As the silly season comes to a close with today’s election (at least for, like, a week or so) there’s a change to the political process I’ve been thinking about a lot. And it’s not e-voting, election fraud, or other issues we’ve occasionally discussed.
From BoingBoing:
If you experience any irregularities in voting today, call 1-866-OUR-VOTE, the hotline for the National Campaign for Fair Elections. EFF lawyers and many others are standing by across the country to take legal action to remove malfunctioning voting machines, keep polls open, etc.
An unpatched vulnerability being exploited in the wild.
When I’m on a Windows system (I run it virtualized on my Mac for work) I tend to use multiple browsers since even Firefox has issues at times.
After reviewing the materials I could find online I directly contacted Thierry Zoller and he was kind enough to respond with more details. In his words (with permission). Short version is the flaw is well patched, but the exploit is a new technique of getting a remote shell. No kernel bugs this time:
I have no details, but am investigating.
http://isc.sans.org/diary.php?storyid=1817
I know there are some Bluetooth 0days floating around for various platforms, but this one wasn’t on my list.
In the comments of my last post, bkwatch reminds me that paper ballots are from from perfect.
I totally agree.
I’ll be updating the look and feel of the site slightly, and performing some other system updates.
There shouldn’t be any outages, but if you do notice anything strange or some HTML/CSS issues please let me know
I don’t know a single security expert that supports any current implementation of electronic voting.
It’s too late for this election, but if we don’t take action before 2008, we might as well kiss what’s left of democracy in the United States goodbye.
I don’t cover industry issues here, but this is just too good to pass up.
Sanjay Kumar, former CEO of CA, is sentenced to 12 years and $8M in fines.
Now there’s something I need to admit here. Hopefully it won’t scare you courageous readers away. You see, as much as I (and fortunately, my employer) consider myself a security expert it wasn’t exactly my major. Nope, wasn’t computer science either. History, you ask? With a bit of molecular biology? Yep, you got it.