September 16, 2006

Weekend Question 1: When Will the E-Voting Vulnerabilities Get the Attention They Deserve?

Filed under: Taxes & Government,TWUQs — Tom @ 10:02 am

Yes, there are some hysterics at this post, and yes I’m a bit suspicious, but given what is being claimed, it shouldn’t be dismissed out of hand (video is here):

The scientific study has revealed, for the first time, that a computer virus can be easily implanted on an electronic voting machine which could, in turn, result in votes flipped for opposing candidates. The virus, as well, could be written to then spread itself from one machine to the next resulting in a stolen election. The malfeasance would likely never be discovered, the scientists have said.

Though the concept of stolen votes via electronic voting systems has been widely regarded as theoretically possible by experts up until now, a top-secret four-month long hands-on study of an actual touch-screen voting system, by the scientists at Princeton, has confirmed the worst nightmares of elections officials and American voters…not to mention a voting machine company known as Diebold.

….. Working directly with a Diebold AccuVote TS touch-screen voting system, the computer scientists have been able to implant a nearly-undetectable virus onto a touch-screen voting system, managing to successfully alter a voter’s ballot — after it’s already been confirmed and cast — in order to flip the vote so that it is recorded for a candidate other than the one the voter had intended.

According to the study’s team leader, Edward W. Felten, a professor at Princeton’s Department of Computer Science, the report confirms – and records in a video-taped demonstration – that such a malicious virus could be easily inserted onto a Diebold touch-screen voting system by a single individual “with just one or two minutes of unsupervised access to either the voting machine or the memory card” used with the system to store ballot definitions and vote tabulations.

The virus, as programmed by the Princeton team, could then spread from one voting system to the next depending on the way the machine in use is configured, or the way in which votes are tabulated in any particular jurisdication (sic).

A YouTube demo is here. SOB Alliance member Joab tells Ken Blackwell “Thanks for nothing.” There’s a long line of people who should be told that.

Someone who knows more than I needs to tell why I shouldn’t care. Good luck.


Cut-the-Bullcrap Update (HT Techdirt; the quote is from Techdirt):

Diebold, in typical fashion, has responded not by admitting to any problems, but by attacking Felten’s report — claiming that his test (done on a machine acquired just a few months ago) was based on older software.

(So how many elections have been conducted using obviously vulnerable “older software”? — Ed.)

….. What’s most amazing of all is that Diebold continues to act defiantly about this, despite overwhelming proof that their machines have tremendous fundamental problems. Given the importance of secure and accurate elections, Diebold’s continued denial of problems and attitude that there’s no problem at all should concern just about everyone. Yet, it seems like they’re being used almost everywhere.

Am I the only person thinking that Diebold is going to use real elections as their Beta tests?



  1. There is only one voting system I can think of that will 100% accurate and it is limited by the physical location of those voting and the numbers of voters.

    This system would entail a relatively small number of voters (a few hundred a most) gathering in an auditorium and then physically moving to one side of the room or other to cast their vote. Everyone involved in the vote can then see how everyone else voted. Congressional roll calls come close to this model.

    I point this out, because it sets the baseline to compare all other voting systems.
    As we move away from this model we start whittling away at the 100% accuracy/assurance of a vote because we then introduce the possibility of fraud.

    The best we can then hope for is designing a system that minimizes the potential for fraud to an acceptable level.

    Diebold and all voting system designers have a responsibility to submit whatever system they design for independent review. The independent analysis should come back and say, “While no automated system is free from fraud, we have found system X has at Y% chance of being comprimised.”

    Comment by Porkopolis — September 17, 2006 @ 12:42 pm

  2. #1, I think they might have done the independent review, which appears to have been woefully inadequate.

    If I am wrong and they have not done an independent review, the people buying the machines have made a big mistake by not demanding one before purchase–and that included the Ohio SOS office.

    Comment by TBlumer — September 17, 2006 @ 4:50 pm

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.