 |
Add to My Group
Overview of Major Expert Studies on Voting Systems
By Rady Ananda (about the author) Page 5 of 7 page(s)
Cast ballots, ballot definition files, and audit logs could be modified;
Supervisor functions were protected with weak or easily guessed passwords;
Systems had easily picked locks and power switches that were exposed and unprotected;
Local jurisdictions misconfigured their electronic voting systems, leading to election day problems;
Voting systems experienced operational failures during elections;
Vendors installed uncertified software;
Some electronic voting systems did not encrypt cast ballots or system audit logs, and it was possible to alter both without being detected;
It was possible to alter the files that define how a ballot looks and works so that the votes for one candidate could be recorded for a different candidate.
*******************
HARRY HURSTI, BLACK BOX REPORT Security Alert: July 4, 2005 Critical Security Issues with Diebold Optical Scan Design (1.94w), 2005, http://www.blackboxvoting.org/BBVtsxstudy.pdf Some of the key findings include:
With this design, the functionality the critical element to be certified during the certification process -- can be modified every time an election is prepared. Functionality is downloaded separately into each and every machine, via memory card, for every election. With this design, there is no way to verify that the certified or even standard functionality is maintained from one voting machine to the next.
Paper trail falsification Ability to modify the election results reports so that they do not match the actual vote data 1.1) Production of false optical scan reports to facilitate checks and balances (matching the optical scan report to the central tabulator report), in order to conceal attacks like redistribution of the votes or Trojan horse scripts such as those designed by Dr. Herbert Thompson.(19)
Removal of information about pre-loaded votes 2.1) Ability to hide pre-loaded votes 2.2) Ability to hide a pre-arranged integer overflow
The exploits demonstrated in the false optical scan machine reports ("poll tapes") shown on page 16 do not change the votes, only the report of the votes. When combined with the Trojan horse attack demonstrated by Dr. Thompson, this attack vector maintains an illusion of integrity by producing false reports to match the contaminated central tabulator report. The exploit demonstrated in the poll tape with a true report containing false votes, shown on page 18, changes the votes but not the report. This example pre-stuffs the ballot box in such a way as to produce an integer overflow. In this exploit, a small number of votes is loaded for one candidate, offset by a large number of votes for the opposing candidate such that the sum of the numbers, because of the overflow, will be zero. The large number is designed to trigger an integer overflow such that after a certain number of votes is received it will flip the vote counter over to begin counting from zero for that candidate.
*******************
RABA TECHNOLOGIES, Trusted Agent Report: Diebold AccuVote-TS Voting System (report prepared for Department of Legislative Services, Maryland General Assembly, Annapolis, Md., January 2004). http://www.raba.com/press/TA_Report_AccuVote.pdf
The general lack of security awareness, as reflected in the Diebold code, is a valid and troubling revelation. In addition, it is not evident that widely accepted standards of software development were followed.
Knowing the password, a smart card can be replicated, and the voter can vote multiple times. RABA was able to guess the passwords quickly, and access each card's contents (Supervisor Card, Voter Card, and Security Key Card). Given access to the cards' contents it became an easy matter to duplicate them, to change a voter card to a supervisor card (and vice versa) and to reinitialize a voter card so that it could be used to vote multiple times.
The use of hardcoded passwords is surprising both as an inferior design principle and in light of them being published openly in the Hopkins report. It must be assumed these passwords are well known.
The contents of these cards are neither encrypted nor digitally signed. Thus, for example, the
PIN associated with a Supervisor Card23 can be read directly from the card provided the password is known. This means creating Supervisor Cards is a simple task: a perpetrator could program his card with an arbitrary PIN that the AccuVote-TS would readily accept.
It is reasonable to assume that a working key to the AccuVote hardware is available to an attacker. The hardware consists of a touch-screen voting terminal with two locked bays. Maryland has ordered approximately 16,000 AccuVote-TS terminals each equipped with two locking bays and supplied with two keys accounting for 32,000 locks and keys. Surprisingly, each lock is identical and can be opened by any one of the 32,000 keys. Furthermore, team members were able to have duplicates made at local hardware stores.
One team member picked the lock in approximately 10 seconds. Individuals with no experience (in picking locks) were able to pick the lock in approximately 1 minute.
In 2004, Rady Ananda joined the growing community of (more...)
The views expressed in this article are the sole responsibility of the author
and do not necessarily reflect those of this website or its editors.
 Contact Author |
Contact Editor |
 View Authors' Articles |
by Bob Fitrakis
$17.95
Lowest New Price $3.82
Number of pages: 352
Publisher: New Press
by Douglas Kellner
$93.00
Lowest New Price $66.00
Number of pages: 256
Publisher: Rowman
by Abbe Waldman DeLozier
$15.00
Lowest New Price $2.00
Number of pages: 248
Publisher: Truth Enterprises Publishing
by Joel Berg
$9.95
Number of pages: 3
Publisher: Thomson Gale
| 4 comments |
Want to post your own comment on this Article? 
|
||||
|
||||||||||||||
Must Read (0) 
Well Said (0) 
News (0) 
Touching (0) 
Funny (0) 
Supported (0) 
Interesting (0) 
Inspiring (0) 
Valuable (0) Tell a Friend:
|
Copyright © 2002-2009, OpEdNews |
