Serious security flaws found in Diebold electronic voting machines

“Diebold Election Systems plans to make changes to its electronic voting machines, following the disclosure of a number of serious security flaws in the systems. On Thursday, the voting watchdog organisation Black Box Voting published a report detailing how Diebold’s TS6 and TSx touch-pad voting machines could be compromised by taking advantage of “backdoor” features designed to allow new software to be installed on the systems. Finnish security researcher Harri Hursti, discovered backdoors in the boot loader software, in the OS, and in the Ballot Station software that it runs to tabulate votes,” Robert McMillan reports for Macworld UK.

“Diebold plans to address the issue in an upcoming version of the product, which will use cryptographic keys to ensure that only authorised software is installed on the machine, Bear said. He could not say when this feature would be added, but said that it could be available in time for the November 7 general election in the US,” McMillan reports. “These latest set of flaws are the most serious voting machine flaws yet reported, according to Ed Felten, a professor of computer science at Princeton University, and Avi Rubin, a Professor of Computer Science at Johns Hopkins University. ‘The attacks described in Hursti’s report would allow anyone who had physical access to a voting machine for a few minutes to install malicious software code on that machine, using simple, widely available tools,’ they wrote Thursday on the Freedom to Tinker blog. ‘The malicious code, once installed, would control all of the functions of the voting machine, including the counting of votes.’ Diebold’s machines are based on custom hardware that runs Microsoft’s Windows CE operating system.”

Full article here.

MacDailyNews Take: WinCE? Who’s the genius who made that decision? Sheesh. And you thought that the ease with which the deceased can vote in Chicago is odd? Just imagine…

Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.


  1. Jon, are you ignoring the recount which showed Bush did really win?

    Probably, because even though the recount was paid for by the New York Times and several other newspapers, when they got the result they weren’t hoping for, they conveniently didn’t publicize it.

    Conspiracy dorks. Sheesh.

  2. Oh no. Fixing these security flaws in their voting machines mean that Edwin Edwards will not be Governer of Lousiana again! Maybe the won’t fix them all ” width=”19″ height=”19″ alt=”grin” style=”border:0;” />

    MW State How appropriate

  3. The single biggest problem with Diebold machines is the lack of a paper trail. A journal tape such as that used on a cash register would allow both the voter and those performing recounts to determine whether a machine had been hacked.

    R- No Diebold machines were used in Florida in 2000.

  4. R,
    Which recount was that? The only one I’m aware of was in Florida, and they generally don’t use the Diebold machines in that state.
    In Ohio, they used Diebold machines.
    In Ohio, the results varied significantly from exit polls.
    In Ohio, one precinct showed more votes for Bush than they had voters!
    In Ohio, there was no “recount”, they just re-tabulated the machine votes.
    WHY was there no recount? Because the machines kept no paper trail. It seems that these machines, a variant on your basic automated bank teller kiosk, couldn’t be fitted with a printer … for some reason.

    You wouldn’t be part of the 29% who still believe in Dubya, are you? Three in ten and in free-fall.

  5. Jon and R, you should know better than to use MDN pages to open a political debate. It’s not a good venue for this kind of thing and it tend to lead to a very low signal-to-noise ratio in the comments.

    That said, I also want to point out to R that you might want to get rid of the snide tone when discussing topics that you’re not very well-informed about. If you want to talk about recounts and the disputed Florida 2000 results you probably need to show up at the table knowing a little bit more about the topic and not just repeating an inaccurate and misleading line you got from some reassuring source. Alternatively, if you’re content to trust your vague sense of what happened, no matter which side of the issue you’re arguing, you should dispense with the snide tone.

  6. With a Win CE OS on those voting machines it wouldn’t surprise me if the next President of the United States was a Russian National named Boris who made his millions selling internet spam services run by zombie computers.

  7. Geez, will you libbies ever give it up? That was 6 years ago and you lost (after multiple recounts no less), so get over it already. Nixon got screwed out of the election in 1960 (thanks to the dead in Chicago) and you don’t hear people still bitching about that one…

  8. Actually, the 2000 recount study results were not that simple. You’re right that the analysis found that if the entire state had been recounted, Bush still would have won the electoral votes that put him ahead (by 493 votes out of 6 million). But other scenarios had Gore winning. And a secondary analysis suggested that more people intended to vote for Gore than Bush but failed to due to “poor ballot design, voter error and malfunctioning machines.” In any event, the recount study was not an official recount and was “not definitive in its findings.” And Gore did win the popular vote by more than half a million votes, not that that’s worth anything to him, or the country, at this point.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.