backtop

Print E-mail del.icio.us 40 comment(s) - last by JustAnAverageG.. on Sep 17 at 10:25 PM

A vulnerable diebold voting machine
E-voting machines are once again under fire

A Princeton University professor and two graduate students have further proven that electronic voting machines being used across portions of the nation are vulnerable to hackers. A paper on Princeton's web site describes how Edward Felten, professor of computer science and public affairs, found ways to upload malicious programs on a Diebold AccuVote-TS machine. The team was even able to create a computer virus that was able to spread between Diebold voting machines. According to the researchers, they are able to fraudulently change vote counts without the machine detecting the apparent tampering. An unidentified party gave the researchers the Diebold AccuVote-TS in May.

The Electronic Frontier Foundation yesterday announced that it is requesting the 6th U.S. Circuit Court of Appeals to reject the state of Ohio's latest attempt at dismissing an electronic voting case. The lawsuit against the Ohio secretary of state and governor alleges the state's procedures simply do not do enough to protect voters. Other states have also expressed concern over e-voting security measures.

Reports indicate around 80 percent of voters in America will use a type of electronic voting system in the upcoming election. Because of the growing popularity of paperless voting machines, more security and privacy experts are becoming worried of the ease in which programmers are able to penetrate the security of the voting machines.

A demonstration video is available on YouTube.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Simple solution
By wwwebsurfer on 9/14/2006 7:56:16 PM , Rating: 2
People in the gov't need to quit cutting corners. Call those people that make ATM's and be done with it.




RE: Simple solution
By Brandon Hill (blog) on 9/14/2006 8:00:19 PM , Rating: 5
RE: Simple solution
By noxipoo on 9/15/06, Rating: -1
RE: Simple solution
By GhandiInstinct on 9/14/2006 8:03:35 PM , Rating: 3
It's amazing how people don't take this as serious as it should be taken. This is your FREEDOM, this is why this nation prospers because we get to DECIDE who runs the government for the better of us all.

Now if we allow such jeopardization to occur then this will eradicate the fundemntal principle of a Democracy which more than 50% of our people do not take advantage of anyway.

I want to see websites that you can access and make sure your vote was tallied,(enter your social and other info to access this), I want to know that our freedom elections are legit and that more people exercise this right that not many in the world have.

But this should be a #1 priority, to have a Democracy function as a Democracy and not a hacked election that served many meaning in 2000.



RE: Simple solution
By Madellga on 9/15/2006 12:15:09 AM , Rating: 4
And yet, look who is in command today.....


RE: Simple solution
By Furen on 9/15/2006 12:44:22 AM , Rating: 2
That's a horrible idea. Vote has to be secret. Allowing people to verify that their vote has been counted is good and all but what would stop someone with your information (an employer, for example... or Karl Rove, LOL) from checking how you vote and taking measures against you if he didn't agree?

What is needed is a system of electronic machines with paper trails. The electronic results could be used to make preliminary reporting faster but the actual result should always be based on a the paper trail.


RE: Simple solution
By Souka on 9/15/2006 10:16:18 AM , Rating: 2
actually the idea of providing a confirmation number has been investigated.

This would allow the user to check their vote on-line and/or via US Mail.

The primary reason they haven't done such a system is cost.



RE: Simple solution
By knowyourenemy on 9/15/2006 7:25:34 AM , Rating: 2
Something has to give soon, man. Something has to give.


RE: Simple solution
By rushfan2006 on 9/15/2006 10:08:18 AM , Rating: 2
There is one thing we should all be able to agree on, no program, no computer is 100% non-hackable. The second thing is something that should be obvious to just about everyone -- the chances of successfully hacking someone dramatically increase with the number of folks actively hacking it. Simple law of averages. Well a voting machine is something that would be an EXTREMELY attractive target for just about any hacker...so you are going to always have teams of people working to hack any generation of voting machine.

I'm not a programmer. But I'd suggest the following to make the advantages of a machine worthwhile in the first place (which is A) make it dead simple for voters and B) make it very fast)....

1) The folks that make the physical machine SHOULD NOT be the same folks that write the code persay, they should collaborate of course.

2) Military grade encryption has to be used for something as valuable as a voting machine. It should be hard to just decrypt the code to even make sense out of it in other words.

3) Access to the entire codebase and the machine should require authorizations and security clearances...it should be treated as if you are working on a bomb that can explode if you type in the wrong code.

4) During not use cycles (when the machines are in storage)...from transport to storage point and all times in between should be treated as if they are bags of money and guarded as such.

5) Legislation should be created that the penalties for hacking a voting machine are at LEAST double that of current "hacking laws".

6) Open source is a bad idea...at least in the "full" open source meaning -- you can open up the code for select authorized vendors ONLY and they can hash out ideas and control quality and integrity but I wouldn't put it on the 'net for general public consumption.

7) There should be a paper trail...a constant log that logs EVERYTHING...pretty much keystroke for keystroke.

If they did all that..then I'd feel more confident in the system.


RE: Simple solution
By Souka on 9/15/2006 10:18:38 AM , Rating: 2
don't forget the last item

8) Voting machine is packed with 3oz of C4. If unit is tampered with improperly, boom.



RE: Simple solution
By rushfan2006 on 9/15/2006 11:33:04 AM , Rating: 2
This will piss of some people, but its just a joke...

we'd call that a polish anti-theft device....lol.

Tamper with it and blows up the entire thing...;)



RE: Simple solution
By OrSin on 9/15/2006 11:59:28 AM , Rating: 2
Very easy solution.

Let the voting machince print out your choices but not record them. Then the papaer ballots are feed into another system. This leave a paper trail. Since it a computer print out it it can very easily read but some other machine make the hang chd crap a non-issue. YOu can verify the print out yourself so that no hacking can be done at that level. Very easy solution. Also the coputer cna print you 2 copies so you can keep one, in case its "lost".

To further add some record keeping. You can can be assigned a random number when you vote and when your vote is counted you can look up you number. This adds a second level of authentication


RE: Simple solution
By ChristopherO on 9/14/2006 8:24:30 PM , Rating: 4
"Those people that make ATMs" happen to be Diebold... The same company that already makes the voting machines in question.


RE: Simple solution
By ToeCutter on 9/15/2006 10:08:46 AM , Rating: 3
quote:
Call those people that make ATM's and be done with it.


Um, dude, have you used an ATM machine lately and noticed the the large chrome and black nameplate that reads DIEBOLD?

99% of the public doesn't even realize the connection here. And they call those who question the likelihood of voter fraud on these boxes "conspiracy theorists"?

Thank God for the organizations like EFF...


RE: Simple solution
By bysmitty on 9/15/2006 10:09:23 AM , Rating: 3
Do a little research into Diebold. They are those people that make ATMs.

...bysmitty


RE: Simple solution
By Dactyl on 9/15/2006 1:47:20 PM , Rating: 2
Call those people that make ATM's and be done with it.

In addition to the fact that, if you look at an ATM, there's a good chance it will say "Diebold" on it...

How do you think ATM security works?

They keep careful records of the transactions, so they can go back and make things right after the fact. If someone gets away with $100, that's just money. If someone steals an election, or causes us to doubt the validity of election results, there's no way to go back and fix that. For obvious reasons, we don't keep track of who voted for whom (like: if people found out who you voted for, they could attack you, discriminate against you, or intimidate you from voting that way in the first place)

ATMs don't need to be perfectly secure, they just need to be secure enough that it costs too much money to break in to be worthwhile. And if there's a little bit of theft here and there, that's okay. It's just money. We live in a big country with a lot of money. People steal candy bars from convenience stores all the time, and the world doesn't come to an end. Banks are profitable institutions and a little theft/fraud won't bring them to their knees.

We can't tolerate a little bit of fraud in a very close election! In 2000, it was close in Florida. In 2004, it was close in Ohio. It would have only taken a little fraud to change the results, and people knew ahead of time which states would be close.

A stolen election would blow this country apart. If you think Florida 2000 was bad, or if you're distressed by AMLO's bad behavior in Mexico, you ain't seen nothin' yet. EVERY close election will have allegations of fraud and vote-stealing. Democratic legitimacy will suffer. That's the bedrock of our society--any attack on that is an attack on Western Civilization itself. Without legitimate, free and fair democratic elections, we will end up with a government like China's.

That's why ATM-level security, and an ATM attitude towards security, is not good enough for elections.


RE: Simple solution
By Googer on 9/17/2006 10:36:59 AM , Rating: 2
quote:
People in the gov't need to quit cutting corners. Call those people that make ATM's and be done with it.


Huh?

Last time I checked, Diebold was on of the largest ATM makers out there, right next to NCR.

http://www.diebold.com/solutions/atms/opteva/html/...


Simpler Solution
By Ulfhednar on 9/14/2006 7:59:52 PM , Rating: 2
There's nothing wrong with pen and paper voting.




RE: Simpler Solution
By flyboy84 on 9/14/2006 8:17:22 PM , Rating: 2
well, as long as you aren't a melon-head geriatric from Florida, that is


RE: Simpler Solution
By Samus on 9/14/2006 9:27:12 PM , Rating: 1
my thoughts exactly. i've heard of morons actually thinking it throws your ballot out if you don't vote for every option.

generally i go thought and just punch democrat for every house/senator (i'm from chicago, duh) but when i first voted (in 2000) i just voted for Gore and i was out.


RE: Simpler Solution
By Snuffalufagus on 9/15/2006 1:29:34 AM , Rating: 1
lol - the process at work! nothing beats an informed voter :)


RE: Simpler Solution
By oneils on 9/15/2006 9:34:12 AM , Rating: 2