Security

Diebold voting machines open to virus attack


It appears that the Diebold voting machines are coming under even more scrutiny, and the results are damning.

This time round, the scrutiny is coming from the University of California at Berkeley as part of a "top-to-bottom" review of electronic voting systems commissioned by the California Secretary of State.

An old topic that has been discussed to death and back on sites such as Slashdot, and the results of this review are truly chilling.

"The software contains serious design flaws that have led directly to specific vulnerabilities that attackers could exploit to affect election outcomes," says the report. Basically, the assessment of Diebold's source code revealed that an attacker need only have limited access to the machines to compromise the entire election.

Excerpt from the report (PDF):

An attack could plausibly be accomplished by a single skilled individual with temporary access to a single voting machine. The damage could be extensive - malicious code could spread to every voting machine in polling places and to county election servers.

And:

A virus could allow an attacker who only had access to a few machines or memory cards, or possibly to only one, to spread malicious software to most, if not all, of a county's voting machines...

Additionally, a paper trail of votes cast is insufficient to ensure the integrity of an election in which the machines are utilized. The reason is that votes might be subtly influenced without any external disruption, which might invite scrutiny or a fall back onto paper votes.

In conclusion, the report says, "For this reason, the safest way to repair the Diebold system is to re-engineer it so that it is secure by design." This sounds to me like just a nice way of asking for the whole system to be scrapped.

You can read more here:

I don't live in the United States, so it would be great if any of you folks from over there would care to add your two cents.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Editor's Picks