taint.org: Justin Mason’s Weblog

Voting: None Dare Call It Stolen - Ohio, the Election, and America’s Servile Press, by Mark Crispin Miller.

Miller and many others have obviously been spending a lot of work chasing down each incident in Ohio since last November, and there’s quite a lot of them. It’s impressive the degree to which recounts were evaded, if these allegations are true. There’s many shocking cases alleged than I could really fit here — but here’s some of the lowest points:

On December 13, 2004, it was reported by Deputy Director of Hocking County Elections Sherole Eaton, that a Triad GSI employee had changed the computer that operated the tabulating machine, and had “advised election officials how to manipulate voting machinery to ensure that preliminary hand recount matched the machine count.” This same Triad employee said he worked on machines in Lorain, Muskingum, Clark, Harrison, and Guernsey counties.

it strongly appears that Triad and its employees engaged in a course of behavior to provide “cheat sheets” to those counting the ballots. The cheat sheets told them how many votes they should find for each candidate, and how many over and under votes they should calculate to match the machine count. In that way, they could avoid doing a full county-wide hand recount mandated by state law.

In Union County, Triad replaced the hard drive on one tabulator. In Monroe County, “after the 3 percent hand count had twice failed to match the machine count, a Triad employee brought in a new machine and took away the old one. (That machine’s count matched the hand count.)”

The willingness to throw away functioning, reliable election systems, and replacing them with new, easy-to-subvert ones, is astounding. But on top of that, when concerned parties investigate and find danger signs, it’s easily buried:

Miller emphasizes that, even after the National Election Data Archive Project, on March 31, 2005, “released its study demonstrating that the exit polls had probably been right, it made news only in the Akron Beacon-Journal,” while “the thesis that the exit polls were flawed had been reported by the Associated Press, the Washington Post, the Chicago Tribune, USA Today, the San Francisco Chronicle, the Columbus Dispatch, CNN.com, MSNBC, and ABC.”

Miller’s conclusion: ‘the press has unilaterally disarmed’.

Tags: count, dare, election, employee, hand, lot, machine, none, recount, triad, voting

Spam: Jon Udell: How to forge an S/MIME signature, and Liudvikas Bukys’ take on the results: ‘Jon Udell tries his hand at S/MIME signature forgery, revealing that PKI is not a panacea. A digital signature proves something. The proof is strong but the something is weak (if it just demonstrates that you clicked a few things to get a persona certificate).’

He then suggests two ways to use this info in useful ways:

The first is ‘higher-class certificates (where certificate authorities demand more proof, and encode that fact in the certificate). But higher quality means harder to get and less actual deployment. And higher quality means more attractive target for theft of keys.’

In the anti-spam case, it also means that you trust the certificate provider to both (a) accept money from their customers to issue them certs, and (b) take away those certs from their own customers if they infringe by sending spam messages. This is the hard part. There’s an active financial disincentive for a company to do this; the people who benefit (the end-users) are not their paying customers, whereas the people who get hurt (the infringers) are. Economics dictates that they water down the requirements, in order to maximise their profits – making the system useless.

On the other hand we have: ‘reputation systems. Of course, building robust reputation systems is not easy. Users may wish to have multiple sources of reputation information to fit their own definitions of good and bad behavior and how fast those judgments are made. It replays the whole DNS blacklist deployment. Some reputation systems may seem arbitrary and capricious. Others may be too slow or too tolerant. They are all lawsuit targets. Will there be too many to choose from?’

‘zackly. An excellent illustration of how S/MIME or other PKI will not solve the spam problem, and we’ll still have the same DNSBL situation as we have now (although hopefully working a lot better).

S/MIME may solve the forged-email problem, like SPF does — however, like SPF it will still need to work with reputation systems to be usable as an anti-spam scheme.

Tags: certificate, hand, jon, mime, proof, quality, reputation, signature, something, spam, udell

A funny letter from New Scientist regarding the use of monkeys to collect specimens in the field, which was pioneered by John Corner in Singapore.

The botanist noticed that local fruit-pickers trained monkeys to collect fruit, and reasoned that a monkey could similarly be trained to collect flowers, leaves and nuts for his own work. The result was the collection of hundreds of otherwise inaccessible specimens — and this gem:

Travelling with mule and monkey on a narrow path in the uplands, he spied a new and unrecognised flower on a liana hanging from the path, down a near-vertical cliff face too steep for him to climb down. So he instructed the monkey to descend and collect the flower. But the monkey just looked at him questioningly with its head on one side.

‘Go down!’ repeated the eminent botanist. At which the monkey gave an eloquent shrug, took hold of the liana and pulled it up hand over hand to collect the flower. No human being, said Corner, had ever, before or since, made him feel so much of a fool.

Tags: botanist, flower, hand, letter, liana, monkey, new, path, scientist, use

rOD links to Massholes, an incredible gripe site for residents of Massachusetts to bitch about shitty driving, for example:

Dear Masshole Driver,

WHAT on earth makes you think that making a right hand turn from the left hand lane is a good idea??? Really, I’d like to know.

Signed, The-nice-person-you-totally-cut-off-and-almost-killed

Incredible stuff. Sounds like they could do with the cool innovation recently introduced here — the “dob-a-dangerous-driver” line (1).

Let’s say you’re doing what a friend of mine did a few months ago: crossing the road, with your kid in a buggy, at a pedestrian crossing, with the lights in your favour — then a speeding driver breaks the lights at top speed and nearly totals the pair of you.

This great innovation then allows you to whip out your mobile phone (hey, this is europe, everyone has one (2)), and immediately report the car’s registration number — and 2 weeks later he receives a fine! Hey presto, instant justice. (3)

And in the last week, they’ve introduced penalty points for bad driving; 12 points and you lose your license. Things can only get better — for the pedestrians that is, at least. ;)

(1: no, it’s not really called that BTW)

(2: except me, that is — I’m so far ahead of the bleeding edge I’ve given them up)

(3: well, I’m exagerrating, I think there was more witness and due process involved, but it’s pretty close.)

(4: errno==EDANGLE: dangling footnote found)

Tags: bitch, driver, driving, gripe, hand, innovation, massholes, rod, shitty, site

Crummy.com:

We noticed various characteristic Muppet behaviors such as the Muppet Panic and the Muppet Walk (and the one I just realized, the Muppet Moment of Inner Turmoil That’s Actually a Hand Rearrangement).

ROFL! I’d always wondered what was going on there, now it all makes sense.

Tags: com, crummy, hand, inner, moment, muppet, panic, rearrangement, rofl, turmoil

Due to a set of advocacy and plain show-off mails recently, regarding sub-pixel font rendering under Linux, my hand has been forced ;)

As a result, here’s a little HOWTO document I’ve written up for getting sub-pixel rendering working under Linux. Check it out if you’ve got a Linux laptop and want some sweet-looking fonts!

Tags: advocacy, document, font, hand, howto, laptop, linux, rendering, result, set