Calfornia eVoting Machines Hacked
By Justin Gardner | Related entries in Elections, TechnologyFirst I wrote about California’s electoral college woes yesterday and now this.
“The security mechanisms provided for all systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results,” wrote principal investigator Matt Bishop, a computer science professor at the University of California, Davis.In each case, the testers were able to overwrite at least some of the firmware used on the machines and replace it with malicious programs–which, at times, could alter the recording, reporting and tallying of votes.
There were other flaws as well. With the Diebold AccuVote-TSX system, they found that a “well-known static security key” was used by default on the machine. On the Hart eSlate machine, the testers succeeded in remotely capturing the audio from an audio-enabled vote session, which poses a potential violation to a voter’s privacy.
How could the attacks be prevented?
Most of the attacks could be prevented by better physical security surrounding the devices, staff training and contingency planning. The testers also said their study would have benefited from additional time and that they were denied all the code and information–in particular, from Hart representatives–needed to conduct thorough scrutiny.
So the news isn’t THAT bad, but are we ever going to not have a reality where these machines can’t be hacked? You know people are just going to find more sophisticated ways to do it, so this will eventually become a greater threat.
Good times.
This entry was posted on Wednesday, August 1st, 2007 and is filed under Elections, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
August 1st, 2007 at 3:35 pm
“So the news isn’t THAT bad, but are we ever going to not have a reality where these machines can’t be hacked? You know people are just going to find more sophisticated ways to do it, so this will eventually become a greater threat.”
I tend to agree with you on this Justin. It’s not the technology that is benevolent, it’s the people’s intentions that are. Technology is inherently insecure, after all, it is created by human beings. If something is deemed valuable enough people will put the resources and time toward subverting it. No technology is full proof. Although technology can be made difficult and time consuming to crack but again, given enough time and reason people WILL find a ways to subvert technology.
It’s not the machines fault, it’s the nefarious will of factions who wish to win office in the most powerful seat in the country and the most powerful seat in the world.
No system is 100% full-proof, not even the tabulating machines of the past. The real questions is: Will America demand that its elections not be stolen through fraudulent means. We might need a constitutional amendment to insure ALL the votes are counted and guarded, just as our revered Constitution is guarded so too should the peoples’ votes (will) be guarded with as much zeal.