[CIMC-work] FW: [Imc-legal] diebold story on ap

Tue Oct 28 17:06:02 PST 2003

------ Forwarded Message
From: Sheri Herndon <sheri at speakeasy.org>
Date: Mon, 27 Oct 2003 19:51:24 -0800
To: imc-legal at indymedia.org
Subject: [Imc-legal] diebold story on ap

We hit AP with the Diebold story!

http://msnbc.com/news/985810.asp

E-voting flap generates legal threats

By Rachel Konrad, Associated Press

Despite lawsuit threats from one of the nation's largest electronic voting
machine suppliers, some activists are refusing to remove from Web sites
internal company documents that they claim raise serious security questions.
DIEBOLD INC. sent "cease and desist" letters after the documents and
internal e-mails, allegedly stolen by a hacker, were distributed on the
Internet. Recipients of the letters included computer programmers, students
at Swarthmore College and at least one Internet provider.

Most of the 13,000 pages of documents are little more than banal employee
e-mails, routine software manuals and old voter record files. But several
items appear to raise security concerns.

Diebold refused to discuss the documents' contents. Company spokesman Mike
Jacobsen said the fact that the company sent the cease-and-desist letters
does not mean the documents are authentic -- or give credence to advocates
who claim lax Diebold security could allow hackers to rig machines.

"We're cautioning anyone from drawing wrong or incomplete conclusions about
any of those documents or files purporting to be authentic," Jacobsen said.

CAN TECHNOLOGY BE TRUSTED?
But the activists say the mere fact that Diebold was hacked shows that the
company's technology cannot be trusted.

"These legal threats are an acknowledgment of the horrific security risks
of electronic voting," said Sacramento-based programmer Jim March, who
received a cease and desist order last month but continues to publish the
documents on his personal Web site.

In one series of e-mails, a senior engineer dismisses concern from a
lower-level programmer who questions why the company lacked certification
for a customized operating system used in touch-screen voting machines.

The Federal Election Commission requires voting software to be certified by
an independent research lab.

In another e-mail, a Diebold executive scolded programmers for leaving
software files on an Internet site without password protection.

"This potentially gives the software away to whomever wants it," the
manager wrote in the e-mail.

March contends the public has a right to know about Diebold security
problems.

"The cease-and-desist orders are like a drug dealer saying, 'Hey, cop, give
me back my crack.' It's an incredible tactical blunder," he said.

DISTRIBUTED OVER INTERNET
The documents began appearing online this summer, six months after a hacker
broke into the North Canton, Ohio-based company's servers using an
employee's ID number, Jacobsen said. The hacker copied company
announcements, software bulletins and internal e-mails dating back to
January 1999, Jacobsen said.

In August, someone e-mailed the data to electronic-voting activists, many
of whom published stories on their Web logs and personal sites. The data
was further distributed in digital form around the Internet, and it is not
known how many copies exist.

Wendy Seltzer, an attorney for the Electronic Frontier Foundation, said she
has been contacted by about a dozen groups that received cease-and-desist
letters. Among them is Online Policy Group, a nonprofit ISP that hosts the
San Francisco Bay Area Independent Media Center, which published links to
the data.

Seltzer encouraged them to defy the Diebold cease-and-desist letters.

"There is a strong fair-use defense," Seltzer said. "People are using these
documents to talk about the very mechanism of democracy -- how the votes
are counted. It's at the heart of what the First Amendment protects."

Although Seltzer believes Diebold's legal case to be weak, she worries
about a chilling effect.

Angered last week after Swarthmore College told them they could not link to
the documents from college-sponsored sites, some students at the liberal
arts school near Philadelphia found Internet providers abroad to host the
content. Others took down the offending material at their dean's request,
but they promised to put the documents back online if Diebold doesn't
provide a more detailed explanation within two weeks. Branen Salmon, 22,
president of the Swarthmore College Computer Society, said Diebold's
threats put the documents in the spotlight.

"A week ago, this was still a murmur," Salmon said last Thursday. "Now this
is front-page stuff that people are talking about."

_______________________________________________
Imc-legal mailing list
Imc-legal at lists.indymedia.org
http://lists.indymedia.org/mailman/listinfo/imc-legal

------ End of Forwarded Message