Bryant EmailIn a July 20, 2006, memo (JPG file, 740 KB) from Doris Bryant (GSA - Administration Department) and Tim Dupuis (CTO), Ms. Bryant says : "We do not have language to cover the County's ability to have acceptance testing in areas not covered in the Sequoia procedures that are of importance and necessary for the County such as testing that we would do with any computer system installation which is here you come in. Therefore, based on the Boards addition to the recommendation, we could modify the agreement, if needed, to cover a County operational need and not because of the activists." 4 C. Firmware License"The Equipment incorporates software and logic that constitutes an Intellectual Property Right previously owned by Sequoia pursuant to Section 22 ("Firmware"). Subject to the terms of this Agreement, Sequoia hereby grants to the County a non-exclusive, non-transferable limited license to use the Firmware solely with and for the operation of the System, as contemplated by this Agreement, as long as the License Agreement and Fees are current. The County shall not, and shall not permit any third party to, reverse engineer, disassemble, decompile, decipher or analyze the Firmware in whole or in part." Comment : Testers will necessarily need to do some sort of black box analysis of the Firmware. 4 E. No Modification"County shall not modify or permit or suffer any third party to modify any Software, Upgrades or Firmware without the prior express written authorization of Sequoia in each instance. Sequoia will not modify or permit or suffer any third party to modify any Software, Upgrades or Firmware in the County's Equipment without the prior express written authorization of the County in each instance." Comment : Since security testing will probably modify the software, this clause might be interpreted as requiring written authorization from Sequoia. 5. Testing And Acceptance5.A. Time of TestingComment : No part of the Testing and Acceptance section discusses an independent security vulnerability test. "Within twenty (20) days or less after each delivery of the System to County in accordance with Schedule 4, County shall conduct the test procedures described in the Documentation provided by Sequoia. Sequoia will train the County in Acceptance Testing procedures and will be available during testing. The test procedures shall be performed in the order set forth in the Documentation. In the event that results of the tests of Equipment or Software in accordance with the Documentation indicates that the System is not performing functions correctly, County shall notify Sequoia within ten (10) days following completion of testing (a "Defect Notice"). A Defect Notice shall set forth with specificity the performance failures. Sequoia shall, within twenty (20) days from receipt of a Defect Notice, make any corrections necessary to cause the System to function in accordance with the Documentation. Within ten (10) calendar days of completion of such corrections, County shall retest the system in accordance with the Documentation. All corrections or replacements shall be completed in time for use in the November 2006 election." Comment : Acceptance testing should be determined by the customer, not the vendor. 5.B. Acceptance"The Equipment and Software shall be deemed to have been accepted by County on the earlier to occur of (i) failure of County to timely test the Equipment or (ii) failure of County to timely issue a Defect Notice, or (iii) County issuance of notice of completion of full acceptance testing by the County, including testing of replaced or defect items." Prohibited Acts"5.1 The Licensee shall not (and shall not permit any other party to), except to the extent permitted by law, without the prior written permission of the Licensor:" 5.1.1 "Transfer or copy onto any other disk or hardware or otherwise copy the Software in whole or in part except for purposes of system backup;" 5.1.2 "Reverse engineer, disassemble, decompile, decipher or analyze the Software in whole or in part;" 5.1.3 "Alter or modify the Software in any way or prepare any derivative works of the Software or any part of parts of the Software;" Comment : Testers will need to do some, if not all of the above. 32. Confidentiality"32.A. County acknowledges that during the course of Sequoia's performance under this Agreement, Sequoia may disclose to County information concerning Sequoia's pricing, products, trade secrets and other information which is competitively sensitive and proprietary, and which may be disclosed to County orally or in writing, in tangible or intangible form, including, without limitation, technical, operating, business, marketing and financial information, computer software and data, physical objects and samples (collectively, the 'Information''). County acknowledges that disclosure of the Information would materially injure Sequoia's competitive position in the marketplace. County therefore agrees, to the maximum extent permitted by law, to keep confidential and not to disclose any of the Information to any other person or entity, or use such Information for any purpose other than as expressly contemplated by this Agreement. In the event County is required by law to disclose any of the Information, County shall give written notice to Sequoia at the earlier of (i) fifteen (15) business days prior to disclosure." Comment : This clause may eliminate the Board's "options for public disclosure of the results" of the June 8th amendment. ContractYou can get to a copy of the contract by clicking here. Nobody, and no machine, should be counting American votes in secret.For further information, email Jim Soper at :
Jim.Soper@GMail.com
|
