Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

PC World: "problems with security, reliability, and operation"

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Topic Forums » Election Reform Donate to DU
 
garybeck Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Oct-12-06 09:37 PM
Original message
PC World: "problems with security, reliability, and operation"
Came across this article in PC World magazine. Not sure it's been mentioned here yet. Not bad, and good to see it in another "mainstream" publication!

--

E-Voting: No Fix Yet
Electronic voting has improved since the 2004 elections. however, many problems with security, reliability, and operation still remain.
Kim Zetter, PC World


In 2004, when touch-screen voting machines were widely deployed for the first time in a national election, concerns about the security and reliability of the machines--and therefore, the integrity of election results--abounded. Since then, some election officials have adopted voter-verified paper audit trails (VVPATs) to improve the reliability of election results. Security holes continue to be discovered, however; and of the 32 states that use touch-screen machines, only 17 require that the machines produce paper trails.

...

In May, Finnish computer security expert Harri Hursti working on behalf of voting activist group Black Box Voting, announced his discovery of a new security vulnerability in Diebold's touch-screen machine; some security experts subsequently deemed this the most severe hole yet found in an electronic voting machine.

The vulnerability involves a feature in Diebold's system that allows election officials or company workers to update software on a machine. Hursti and others argue that anyone who has even brief access to a machine could upload malicious code to it. Voting machines are often left unattended in polling places or at poll workers' homes for days before elections. Diebold, in a statement, described the vulnerability as "theoretical" and low-risk. Still, the firm said it would fix the problem.

Then in June the Brennan Center for Justice released results of a year-long study of voting systems tallying more than 120 security problems involving voting systems made by the top three vendors--Diebold, Election Systems and Software, and Sequoia. The study, conducted by election officials and computer security experts, concluded that the easiest way to tamper with an election would be to introduce software that switched votes from one candidate to another. It found that few states had effective methods for detecting such rogue code.

The report surprised few people, since previous studies had cited many of the same security problems, but it did provide a comprehensive look at security issues across all voting systems, not just beleaguered Diebold. Voting machine makers have responded to this report and to previous ones by asserting that the probability of someone hacking a machine is low and that procedural safeguards act as a check on malicious activity. But Stanford's Dill argues that the integrity of elections shouldn't rely on procedures' being followed perfectly, in view of human fallibility and of past elections in which poll workers often didn't follow prescribed procedures.

Researchers also found that several voting systems incorporated wireless communication devices that made them especially vulnerable to remote attack by someone using a PDA. Disabling the wireless component wouldn't secure the machine, researchers said, because an attacker could design software to re-enable the wireless component. Only New York and Minnesota currently prohibit wireless components in voting machines. California bans wireless tech in touch-screen machines only.

As is the case with traditional hacks, an attacker would have to know the line code to crack a system in this way, but a knowledgeable perpetrator could do it quickly. That makes an insider working for the voting machine's manufacturer the likeliest attacker. Diebold machines are even more vulnerable because the firm accidentally exposed its code via an Internet-accessible server.

Even if all of these flaws are fixed, no computer can be 100 percent secure--that's where verified paper trails come in.

http://www.pcworld.com/article/id,127130/article.html
Printer Friendly | Permalink |  | Top
GCP Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Oct-12-06 09:44 PM
Response to Original message
1. Oh
I thought this was about Windows Vista, nevermind!
Printer Friendly | Permalink |  | Top
 
Amaryllis Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Oct-14-06 12:17 AM
Response to Original message
2. kick
Printer Friendly | Permalink |  | Top
 
EFerrari Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Oct-14-06 12:59 AM
Response to Original message
3. "California bans wireless tech in touch-screen machines only."
Is this right?

Tabulators aren't touch-screans, are they?
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Sun Nov 23rd 2014, 07:27 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Topic Forums » Election Reform Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC