[Rumori] diebold uses copyright law to attack critics

stAllio! the original wanksta stalliongsta at yahoo.com
Tue Nov 4 08:15:30 PST 2003 

http://www.nytimes.com/2003/11/03/business/media/03secure.html

File Sharing Pits Copyright Against Free Speech
By JOHN SCHWARTZ
Correction Appended

Forbidden files are circulating on the Internet and threats of lawsuits
are in the air. Music trading? No, it is the growing controversy over
one company’s electronic voting systems, and the issues being raised,
some legal scholars say, are as fundamental as the sanctity of
elections and the right to free speech.

Diebold Election Systems, which makes voting machines, is waging legal
war against grass-roots advocates, including dozens of college
students, who are posting on the Internet copies of the company’s
internal communications about its electronic voting machines.

The students say that, by trying to spread the word about problems with
the company’s software, they are performing a valuable form of
electronic civil disobedience, one that has broad implications for
American society. They also contend that they are protected by fair use
exceptions in copyright law.

Diebold, however, says it is a case of copyright infringement, and has
sent cease-and-desist orders to the students and, in many cases, their
colleges, demanding that the 15,000 e-mail messages and memorandums be
removed from each Web site. “We reserve the right to protect that which
we feel is proprietary,” a spokesman for Diebold, David Bear, said.

The files circulating online include thousands of e-mail messages and
memorandums dating to March 2003 from January 1999 that include
discussions of bugs in Diebold’s software and warnings that its
computer network are poorly protected against hackers. Diebold has sold
more than 33,000 machines, many of which have been used in elections.

Advocates and journalists have mined the trove of corporate messages to
find statements that appear to suggest many continuing security
problems with the software that runs the system, and last-minute
software changes that, by law, are generally not allowed after election
authorities have certified the software for an election.

Some colleges, like Swarthmore, have bowed to the pressure and removed
the x documents from their networks. But in doing so last month, the
dean, Robert Gross, maintained that Swarthmore supported the students
in spirit. “We believe their actions express the values of the college,
including its commitment to prepare students to be engaged, socially
responsible citizens,” he said in a statement. Swarthmore has
encouraged the students to keep up the debate and is providing legal
advice about how to respond to the Diebold letters, a Swarthmore
spokesman, Tom Krattenmaker, said.

Last week the advocates’ efforts to keep the documents online took
another step as Freenet, an international anticensorship organization
that promotes the anonymous distribution of files, obtained copies of
the Diebold documents. The technology that the network uses is a
peer-to-peer service, and is similar in many ways to the software
behind file-trading companies like Kazaa and the original Napster.

Legal scholars say that the online protest and the use of copyright law
by Diebold have broad implications and show that the copyright wars are
about more than whether Britney Spears gets royalties from downloaded
songs.

“We’re so focused on the microview — whether EMI is going to make a
buck next year — but there is so much more at stake in our battle to
control the flows of information,” including issues at the core of free
speech and democracy itself, said Siva Vaidhyanathan, a professor in
the department of culture and communication at New York University.

Nelson Pavlosky, a sophomore at Swarthmore from Morristown, N.J., who
put documents online through the campus organization Swarthmore
Coalition for the Digital Commons said the cease-and-desist letters
were “a perfect example of how copyright law can be and is abused by
corporations like Diebold” to stifle freedom of speech. He said that he
and other advocates wished the college had decided to fight instead of
take down the files.

“We feel like they wimped out,” Mr. Pavlosky said.

But with each takedown, the publicity grows through online discussion
and media coverage, and more and more people join the fray, giving
Diebold’s efforts a Sorcerer’s Apprentice feel. The advocates,
meanwhile, are finding that civil disobedience carries risks. One
student who posted the documents and has received a letter, Zac Elliott
of Indiana University, said, “I’m starting to worry about the
ramifications for my entire family if I end up in some sort of legal
action.”

Copyright law, and specifically the Digital Millennium Copyright Act,
are being abused by Diebold, said Wendy Seltzer, a lawyer for the
Electronic Frontier Foundation, a civil liberties group. Copyright is
supposed to protect creative expression, Ms. Seltzer said, but in this
case the law is being evoked “because they don’t want the facts out
there.”

The foundation is advising many students informally and helping them to
find legal aid, and it is representing the Online Policy Group, a
nonprofit Internet service provider that got a cease-and-desist letter
from Diebold after links to the documents were published on a news Web
site that the group posts.

Diebold has become a favorite target of advocates who accuse it of
partisanship: company executives have made large contributions to the
Republican Party and the chief executive, Walden W. O’Dell, said in an
invitation to a fund-raiser that he was “committed to helping Ohio
deliver its electoral votes to the president next year.’’

He has since said that he will keep a lower political profile. Diebold
has been trying to stop the dissemination of the files for months with
cease and desist letters, but the number of sources for the documents
continues to proliferate. Then in July, the first evaluation of the
purloined software from recognized authorities in the field — a team
involving experts and Johns Hopkins University and Rice University —
found several serious holes in the software’s computer security which,
if exploited, could allow someone to vote repeatedly, or to change the
votes of others. A later review of the software for the State of
Maryland agreed that the software flaws did exist, but that in the
practice of real elections, other safety nets of security would keep
the vulnerabilities in the code from being exploited. Diebold has said
it has been working to fix problems.

As Diebold continued to deal with the headache resulting from its
leaked code last week, hackers released software from another of the
three major high-tech election companies, Sequoia Voting Systems.
Reports of that leak first appeared in the online news service of Wired
magazine, which suggested that the company’s software also suffered
from poor security design.

A spokesman for Sequoia, Alfie Charles, said that the software that had
been taken was an older version that had been substantially modified.
Possible security flaws in that software, which were discussed in the
Wired account do not constitute an actual threat to security, he said.

Mr. Charles also emphasized that his company’s leak was unlike that of
Diebold, which had left much of the purloined data unprotected on its
own site. The Sequoia software was taken from the servers of a “grossly
negligent” contractor to Sequoia, and not from the company itself, he
said.

That defense does not sway Prof. Rebecca Mercuri, an specialist in
election technology who teaches computer science at Bryn Mawr College.
The fact that the software of both companies was not protected raises
questions about their security, she said.

“Are these companies staffed by folks completely ignorant of computer
security,” she said, “or are they just blatantly flaunting that they
can breach every possible rule of protocol and still sell voting
machines everywhere with impunity?”

Mr. Bear of Diebold said the election security and the virtual walls
around his company’s computer network are different; “You’re looking at
apples and oranges,” he said. Of the security breach, he said, “We
acknowledge that was unfortunate that that occurred.” But the “security
and sanctity of the election process,” he said, has been proved by the
Science Applications International Corporation report.

Mr. Bear said that Sequoia planned to submit its software to Aviel D.
Rubin, a computer security researcher at Johns Hopkins and the leader
of the team that analyzed the Diebold code. Mr. Rubin said he was
optimistic that the relationship with Sequoia would be less
adversarial.

“It’s very different from the way that Diebold has been doing things.”
Mr. Rubin, who has received a cease-and-desist notice from Diebold
because of his research, said, “The solution is to stop selling
insecure voting machines and not to continue threatening students who
are only trying to protect our democracy.”

Voting companies emphasize that their products undergo rigorous testing
and independent review required by federal laws for certification.

“Judging from the majority of news coverage, one might think that
companies just throw software together and start selling equipment and
running elections, when the reality is just the opposite,” Mr. Charles
of Sequoia said.

Some observers of the fight say it is having an effect beyond ones and
zeroes and virtual forms of hanging chad. Bev Harris, who is writing a
book on the electronic voting industry, was among the first people to
place the Diebold files online.

She said that when she began her research, young people tended to tell
her that voting was irrelevant to their lives. That is changing, she
said; “What more important thing can we do so that we can get them
involved, and see how important voting is?”

Correction Tuesday, Nov. 4, 2003
An article in Business Day yesterday about the online circulation by
hackers of software from electronic voting systems developed by Diebold
Election Systems and Sequoia Voting Systems misattributed a statement
about the possibility of Sequoia's submitting its software to a
computer security researcher. It was made by Alfie Charles, a Sequoia
spokesman, not David Bear, a Diebold spokesman. The article also
referred incorrectly to the source of the Sequoia software that was
released. The source was a contractor used by one of Sequoia's
customers, not one used by the company.



=====
"I am so happy that taste can be refined into a defined logarithm. I'll 
never have to think again!"
http://www.animalswithinanimals.com
http://badtastesucks.com

__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree

More information about the Rumori mailing list