|
Watched it last night (yay Tivo!), and here is my sense...
I thought it was a little heavy handed in tone and its treatment of the subject. Michael Moore-ish, if you will. The woman crying over the revelation that they could hack the system using the memory cards was a bit much, I thought. You could tell that there was another side to the story which really wasn't getting any air time.
Factually, here is what they proved: the Diebold systems are hackable, even though Diebold says they aren't.
This does not shock me in the slightest. No system is completely secure, and any software developer and/or security specialist knows it. Diebold's problem is that they are keeping all the code secret, so nobody can examine the systems for security.
On the one hand, I can't say I blame them. It is a competitive industry, and their code is their "crown jewels." The last thing they want to do is lift up their skirts so their competitors can rip off their ideas.
On the other hand, to borrow Bruce Schneier's phrase, "security through obscurity" is a bad idea. That is, if the security of the system depends on only the right people knowing how it works, the entire system collapses once other people know the secrets. When Diebold slipped up by making their code available on an FTP site, they lost the obscurity and therefore lost the security.
I am not a security expert, but from what I understand the more you expose a system to the public for security review, the MORE secure it becomes. It is counterintuitive, but there you go.
So, in short, I am not suprised the Diebold system is hackable, and I am not surprised Diebold doesn't want to open up the code to examination by the public. If they did open up the code, it would be more secure, but Diebold would be revealing its secrets to its competitors. Tough spot for them.
---------
But here's an important thing they did NOT prove in the documentary: that anyone actually has tampered with an election by hacking the machines.
From what I understand, Diebold's argument is that while people have been able to show vulnerabilities in the system in test conditions, they would be very difficult to exploit in practice. On the cards, for example, someone would need to get a card, get it to a computer with a card reader to reprogram it, then surreptisiously put it into a machine - all during the hubbub of an election. Maybe an insider could get away with it, but the documentary never showed whether there are internal checks and chains of custody that would make that possible.
Did they ever explain the negative votes thing? Seems like they made a lot of ominous fuss over it, but never gave an answer as to whether it was a deliberate attempt to fudge an election or some sort of weird software flaw. (Self editing - I'm not saying if it's a software flaw it's ok, but it's definitely not as bad as a conspiracy)
They also never pursued the issue of discrepancies between the original print-outs of vote tallies and the summary reports they received a few weeks later. Was there some innocent explanation that they decided not to include? Was there any indication that the certified results were not what was used in the election?
-----------
I guess my point is that the documentary showed sloppiness on the part of some election officials, that they give too much faith to the voting machines, and that Diebold has not been open and honest in discussing security issues.
It did not show that the systems have been used to actually rig an election, and it seems like proper practices by election officials could do a great deal to ensure that they aren't used to do so.
__________________
A little silliness now and then is cherished by the wisest men. -- Willy Wonka
Last edited by balderdash111; 11-06-2006 at 07:27 AM..
|