VOTING INTEGRITY - LOOKING GLASS NEWS | |
Princeton prof hacks e-vote machine |
|
from MSNBC
Entered into the database on Thursday, September 14th, 2006 @ 16:27:09 MST |
|
Students uploaded viruses able to spread to other machines A Princeton University computer science professor added new fuel Wednesday
to claims that electronic voting machines used across much of the country are
vulnerable to hacking that could alter vote totals or disable machines. In a paper posted on the university's Web site, Edward Felten and two graduate
students described how they had tested a Diebold AccuVote-TS machine they obtained,
found ways to quickly upload malicious programs and even developed a computer
virus able to spread such programs between machines. The marketing director for the machine's maker — Diebold Inc.'s Diebold
Election Systems of Allen, Texas — blasted the report, saying Felten ignored
newer software and security measures that prevent such hacking. "I'm concerned by the fact we weren't contacted to educate these people on
where our current technology stands," Mark Radke said. Radke also question why Felten hadn't submitted his paper for peer review,
as is commonly done before publishing scientific research. Felten said he and his colleagues felt it necessary to publish the paper as
quickly as possible because of the possible implications for the November midterm
elections. About 80 percent of American voters are expected to use some form of electronic
voting in the upcoming election, in which the makeup of the U.S. House will
be decided, as well as 33 Senate seats and 36 governorships. The AccuVote-TS is commonly used across the country, along with a newer model,
the AccuVote-TSx. While Felten wasn't able to test the new machine, he said
he thought much of what he found would still apply. The machine Felten tested, obtained in May from an undisclosed source, was
the same type used across Maryland in its primary election Tuesday, according
to Ross Goldstein, a deputy administrator with the state's Board of Elections.
Goldstein said he couldn't comment on the report until he read it. Diebold and other machine manufacturers, including California-based Sequoia
Voting Systems Inc. and Nebraska-based Election Systems & Software Inc.,
have been the subject of lawsuits, claiming the machines are vulnerable to hacking
and breakdowns that can assign votes to the wrong candidate. Election officials in some states have also complained. Previous studies have claimed hacking vulnerabilities with the machines. But
Felten claims his study is the first time that an independent research group
has obtained an actual machine and tested it extensively. Felten and graduate students Ariel Feldman and Alex Halderman found that malicious
programs could be placed on the Diebold by accessing the memory card slot and
power button, both behind a locked door on the side of the machine. One member
of the group was able to pick the lock in 10 seconds, and software could be
installed in less than a minute, according to the report. The researchers say they designed software capable of modifying all records,
audit logs and counters kept by the voting machine, ensuring that a careful
forensic examination would find nothing wrong. The programs were able to modify vote totals or cause machines to break down,
something that could alter the course of an election if machines were located
in crucial polling stations. It was also possible to design a computer virus to spread malicious
programs to multiple machines by piggybacking on a new software download or
an election information file being transferred from machine to machine, Felten
said. "I think there are many people out there who have the type of
technical ability to carry out the sort of attacks we describe here," he
said. Felten said hacking dangers could be mitigated with better software, more restrictions
on access to machines and memory cards, and paper receipts verified by the voter. Radke said Diebold already has implemented many of those things. ______________________________ Read from Looking Glass News No
Paper Trail Left Behind: The Theft of the 2004 Presidential Election "Smoking
gun" evidence uncovered in Ohio of massive vote fraud in 2004 election How
They Stole Ohio And the GOP 4-step Recipe to "Blackwell" the USA in
2008 Scientists
Call Diebold Security Flaw "Worst Ever" Diebold
in Florida:The Harri Hursti Hack and its Importance to our Nation Multiple
vulnerabilities in Diebold Optical Scan Why
do Diebold's Touch-Screen Voting Machines Have Built-In Wireless Infrared Data
Transfer Ports? |