 |
Add to My Group
2007 Technology Tests of Computerized Voting Systems
By Rady Ananda (about the author) Page 8 of 8 page(s)
In the case of voting systems, the only meaningful security against insider attacks is to have a voting mechanism of which all the details are published and that a substantial portion of the general public is capable of comprehending in-depth. By adding extra security measures against the over-emphasized threat posed by outsiders, one can actually increase the risk posed by insiders. For example, today’s mobile phones often combine a processor, execution memory and tamper-resistant key storage to make sure only the manufacturer (who has the cryptographic signing keys) can update the software. These mechanisms can sometimes still be circumvented, but at least they offer a layer of security that is completely absent in the Nedap ES3B. But by adding ‘security’ in this way, the device could also resist any attempts to independent inspectors to see what code it is actually running. UCONN University of Connecticut Security Assessment of Diebold Optical Scan system, 2006 Abstract: 
We identify a number of new vulnerabilities of this system which, if exploited maliciously, can invalidate the results of an election process utilizing the terminal.
An Accu-Vote Optical Scan can be compromised with off-the-shelf equipment in a matter of minutes even if the machine has its removable memory card sealed in place. The basic attack can be applied to effect a variety of results, including entirely neutralizing one candidate so that their votes are not counted, swapping the votes of two candidates, or biasing the results by shifting some votes from one candidate to another.
Such vote tabulation corruptions can lay dormant until Election Day, thus avoiding detection through pre-election tests.
UCONN University of Connecticut Security Assessment of Diebold Touch Screen (TSx) system, 2007.
The attacks presented in this report were discovered through direct experimentation with the voting terminal and without access to any internal documentation or the source code from the manufacturer.
We present two attacks based on these vulnerabilities: one attack swap the votes of two candidates and another erases the name of one candidate from the slate.
These attacks do not require the modification of the operating system of the voting terminal, and can be launched in a matter of minutes, requiring only a computer with the capability to mount a PCMCIA card file system (a default capability in current operating systems).
Security problems are present in the system despite the fact that a cryptographic integrity check appears to be employed in the voting system’s memory card.
In 2004, Rady Ananda joined the growing community of (more...)
The views expressed in this article are the sole responsibility of the author
and do not necessarily reflect those of this website or its editors.
 Contact Author |
Contact Editor |
 View Authors' Articles |
by Susan Landauer
$24.95
Lowest New Price $15.89
Number of pages: 104
Publisher: University of California Press
by Newton D. And Robert Greenwood Baird
$140.00
Number of pages:
Publisher: Talisman Literary Research
by Margaret Miller Rocq
$65.00
Lowest New Price $155.45
Number of pages: 628
Publisher: Stanford Univ Pr
by Joseph Armstrong, Jr. Baird
$50.00
Number of pages:
Publisher: Library Associates, Univ. Library, Univ. of California, Davis,
| 5 comments |
Want to post your own comment on this Article? 
|
||||
|
||||||||||||||
Must Read (0) 
Well Said (0) 
News (0) 
Touching (0) 
Funny (0) 
Supported (0) 
Interesting (0) 
Inspiring (0) 
Valuable (0) Tell a Friend:
|
Copyright © 2002-2009, OpEdNews |
