Sweet Liberty

23 February 2006

Integrity of E-balloting System Still in Doubt

Los Angeles Times, Feb. 23, 2006

[...] As the last two presidential elections demonstrate, ballot results are of profound interest to everybody — including determined hackers with partisan agendas. Therefore, it's proper to demand of the high-tech machines replacing the paper ballots and punch cards of yore that they be technologically bulletproof. The Diebold systems certified by McPherson — an optical scanner that reads hand-marked ballots and a touch screen that totes up votes directly — fall well short of that standard.

How do we know this? It's the conclusion of a panel of computer security experts McPherson commissioned specifically to study Diebold's software. Three days after they issued their report Feb. 14, McPherson gave Diebold thumbs up, noting that the panel regarded the software problems it found as "manageable" and had said the risks could be "mitigated" if election officials took care.

But the experts were plainly troubled by flaws in Diebold's systems. The panel, which included David Jefferson of Lawrence Livermore National Laboratory and David Wagner of Berkeley, observed that the removable memory cards used by Diebold were vulnerable to undetectable acts of tampering.

The panel found 16 software bugs that could cede "complete control" of the system to hackers who might then "change vote totals, modify reports, change the names of candidates, change the races being voted on," and even crash the machines, bringing an election to a halt. Hackers wouldn't need to know passwords or cryptographic keys, or have access to any other part of the system, to do their dirty work. Voters, candidates and election monitors wouldn't necessarily know they'd been rooked.

The bugs lead some computer professionals to believe that Diebold's software designers never treated security as a high priority. "It's like they were making a mechanical device, and never heard of computer security," says David Dill, an expert in electronic voting at Stanford University who wasn't on the panel.

The bugs pale next to another discovery by the panel. This is the presence of a cryptographic key written into the source code, or basic software, of every Diebold touch-screen machine in the country. The researchers called this blunder tantamount to "a bank using the same PIN code for every ATM card they issued; if this PIN code ever became known, the exposure could be tremendous."

Here's the punch line: The Diebold key became known in 2003, when it was published by researchers at Johns Hopkins and Rice universities. It can be found today via a Google search. What's worse, the key was first identified in 1997 by a University of Iowa researcher, who promptly warned the manufacturer of the flaw, apparently to no avail.

Read More >>

No comments:

Post a Comment

'In Ohio" - Free MP3

Madog Pavanelli & the Virtual Country Boys new song, "In Ohio"

3 T I M E S I N O H I O

Ohio's Presidential Election was a fraud in 2000 and 2004. Care to go for three? They can. They control the elections. That'll be three times Ohio handed over the country. What about the current insane financial devastation? With that, George Bush can cross the last task off his "to screwup" list. Congress and the major candidates don't even want to get it. Wall street most surely gets it - and keeps on getting it. Meanwhile people are losing their homes, jobs and savings. We need to hold them all accountable and stop all this. In Ohio, the poster child for stolen elections... does Main Street really care??

Copy and distribute freely - in 3 formats - bluegrass, big band, and 12-string solo.

"In Ohio" is freely available for use by others in films, documentaries, live performances, radio and CD's. Interested parties email Gary Polvinale: garypcd@madogmusic.com

Go here to listen and for your free download:
Madog Music

Stealing America - Documentary

"STEALING AMERICA: Vote by Vote does for American democracy what An Inconvenient Truth did for global warming."

-FILM JOURNAL INTERNATIONAL

Why is this film a "must see"? Inaccurate vote counts, illegal purging, improbable machine errors, and more have led millions of people to believe that recent national elections were stolen.

Look at the evidence in this film and decide for yourself:

STEALING AMERICA: Vote by Vote by OSCAR-nominated, EMMY-winning filmmaker, Dorothy Fadiman

Narrated by Peter Coyote

Stealing America >>