taint.org: Justin Mason’s Weblog

eVoting: Success! The use of e-voting systems for the June elections in Ireland has been abandoned, after a severely critical report from the Commission on Electronic Voting. Take a look at the report here. Some bits:

• They particularly do not like the continual revision of the software, noting the ‘large number of new versions of the software since the original … review’ and ‘the fact that new versions of the software continue to be issued in the run-up to the June elections’.
• ‘as the software version proposed for use at the forthcoming elections is not as yet finalised, it is impossible for anyone to certify its accuracy’. (my emphasis)
• They were not given access to ‘the full source code’.
• They found a bug! ‘certain of the tests performed at the request of the Commission identified an error in the count software which could lead to incorrect distributions of surpluses’.
• ‘experts retained by the Commission found it very easy to bypass electronic security measures and gain complete control of the hardened PC, overwrite the software, and thereby in theory to gain complete control over the count in a given constituency’.
• And they raised the pre-arranged-transfer-pattern hack: ‘publication of ballot results in full is a valuable aid in checking the accuracy of the results but this can in theory reveal deliberate voter signatures of low-preference votes which could allow voters to identify themselves in a context of corruption or intimidation’.

The use of VVAT, and changes to the counting procedures to remove randomisation, was outside the terms of reference, unfortunately, so it’s not totally over yet. But I can’t see the government getting away with re-introducing e-voting without VVAT now.

Finally, the opposition political parties are calling on the Minister to resign.

I’ve got to say — nice work to all the concerned citizens who’ve achieved this, despite the government’s continual stonewalling and secrecy.

Tags: accuracy, commission, control, count, evoting, june, report, software, theory, use, vvat

Security: Bruce Schneier points out some interesting angles on the official report into the US power blackout of Aug 14th:

Why the tortured prose? The writers take pains to assure us that the power generation and delivery systems were not affected by MSBlast. But what about the alarm systems? Clearly, they were all affected by something–and all at the same time.

To be honest, it sounds pretty damn close to me, as I’ve said before.

Tags: alarm, aug, blackout, delivery, generation, msblast, power, prose, report, security, time

E-Voting: Very interesting page reproducing a translation of part of an expert report detailing an incident that occurred during an ‘electronic election’ in Belgium on May 18th 2003.

The latest EDRI-gram notes:

The total number of preferential votes cast on a specific candidate was higher than the total number of votes for his list. A series of tests was conducted on the computer of the president of the voting committee, but the error could not be reproduced. The difference in votes was exactly 4096, leading the research-team to the conclusion that the error was probably due to a spontaneous inversion of a binary position in the read-write memory of the PC.

This serves as a pretty good pointer to how, even if the software is audited to death and pronounced reliable, the hardware can still trip you up. Computers are fundamentally unreliable.

The solution? Why, a Voter-Verifiable Audit Trail of course. ;)

Tags: e-voting, election, error, expert, incident, may, number, page, part, report, translation

OSes: /.: NERC Releases Interim Report on Aug 14th Blackout. ‘part of the blame for the big fizzle of 2003 lies with a failing SCADA system, GE’s XA/21 power management system. ‘Not only did the software that controls audible and visual alarms stop working at 2:14 p.m. EDT, but about a half hour later, two servers supporting the emergency system failed, too.’ According to the product specs, it is a Unix system with X Windows.”

However, further reading through the comments throws up this gem, which notes that the ’software that controls audible and visual alarms’ and the ‘two servers’ noted above were all Windows systems. The comment author ties this to Blaster worm activity causing DDOSes on the monitoring networks.

Interesting!

Tags: aug, blackout, interim, nerc, oses, part, releases, report, software, system, the

Science: A lab rat writes up a report on his participation in two psychology studies on ‘Video Game Violence’ and ‘Violence In the Media.’

Sadly, it seems clear that the video-game violence study will return biased results due to flawed test conditions.

Of the three games played, the most violent — a first-person shooter – was modified, either through incompetence or deliberate tweaking, to use frustrating control settings and a high level of difficulty; whereas the least violent — a sim game — was set up with all the defaults and automatic help enabled.

In my experience, frustration, in any task, has a direct correlation with anger levels. So a frustrating game, violent or not, will probably give more aggressive responses in a violence measurement — hence the FPS game above will almost definitely be cited as ‘inciting violent emotions’.

Bad scientists! No doctorate!

PS: hmm, I wonder if the paper will document the exact configuration
of the games?

Linux: Happy birthday, KDE! I love it. Most recent discovery: the excellent support for printing in KDE 3.1 using the kprinter GUI.

Tags: game, kde, lab, media, participation, psychology, rat, report, science, video, violence

Apparently, the McCarthy report — which would have legalised software patents in Europe — has been withdrawn from debate for this EuroParl session.

‘It’s been sent back to the committee stage to be fixed because there was too much contraversy or too many amendments requested. It will go to plenary again after JURI do some more work on it. Possibly september 22nd, probably early October.’

Tags: committee, contraversy, debate, europarl, mccarthy, report, session, software, stage, work

Great report auditing the security features of the Diebold e-voting systems. Summary: what security?

• despite using relatively ’smart’ smartcards, they don’t actually get those cards to perform an authentication task; they’re just used as ‘dumb’ memory cards, and there’s no central online database of valid card IDs. Plus, the same write password is used for all smartcards.

  So they really might as well have used formatted floppy disks ;) Duplicating cards (a card is a voting opportunity, ‘vote early, vote often’) would be pretty easy, from the sounds of it.

• amazingly, the software does not record the ‘voter serial number’ that appears on the card, when a voter casts a vote. So again, duplicating the cards is trivial. Bizarre.

• all that is required to extract the PIN from an administrator card is a smartcard reader; the PIN is immediately sent in the clear as soon as the card is inserted and the terminal-card protocol initiates.

• for storage on the internal writable media, between voting and the final upload operation, the logs and votes are encrypted using single DES in CBC mode, with a single shared initialization vector. IMO this is not a big deal as far as I can see, as that’s only stored on the hardware; and if someone can read/write to that, they can subvert the WinCE OS anyway.

Then the kicker:

• the votes are then decrypted before being sent in the clear over a dialup internet connection.

The mind boggles.

Tags: authentication, card, diebold, pin, report, security, summary, vote, voter, voting

SARS special report: Too soon to celebrate (New Scientist).

There are also suspicions that the first outbreak in the southern Chinese province of Guangdong stopped so abruptly because of the onset of summer. The SARS virus does not survive well in a hot environment, and if most transmission is due to people touching contaminated surfaces, higher temperatures would have reduced transmission.

If the season, rather than human intervention, was the main reason for the end of the outbreak, SARS could return with a vengeance in the autumn. That is what happened with the 1918 influenza pandemic, which killed tens of millions. Fortunately, SARS is far less infectious (so far).

Tags: new, onset, outbreak, province, report, sars, scientist, summer, transmission, virus

GREENS/EFA: Patent vote fails Europe’s software programmers. Damn.

UK and German MEPs, in rejecting amendments to the report, have ignored the opinions of the Economic and Social Council, the Industry committee, the Culture committee, 140,000 people and 30 leading software scientists who signed two petitions to the Parliament, as well as the 95% of the European citizens who took part in a European Commission public consultation.

So I guess the next step is figure out who those MEPs were, and make sure they never get our votes again.

There’s still time though: Mercedes Echerer MEP (Greens - A) notes: ‘You can be sure that the report will have a very bumpy ride when it goes to plenary in September with one third of committee members in opposition.’ We can at least try to let our voices be heard by the other two-thirds…

However, in some good Euronews: the Czech republic has passed a referendum on joining the EU.

Tags: committee, damn, efa, german, greens, meps, patent, report, software, vote

Arlene McCarthy’s letter hits /. and garners some interesting comments.

• An eyewitness report from the parliamentary hearing in Brussels in early May, pointing out that none of the bill’s supporters bothered responding to the wide range of SMEs opposing the directive. In fact, most of them didn’t even turn up.

• Alan Cox on AMcC’s call for ‘harmonisation’, the traditional excuse for new Euro-laws ;)

Tags: bill, directive, eyewitness, hearing, letter, may, none, range, report, smes

The Observer’s ’state of the union’ report from Baghdad. Summary: total anarchy:

A hundred and fifty dollars or so for an AK-47, double that for a pistol because it’s easier to hide. You can buy them rather easily from the street-markets. These are patrolled hourly by US forces whose job is to check for people selling guns. The traders get round this with diabolical cunning by looking at their watches and, once an hour, hiding all the guns. The liberating forces offered a cross-Baghdad amnesty a couple of weeks ago: the grand total of guns deposited was a magnificent none. … If a silhouetted someone tries to wave you down, with a gun, in a long hot road full of heat-mirage and six-year-olds siphoning petrol, you have to choose: chances are it’s a Bad Person so you keep the foot down, but if it’s the Americans and you race past, they’ll shoot at you, lots, because they’re as scared as everyone else in this shambles of a city.

Then a classic story:

One night I visited a friend about a mile away, and foolishly stayed up talking, and ended up trying to get a late taxi home. Outside the hotel they shrugged, and then one brave young thing disappeared for a minute and came back carrying lots of guns and walked me through the blackout for 10 minutes until we came across a darkened little street party of severely scary drivers, the fat moon winking its light off a battery of gold teeth and metal teacups and, for all I’m really sure, recently bloodied scimitars. Not for 10,000 dollars, I was told. ‘Ali Baba, Ali Baba,’ they repeated. Some Iraqis get annoyed by this - the thief of the 1,001 Nights was Kuwaiti - but the verbal shorthand is fast and always works: the thieves are out, and have guns, and even though we have guns too we’re not going to risk it. Are you mad? Where are you from?

I mention Scotland, and we have one of those extremely odd late-night conversations, this time about Mel Gibson. Apparently one of the very favourite films in Baghdad is Braveheart, because Saddam used to show it repeatedly, nightly, with furious subtitles, to demonstrate just what bastards the English were. I explain that few Scots have a television because most are still running around in woad, thanks to the English. We raise a happy toast - sticky, sweet tea - to the general fog of historical propagandising and the more specific idea of ‘Freedom!’. Somewhere nearby - a mile away? A street away? - another stupid pop-pop gun battle breaks out, and they really won’t take me home, and so I say I might walk, and they raise their teacups again and say you must be either very brave or very stupid, when the truth of course is that I am neither, but something else again relatively new to them, which is very quietly drunk. I bravely wake up my friend and sleep on the sofa.

Tags: ak, ali, anarchy, fifty, observer, pistol, report, state, summary, union

BoingBoing and /. get to work on that Z/Yen/RSA press release:

But the amazing thing is what Z/Yen and its client, RSA conclude: that the 25% of the people who deliberately associated with the network were ‘malicious,’ and that the 71% who sent email were sending spam. This is such a transparently, deliberately (heh) stupid conclusion, it boggles the mind: how can ‘deliberate’ equate to ‘malicious?’ How can ’sending email’ equate to ’sending spam?’

So in other words, there were 2 honeypot access points, left open for 2 weeks in the City of London.

25% of the people who connected to the APs, did so deliberately (whatever that means — see below).

Then, 71% of those people sent mail. Not spam: no ‘make money fast’, no ‘URGENT ASSISTANCE’ etc.; they just hit the ‘Send / Receive’ button in Outlook.

But obviously Z/Yen and RSA felt the need to spice things up a bit, so:

• s/accessed WLAN deliberately/accessed WLAN maliciously/

• s/sent mail/sent SPAM/

• s/read slashdot/ate babies/

OK, I made that last one up. But I would not be surprised.

Some more digging reveals that the report in question is now up on the RSA UK website (it wasn’t yesterday), and can be downloaded here (PDF) . It’s 5 slim pages written by Phil Cracknell, of CISSP (Cracknell Information Systems Security Partnership), who has a history of spreading WiFUD, it seems. The report leads with

The many wireless security surveys … do not actually show how real the threat of wireless hacking is. Less dramatically, they do not show the threat of someone using your network for non-malicious use (theft of service).

Sheesh. He forgot to mention the bit about operating a wireless network without switching on any security features.

Also, there’s no explanation of what the difference is between a ‘deliberate’ and ‘accidental’ connection. As far as I can tell, an ‘accidental’ connection is one where the user disconnected reasonably quickly; there’s no indication that any of the connections were caused by anything other than Windows XP’s ability to associate with any network it can find within range.

It then goes on to scare-monger about the use of ‘exterior chalk markings’, noting that ‘you will be found and your networks will be used/attacked’.

So, in other words, the paper says:

• if you run an open WiFi AP, people will use it to send/receive mail, and possibly surf the web.

• this is Bad

• people may draw nerdy things with chalk on the pavement outside, which will Make It Worse

And there’s two things to pick up from it:

• this Phil Cracknell guy is really short of clients

• It’s amazing how scare-mongering a 200-word report can become, when it’s bad to start with, and then filtered through 3 layers of PR gibbons and crappy journos who don’t have a clue what it’s on about

One good thing to come out of it: the term WiFUD, perfect for the next Phil Cracknell escapade.

Tags: bit, email, mail, network, report, rsa, security, spam, threat, wlan

while thinking about the CDT’s report on spammer address-scraping techniques again, it occurred to me that one finding is very significant; high-traffic websites probably get much more spam than low-traffic ones.

Now, I’ve got spamtraps up on pretty much all my sites, using a variety of methods:

<

ul>

But all my sites are small-time, really. ;) So — anyone out there in the blogosphere care to help out the SpamAssassin project, by feeding us trapped spam? It’d be simply a matter of adding a mailto: link, hidden in a comment on a prominent page of your high-traffic website. Gimme a mail to this address if you do.

(warning: that address will expire in 6 months. if you’re reading this after Aug 2003, use the addr on this page instead.)

The spam trapped in such a way is fed into a number of spamtrap-fed network systems, like Razor, DCC, Pyzor, and the Blitzed OPM blacklist. It’s also used during the SpamAssassin score-regeneration process.

Tags: block, cdt, finding, mailto, page, report, spam, spamassassin, spammer, text

Another good trip report, from ‘babbage’ at perl.org.

• Again, and interestingly, quite a few folks agreed with one of SA’s core tenets; no single approach (stats, RBLs, rules, distributed hashes) can filter effectively on its own, as spammers will soon figure out a way to subvert that technique. However, if you combine several techniques, they cannot all be subverted at once, so your effectiveness in the face of active attacks is much better.

• Also interesting to note how everyone working with learning-based approaches commented on how hard it was to persuade ‘normal people’ to keep a corpus. Let’s hope SA’s auto-training will work well enough to avoid that problem.

• in passing — babbage noted the old canard about Hotmail selling their user database to spammers. That must really piss the Hotmail folks off ;) I think it’s much more likely that, with Moore’s Law and the modern internet, a dictionary attack *will* find your account eventually.

• Good tip on the legal angle from John Praed of The Internet Law Group: if a spam misuses the name of a trademarked product like ‘Viagra’, get a copy to Pfizer pronto. Trademark holders have a particular desire to follow up on infringements like this, as an undefended trademark loses its TM status otherwise.

• David Berlind, ZDNet executive editor: ‘They don’t want to be involved (in developing an SMTPng)’. He might say that, but I bet their folks working on sending out their bulk-mailed email newsletters might disagree ;). Legit bulk mail senders have to be involved for it to work, and they will want to be involved, too.

• Brightmail have a patent on spam honeypots? Must take a look for this sometime.

• the plural of ‘corpus’ is ‘corpora’ ;)

Great report, overall.

It’s interesting to see that Infoworld notes that reps from AOL, Yahoo! and MS were all present.

Since the conf, Paul Graham has a new paper up about ‘Better Bayesian Filtering’, and lists some new tokenization techniques he’s using:

• keep dollar signs, exclamation and most punctuation intact (we do that!)

• prepend header names to header-mined tokens (us too!)

• case is preserved (ditto!)

• keep ‘degenerate’ tokens; ‘Subject:FREE!!!’ degenerates to ‘Subject:free’, to ‘FREE!!!’, and ‘free’. (ditto! well, partly. We use degeneration of tokens, but we keep the degenerate tokens in a separate, prefixed namespace from the non-degenerate ones, as he contemplates in footnote 7. It’s worth noting that case-sensitivity didn’t work well compared to the database bloat it produced; each token needs to be duplicated into the case-insensitive namespace, but that doubled the database size, and the hit-rate didn’t go up nearly enough to make it worthwhile.)

Most of these were also discovered and verified experimentally by SpamBayes, too, BTW.

When we were working on SpamAssassin’s Bayesian-ish implementation, we took a scientific approach, and used suggestions from the SpamBayes folks and from the SpamAssassin community on tokenizer and stats-combining techniques. We then tested these experimentally on a test corpus, and posted the results. In almost all cases, our results matched up with the SpamBayes folks’ results, which is very nice, in a scientific sense.

(PS: update on the Fly UI story — ‘apis’ is not French, it’s Latin. oops! Thanks Craig…)

Tags: babbage, corpus, hotmail, internet, law, perl, report, spam, trademark, trip

Kaitlin Duck Sherwood writes a trip report. Good tidbits:

• many big players in the mail-sending side want to see an SMTPng; a new protocol which is spam-resistant.

• Jon Praed of the Internet Law Group said that ‘better spam filters make his job easier: the more contortions that a spammer goes through to make sure that the messages go through, the easier it is to convince a judge that the spammer knew it was wrong.’ Excellent!

Tags: group, internet, law, protocol, report, sherwood, side, smtpng, spammer, trip

I’ve been very quiet about the attack on the World Trade Center; this is not from any unwillingness to talk about it, it’s more because, for the last week, I’ve been doing virtually nothing else, in a range of forums, particularly on Crackmice and the TBTF Irregulars list. What can I say — I guess I’m just not a committed blogger ;)

Anyway, I’ve been forwarding on lots of details on Afghanistan, Pakistan, and Osama Bin Laden’s Al-Qaeda organisation, which generally makes it look like the US and its allies will have their work cut out for them. Here’s a good one from The Guardian (UK):

Communications are vital. Messages are sent by word of mouth to Pakistan, and from there they are emailed. Bin Laden, testimony has shown, had no contact with any of the east African bombers except for al’Owhali, whom he met, once, 18 months before the attack. Instead the men were selected, briefed and supervised by senior aides, some from organisations affiliated with but discrete from bin Laden’s. And this is the key: al-Qaeda does not act as a commander, it acts as a facilitator, a coordinator, putting together disparate elements - some in Afghanistan, some in the target country, some in other locations entirely - who together can pull off an operation.

It’s going to be messy. And as a much-forwarded piece by Tamim Ansary points out,

We come now to the question of bombing Afghanistan back to the Stone Age. Trouble is, that’s been done. The Soviets took care of it already. Make the Afghans suffer? They’re already suffering. Level their houses? Done. Turn their schools into piles of rubble? Done. Eradicate their hospitals? Done. Destroy their infrastructure? Cut them off from medicine and health care? Too late. Someone already did all that.

There’s lots more good, insightful journalism in the Guardian’s special report on Afghanistan and special report on the WTC attacks. Recommended reading.

Tags: attack, bin, care, center, done, guardian, laden, report, trade, world

The Evil Gerald special report: “Enterprise to be “ready by Christmas, deffo” — Chief O’Brien.

Chief O’Brien broke the news to Captain Jean-Luc Picard by informing him that the transporter engines were “totally banjaxed”, but promised to begin work on them at 8am the following morning, as he was just about to “knock off” for the day.

A shocked Picard was told that the total cost would be ?5,000 “on the books”, although O’Brien hinted that speedier and more competent work could be carried out for ?3,000 if the usual tax and invoicing regulations were disregarded.

He also stressed that the general state of the engines was “something shocking” and that, in his professional opinion, persons unknown had previously made “a complete bags” of repairing them. Said O’Brien: “Just take a look at what some chancer’s done here to the transmodulator coils. That’s all gonna have to come out of course, you know that.”

Tags: captain, christmas, deffo, enterprise, evil, jean, news, picard, report, work