, at least made available to the companies and/or agencies that certify the systems.

Mostly, they claim it can't be reviewed because they don't want to reveal their "trade secrets." My response to that is tough taters. If you want to sell in this market you shouldn't have to rely on trade secrets.

Oh. I must confess, I'm no programmer. But I'll take your word on the encrypted keys versus the source code. Can you tell me what the difference between the two are?

 

[OrnotBitwise]

Oh. I must confess, I'm no programmer. But I'll take your word on the encrypted keys versus the source code. Can you tell me what the difference between the two are?

That's not a confession any more than admitting you can't do Cabalistic numerology in your head is a confession.

"Source code" refers to the code, written by programmers, from which the final application (program) is compiled. The compiled program can't be "opened up" and read. Source code can. Actually, most apps can be decompiled and their source code at least partially reconstructed, but that's a separate issue: let's not muddy the water.

"Encryption keys" are *used by* the application when it's running to encrypt data. Encrypted data can't be decrypted and read without having the (same) encryption key. Theoretically -- some encryptions schemes are better than others.

The encryption keys must remain secret. There's no argument there. The source code, however, can be reviewed without risk . . . provided the application is properly designed in the first place.

So-called "open source" software is traditionally more secure than (most) privately produces software, not less secure.

 

[LadyT]

Okay, so lets put this in my terms:

I write a VB program that reads inputs from an access database.

The VB platform that I'm writing the program on is the source code and the data I collect would be the encrypted information?

I always thought source code was the application itself.

 

[LadyT]

bump for desh

 

[OrnotBitwise]

Okay, so lets put this in my terms:

I write a VB program that reads inputs from an access database.

The VB platform that I'm writing the program on is the source code and the data I collect would be the encrypted information?

I always thought source code was the application itself.

Ah! Yes, I see now.

VB is an interpreted language -- so long as you're not talking about VB.NET. The definition of an interpreted language is that it is compiled at runtime. In other words, yes, in VB, the program and the source code are (effectively) the same thing(s). That's not literally true but close enough for jazz.

Most programming languages don't work that way. In most languages, you prepare a series of text files from which the application is compiled. The text files contain the source code and the application compiled from it contains machine code.

A compiled program is often called an executable. On your windows box, it will typically have the file extension ".exe." Such a file can't be opened up and read by a human being. It's not the same thing as the source code, it is generated from the source code.

 

[LadyT]

Ah! Yes, I see now.

VB is an interpreted language -- so long as you're not talking about VB.NET. The definition of an interpreted language is that it is compiled at runtime. In other words, yes, in VB, the program and the source code are (effectively) the same thing(s). That's not literally true but close enough for jazz.

Most programming languages don't work that way. In most languages, you prepare a series of text files from which the application is compiled. The text files contain the source code and the application compiled from it contains machine code.

A compiled program is often called an executable. On your windows box, it will typically have the file extension ".exe." Such a file can't be opened up and read by a human being. It's not the same thing as the source code, it is generated from the source code.