RE: [atlarge-discuss] ELECTION REPORT

["Abel Wisman" <abel@able-towers.com>]

What program does Jefsey use: Mailman (part of any RH Distro) available
at http://www.gnu.org/software/mailman/mailman.html

What does he do with the program, nothing.
What can he do with the program, well that depends if he has root access
to the machine, but on the surface very little, unless he is hacking
sendmail, imap and mailman all at the same time (for which he needs
root), if not, then of every mail that gets send to the "maillist"
automatically gets fowarded to him, Bruce and Eric.
This leads to the fact that there are n emails arriving at 3 mailboxes
(box E B & J).
These mails are "stripped" of their header to "ensure" anonimity,
something that went awry as I understand it because ppl do not cut the
headers out of their reply which in some case leaves a "sender" in the
body of the mail.
This now was objected to by some or all of the "watchdogs" who in turn
requested to get "only the content" of those mails.
The number of email received by them should equal the n-emails that
Bruce and Eric are receiving and the content should again "add-up".

At the end of the election the content and totals of all those emails
received by Bruce, Eric and the watchdogs should match Jefsey's totals.
If not, something is wrong. If they do it all went very well and was
very transparent.
Now lets assume that those numbers all match, we now receive the tallies
from the watchdogs or a report that the tallies we received from anyone
are in agreement with their findings.
Thus ends a turbulent period.

This could all be achieved by a simple "catch-all<>send-all) record in
sendmail/aliases and a simple perl script but this "handmade stuff" with
a lot of accountiblity along the road and a lot of room for errors for
fraud does have its charm and more or less reduces the risk of one man
influencing the vote to a very small number.

To fraud he would have to be the only one with admin access to the list,
add another similar account that copies, hack to code to delay the
sending or even better to alter the sending and spoof the header so it
looks it comes from the member, then alter the content when it arrives
and send it on, in very short time after receiving because otherwise the
header's timestamps will be off.

Now I can explain how to hack it, but I can assure you that if that was
the intent, whoever wanted to do it would have gone with the perl script
and ran a second script with a higher priority to do the alterations, in
that case writing the script would suffice in terms of work.

In all I can only conclude that the comparison to a close, specially
written engine with no access to it for anyone is a lot different from
this "simple" method.

Let's just finish this thing and get on

Abel



---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de