Navigation
Topics
Log In
Log Out
:
Special Search
New Today
New This Week
Advanced Search
Tree View
Your Account
Edit Profile
Register
Forgot Password
Tools
Help/Instructions
Policies
...
|
| (USA) Here is the Accenture software ... |
|
| Author |
Message |
    
Bev Harris
Board Administrator
Username: Admin
Post Number: 11638
Registered: 12-2004
Best of Black Box? 
Votes: 15 (A keeper?) | | Posted on Wednesday, June 20, 2012 - 6:46 pm: | 
|
This is an installation kit which contains the software; it also has the installation instructions, and a text file explaining how to set it up on a standalone machine if you aren't on a network.
This voter registration and voter history system has been widely criticized -- in Colorado, where it reportedly assigned voters who are Republicans as Democrats, and vice versa, and in Tennessee where it has been proven to lose voter histories.
Now you can examine it yourself.
The MS Access files contain quite a bit of source code. This set is circa 2004.
The file is quite large, so allow a LONG time for it to download.
[Removed due to DMCA Takedown Notice - Accenture has filed a cease and desist notice claiming copyright]
It was: 323,592 KB
Also perhaps of interest is this set of notes:
[Accenture may want to hide the evidence on these from the public too]...
Note that one of the service items reveals that it was tripling votes for "random" voters in the 2004 primary. Files I have obtained show that it doubled or tripled votes in the 2008 primary, and also in the May 2010 and Aug 2010 primaries in Tennessee. However: It is not random. It only appears to be random when voters are sorted by fields other than precinct/voter ID. In fact, it is doubling and tripling recorded votes in white Republican suburbs.
Now you can examine some of the logic (or lack of) in the programs yourself. |
Dan Gutknecht
Voting Rights Forum Participant
Username: Dang
Post Number: 1
Registered: 6-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, June 20, 2012 - 8:53 pm: |
|
WOW!!!
JACKPOT!!! |
rainbowsally
Voting Rights Forum Participant
Username: Rainbowsally
Post Number: 1
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 2:00 am: |
|
This could be it but since it appears that intelligence is behind the strange behavior of this software (is it haunted?) ;-), this may just be the key to the next level of play.
In any case this is a huge break.
And remember Sherlock. |
Tom Courbat
Frequent Voting Rights Forum Participant
Username: Leftisbest
Post Number: 125
Registered: 6-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 2:06 am: |
|
Hi Bev,
As usual, you SO rock! |
rainbowsally
Voting Rights Forum Participant
Username: Rainbowsally
Post Number: 2
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 3:45 am: |
|
Let's all take a poke at this, even if we don't know what we're doing -- until some guys that are familiar with MS products and specifically with Access show up around here.
First thing that jumped out at me was the precinct split function. (Setting static variables.)
1. I wonder what happens if this is modified while a transaction is underway.
2. Is there any time the two variables exist at the same time?
Might seem like a naive question as I don't know the first thing about how this software works. ;-)
This question came to mind based on Bev's noticing another oddity regarding precincts, namely "it allows political party ID to be set differently from one precinct to another".
No harm in downloading it even if you don't know the first thing about it, eh?
I have dialup. 6% downloaded already (it's been hours).
woo hoo! |
Stephen Marsh
Voting Rights Forum Participant
Username: Mars7017
Post Number: 1
Registered: 6-2008
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 5:30 am: |
|
Here's a link to a torrent of the file. I'm seeding for the time being.
[link removed DMCA takedown by Accenture to hide their information from the public] |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11640
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 6:47 am: |
|
Thanks, Stephen. I forgot to recommend that others propagate it once downloaded, so that is very much appreciated!
Yes, folks, unless you have high speed Internet your system may time out while downloading. It took me 45 minutes to upload it on high speed wireless.
Note that this software integrates with additional software at the state level, and that problems have now also been identified with disappearing histories at state levels. That means, you may only have half the equation with this.
I hope to get time to post some of the updated files done to customize Shelby County. That system also integrates with the voting machines themselves, as noted in previous articles in the main news section of this web site. |
Velvet Hutson
Voting Rights Forum Participant
Username: Vhutson
Post Number: 1
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 7:45 am: |
|
what's with the tblXXXXPayments tables in the VoterDTS.mdb? Looks like they're recording billable hours for working the elections, and recording that in the same DB as the votes? |
Ndi Vdonq
Voting Rights Forum Participant
Username: Vdonq
Post Number: 1
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 8:05 am: |
|
Found my way here mostly as a laugh. A colleague of mine noticed it and showed me the link after my complete refusal to believe anything this important could possibly be using Access as it's database. Now to hear that there is actually logic, embedded in the database, and that voter registration and tally processing was using it in any way at all? Well that is depressing, to say the least.
On the plus side, today is the first day I don't feel embarrassed to admit I develop applications in Office/VBA frequently and know Access well. Thank you for the torrent, I will check back in the morning and make sure it's getting seeded still. |
Velvet Hutson
Voting Rights Forum Participant
Username: Vhutson
Post Number: 2
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 8:50 am: |
|
Your Microsoft Office Access database or project contains a missing or broken reference to the file 'DTSRunner.exe' version 9.0
(I haven't run any of the setup programs, just trying to look at the CMISDTS contents)
wonder if it means this DTSRunner.exe ?
http://www.prevx.com/filenames/X819308088777351475-X1/DTSRUNNER.EXE.html
"File Behavior
DTSRUNNER.EXE has been seen to perform the following behavior:
Executes a Process
Writes to another Process's Virtual Memory (Process Hijacking)
Can communicate with other computer systems using HTTP protocols
Downloads program file(s) and other content from the web
This Process is a file infector which modifies program files to include a copy of the infection
Looks at the contents of the autoexec.bat file
Reads email address and phone book details
DTSRUNNER.EXE has been the subject of the following behavior:
Added as a Registry auto start to load Program on Boot up
Created as a process on disk
Executed as a Process
Has code inserted into its Virtual Memory space by other programs"
ETA: dismissed that error message and got:
ODBC -- connection to 'VoterD8A' failed
that's an 8, not a B, and that's what the message sez. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11641
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 8:51 am: |
|
Yes, Velvet, I thought that was dumb too. There are good reasons to have systems with limited functionality, and combining a sort of pollworker payment and accounting system with a voter registration system is rather strange and completely unnecessary.
Ndi, if you were surprised to see that this is on an MS Access platform, you'll be horrified to learn that the Diebold/ES&S vote COUNTING system, GEMS, is also based on that. I have the full installation software kit for that, plus some actual vote databases, at this site - put "GEMS" into the search box for that. If you search "Hacking Democracy" at YouTube you'll see an HBO documentary on our work, in which computer guru Hugh Thompson waltzes through the backdoor to completely rewrite election results using a VBA script, in a real election office in Florida.
Blessings to you all for paying attention and offering your comments. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11642
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 8:55 am: |
|
According to deposition testimony in Shelby County, most election employees have access to this system, including temps, and several employees have remote access to it. It is also accessed remotely during early voting. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11643
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 9:22 am: |
|
This in by email from someone who is in a position to know:
You know I was blowing the whistle on all this about 10 years ago!!
Accenture is long gone (but not punished at all); most of the systems are newer or are being managed by other firms (PA is probably the worst system out there and deserves some attention).
The CMIS/Accenture database was NOT NORMALIZED--that means it stored the 'same' data in multiple tables--hence stuff got out of 'sync'. For example, they may have stored precinct and precinct name in the VOTER record table, but then 'link' to a PRECINCT table. If the name of the precinct changed in the precinct table, it would NOT update in the voter record table. Stuff like this. It was maddening to work with it as it was POORLY designed. The fault all lies with Tracy Lewin of CMIS of Fayetteville, AR.
CW
Bev's note: and in Shelby County, it is still an Arkansas contractor named Curt Wolfe. |
Roy Lipscomb
Voting Rights Forum Participant
Username: Lipscomb
Post Number: 38
Registered: 8-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 1:04 pm: |
|
Bev,
Regarding the last sentence in your latest posting:
* Are you saying that Curt Wolfe is to blame for poor design of Shelby County's elections software?
* Is Curt Wolfe the "CW" who authored the message you quoted?
Thanks,
Roy |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11644
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 1:12 pm: |
|
Roy:
Nope, not blaming it on Curt Wolfe; I think he was originally with Accenture while it was putting out this system, but that doesn't tell us anything about whether he was involved in overall design or not. Maybe now he's just stuck with applying multiple bandaids to decisions someone else made.
No, he is definitely not the CW who authored the message. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11645
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 1:22 pm: |
|
Link to more info and a customization work order and some Visual Basic code written by Curt Wolfe regarding cast vote logic for this system.
http://www.bbvforums.org/forums/messages/8/82018.html
Scroll down past article to message below for links to files. |
Don Brock
Voting Rights Forum Participant
Username: Donbrock
Post Number: 1
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 4:04 pm: |
|
I couldn't find any actual source code to build the various exe's & dll's. Are you sure this file contains source code? |
Velvet Hutson
Voting Rights Forum Participant
Username: Vhutson
Post Number: 3
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 4:38 pm: |
|
VoterDTSSetup/CMISDTS.mdb has a bunch of Visual Basic scripts in it - mostly constructing SQL query strings that I've seen so far. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11646
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 21, 2012 - 4:57 pm: |
|
You can read the report generating scripts by right clicking the table and selecting design view, then SQL.
It can also be useful to set up mock data and observe how the program handles the data while you execute various commands and reports. |
Joshua Perry
Voting Rights Forum Participant
Username: Joshperry
Post Number: 1
Registered: 6-2012
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, June 22, 2012 - 12:07 pm: |
|
This is very similar to the SVRS application Accenture developed for Wisconsin. that thing was an absolute piece of garbage. It cost about $18 million to develop and looked like it was written by recent college graduates with no experience. the hardware required to run it was absolutely ridiculous. Anything I've ever seen from Accenture is completely worthless. Of course, there's also the Waukesha County Clerk that created her own MS Access database to report vote totals rather than using the SVRS system, and that was an even bigger piece of junk. I was glad to see that SVRS was being scrapped and completely redone by state employees, though after the mass exodus this last year (I left for the private sector myself), I'm not sure there is enough talent left to get it done right anyway.
Anyway, from what I remember reading in the contract with Accenture, they were selling their horrible software to just about every state. |
Charles Christopher
Frequent Voting Rights Forum Participant
Username: Ilikeinfo
Post Number: 341
Registered: 11-2006
Best of Black Box? 
Votes: 1 (A keeper?) | | Posted on Saturday, June 23, 2012 - 8:07 pm: |
|
Something to ponder for those who are not aware of this:
Microsoft exposes certain interfaces for use by "third parties". For example if you author code using a C complier you will use those "documented" interfaces. However Microsoft uses completely DIFFERENT interfaces (calls / functions / procedures) for it's own applications. So there are in effect two isolated "layers" of application and application/OS communciations going on in Windows. This is exactly why you see Microsoft products having "features" you don't see on other apps, it's their "private functions" they do not expose to others .....
For example Access and it's ODBC interface are going to use Microsoft's "internal calls".
If you actually know the underlying "Microsoft Calls" you could use them to, but they are of course undocumented as well as their data structures.
This came to mind when I read the "DTSRUNNER.EXE" post above.
Microsoft OS operation is opaque. Thus using their DB backend puts it into a "black hole" of accountability on a given installation / deployment ..... Which also makes me wonder how the above software maight behave on an older Win OS version versus newer OS version (CE?) .... And if it was deployed using and older OS version were there any unique "glue drivers" to make it work?
Was this software originally deployed on "embedded" type hardware (CE perhaps?) versus common off the shelf PCs?
Problem definition *FIRST*, solution formulation *SECOND*.
The frog just needs to *SEE* the thermometer
Twenty-Five Ways To Suppress Truth
|
Bev Harris
Board Administrator
Username: Admin
Post Number: 11648
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 25, 2012 - 8:28 am: |
|
Amazingly, Accenture, which sold its crap-on-a-stick high-school sophomoric completely insecure malfunctioning voter registration software to a bunch of states, so unsuccessfully that Colorado refused to pay and others, like Wisconsin and Shelby County, bought out the source code in order to try to bandaid it into a functional system, has decided to issue a DMCA protective order against Black Box Voting for exposing its flawed software.
Last time a voting system company did a DMCA takedown notice (Diebold, in 2004) it got socked with punitive charges for abusing the Digital Millennium Copyright Act, trying to use it to block distribution of material clearly published in the public interest.
If you want a copy of the voter registration software I posted Thursday, might as well get it -- and mirror it, torrent it, dropbox it, or whatever -- today. I'll probably pull it down by June 27, not because their claim is valid, but because there are higher priorities for spending my time during this election season and thanks to Slashdot and some pals in Europe, this software has now been widely mirrored elsewhere.
Here is the DMCA issued to Black Box Voting:
Date: Fri, 22 Jun 2012 17:17:41 -0400 (EDT)
From: Rackspace AUP Team
Subject: Please Review Immediately - DMCA
Hello,
We have received a notice pursuant to the Digital Millennium Copyright Act ("DMCA") from Accenture Global Services Ltd regarding certain content appearing at the above-referenced website (the "Website"). A copy of this notice has been sent to you via email at [redacted]. This company alleges that material posted on your company's website infringes on their copyright. Please remove the content claimed to be infringing from the Website and confirm to me in writing that you have done so by 8:00 A.M. Central Time, 6/27/2012. If the allegedly infringing content is not removed and/or I have not received your written confirmation by that time, Rackspace will suspend network access to the server(s) hosting the Website.
Please note that you may provide a counter notification, stating that the posted material is not infringing the alleged copyright, in accordance with the provisions of 17 U.S.C. §512(g)(3) to Rackspace's designated agent:
Director of Compliance
Rackspace Hosting
(Note that Rackspace is only doing what it's required to do. They are a superb web hosting company, and have helped keep the Black Box Voting sites up and secure for many years now.)
After releasing it into the wild, we can all see that the system is hardly worth the $20 MILLION Accenture tried to charge the state of Colorado, with equally exhorbitant fees hitting taxpayers in other states and counties.
There are multiple possible explanations for how this system doubles and triples reported votes for some voters (oddly, in White Republican suburbs), and for why it likes to alter people's political party and erase their voter history.
SUMMARY OF FINDINGS ON ACCENTURE'S VOTER REGISTRATION SYSTEM
Accenture's "ESM" voter registration / voter history system is really just a bunch of Microsoft Access tables riddled with faulty joins, lacking referential integrity, and also open to malicious play using easily written hidden Visual Basic or Java scripts residing on any computer linked into it. It cannot be made secure without completely redesigning the architecture.
Watch "Hacking Democracy" (search it on YouTube) for a real-life example of how simple it is to bypass all passwords using a VBA script, to implement anything you want with hidden code commands in systems built on this platform, which is also used for the Diebold GEMS system.
Yah, so where is "Accenture Global Services" based out of anyway? Cayman Islands? Or is it now another tax-evading corporate secrecy haven, used not only to avoid paying taxes but to prevent the American public from knowing anything about the creepy white men who control corporate ownership.
PERMISSION TO REPRINT GRANTED, WITH LINK TO http://www.blackboxvoting.org
POSTSCRIPT: This software was originally election.com, a Cayman Islands-based company owned by unnamed Saudi businessmen. Accenture bought election.com, shifting ownership to Accenture Ltd, which was located in Bermuda (another tax haven); according to the Wall Street Journal, due to the current US crackdown on tax dodging corporations, Accenture has now relocated to Dublin, Ireland.
ARCHIVED POST, ORIGINALLY POSTED IN LATEST NEWS |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11649
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 25, 2012 - 8:29 am: |
|
already on TBP.
thepiratebay.se
link removed DMCA takedown from Accenture
seed and redistribute!
ARCHIVED POST; ORIGINALLY POSTED IN LATEST NEWS |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11650
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, June 25, 2012 - 8:31 am: |
|
to my personal email from "MC", a software pro who describes the recklessness of Accenture's software more precisely than my "crap on a stick" description:
quote:Hi Bev,
I've been a long-time supporter of BBV, and am fully aware of the futility of attempting to create a secure database system with Access. I put together the first Access Security FAQ that has been posted on Microsoft's web site for many years as well as other topics related to database security vulnerabilities.
The use of Access, with its well-known vulnerabilities and lack of auditing capabilities, can only have been deliberate and intentional. There has been code floating around the Internet for years that enables anyone capable of using a search engine to crack Access security. And when they break in, there is no way to detect the intrusion. All of these things are well-known to developers around the world, and have been since the mid-1990's.
If someone knowingly certifies shoddy steel when building a bridge, and that bridge later collapses, then they are criminally liable. If someone attempts to certify election software built on top of Microsoft Access as secure or robust, then they should also be held liable. No responsible public official would buy such software if they knew of its inherent and unfixable vulnerabilities unless they were participating in the fraud and hoped to benefit.
I don't even need to download Accenture's code to know that it's a piece of crap -- that's a given when its built on Access. I'm not slamming Access per se, it has its place in the business world as a very useful tool for small database applications that sit behind a firewall, but it is definitely criminal to assert that it will be secure or safe outside of a secured environment where you cannot prevent unauthorized access, audit intrusions, or guarantee the chain of custody of the .mdb file.
I'd be happy to testify to this, and can help you round up other Access experts, one of whom still works for Microsoft, if you need additional expert testimony. Best regards,
MC
Former Access Security expert, MVP, & former Microsoft employee
ARCHIVED POST; ORIGINALLY POSTED IN LATEST NEWS THREAD |
From the Mailbag
Frequent Voting Rights Forum Participant
Username: Mailbag
Post Number: 323
Registered: 10-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, June 25, 2012 - 8:41 am: |
|
Sent to me by email, from another person (who did provide real name in my email) in a position to know:
Granted, it's been a few years since I had a user account on this system, (time flies), but I recall that getting into and changing someone's voter history was a trivially difficult thing. "Creating" an election day, regular or special, was a relentlessly difficult process. But once that was done, getting in and changing a voter's history was a snap. The system had a major snafu that would make it necessary to frequently reverse a voter's having voted.
[The version we used] would increment a voter's history upon APPLICATION for an absentee ballot. If that ballot was never returned, it was necessary to go back in and "de-vote" a voter's history for that year. It was not a single voter edit, it was a batch process. If one had nefarious motives, that batch process could be abused ... we intuitively knew how dangerous it potentially was.
"B"
A batch process to delete a set of voter histories. Wow. That is dangerous.
But it also doesn't explain how a set of voter histories from ALL elections, going back 10 years, could go missing.
Thanks, great information. |
From the Mailbag
Frequent Voting Rights Forum Participant
Username: Mailbag
Post Number: 326
Registered: 10-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 25, 2012 - 9:13 am: |
|
Also received by email:
Bev, I have 12 years work experience with MS Access. It is a widely / commonly used data manipulation program that handles data for any coded program written specifically to work with it. The beauty of such a combination is that it allows one to switch out the data files like a piece of cake. The data file would be created by the voters but could easily be switched out by another data file created specifically for a certain purpose at the IT Admin's discretion.
Whomever has access to the directories (through a network this can be done without the necessary network -access codes if not setup propery). The fact that the counties are widely using MS Access to read and write the incoming data is a crying shame.
There are many programming proprietors out there who could CUSTOMIZE a code in another language not utilizing such a commonly known and held data manipulation program as MS Access.
WOW. For that matter, the government could propose build of a custom data manipulation program for such an important purpose. A program written to handle MS Access as the data handler is just too easily tapped broken into with the right passwords to grant initial access.
Amazing.
There are even programming languages out there that take a "gold key" to be installed on the running machine before the program can even be aunched. This could be something as simple as a securely-held activation code or diskette (coded with security-access codes) inserted at the right time to enable the program to RUN. Without
this you cannot even run the program.
There is a company called Gerber Scientific Pro that has software you can't run unless you have an old (printer) parallel port installed on the back of the computer and their $15000 "terminator" plugged into that port. Without this, the software does not even run.
Such software is usually so uncommon that it would not be so commonly used and known due to the prohibitive nature of it all.
The bottom line is this is a SHAME!
-- S.S.S.
ARCHIVE COPY; ORIGINAL POSTED IN LATEST NEWS THREAD |
Bev Harris
Board Administrator
Username: Admin
Post Number: 11651
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 25, 2012 - 9:16 am: |
|
Thank you for your insightful comments, everyone. And in view of these, it is interesting that in their deposition testimony, they admit that everyone has access to the software in the elections office, even the temps, and that it is also accessible remotely by staff members when they are at home. |
Charles Christopher
Frequent Voting Rights Forum Participant
Username: Ilikeinfo
Post Number: 342
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, June 25, 2012 - 11:07 am: |
|
Regarding "S.S.S." comment about security dongles:
Today, more advanced programmers can author code that emulates such keys. For example I have a full paid for license for an "old" DOS CAD program I use. I prefer it over " the latest and greatest" versions since it's simple and does what I need.
However, it will not run on a modern PC, Windows OS gets in the way of the app accessing the hardware dongle. The company that authors the program has no incentive to solve this problem as they prefer I purchase the latest version, for an enormous price.
I must also add that the IBM T60P ThinkPad I'm using does not have a printer port .... So even if the app worked on Windows I have no printer port for the dongle ...
I'm not the only one that enjoys the simplicity and elegance of the old DOS version. Someone else that likes this CAD authored and appp then emulates the "security dongle" and leads the CAD to believe the security dongle is connected to the printer port.
Modern CPU's have the ability to, in the hardware of the CPU itself, assign PHYSICAL resource to applications. This in turn means that one can author software to EMULATE hardware. The ability to do this has become easier and easier. One still needs to reverse engineer the dongle to know precisely whet to emulate ... But those same CPU hardware feature allow one to author software that watches the interactions of the dongle and software to reverse engineer the dongle. The next step is to repeat the analysis with another dongle license to see what difference there is (Google "differential analysis").
It's just and endless game to use hardware to "secure" software. At the end of the day you just need to find the points in the software than contact the dongle, look at it's decision tree, then change the code to always "decide" the dongle is present. Then use an industry standard software "patch" application to allow anybody to remove the dongle from there software.
My personal experiance here is as a developer. I've obtained demo kits from many security dongle manufacturers. I never used any since I never found one that overcame the above issues. When someone in India, just as competent as ANY other programmer in the world, can live for a year on the money they make breaking a dongle for an expensive software app for someone, it's just a useless endless game.
Now, what is the VALUE of swinging an election, versus my being able to author an engineering print?
High quality development and customer relations is the ONLY solution here. Make customers HAPPY to pay you for your hard work and be willing to make sure you stay in business to keep helping them.
HTH
PS: I do not have the link at the moment, but somewhere in the USPTO.GOV website you will find a very clear statement that reverse engineering is LEGAL! Period, end of report. Now how you use that knowledge may have legal consequence, but that is a different issue. The moment reverse engineering is illegal then you will have to purchase Ford Car parts from Ford, and IBM Laptop Batteries from IBM, and nobody could sell 3rd party iPhone wrappers, in each case your wallet will be much lighter. A huge component of the consumer economy is based on "reverse engineering". This is why companies like Coke use "trade secrets" to keep their recipe out of public hands.
Problem definition *FIRST*, solution formulation *SECOND*.
The frog just needs to *SEE* the thermometer
Twenty-Five Ways To Suppress Truth
|
Bev Harris
Board Administrator
Username: Admin
Post Number: 11657
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, June 26, 2012 - 2:29 pm: |
|
As pointed out in my emails, there is a lot of confusion about the Accenture software. It is voter registration - not vote tabulation software.
It contains voter history, but not vote results per se. |
|
|
