“Diebold Election Systems plans to make changes to its electronic voting machines, following the disclosure of a number of serious security flaws in the systems. On Thursday, the voting watchdog organisation Black Box Voting published a report detailing how Diebold’s TS6 and TSx touch-pad voting machines could be compromised by taking advantage of “backdoor” features designed to allow new software to be installed on the systems. Finnish security researcher Harri Hursti, discovered backdoors in the boot loader software, in the OS, and in the Ballot Station software that it runs to tabulate votes,” Robert McMillan reports for Macworld UK.
“Diebold plans to address the issue in an upcoming version of the product, which will use cryptographic keys to ensure that only authorised software is installed on the machine, Bear said. He could not say when this feature would be added, but said that it could be available in time for the November 7 general election in the US,” McMillan reports. “These latest set of flaws are the most serious voting machine flaws yet reported, according to Ed Felten, a professor of computer science at Princeton University, and Avi Rubin, a Professor of Computer Science at Johns Hopkins University. ‘The attacks described in Hursti’s report would allow anyone who had physical access to a voting machine for a few minutes to install malicious software code on that machine, using simple, widely available tools,’ they wrote Thursday on the Freedom to Tinker blog. ‘The malicious code, once installed, would control all of the functions of the voting machine, including the counting of votes.’ Diebold’s machines are based on custom hardware that runs Microsoft’s Windows CE operating system.”
Full article here.
MacDailyNews Take: WinCE? Who’s the genius who made that decision? Sheesh. And you thought that the ease with which the deceased can vote in Chicago is odd? Just imagine…
Advertisements:
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Considering Diebold wanted the Bush administration to win, I’d bet these are all intentional “flaws.”
what a surprise, but they dont learn do they, maybe they do this sort of thing on purpose…so they themselves can hack in!
You don’t know the history of voting machines. I do.
Jon, are you ignoring the recount which showed Bush did really win?
Probably, because even though the recount was paid for by the New York Times and several other newspapers, when they got the result they weren’t hoping for, they conveniently didn’t publicize it.
Conspiracy dorks. Sheesh.
They need to use FreeBSD or they are screwed.
“Diebold’s machines are based on custom hardware that runs Microsoft’s Windows CE operating system.” – ’nuff said?
let’s go back to doing it by hand. Hanging or pregnant chads are the results of lame ass voters who can’t do it right.
Oh no. Fixing these security flaws in their voting machines mean that Edwin Edwards will not be Governer of Lousiana again! Maybe the won’t fix them all
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
MW State How appropriate
The single biggest problem with Diebold machines is the lack of a paper trail. A journal tape such as that used on a cash register would allow both the voter and those performing recounts to determine whether a machine had been hacked.
R- No Diebold machines were used in Florida in 2000.
R,
Which recount was that? The only one I’m aware of was in Florida, and they generally don’t use the Diebold machines in that state.
In Ohio, they used Diebold machines.
In Ohio, the results varied significantly from exit polls.
In Ohio, one precinct showed more votes for Bush than they had voters!
In Ohio, there was no “recount”, they just re-tabulated the machine votes.
WHY was there no recount? Because the machines kept no paper trail. It seems that these machines, a variant on your basic automated bank teller kiosk, couldn’t be fitted with a printer … for some reason.
You wouldn’t be part of the 29% who still believe in Dubya, are you? Three in ten and in free-fall.
Jon and R, you should know better than to use MDN pages to open a political debate. It’s not a good venue for this kind of thing and it tend to lead to a very low signal-to-noise ratio in the comments.
That said, I also want to point out to R that you might want to get rid of the snide tone when discussing topics that you’re not very well-informed about. If you want to talk about recounts and the disputed Florida 2000 results you probably need to show up at the table knowing a little bit more about the topic and not just repeating an inaccurate and misleading line you got from some reassuring source. Alternatively, if you’re content to trust your vague sense of what happened, no matter which side of the issue you’re arguing, you should dispense with the snide tone.
29% in the poll taken before the latest revelations about the NSA collection of phone records.
Oh, wait, I thought I was posting on a Mac site. Is this Daily Kos?
With a Win CE OS on those voting machines it wouldn’t surprise me if the next President of the United States was a Russian National named Boris who made his millions selling internet spam services run by zombie computers.
Geez, will you libbies ever give it up? That was 6 years ago and you lost (after multiple recounts no less), so get over it already. Nixon got screwed out of the election in 1960 (thanks to the dead in Chicago) and you don’t hear people still bitching about that one…
Actually, the 2000 recount study results were not that simple. You’re right that the analysis found that if the entire state had been recounted, Bush still would have won the electoral votes that put him ahead (by 493 votes out of 6 million). But other scenarios had Gore winning. And a secondary analysis suggested that more people intended to vote for Gore than Bush but failed to due to “poor ballot design, voter error and malfunctioning machines.” In any event, the recount study was not an official recount and was “not definitive in its findings.” And Gore did win the popular vote by more than half a million votes, not that that’s worth anything to him, or the country, at this point.
DLMeyer,
Good points. And you left one out. The CEO of Deibold said that he would do whatever it took to get Bush re-elected.
Never vote for someone who has never been on a job interview. Our current President failed numerous times in the business world. Finally, he realized he wasn’t successful at running companies, so he invested in a baseball team. Then he decided to use his name to run for Governor of Texas.
Regardless of your political leanings, this man should have never been elected President, let alone Governor of Texas. He doesn’t have the qualifications and its now showing.
Who am I? A liberal libertarian. I fear the government. But I fear corporate run governments even more.
>Probably, because even though the recount was paid for by the New York >Times and several other newspapers, when they got the result they >weren’t hoping for, they conveniently didn’t publicize it.
Actually, the papers ran very long, detailed stories explaining how they performed the recount, who was involved, the different ways they counted ballots, and what the results were.
I guess you mean they didn’t publicize it the way you wanted, as “Bush really did win.”
What the recount study actually showed was that Bush won or Gore won depending on how you did the recount.
The study also showed that Gore would have won if different kinds of overvotes and mistaken votes had been counted–the Palm Beach ballot, the Jacksonville ballot instructions that told people to vote for a candidate on each mistakenly where the presidential candidates covered multiple pages–but that by their nature those are illegal ballots and there isn’t a legal or practical way they would have ever been counted because there is no way to tell how they intended to vote on an individual-ballot basis. (In other words, you know thousands of Pat votes should have been Al votes, but you don’t know that any specific ballot was supposed to be for Gore.)
The study also showed that if a recount had just been done of the machine-read paper ballots–the ones where people marked on a paper ballot in black their votes–Gore would have won because there were several hundred more Gore ballots than Bush ballots which had been invalidated because the voter pen marked the candidate they wanted and then also wrote the candidate’s name in the write-in blank. (These are only significant because they are ballots where it is obvious from the face of the ballot who the vote was intended for.)
What I always found interesting was the shiner that exit polls took in 2000 even though the one thing the study did prove (and which it never mentioned, of course) was that the exit polls more accurately guaged voter preference than the actual ballots did!
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
I’m sure this post shows too much detail, actual information, and even-handedness for it ever to be noticed on MDN.
We should use physical voting machines. You can make them electrical without using software to count votes. They would cost >$100 each and be easily verifiable.
take the software out of it. Windows CE?! Why support and entire operating system for a limited multi-choice questionnaire?
Thanks fred. Second the motion.
And Reality Check, R brought the subject up, and clearly not as a liberal. As for Nixon, Chicago’s dead Democratic voters were at least balanced by phantom Republicans in southern Illinois.
Let’s bash Microsoft now. Much more fun.
So we make it easy for the dead to vote and impossible for the living if they are black and residents of swing states. God, what a country! H. L. Mencken was right: America is the greatest show on earth. Get your peanuts, hot dogs, and popcorn and be all set to enjoy the 2006 follies er, elections, folks. When that debacle is over you can tune into the movie sequel, Death of Democracy.
This is very old news.
R = Fox News Viewer.
Be the Decider in your next election. Why spend millions on advertising when you can simply buy votes? Our Beta tests in Ohio in 2004 were successful in getting George W Bush Re-elected. Need more proof?
You have the right to use a paper ballot. Don’t trust your vote to Windoze. On election day ask for a paper ballot.
Why use voting machines? In most democratic countries voters use a pen or a pencil to place a cross or tick (depending on voting laws).
In Australia the aforementioned system is used. The votes are then counted by hand by electoral officials under the auspices of the Electoral Commission and overseen by party scrutineers. If there are any problems then the various political parties have the right to appeal to the Court of Disputed Returns. End of story. There are no hanging chats or software problems, it just works.
Postscript to Reality Check: Perhaps the reason people aren’t complaining about the 1960 Presidential election is that most of the people who voted in that election are dead…it was almost half a century ago. In forty years or so most people won’t give a rat’s arse about the 2000 U.S. Presidential election.
Counting votes with software running on re-programmable hardware is recipie for disaster.
In addition to producing a paper trail, voting machines need to be designed to run the ballot/tallying code from solid-state hardware (think NES cartridge) which is much more difficult to tamper with and easier to physically secure