Forgot your password?

Comment: Re:What logic! (Score 1) 139

by bruce_the_loon (#47339445) Attached to: Norway Scraps Online Voting

In South Africa, absentee ballots have to be applied for ahead of time, an electoral commission officer accompanied by one or more party representatives goes to the person, gives them the ballot paper and retrieves it in sealed double envelopes as soon as the person is done with it.

It is labour intensive, but it prevents trouble from happening.

Comment: Re:Paltry (Score 4, Informative) 193

by bruce_the_loon (#47095257) Attached to: Bug In DOS-Based Voting Machines Disrupts Belgian Election

South Africa just did it that way and it works well. First you count the total ballots, still folded, then you count the votes and that way nobody can add other ballots in during the vote tally to make up numbers. No cellphones etc allowed in the hands of the counters, elections officials or party observers during the count.

Got one addition to the process that we don't do. No results should be released from a polling station until every single station has finished counting and certified within the station. Forget this running TV tally and all that crap, if the numbers in each station remain secret until all stations are ready to report, then you can reduce the risk of "finding" additional votes in the trunk of a car.

Comment: Re:An...accident..? (Score 1) 564

This is semi-maximum damage and disruption. The users PC's would still work, albeit with no personal data. Given the way SCCM formats and dumps, there is a change of data recovery with any of the post-format recovery tools like EZRecovery, Recuva etc.

Max disruption would be to deploy a DoD-level hard disk wipe utility configured for 20 passes.

Comment: Re:An...accident..? (Score 3, Informative) 564

This isn't the update server section of System Center (WSUS), it's the machine deployment system (Configuration Manager), and it can quite easily do this if left as-is out of the box with multiple technicians on it. And it can be done accidentally.

Here's the scenario as it likely happened.

  • Technician finished a master PC install task sequence and tested with one PC. Now he is ready to deploy to his computer lab.
  • There are two options for failure here. SCCM allows for collections of machines to be built for all purposes (data gathering, deployments etc), so he probably puts a quick group together and gets that step wrong and the collection includes all computers in the AD tree. One of our technicians did this after two years of using SCCM regularly.
  • Or he goes hunting for an existing collection and ends up selecting the default All Systems collection which includes everything. If there are a lot of collections or his is named too similarly.
  • After another hundred odd clicks, he hits deploy and SCCM sends a message to the client service on all computers in the selected collection to run the new deployment task sequence. Including the SCCM server because it also has a client and is in All Systems collection or gathered in an incorrectly specified collection.
  • Each PC then downloads the image, reboots and wipes itself with the image. The server, also in the collection, will do the same at some point.

We've had two near-misses with misconfigured collections and one hit with a different problem* which cannot have happened in this case. SCCM isn't the most intuitive user interface and if you're being pressured by users or trying to get out of the door for the weekend, you can stuff it up easily.

Our solution was to restrict access to the built-in collections and to build collections per computer lab which are presented as read-only to the technicians. And then gave them a day of lectures. It sort of works.

* The other problem was caused by image dumping with Ghost of an image that was sysprepped, but had the SCCM client still installed on the image. Because of that, several dozen PCs had clients with the same client ID, like the Windows GUID, but separate and not cleared by a sysprep. The technician later built a SCCM image and deployed it correctly to one PC in a personal collection. Unfortunately SCCM populated the deployment list based on the client ID of the PC in the list and hit quite a few overnight. Luckily a lot of the machines in the batch were off overnight. I don't think this is the case because it hit the server too and that would have received a new client install during the SCCM installation.

You see but you do not observe. Sir Arthur Conan Doyle, in "The Memoirs of Sherlock Holmes"