1
   

Security Analysis of the Diebold AccuVote-TS Voting Machine

Forums: Politics
Email this Topic Print this Page
 
 
Buzzcook
 
Reply Wed 13 Sep, 2006 02:47 pm
The IT Policy Center at Princeton got ahold of a Diebold voting machine and tore into it. They have published the results of their findings, and it ain't pretty, folks. Here is the abstract from the paper:

This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities -- a voting-machine virus. We have constructed working demonstrations of these attacks in our lab. Mitigating these threats will require changes to the voting machine's hardware and software and the adoption of more rigorous election procedures.

http://itpolicy.princeton.edu/voting/

If you go to the Princeton IT Policy Voting page, there are links to the whole paper, a summary, FAQs, and a video demo of them throwing a presidential election for Benedict Arnold (over George Washington).

This report is creating a buzz in the computer security field, since it's bonafide CompSec professionionals that have torn this thing apart. Rumor has it that Diebold is unhappy with the report (shocking!) and is going to try to get it off of Princeton's website.
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 1 • Views: 517 • Replies: 3
No top replies

 
mesquite
 
  1  
Reply Thu 14 Sep, 2006 04:58 pm
That was a very interesting video Buzzcook. Thanks for the link.
0 Replies
 
Setanta
 
  1  
Reply Thu 14 Sep, 2006 05:02 pm
There was quite a furor in Ohio when it was revealed that the Chairman of Diebold (Ohio uses their machines) had sent out a letter on company letterhead stating that "they" would deliver Ohio to Bush in 2004. The Chairman admitted that he had erred in using the company letterhead, but that he was acting as a private individual and a supporter of the Republican Party. That's a few years ago, so i don't recall the details, but it could easily be found online. Diebold denied that there was any reason to suggest that the company were intent on throwing the election.
0 Replies
 
edgarblythe
 
  1  
Reply Thu 14 Sep, 2006 05:07 pm
Until we get voting machines that leave a paper trail, all elections are suspect, in my view.
0 Replies
 
 

Related Topics

Obama '08? - Discussion by sozobe
Let's get rid of the Electoral College - Discussion by Robert Gentel
McCain's VP: - Discussion by Cycloptichorn
AMERICAN CONSERVATISM IN 2008 AND BEYOND - Discussion by Foxfyre
Food Stamp Turkeys - Discussion by H2O MAN
The 2008 Democrat Convention - Discussion by Lash
McCain is blowing his election chances. - Discussion by McGentrix
Snowdon is a dummy - Discussion by cicerone imposter
Fellow Bostonians: How many of us wished we had an assault weapon last night? - Question by maxdancona
What should be first on the agenda of the winner in November? - Discussion by Frank Apisa
TEA PARTY TO AMERICA: NOW WHAT?! - Discussion by farmerman
 
  1. Forums
  2. » Security Analysis of the Diebold AccuVote-TS Voting Machine
Copyright © 2024 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.74 seconds on 10/13/2024 at 04:21:09