Corporations, Government and vendors

What’s on my mind?

In the spirit of not every story needing a moral, this is what’s on my mind.

I watched the following video a while ago:

Voting machine vendors get scrutiny at congressional hearing
January 9, 2020

Recently, I watched a longer version of the hearing linked above. In it the three voting machine vendors admitted that their products included components from China, remarking that though they weren’t certain, there might not even be available a US manufactured equivalent.

Up to twenty percent of one vendor’s product was sourced from China, but the parts were “pieces of plastic, diodes, resistors…” inert or little bitty parts that couldn’t possibly compromise security.

One vendor admitted their product used programmable modules from China.

Another reluctantly admitted that when Microsoft provides the vendor an operating system update they install it. He said that they even test after the update and everything.

Another vendor noted that their systems no longer connect to the Internet as network connectivity was deemed too great a security risk. However, the machines are still equipped with a modem to allow transmission of election results after poll closure as required in some counties.

Programmable. Hardware’s characteristic of varying output reflecting changes to the program code, or instruction set it is executing.

Modem. A device that enables computers to communicate, or network.

Years ago, I built a network using telephone modems, cable modems, computers and things like that. It was used to deliver Internet service to many thousands of people.

In 1987 I helped write code for automatic teller machines using a pre-release version of the Microsoft Windows 386 software development kit, SDK, straight from Redmond Washington!

We programmed using xeroxed copies of documentation often annotated by the Microsoft developers themselves. Handwritten corrections written by the best programmers in the world on the “leading edge” of technology!

Some called it the “bleeding edge”, as finding and fixing errors in such an environment was often painful. Many hours were spent re-writing and debugging code our team wrote, sometimes finding the flaw in our logic, often left baffled as to the source of a failure.

Sometimes we’d ultimately find that code failures were caused by bugs in the underlying operating system, SDK or documentation inaccuracies. We’d apply SDK and operating system updates as soon as Microsoft sent them.

Sometimes our code would work after the updates. Sometimes not.

The code our team wrote enabled ATMs to communicate with bank office networks via telephone modems.

We programmed the ATMS to alert the bank when they needed servicing. The bank network would then send a message back to the ATM telling it that a technician had been scheduled and to stop sending the service alert.

When necessary, our team could update code on the bank computers or on the ATMs to add features or fix bugs.

Before that… long ago, far, far away… I worked for General Electric, a defense contractor. They even called me a Project Manager. Go figure.

I worked in the General Electric Information Services division which produced accounting software for fortune 500 corporations.

Only two other companies developed software for such large customers. So, at the time, three software companies provided all the accounting software used by virtually all the fortune 500 companies.

The GE stock I held in the late nineties was valued at over fifty dollars a share. A few years ago it became widely known that GE’s accounting practices were questionable, and its financial statements were, well, fictional. Executives lost face, lost jobs. The stock is now rebounding to close to ten dollars a share up from a value of five dollars earlier this year.

Irony at it’s finest. Anyhoot…

Being in the research and development group, one day, my boss’s boss charged me with finding out about a GE in-house communication facility he had heard of. He instructed me to not let my inquiries draw too much attention from inside or outside our division. People outside of defense divisions were not even supposed to know of the existence of this facility.

He knew it was used by GE defense divisions and wanted to know if our division could use it. I made phone calls to other divisions and reported back.

I had learned that the communication facility used proprietary hardware to communicate over public telephone lines. Communications were encrypted and could only be sent or received in the proper format using the proprietary hardware. Only GE defense divisions and select other contractors were authorized to access it.

One fellow in another division I talked to on the phone a few times said that it might be illegal, but he could talk to a guy he knew in another division, and probably get me one of the machines installed in our GE-information-system-but-not-defense-division-office.

I reported back to my bosses that we could probably use the facility, but it may not be legal. They looked disappointed. Not sure in the news or in me.

Many years later, I realized that what I had researched was the DARPANET, or “The Defense Advanced Research Projects Agency Network”. It evolved into what we now call The Internet.

At the time the DARPANET was totally secure, accessible only by our country’s defense contractors using proprietary equipment.

Unless you know a guy who knows a guy…

Leave a Reply