Although they are rare, there are days when two significantly major stories vie for my attention and I have to try to determine which to talk about. In this case, both demand immediate attention, at which time the question becomes, “Which do I talk about first?”
So I have this quarter, I flip it, and it comes up . . .
Crackers do a number on California’s e-voting machine: Here’s the story from TGDaily.com: In summary, a study commissioned by the California Secretary of State has found that several electronic voting machines have serious security vulnerabilities.
The study pitted two cracker teams, better known as “red teams” against voting machines manufactured by Diebold, Hart and Sequoia. The hackers found several security problems and were able to change firmware, access the election database and even open up the machines without detection.
The teams were from UC Davis (Go Aggies!) and UC Santa Barbara (Go Gauchos!). “The red teams demonstrated that the security mechanisms provided for all systems analyzed were inadequate to ensure accuracy and integrity of the election results,” said Robert Abbott, one of the red team leaders.
And why? Here’s one reason: Abbott’s team was able to access election data directly by exploiting vulnerabilities in the Diebold machine’s Windows operating system – an operating system that all three e-voting machines use. They were also able to bypass locks and other physical security with “ordinary objects”.
Matt Bishop of UC Davis complains that his teams didn’t have enough time to fully document all the security vulnerabilities because they study started in mid-June and ended July 20. Bowen had said that the deadline could not be extended because the counties need at least six months to examine the findings. Bishop added that Abbott’s team was close to finding several other problems, but simply ran out of time.
So . . . this speaks volumes about the elections of 2000 and 2004, if anyone is willing to listen. And nothing is really riding on the proper functioning of the voting technology except for democratic principles that are the cornerstone of the republic, if not the fate of the republic itself.
And what came up “tails,” you ask?
The Disconnect That Could Fail Thousands: I’ve never met helios, a long time GNU/Linux advocate named Ken (and unlike Sting or Cher, he has a last name, but I don’t know what it is) whose Blog of Helios is one of the most — if not the most — prolific and informative blog on all matters Penguin. In this recent blog item, helios confronts GNU/Linux’s sacred-cow-du-jour — Ubuntu — and asks why they can’t fix a disk mounting problem that appears (at least to yours truly, a newbie with portfolio) to be easily repaired. Instead of getting a “Hmmm, maybe you’re right . . . ” apparently some in the *buntu Nation have set their sights on him and are branding him an “enemy of the people.” Wrong, folks — helios should be commended for having the cojones to say, “Um, sorry, but it appears to me that the emperor’s wearing no clothes,” and it’s the duty of those who support the emperor to clothe him, rather than just “see” the finery the other yes-men and yes-women see.
This problem that helios brings up with Kubuntu doesn’t seem to be a glaring one. But in comparison, helios outlines a request to fix something he made to Clement Lefevbre of Linux Mint that was fixed relatively quickly. With Ubuntu’s resources — vast by most distros’ standards — why can’t this be addressed and fixed (especially when Ubuntu is now the “face” of GNU/Linux that most of the people see when trying it for the first time)?
Go helios and, as he likes to say, All-righty Then.
(Larry Cafiero, editor/publisher of Open Source Reporter, is an associate member of the Free Software Foundation.)