Share on Google Plus Share on Twitter Share on Facebook Share on LinkedIn Share on PInterest Share on Fark! Share on Reddit Share on StumbleUpon Tell A Friend

Printer Friendly Page Save As Favorite View Favorites (# of views)   No comments
General News

Critical Security Alert: Diebold TSx and TS6 Voting Systems

By Harri Hursti for Black Box Voting, Inc.  Posted by Joan Brunwasser (about the submitter)     Permalink
      (Page 1 of 1 pages)
Related Topic(s): ; ; ; ; ; ; ; ; ; , Add Tags Add to My Group(s)

View Ratings | Rate It

opednews.com

- Advertisement -
May 11, 2006
http://www.blackboxvoting.org/bbvtsxstudy.pdf
______________________________________________

The below was forwarded from a discussion group, by Lowell Finley on May 14, 2006 -- it is an effort to summarize and simplify Harri Hursti's report (link above) on Diebold DREs. Finley gave permission to use and disseminate this.

Essentially, Harri Hursti found it is easy to install malicious code permanently on the machine at the most fundamental level that can defeat any attempt to secure the machine afterward.

There are three levels of code in any computer:

-- the BIOS (that interfaces the hardware to the software, controls the system at startup, and is the basic level of machine functionality),

-- the operating system (that provides essential services, including security, for the system),
- Advertisement -


-- and the application (in this case voting functionality).

The BIOS is what you are working with when a computer starts up and you get the option to press F2 or some other key and set things like the boot sequence, the system clock, the processor speed, and some hardware level functions, including some security functions.

Hursti showed that it is trivial to alter the Diebold BIOS (the most fundamental level in any computer) and to attack both the operating system and voting application as well. All it takes is to connect the right kind of device, to name the files according to Diebold's naming scheme, and to get brief physical access (a minute or two) to the machine. The system will automatically install the malicious code, which can be permanent, can contain functionality to enable further attacks (such as vote reallocation), can protect itself from forensic investigation, and can defeat any security measures added at a higher level (such as hash code checking).
- Advertisement -

 

- Advertisement -

View Ratings | Rate It

/* The Petition Site */
The views expressed in this article are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.

Follow Me on Twitter

Contact EditorContact Editor
- Advertisement -

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

Interview with Dr. Margaret Flowers, Arrested Tuesday at Senate Roundtable on Health Care

Renowned Stanford Psychologist Carol Dweck on "Mindset: The New Psychology of Success"

Howard Zinn on "The People Speak," the Supreme Court and Haiti

Fed Up With Corporate Tax Dodgers? Check Out PayUpNow.org!

Snopes confirms danger of Straight Ticket Voting (STV)

Literary Agent Shares Trade Secrets With New Writers