Sequoia Voting Systems Source Code Released 406
Mokurai sends a heads-up about Sequoia Voting Systems, which seems to have inadvertently released the SQL code for its voting databases. The existence of such code appears to violate Federal voting law: "Sequoia blew it on a public records response. ... They appear... to have just vandalized the data as valid databases by stripping the MS-SQL header data off, assuming that would stop us cold. They were wrong. The Linux 'strings' command was able to peel it apart. Nedit was able to digest 800-MB text files. What was revealed was thousands of lines of MS-SQL source code that appears to control or at least influence the logical flow of the election, in violation of a bunch of clauses in the FEC voting system rulebook banning interpreted code, machine modified code and mandating hash checks of voting system code." The code is all available for study or download, "the first time the innards of a US voting system can be downloaded and discussed publicly with no NDAs or court-ordered secrecy," notes Jim March of the Election Defense Alliance. Dig in and analyze.
Re:To be honest... (Score:3, Interesting)
Are you being sarcastic? A voting system takes a very finite set of possible inputs, it needs to only give some very specific outputs. I really think there are few excuses for not being able to develop a secure system, secure enough to be totally open despite the value of being able to crack it. Its not like our society can't afford to make the required investment in such a system given the other things our government is spending money doing.
If it can't be done then electronic voting should not be used at all because it can't be trust worthy without sunlight; and if the argument is it would be broken if exposed to sunlight than I want to know how you know its not cracked/broken already?
Hyperbole much (Score:3, Interesting)
"code that appears to control or at least influence the logical flow of the election"
Which means the uneducated inspecting strings saw things like:
BAL_ID null
-- 1 - show candidate on ballot (default)
-- 0 - remove candidate from the ballot
-- 2 - don't show candidate on the ballot, but reserve space for her on the layout
All of which is perfectly benign when voters are not eligible to vote for certain candidates for any number of reasons.
The more you read at the ultimate site more you realize the people digging thru this garbage know nothing about what they are reading, and not much about programming either.
Just because you know how to run grep or strings does not mean you can use the data it reveals.
Re:Hyperbole much (Score:1, Interesting)
All of which is perfectly benign when voters are not eligible to vote for certain candidates for any number of reasons.
Like what ?... Let me guess : no need to show someone that's not supposed to win, for instance ?
Canadian Elections - KISS (Score:3, Interesting)
Re:Hyperbole much (Score:2, Interesting)
They obviously don't understand much because this database is not corrupt. I just loaded it in a SQL Server database fine. SQL Server 2005.
There are 88 tables in the database.
Re:ha ha (Score:2, Interesting)
Vote! Vote my little worms!
Divert your will and energies into our little show of "change"!
While another Goldman exec is put in charge of "Enforcement [bloomberg.com] - ensuring [yahoo.com] that there is none... [boston.com]
You see, under the post-Kennedy era system of American government, executive and legislative sideshows are intended not to demonstrate and direct power - but to distract from the real power of the land.
Bang! One magic bullet. You buy that story, and they already had you in the Matrix.
Re:This is cool and all, but... (Score:4, Interesting)
Re:There's somebody wrong on the internet... (Score:4, Interesting)
Re:you're wrong. (Score:4, Interesting)
Re:you're wrong. (Score:4, Interesting)
Good catch, that's the sort of thinking I was hoping to hear from.
OK then one more tweak. The receipt you print in the booth can either be your real or your dummy vote. You pick just before you leave. So if you are being coerced, you can pick the dummy receipt but if you want to watch over your vote you pick the real receipt to take home.
So in this case you don't get an A/B choice when you get home and punch in the URL. It immediately shows a vote, either the dummy or the real, whichever you elected to get the receipt for.
Are we bulletproof yet? That doesn't look like it adds any real complexity to what I'm trying to keep to a bare minimum.
Re:Hyperbole much (Score:4, Interesting)
Nice one jackass, but I'm not a lawyer, I'm a programmer. It should be pretty goddamn clear to any novice that a stored procedure in MS SQL Server, which is what we're dealing with here, is most definitely interpreted code. The law clearly states that interpreted code is not allowed because of the obvious fact that it can easily be changed after the certification. They state that once the software is certified that there are no more compilers or linkers allowed in the onboard software and that the binaries should be able to have their checksum validated in the field to ensure it's the same software that was certified. Especially when the SQL code to create those same stored procedures ships with the product, as if the database itself is set up in the field.
Now, I'm not a lawyer, but that seems pretty goddamn clear to me that a stored procedure in SQL Server does not meet those criteria.
But, and I'm being honest here, I really want to hear your opinion on the matter, since mine doesn't matter, and is based on scary capital letters.
Re:Hyperbole much (Score:3, Interesting)
Re:What? (Score:3, Interesting)
I just saw the free movie Zeitgeist Addendum [zeitgeistmovie.com] last night. It explains how the US keeps the whole world under our thumb through the Federal Reserve, the fractional lending reserves, and the World Bank which gives loans to other countries in order for our corporations to go in there and build infrastructure -- in other words, we loan them money, they pay it to us (via our corporations), and then they still owe the entire amount of money.
And the fact that our money is created out of thin air, via debt, is just stunning. I urge everyone to watch this; it completely explains how international banking systems are corrupting the planet.
There are some flaws! You may want to fast-forward through the first 7 minutes or so, until they start talking about the banking system, as the beginning drags on (and doesn't follow the excellent speech-writer's take: "tell them what you're going to tell them; tell them; then tell them what you told them", but oh well -- it's full of great stuff). And the last hour is pretty out there; it makes sense, but it sounds more like a sales pitch for The Venus Project [thevenusproject.com] (which is not necessarily a bad thing, they're very forward-thinking). Also, you may want to watch it with the captions on, as many portions of the movie are rather dark, with no motion, so the captions helped both with recall, and also gave my eyes something to pay attention to.
Anyway, your post reminded me of a part from it, which describes how our corporations control the media (the thread on the ad for the medical marijuana reviewer had a post repeating what most of us already heard on-line, that Mexico recently reclassified pot with laws similar to how Amsterdam treats it, and rightly said "bet you didn't hear that on the six o'clock news") -- a few major corporations control almost every newspaper and TV station in the country. Politicians looking to gain media exposure need to "toe the line" or they won't get funding; or, more realistically, the corporations choose a politician that nobody has ever even heard of, but through constant repetition are able to convince us that we've known of that person for some time. Even someone as insipid as Sarah Palin.
Don't want to make this a huge rant, so I'll just end with: watch the movie. I actually haven't seen the first one, and am going to download it right now (from the first link, above). Enjoy!