Even more serious Diebold voting machine flaws

Harri Hursti of Black Box Voting has released a report (PDF) on yet more flaws (on top of others reported back in December) in Diebold TSx and TS6 Direct-Recording Electronic (or DRE) voting machines. Having a few minutes of physical access to a machine makes it possible to install software, using simple, easily available tools, which will completely compromise the machine in such a way that it will be impossible to tell whether future software updates are successful or not.

Ed Felten and Avi Rubin give more detail at Felten's blog, Freedom to Tinker, and question whether it makes sense to build voting machines based on commodity hardware and operating systems due to these risks. This certainly seems like an application where you'd want hardware-enforced verification of a stripped-down trusted computing platform.

Hursti's report says that there are three layers of software in the Diebold machines: a boot loader, an operating system (customized Windows CE), and an application program (the voting software). Each of the three layers has backdoors which allow bypassing security controls. The report states that "Different files on the system carry various subsets of the following features: Signature check, mode check, and integrity check. None of these can be considered security features against tampering. For example, the integrity check is [redacted]. This check can be equated to a very crude spell-checker. It is effective against accidental typing errors but not deliberate attacks."

The redacted portion, based on the description, is apparently a weak checksum such as CRC (cyclic redundancy check), rather than a cryptographically stronger checksum like MD5 or SHA1 (both of which have weaknesses of their own).

The Hursti report describes how an attacker could exploit the weaknesses at multiple levels to prevent the removal of malicious code. One such flaw (the details of which are redacted from the report) is that inserting a standard PCMCIA memory card into the machine containing a file with the appropriate name will cause the boot loader to reflash itself, installing the code in that file as the new boot loader on the system. As Hursti points out, "Due to the fact that the boot loader is the primary mechanism for its own reprogramming, if the boot loader is compromised with a deep attack, using the boot loader itself to install a known clean version of a boot loader is no longer a viable option as a recovery path to clean the system."

The report goes on to show similar flaws in replacing the operating system image, and points out a voter-accessible hidden button (labeled "battery test") that could be exploited by malicious code as a trigger for an attack.

The recommended defense against attacks is to physically protect the machines--as a machine can be compromised with less than five minutes of physical access, chain of custody evidence must be maintained from the machines' origin to final use, with no unsupervised access.

$5 billion lawsuit filed against Verizon

Two New Jersey attorneys, Bruce Afran and Carl Mayer, have filed a lawsuit in federal court in New York City against Verizon regarding its sharing of call-detail records with the NSA without a subpoena. The lawsuit charges that Verizon has violated a number of federal laws, including the 1986 Stored Communications Act (28 USC 2701), which provides for $1,000 in statutory damages for each violation. Some reports have quoted a $50 billion figure based the potential of one violation regarding the information of each of 50 million people, but the suit as filed asks for $1,000 per violation, or $5 billion if certified as a class action.

The Stored Communications Act is a confusingly-written piece of the Electronic Communications Privacy Act that covers both content records (such as email) as well as non-content records (such as log information and subscriber information). One of the exceptions in the law for when a provider can supply non-content information to a governmental entity without a subpoena is if (quoting from a commentary by law professor Orin Kerr) "the provider reasonably believes that an emergency involving immediate danger of death or serious physical injury to any person justifies disclosure of the information." This seems like a defense that Verizon will be likely to use to justify a program that's supposed to be used to identify and stop terrorists.

Verizon claims that it "does not, and will not, provide any government agency unfettered access to our customer records or provide information to the government under circumstances that would allow a fishing expedition."

RCN, a telecom and Internet provider (its assets include the former Erols Internet) based in Herndon, VA, has issued a press release stating that it, like Qwest, has not disclosed customer information except when required by legal process.

NSA call monitoring details revealed, blocks Justice Department investigation

USA Today has reported that the NSA has been collecting a database of call detail records from data provided by AT&T, Verizon, and BellSouth (no word on whether SBC or other ILECs and CLECs have participated). Qwest is noteworthy for having refused to participate in the program.

The collected CDRs include records of calls which both originate and terminate within the United States (i.e., completely domestic calls).

The NSA's goal was allegedly "'to create a database of every call ever made' within U.S. borders," which is out of scope for the NSA's mission.

Arlen Specter of the Senate Judiciary Committee says that the telcos will be questioned about their participation.

In other news today, the NSA managed to kill an investigation by the Justice Department's Office of Professional Responsibility into whether Justice Department attorneys violated ethical rules with regard to the NSA's domestic spying. They did this by denying requested security clearances to OPR investigators.

Abramoff's visits to the White House

Judicial Watch obtained records of Jack Abramoff's visits to the White House from the U.S. Secret Service, but they are demonstrably incomplete. At least three other visits known to have occurred were not included, as presaged by Scott McClellan's statement that the records were incomplete. The released documents record two visits, one on January 20, 2004 (from 10:42:20 to 11:29:34) and another on March 6, 2001 (from 16:23:35 to 16:49:50), in a format that differs from the format of White House visit records Judicial Watch previously obtained from the Clinton administration, which gave more information such as the name of the individual being visited. These records appear to be reports pulled directly from a badge access control system. (Via TPM Muckraker.)

The documents can be found here (PDF).

UPDATE (May 17, 2006): These logs are the only ones the U.S. Secret Service has--the logs that are needed for a complete record are in the possession of the White House.

Net Neutrality and Last-Mile Connectivity: An Analogy

Suppose we live in a world with no private automobiles. There are still airports, bus stations, and sea ports, and these are places with diverse carriers and services, giving you many options for traveling long distances to other locations. But to get from your home to these travel hubs, your options are limited to between one and three cab companies; most people have access to two, RBOC Cab and Cable Cab. Both cab companies own all of their own cabs, but RBOC Cab has been legally required to allow independent operators to rent their cabs. Those independent operators have been permitted to repaint the cabs, furnish the interiors differently, and offer additional services to customers within the content of the cabs, but the cabs are owned by RBOC Cab and are of the same size, and the radios are standard equipment owned and maintained by RBOC Cab. Cable Cab, by contrast, has never been required to allow independent operators to use its cabs, and has never done so. (UPDATE 11 May 2006: This is because Cable Cab pays 5% of revenue to local governments as part of their franchise agreement, while RBOC Cab, by contrast, has had government monopoly protection until 1996, has free access to rights of way, and receives government funding via "universal service" fees in order to provide service to rural areas. While Cable Cab funded its own purchasing of cabs and infrastructure, RBOC Cab built its infrastructure without risk as a result of the government support.) They initially didn't come with radios at all, but have recently furnished their cabs with radios.

The rules have recently been changed so that RBOC Cab will no longer be required to allow independent operators to rent their cabs. They've stopped allowing new independent operators to rent cabs, or existing independent operators to take on new customers, and have announced that they will be ending all of the independent operator contracts.

RBOC Cab has also announced that they intend to build larger cabs, in which some of the additional space will be used to provide new services, such as a fully stocked bar, refrigerator, and high-definition television. They will supply all of the contents of the bar and refrigerator, as well as what is shown on the TV, by entering into arrangements with suppliers, whom they intend to charge a fee for the privilege of using the facilities to reach their passengers. Passengers will not be permitted to use the refrigerators to store items that they've supplied, though they will still be allowed to bring along their own cooler, snacks, or video equipment, provided that it fits in the remaining space in the cab (which will be more space than in previous cabs).

Both cab companies reserve the right to deny transportation for certain kinds of items that they consider harmful or dangerous, or which impact their ability to function--items that stink up the cab, that could catch fire or explode, etc.

Cab Neutrality advocates argue that the Department of Transportation needs to create additional regulations which require the cab companies to allow passengers to carry whatever items they want, to use the radios to listen to whatever stations they want (whether the driver likes it or not), to put their own items in the refrigerator, and to allow all snack, beverage, and video providers to make use of the new equipment that RBOC Cabs plans to put into their cabs. They also want to require that the cab companies send cabs at the same speed to every travel hub, regardless of the hub's size or amount of demand for its services (or what the passengers want), and that all costs should be borne by the cab company, not the hub. RBOC Cabs responds by saying that in order to fund the building of the new cabs, they need to be able to charge the snack, beverage, and video providers to use the new equipment (in addition to the fee charged to the passengers, which is not enough to cover the actual cost), but that passengers are still free to bring their own snacks. Cab Neutrality advocates worry that unless they are allowed to bring whatever items they want, they might be prohibited from bringing their own snacks, beverages, and videos. RBOC Cabs have also claimed that they need to be able to build these larger cabs in order to travel longer distances, and suggested that their ability to carry snacks, beverages, and videos over long distances is part of the costs they need to recoup (when, in fact, the long distance transportation of even their snacks, beverages, and videos is provided in the highly competitive environment of the multiple transportation hubs, where there are no issues of capacity and costs per mile are significantly lower).

This is not a precise analogy, but I think it captures the highlights. To make it more precise, I'd need to actually talk about the roads, perhaps making the last mile owned by HOAs that are analogous to RBOCs and cable companies, with the HOAs placing restrictions on the size and type of vehicles that can move on those roads and creating new lanes for their own vehicles, which they want to rent out to third parties or make available for higher priority services that might need them for emergencies.

What's right about "Cab Neutrality" is that passengers want to be able to get to every travel hub and they want to be able to choose what food, beverages, and entertainment they get on the way. But the specific proposals they make are too specific, go beyond these basics, and create limitations in what new services and business arrangements can be developed.

As I see it, the biggest problem here is limited competition among cab companies--a situation which was alleviated to a large extent by the requirement that RBOC Cab lease out cabs to independent operators--a requirement that should have applied to Cable Cab as well. (If we had a way to purchase or rent our own vehicles from competitive sources, all of the worries about what the cab companies might do would be eliminated.)

A requirement on the cab companies that requires passengers to be able to carry whatever they want would have the unintended consequence that some malicious or unthinking passengers would carry items that the cab companies want to prohibit for good reason--harmful and dangerous materials, materials which disrupt service for other passengers. (E.g., spam, malware, denial of service attacks.)

A requirement that all cabs must travel at the same speed means that if I have an emergency where I want to be able to pay more to get to my travel hub faster, I can't do it. Passengers carrying organs for transplant surgery don't get to travel any faster than passengers going on vacation.

A requirement that all costs must be borne by the cab companies (both for transportation to the hubs and for the new cabs and equipment within them) limits the possibilities of new business arrangements between third parties and the cab companies. There might be a possible business model where a travel hub pays a fee to get more frequent cab services, with a lower cost to the cab passengers, subsidized by the long-haul transportation services. Or where video providers can supply services at different costs, with lower-cost services subsidized by advertising revenue.

Misinformation in defense of net neutrality

Adam Green, responding to Mike McCurry, writes (following Matt Stoller at MyDD) that:

Lie #1: McCurry knows the Internet is not "absent regulation" yet he's willing to deceive the public if it helps his clients. As Matt Stoller points out on MyDD:

What McCurry did not tell the public was that during the Clinton years, the FCC actively enforced net neutrality -- the Internet's First Amendment -- against his telecom clients. Common carrier statutes have in fact been a bedrock principle of telecommunications law since 1934, and in 1996 Congress ratified that with a commitment to network neutrality.

Mike McCurry has a moral obligation to everyone who has ever respected him and looked up to him to answer this question: Do you stand by your statement that the Internet is "absent regulation?" Or do you admit that, like so many parts of our American economy, the Internet does have rules?

This is deceptive--ISPs are not common carriers and Internet services offered by telecoms are not bound by common carriage regulations. Internet services have been classified as information services or enhanced services, and thus don't have to collect fees for universal service or take anyone who comes along as customers. Common carrier means you have to accept everyone as a customer and not discriminate about what traffic that is carried (so long as it's legal), but ISPs can, do, and should set standards beyond what the law requires in order to (for example) keep spammers off their networks. Common carrier status has only an indirect relationship to the Internet and net neutrality--it is about physical interconnection, not about Internet interconnection.

Stoller goes on to describe the FCC regulatory change regarding DSL networks:

Yet less than a year ago, in August, 2005, the Clinton -Gingrich policy of enforced network neutrality was radically upended by the FCC:

The FCC said that phone companies such as Verizon, SBC, BellSouth, Qwest and other local telcos will no longer be regulated by traditional telephone rules when it comes to their DSL broadband services. The FCC agreed unanimously to classify DSL broadband as an "information service" rather than a telephone service. Phone companies will no longer be required open their broadband networks to access by third-party ISPs.

After a one-year transition period, the phone companies can arbitrarily end any agreements they were forced to make with independent ISPs. During the transition year, the ISPs can attempt to negotiate new deals, but the cards are all in the hands of the telcos.

In other words, you know all that nice Clinton-Gingrich policy that made the internet work? Yeah, after a one year transition period, that's gone, as a sort of sunset provision for the free internet sets. This is incredibly sneaky. What McCurry is doing is couching a radical change to the internet in the guise of the status quo.

Stoller makes it sound like this change has something to do with RBOCs' Internet services, but it doesn't. It has to do with other ISPs using RBOCs' last-mile networks to connect consumers to their own Internet services--those ISPs typically don't connect to the RBOCs' Internet services, but rather purchase IP transit from multiple backbone providers.

Contrary to Stoller and Green, there was no "Clinton-Gingrich policy of enforced network neutrality" that required any kind of interconnection between providers of Internet services--rather, there was a requirement that telcos provide the use of their last-mile networks to ISPs to use to carry their own Internet services.

That requirement seems to have been a good one for creating competition among Internet services, but it's important to be clear that we're talking about the last-mile telco networks and not their Internet services or their backbones, though the telcos have continued to try to present that as the issue and many net neutrality defenders have wrongly accepted that as the issue.

Last mile competition, unlike net neutrality, is a real issue, especially for consumer Internet access. It's less of a problem for businesses since there is wider competition available via colocation services, metro fiber networks, and wireless. In my opinion, the best long-term defense against a telco/cable duopoly will be wireless access solutions, though there will no doubt be some others like broadband over power lines.

It is distressing to see net neutrality advocates continue to get basic facts wrong in defense of their poorly thought-out positions. If you don't understand how the Internet works today (technologically, politically, and legally), then you are not in a position to be making proposals about how it should be regulated that are not going to have significant (and likely very bad) unintended consequences.

Is There Really a Housing Bubble?

To many, the housing bubble seems a foregone conclusion. Uncountable blogs devoted to the bubble give the impression that you must be crazy or stupid to not see it. In spite of this, I remain unconvinced. I’m not even sure I know what the “housing bubble” is.

Here is a working definition:

…that housing prices have been pushed well beyond any semblance of reasonableness and the dictates of healthy market fundamentals due to excessive liquidity, extremely relaxed lending standards, a speculative mania, and the increasingly irresponsible "cheerleading" of vested interests.

Endless scary graphs, like this one, which shows Phoenix appreciation rates over the past 30 years, seem to bear this out. Nonetheless, I am left with questions.

For example, who decides what price is “reasonable”? What standard should we use? Value is entirely subjective. Price, being a function of value plus ability to pay, can seem “unreasonable” to some, but “very reasonable” to others. The only one that matters, though, is the person who actually buys—and who, in so doing, reveals his opinion that the price is “reasonable.”

Where is the evidence of a “speculative mania”? You can’t simply point to the recent rapid appreciation rates and say, “See?”, because that’s assuming what you’re trying to prove. What evidence I’ve seen for this has been sparse and unconvincing, so far. Of course I could be wrong, and we could be on the precipice of the largest housing price decline in history. Unfortunately we’ll only know in retrospect.

The charge of “excessive liquidity” and “relaxed lending standards” also rings hollow to me. Now, it seems certain that the amount of borrowing taking place has increased significantly, but that could be caused by any number of things. Why does this automatically mean that lenders have become “extremely relaxed” with their money—which I presume means they’ve suddenly become willing to lend to any fiscally irresponsible idiot, as long as he has a heartbeat? This seems a testable hypothesis to me. If such an explanation were true, wouldn’t you expect to see foreclosure actions increase over time, as the bad debtors began defaulting on their loans?

When debtors default on their loans, lenders need to provide public notice of the impending sale of the property. These notices get recorded at the county recorders office, usually in the form of a Notice of Trustee’s Sale. In order for a lender to record a Notice of Trustee’s Sale, a borrower has to be at least 90 days late on her mortgage payments. Luckily, Maricopa County makes these records easy to obtain.

This graph shows data I’ve compiled from the Maricopa County Recorders office. The blue line is the number of Notices of Trustee’s Sales per month, over the past 11 years. The dotted red line is a 3-month moving average. What does this graph tell us? My first impression is that it’s easy to see evidence of the 2001 tech bubble, but, if anything, Maricopa County seems to have recovered from that, as the average number of notices has returned to 1996ish levels.

Admittedly this one graph is hardly a death-blow to the idea of the bubble, but I believe it’s important to take note of it, if for nothing else, then at least as a caution against our tendency to succumb to Chicken-Littleism and confirmation bias.

National Day of Prayer II

I went by the west lawn of the Capitol yesterday to see the set up for the National Day of Prayer event. There were a series of rotating speakers reading from the Bible to an audience of empty chairs (though I'm sure they filled them for their 5 p.m. event). We then had a scheduled private tour at the Supreme Court, and got to see the Justice House of Prayer/Bound4Life cult members praying in front of the steps--these are the "interns" who pay $500/mo or so (the fee details seem to have disappeared from their website, but it was $1500 for a 3-mo internship when I commented on them in December) for the privilege of praying the same 22-word prayer over and over in hopes that the Supreme Court will reverse Roe v. Wade. (I almost think such strategies should be encouraged. These interns aren't hurting anything with their "silent sieges," and it's keeping them out of other kinds of trouble they could be getting into or causing.)

We didn't make it back to the Capitol until later in the evening, instead choosing to eat an excellent meal in Chinatown with some friends.

(Previously.)

Facts about Mexico's drug decriminalization

The new law (which Fox has now declined to sign, and has asked for one that appears more anti-drug) would have the following effects:

1. Allow local police as well as federal police to pursue drug-related crime. This is a strengthening of anti-drug laws.
2. Codify the specifics for amounts of drugs which, if possessed, do not result in criminal prosecution, but diversion to treatment programs. Currently, this is at the judge's discretion, requires some kind of evidence of being an addict, and is apparently a source of corruption (pay a bribe, get the charges dropped). This change seems to be relatively neutral.

It doesn't appear to me likely that these changes would have much effect on the availability or acceptability of illegal drugs in Mexico.

National Day of Prayer

Today is the National Day of Prayer, an event made permanent (on the first Thursday in May) by Congress and signed into law by Ronald Reagan in 1988, six years after the National Prayer Committee started pushing for it. Presidents had previously been able to declare National Days of Prayer whenever they saw fit, a tradition that became annual starting around 1951. Presidents can still augment this with additional National Days of Prayer, as Bush added a National Day of Prayer and Remembrance on September 14, 2001.

As I happen to be in Washington, D.C., very near the Capitol building, I'd like to check out the event on the west lawn of the Capitol tonight (unfortunately a previous dinner commitment overlaps with the event) and see whether the participants are able to reconcile their activities with the Bible, let alone empirical evidence for the ineffectiveness of prayer. In Matthew 6:5-7, Jesus condemns the false piety of "hypocrites" who pray in public, and advises that his followers pray secretly in their closets and not engage in "vain repetitions"--it's one of the most ignored verses in the Bible.

As the Freedom From Religion Foundation has pointed out for years, "nothing fails like prayer."

(Subsequently.)