Wednesday, December 14, 2005

Sense and Non Sense: Diebold is Caught

This makes sense. It is from the website of the , wherein they describe their efforts to improve the most secure operating system there is, SE :
Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. As a consequence, application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security.

The results of several previous research projects in this area have been incorporated in a security-enhanced Linux system. This version of Linux has a strong, flexible mandatory access control architecture incorporated into the major subsystems of the kernel. The system provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements. This allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications.

It seems obvious that any OS that is supposed to be secure should have the security features built in to the kernel. The implication is that add-ons to the OS cannot provide the same level of security as you can get from building the security features right into the core of the system. Even so, the NSA is not yet completely confident in SE Linux:
There is still much work needed to develop a complete security solution. Nonetheless, we feel we have presented a good starting point to bring valuable security features to Linux. We are looking forward to building upon this work with the Linux community. Security-enhanced Linux is being released under the same terms and conditions as the original sources. The release includes documentation and source code for both the system and some system utilities that were modified to make use of the new features. Participation with comments, constructive criticism, and/or improvements is welcome.
Note that the NSA -- the world's best code-breaking agency -- feels that the best way to develop a secure computer system is to use open-source software. By releasing the details of the inner workings of the system to the entire community of programmers, hackers, and crackers, it is more likely that any security holes will be found, and subsequently fixed.

This does not make sense. , the manufacturers of the infamous "black box" voting machines -- the ones that leave no paper trail -- use software that is not open-source. How is it that the taxpayers have already paid for the NSA to develop what they believe is the most secure operating system in the world, yet they pay again for Diebold machines that use a lower quality OS?

Needless to say, secure voting is the cornerstone of Democracy. Obviously, we could not tolerate having the NSA develop our voting machines. But if they have developed a pretty secure OS, and that OS has withstood the slings and arrows of the open-source community, it really would make sense for us to use that technology. It might prevent embarrassments such as this:
BREAKING: Due to contractual non-performance and security design issues, Leon County (Florida) supervisor of elections Ion Sancho told Black Box Voting that he will never again use Diebold in an election. He has requested funds to replace the Diebold system from the county. He will issue a formal announcement to this effect shortly. Finnish security expert Harri Hursti proved that Diebold lied to Secretaries of State across the nation when Diebold claimed votes could not be changed on the memory card.
With SE Linux, an election worker would have to enter a password to "mount" or "unmount" a memory card. Thus, it would be possible to keep track of exactly who mounted the card, and keep a record of the event; to have the system verify the absence of votes on a newly-inserted memory card; and to encrypt what is written to the card in such a way that the results could not be tampered with undetectably after the fact. Every step of the process would be auditable.

Note: The CEO of Diebold, Walden O'Dell, was quoted as saying he was "committed to helping Ohio deliver its electoral votes to the president next year." Mr. O'Dell might now be wishing Diebold used SE Linux:
Diebold’s Walden W. O’Dell has abruptly resigned his positions as chairman and chief executive officer with Thomas W. Swidarski, currently the firm’s president and chief operating officer, named to take over as chief executive officer. Diebold, a manufacturer of ATM, security, and voting machines, made the announcement late Monday. The company has faced questions about the software used in some of its voting machines.
Diebold now faces a stockholder's class-action lawsuit.

For the latest updates, see the Black Box Voting site; for the most in-depth coverage, see US Rep. John Conyers' site.