[Dailydave] just got back from obama event

[dan at geer.org]

 | 
 | Someone should put up a "Hackers for Diebold" website. Motto:
 | Diebold: The technology you need, the election results you want!
 | Although it looks like Florida doesn't get to vote in the primary
 | anymore either way.
 | 


W.r.t. Diebold, they and all others suffer from a
universal election commission requirement that might
be worth discussion here.  It is that on election day
if something in an election machine breaks, then the
(various) election commision(s) insist on being able to
reload/restart on demand, and to do so with essentially
unskilled help.

The reason it might be worth discussion is a general
design-level question for embedded systems -- do you
or do you not want an embedded system to have a remote
management interface.  An argument "for" is "How else
can we recover from design flaws found later?"  An
argument "against" is "A remote management interface
is the openest invitation to mischief."  All the actual
engineers here will agree that, when building something,
the outcome can be no better than the problem statement.

I do know something about Diebold's election experience
in Ohio, and it is consistent with my first remark, viz., 
the requirement for a mid-Election-Day correction.  From 
the Atty. General's point of view, a DoS against the
electorate due to something that he could fix but wasn't
able to do so because of "security" is paramount.
I also know that technology to absolutely lock down
the configuration of the election machines he had did exist,
had been bought, had been tested, and yet eventually
foundered on the requirement I mentioned -- it was not
possible to both lock the configuration and to make it
field upgradable by cops and retirees.

On the other point, I have nothing to offer to trump
Howard Dean, but I do so enjoy watching.

--dan