Re: Symantec Security Report on Hart Intercivic

[Paul E Condon <pecondon@xxxxxxxxxxxxxxxx>]

On Fri, May 27, 2005 at 09:33:41AM -0600, Joe Pezzillo wrote:
> 
> I did a search for "HartIntercivic Sybase" on Google and found this  
> document:
> 
> 
> http://www.hartintercivic.com/files/ 
> HART_SYMANTEC_SECURITY_REPORT_White_Paper.pdf
> 
> 
> It appears to be a Symantec branded "Security Analysis" of the Hart  
> eSlate system, I'm wondering if anyone has read it?
> 
> (Google will also translate it into an HTML web page for you if you  
> don't want to download and read the PDF).
> 
> 
> Joe
> 

This document is a vacuous consultant work product. There a lot of
marketing buzz words which usually have no meaning and some which are
also standard computer technical jargon.  But there is nothing that I
can find in it that indicates that the authors understand the standard
technical meanings of the words that they use. It is the kind of
preliminary study that consultants do when they need to deliver
something to a new client to see how he responds. Usually if the
client reveals that they have actually read beyond the executive
summary, the consultant rethinks whether they want the business. On
the other hand, if the client asks questions, the consultant offers to
explain the report, for a fat fee. 

There is nothing about alternative designs, and therefore there is 
nothing about where Hart eSlate stands in comparison to other ways
of doing voting. 

They discuss security without discussing what they mean by security.
The security requirements seem to be something that comes from 
somewhere else. Consider, for example, at bottom of pg10 

<quote>
Network encryption of data ­ Network transfer of data occurs only in
specific, limited circumstances between customer-managed
facilities. These transfers occur over either dial-up connections on
the public telephone network or temporary local private networks
composed of a few peer-to-peer machines where all cabling is
visible. All client-server connections are protected using SSL and
mutual digital certificate authentication. The eSlate System employs
the Sybase SQL Anywhere Database and the Sybase network encryption
features are enabled with mutual digital certificate authentication to
secure connections to a remote database.
</quote>

OK, what ARE the specific circumstances? How limited are they? What
do they mean by customer-managed? These are weasel words for something,
but what? 

And what transfers are required by the normal functioning of the Hart
System? It doesn't say, but one gets the impression that they want one
to believe it is small, and well managed. But managed by the customer, whoever that is. And
is the customer competent to manage this? If they mean a customer of
Hart Intercivic, namely Boulder County, I would say this is surely
not true. And what do they mean by network? Etc, etc. This document
raises many more questions than it answers, and raises questions which
if asked, would give them carte blanc to guide the discussion away
from any actual problems with the system. 

Of course, all system level computer consultants are con-men, so one
should not be too hard on Hart for hooking up with some specific
con-men. But this document adds nothing to the search for a good way
to conduct elections. And honest people should eschew using it as a
basis for discussion of a voting system, even the Hart system. It
will lead you into a wilderness of obfuscation and deception.

Just by $.02 worth.

-- 
Paul E Condon           
pecondon@xxxxxxxxxxxxxxxx