Network News

X My Profile
View More Activity
Posted at 8:44 AM ET, 09/15/2006

Morning Mix: Aniston Named 'Best Dressed'

By Liz Kelly

Headlines: Jennifer Aniston tops People's "best-dressed" list... Christie Brinkley files for divorce.... Anna Nicole Smith cleared to leave Bahamas; docs tried to revive Daniel for 23 minutes... John Heder ("Napoleon Dynamite") and wife expecting baby. Sweet... Bounty hunter Duane "Dog" Chapman arrested in Hawaii... Elton John ends spat with George Michael... Potential Brangelina bodyguard arrested for impersonating Homeland Security officer... Jack Nicholson hospitalized.

Rumor Mill: Us Weekly reporting Tom and Katie set wedding date; help EW craft their guest list; Sharon Osbourne calls Cruise a "nutter"... Is Lindsay Lohan engaged?... Video: "Rock Star" Lukas Rossi abandons girlfriend outside club (he also leaves her out of his list of who joined him to celebrate)... Paris Hilton "really likes" Travis Barker... Closet bar helps Ashton Kutcher cope with Demi Moore.

And thanks to Celebritology field agent Jenny Markley for spotting the "wild" changes to Britney's Web site (make sure your computer sound is on!)

By Liz Kelly  | September 15, 2006; 8:44 AM ET
Categories:  Daily Mix  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Reality Check
Next: Friday List: Rename Supernova

Comments

So...Britney is a furry now?

Posted by: ONoes | September 15, 2006 8:57 AM | Report abuse


www.onlinejournal.com
How to steal the next election using the Diebold AccuVote-TS voting machine or others like it

By Rev. Bill McGinnis

Researchers at Princeton University have released a new "Security Analysis of the Diebold AccuVote-TS Voting Machine," which finds many possibilities for election fraud in these particular voting machines. Their report also recognizes that similar problems likely exist with other direct recording electronic (DRE) voting machines, saying, "Simply put, many computer scientists doubt that paperless DREs can be made reliable and secure, and they expect that any failures of such systems would likely go undetected."

Here is a direct quotation from this report, describing some of the ways by which the next election could be stolen (most footnotes removed) . . .

2.2 Injecting Attack Code

"To carry out these attacks, the attacker must somehow install his malicious software on one or more voting machines. If he can get physical access to a machine for as little as one minute, he can install the software manually. The attacker can also install a voting machine virus that spreads to other machines, allowing him to commit widespread fraud even if he only has physical access to one machine or memory card."

2.2.1 Direct Installation

"An attacker with physical access to a machine would have least three methods of installing malicious software. The first is to create an EPROM chip containing a program that will install the attack code into the machine's flash memory, and then to open the machine, install the chip on its motherboard, and reboot from the EPROM.

"The second method is to exploit a back door feature in Diebold's code to manually install the attack files from a memory card. When the machine boots, it checks whether a file named explorer.glb exists on the removable memory card. If such a file is present, the machine boots into Windows Explorer rather than Diebold's BallotStation election software. An attacker could insert a memory card containing this file, reboot the machine, and then use Explorer to copy the attack files onto the machine or run them directly from the card.

"The third method exploits a service feature of the machine's bootloader. On startup, the machine checks the removable memory card for a file named fboot.nb0. If this file exists, the machine replaces the bootloader code in its onboard flash memory with the file's contents. An attacker could program a malicious bootloader, store it on a memory card as fboot.nb0, and reboot the machine with this card inserted, causing the Diebold bootloader to install the malicious software. (A similar method would create a malicious operating system image.)

"The first method requires the attacker to remove several screws and lift off the top of the machine to get access to the motherboard and EPROM. The other methods only require access to the memory card slot and power button, which are both behind a locked door on the side of the machine. The lock is easily picked -- one member of our group, who has modest locksmithing skills, can pick the lock consistently in less than 10 seconds. Alternatively, this slot can be reached by removing screws and opening the machine. Some attackers will have access to keys that can open the lock -- all AccuVote-TS machines in certain states use identical keys, there are thousands of keys in existence, and these keys can be copied at a hardware or lock store.

"A poll worker, election official, technician, or other person who had private access to a machine for as little as one minute could use these methods without detection. Poll workers often do have such access; for instance, in a widespread practice called 'sleepovers,' machines are sent home with poll workers the night before the election."

2.2.2 Voting Machine Viruses

"Rather than injecting code into each machine directly, an attacker could create a computer virus that would spread from one voting machine to another. Once installed on a single 'seed' machine, the virus would spread to other machines by methods described below, allowing an attacker with physical access to one machine (or card) to infect a potentially large population of machines. The virus could be programmed to install malicious software, such as a vote-stealing program or denial-of-service attack, on every machine it infected.

"When the machine is rebooted, it normally emits a musical chime that might be noticed during a stealth attack; but this sound can be suppressed by plugging headphones (or just a headphone connector) into the machine's headphone jack.

"To prove that this is possible, we constructed a demonstration virus that spreads itself automatically from machine to machine, installing our demonstration vote-stealing software on each infected system. Our demonstration virus, described in Section 4.3, can infect machines and memory cards. An infected machine will infect any memory card that is inserted into it. An infected memory card will infect any machine that is powered up or rebooted with the memory card inserted. Because cards are transferred between machines during vote counting and administrative activities, the infected population will grow over time.

"Diebold delivers software upgrades to the machines via memory cards: a technician inserts a memory card containing the updated code and then reboots the machine, causing the bootloader to install the new code from the memory card. This upgrade method relies on the correct functioning of the machine's bootloader, which is supposed to copy the upgraded code from the memory card into the machine's flash memory. But if the bootloader were already infected by a virus, then the virus could make the bootloader behave differently. For example, the bootloader could pretend to install the updates as expected but instead secretly propagate the virus onto the memory card. If the technician later used the same memory card to 'upgrade' other machines, he would in fact be installing the virus on them. Our demonstration virus illustrates these spreading techniques.

"Memory cards are also transferred between machines in the process of transmitting election definition files to voting machines before an election. According to Diebold, 'Data is downloaded onto the [memory] cards using a few [AccuVote] units, and then the stacks of [memory] cards are inserted into the thousands of [AccuVote] terminals to be sent to the polling places.'

"If one of the few units that download the data is infected, it will transfer the infection via the 'stacks of [memory] cards' into many voting machines."

You can download a complete copy of this report in PDF format by clicking here.

You can visit the report's main website at itpolicy.princeton.edu/voting.

Blessings to you. May God help us all.
Rev. Bill McGinnis is an Internet Christian minister, writer and publisher. He is director of LoveAllPeople.org, a small private think tank in Alexandria, Virginia, and all of its related websites, including InternetChurchOfChrist.org, CommitteeForTheGoldenRule.org, CivicAmerican.com, AmericanDemocrat.net and ElectionFraudPrevention.com. His agenda is to help maximize the happiness and well-being of all people.

Posted by: che | September 15, 2006 9:21 AM | Report abuse

Love the bar idea, Ashton. I might install one outside of the toilet, so I can have a drink while waiting for my husband to "finish." The funny thing is I am moving into a house with a walk-in closet. It's the biggest room in the house.

Posted by: Barb | September 15, 2006 9:47 AM | Report abuse

Britney's not furry, she's fur-out. Poor thing doesn't realize that she's so last year. I guess when you are as talent-limited as she is, you have to resort to gimmicks and such for attention.

Posted by: pnina | September 15, 2006 9:56 AM | Report abuse

So now Britney's trying to scare away what's left of her fans? Wierd.

Posted by: belgie | September 15, 2006 9:57 AM | Report abuse

no, sillies! brit brit has the Eye of the Tiger!! she's going to worm...er, ...worK her way back!

kill me now?

Posted by: wats | September 15, 2006 10:40 AM | Report abuse

That Britney thing is just plain old CREEPY.

Posted by: jen | September 15, 2006 11:43 AM | Report abuse

Is Ashton Kutcher, like, old enough to drink?

Posted by: mary | September 16, 2006 12:13 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2011 The Washington Post Company