> for PCOS machine.. we suggest to them to simplify their partitioning > scheme.. for example: > > 1. / > 2. /ER > 3. /var > 4. /tmp > > all the binaries and configuration files must be in the root partition > and that partition must be mounted as read only, executable and no > writes.. in that way no updating of any files on that partition as > well as we can easily make a hash starting from root as the message > digest program will compute all the files in there recursively... > > for /ER where the ER documents are stored in there.. this partition > must be mounted as *append* mode only... append mode where you can add > files and append data to an existing file but you cannot delete nor > edit these existing files even if you are a root user... > > for /var where the system and other logs are stored in there... this > partition must be mount as *append* mode also just like the /ER > partition... > > for /tmp.. mounted as read/write but no execution of any files in there... > > > >In particular, /etc/securetty must specify that the root user must never be > allowed to log in from > >remote. To make checking simple for the BEI on election day, this printout > must be in > >lexicographic order of filenames, and must be digitally clear-signed by > Smartmatic so that the > >BEI need only compare the signature part (two lines of text) > > > so far i cannot comment or contribute as i need to know what is their > plan about their network connectivity.. once i have a clear picture > about on this... then thats the time for me to suggest... > > > > > > 2) The option to SSL-sign or GPG-sign should be put in the code, so that > the teachers have a > >choice of getting their public keys signed by a CA or signed by a peer. > > The signing part should be during the end of the voting period, not at the > beginning when there > >is nothing to sign yet (this is the way the current version of the program > looks to me). > > > > 3) Support for Java smartcards (with CPU) in the PCOS and CCS hardware > (smartcard slot) > >and new program for signing, so that using Java smartcards for signing, the > teachers' secret > >keys never leave the card, and is never copied over to the computer. > > > > 4) Others? > > > i took a look at the link of technical details of PCOS machine gave > by xander solis (thanks dude)... two graphics format are supported.. > bmp and tiff.. comelec is going to use tiff format..there is a well > known vulnerability in tiff and can be seen from link below on exploit > section... > > http://en.wikipedia.org/wiki/Tagged_Image_File_Format > > we need to code review not only the application program but as well as > its API or libraries.. what the cheater need is to steal one private > key and sign their special crafted ER where it can execute their > arbitrary cheat codes secretly... in this regard.. a clean CSS code > here is helpless for a honest election..
This could be POC in Sheeva plug computing, paging Migs :) > > furtheremore, they need to replace their PCOS' gprs (2G) modem to > HSDPA (3.5G) modem as this modem have a backward compatibility and > fallback with gprs, edge and gsm networks... > GPRS should be fine, its widely used and benchmarked in wireless automatic metering system (AMS) for smartgrid. Though AMS device needs to send data every 15 mins to collection points but it may not a be as voluminous like election return data But the specs of smartinc device is more powerful than the Intel 386+16 MB that I used with macros for Lotus123 for vote canvassing application way back in the 90s. _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
