Slashdot Mirror

← Back to Stories (view on slashdot.org)

Maryland Electronic Voting Systems Found Vulnerable

Posted by michael on from the stuffing-the-ballot-box dept.

snoitpo writes "My fine state (Maryland) has hired some people I can respect to hack into Diebold voting machines. The Washington Post (read it free for 2 weeks) has the details. From this story and the one on NPR, the state hired a company and set up a test voting precinct and had the group try whatever they could to break into the machines. Most of the attacks would probably be noticed by an even-half-awake poll staff, but some vulnerabilities were exposed. The net seems to be that you could really mess up individual machines, but the grail would be to get to the central collection servers and send a megavote to your favorite candidate. The last paragraph mentions problems that voting machines had in the last election in Virginia; it's interesting to note that those use wireless networking--my jaw has dropped onto my keyboard and I can't comment any further." Other readers sent in two stories in the Baltimore Sun (1, 2), and one in the NY Times.

16 of 417 comments (clear)

  1. No No No! by Bucko · · Score: 2, Informative

    Paper receipts open the system up to vote-selling. Not good, and not allowed!

    The voter might be able to see the paper (under glass), but that's about it.

    J

  2. The Best Democracy Money Can Buy - by NixLuver · · Score: 4, Informative
    Read the book - even the first chapter - and you'll realize that a 'recount' isn't what we thought it was in 2000. No actual counting went on. We're just asking - no, begging - for a repeat of the constitutional rape of the electorate that happened in 2000.

    --
    Thinking outside my Head
    1. Re:The Best Democracy Money Can Buy - by workindev · · Score: 2, Informative

      Katherine Harris was tasked with disenfranchising a few thousand names off the list of voters because they were felons

      This sentence is 100% false. Katherine Harris had nothing to do with the voter felon scrub list. This list was initiated as a result of Florida Statute Section 98.0975, passed in 1997 by the state legislature, a year before Harris or Gov. Bush were elected. This list was created by ChoicePoint systems, who was hired by Ethel Baxtor (D), the Florida Director of Elections.

      And Katherine Harris and Jeb Bush had no legal authority to remove voters from the registration lists, because Florida Elections and election rolls (like almost every other state election) are supervised and maintained by the County election officials (who happen to be Democrat minorities in overwhelmingly Democratic minority counties). So even if Katherine Harris and Jeb Bush wanted to disenfranchise 100,000 minority voters, they had absolutely no way of doing it.

      Get your facts straight.

      Maybe you should be checking your facts.

  3. Maryland Bill by pigpen_ · · Score: 5, Informative

    There is a bill before the Maryland State House that would require a voter verifiable paper trail on all electronic voting machines in the state of maryland. The bill also calls for a random sampling of the paper ballots to ensure that the electronic count has not been tampered with. House Bill 53 was just read into the ways and means committee two weeks ago but with the release of the reports I hope there it can gain more support and pass the house.

    --
    Zambozay! My brain must've been eatin' a sandwich!
    1. Re:Maryland Bill by pigpen_ · · Score: 5, Informative

      I forgot to mention a couple websites that are pushing for a voter verifiable paper trail in MD and nationwide: Campaign for Verifiable Voting in Maryland and Verified Voting - Campaign to Demand Verifiable Election Results

      --
      Zambozay! My brain must've been eatin' a sandwich!
  4. What they neglected to mention by dkleinsc · · Score: 4, Informative

    The NYTimes article mentioned in passing the work started Bev Harris, as described in her book ,and said that "Diebold stated that the code used by the researchers, which had been taken from a company Internet site and circulated online...". What actually happened is that supposedly private code, which no one should have been able to get to, was left in a wide open FTP server. And these are the guys we're supposed to trust with our elections. At this point I can't figure out whether Diebold's lack of security is due to malice or incompetance.

    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  5. Re:What is wrong with paper? by garcia · · Score: 1, Informative

    because Americans in general are dumb. They think that if we put pretty pictures on the screen it will be less confusing than pulling Lever A for Moron #1 and Lever B for Moron #2 (pulling any other levers just adds to the winner's total by default).

    We also have a problem w/political ignorance and laziness. People would rather watch Reality TV and speculate on which dumbass the whore is going to kick off next week rather than who is going to run our country...

    The laziness comes in that we have "no time" to go out and vote but we have plenty of time to sit around and watch Survivor, My Big Fat Obnoxious Fiancee, and The Bachelorette.

    We need to make it easy for these people to watch TV while voting for another idiot to run our country.

    Hope that clears it up for you (BTW, I am only 75% joking).

  6. Re:*gasp!* Voting machines vulnerable?!! by RigMonkey · · Score: 2, Informative

    Duh...

    We'll never have a valid e-voting system until the software is treated as a critical-systems type of application. I mean, it's not like the software is doing something like figuring the interest on a loan. The developers need to treat this software as seriously as they would the software in emergency medical equipment.

    And for bonus Karma, that quote is from The Simpsons:

    "Me fail English??? That's unpossible!"
    -Ralphie

    Another favorite by Ralphie:

    "And so the doctor said I wouldn't get as many nose bleeds if I just kept my finger outta there"

  7. Re:*gasp!* Voting machines vulnerable?!! by stratjakt · · Score: 2, Informative

    Sibling post is an idiot. It was Ralph Wiggum.

    --
    I don't need no instructions to know how to rock!!!!
  8. My favorite quotes... by J.+Chrysostom · · Score: 2, Informative

    William A. Arbaugh, an assistant professor of computer science at the University of Maryland and a member of the Red Team exercise, said, "I can say with confidence that nobody looked at the system with an eye to security who understands security."

    Mr. Wertheimer said the application of security was inconsistent, with encryption applied in some places without the accompanying technology of authentication to ensure that the machines that are communicating with each other are the ones that are supposed to be communicating and that an interloper has not jumped in. "It's like washing your face and drying it with a dirty towel," he said.

  9. Re:Perhaps you all should read our report. by PaulMaximne · · Score: 2, Informative

    OOPS, forgot to preview. A link to the report.

    --


    We witness not a fallen world, but falling every day - The Call.
  10. Mod me down if I'm too off-topic by galego · · Score: 2, Informative
    But here's a review done my Univ. of Maryland's HCIL group (Human Computer Interface Labs). They presented their review at a symposium and it wasn't all that great ... anyway here's a pdf if anyone's interested. Had some major interface issues according to the presentation.

    http://www.capc.umd.edu/rpts/MD_EVoteEval.pdf

    --

    Que Deus te de em dobro o que me desejas

    [May God give you double that which you wish for me]

  11. It looks like... by rickyjd19 · · Score: 3, Informative

    ...we will never have the perfect voting system. If these electronic voting systems prove to be worse than the infamous punch-card ballots (which is what people seem to be suggesting) then electronic voting may have defeated its purpose. Maybe we should stick to the kind of ballots we have where I live in Iowa: you mark the ballot with a marker, and it gets read by computer, much like standardized tests do. It's reasonably accurate and can be counted by hand if needed, and is not so prone to hacking. P.S. - sorry if I submitted an empty comment earlier - my mistake

  12. Re:What bothers me by grondu · · Score: 3, Informative

    Send mail to atc@npr.org and express your concerns.

    --

    I'm the urban spaceman babe, but here comes the twist... I don't exist

  13. Re:Need paper receipts by laird · · Score: 2, Informative

    This is roughly how the system built by The Open Voting Consortium works. Their project, EVM2003, is available on SourceForge.

    --
    Enable 3D printed prosthetics!
  14. Oregon voting by gblues · · Score: 2, Informative

    Actually, voters in Oregon are required to sign the envelope before they put it in the mail. While it's not foolproof, it's obvious if every ballot has been signed by the same person.

    Nathan