Slashdot Mirror


Vote Tabulator Security Hole Exposed

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

9 of 530 comments (clear)

  1. Let me know by Dwedit · · Score: 5, Funny

    Let me know when a candidate named "Diebold Sucks" wins 15% of the popular vote.

    1. Re:Let me know by Exatron · · Score: 4, Funny

      Sure, you're laughing now, but I'd like you to say that to President Diebold Sucks.

      --
      "I think so, Brain, but 'instant karma' always gets so lumpy." - Pinky
      "Decepticons FOREVER!!!" - Ravage
  2. This just in... by powerlinekid · · Score: 4, Funny

    Coming up later on News at 11; Diebold machines found to be insecure. This and a shocking expose proving once and for all that water is wet.

    --

    can't sleep slashdot will eat me
  3. Re:Election Stealing by proverbialcow · · Score: 4, Funny

    This is all about how the Republicans are going to steal the election... Again.

    Not if I can find out what the 'code' is...

    --
    The only surefire protection against Microsoft infections is abstinence. - The Onion
  4. Florida, anyone? by Noryungi · · Score: 3, Funny
    Exit polls, 2004 US presidential election:
    • Georges W. Bush: 43.25%
    • John Kerry: 44.70%


    Official results of the 2004 presidential election, once all votes have been 'counted' by voting machines:

    • George W. Bush: 44.95%
    • John Kerry: 43.82%


    Since these numbers are within the margins of error, Bush is not going to need the Supreme Court this time.

    It sounds like something from a Mastercard joke:

    • New voting machines for everyone: $ 2.2 million per state.
    • Financing smear groups to attack John Kerry: $ 1.75 million.
    • Winning an election: Priceless.


    Be afraid. Be very afraid.
    --
    The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
  5. Re:Something tells me... by mynameis+(mother+... · · Score: 4, Funny
    I can't believe they're actually trusting some random company with handling and counting votes.

    Random?!
    Diebold?!

    The company whos CEO, Walden O'dell, is "committed to helping Ohio deliver its electoral votes to the president next year."

    Snigger... Oh the things one really shouldn't put on paper, sign, and mail to a buncha people ;)
    Where's my tinfoil....
  6. Guess I know who I am voting for... by Anonymous Coward · · Score: 3, Funny

    several hundred times.

  7. In other news... by VeryProfessional · · Score: 5, Funny

    It has been discovered that Paper(tm), a voting system planned to be widely deployed in the coming elections, suffers from numerous vulnerabilities.

    A security assessment taskforce has found that the system, in which a stylus is used to infuse chemical dyes onto a thin cellulose-based wafer, is vulnerable to a Denial Of Service attack in which the wafer is exposed to heat until fully oxidised. This renders the results unreadable. Furthermore, the wafers are unencrypted, which makes them vulnerable to replay and other man-in-the-middle attacks. Another attack involves exposing the wafers to lateral force until they are compressed, rendering them easier to dispose. This is known as the 'scrunch-it-and-trash-it' attack, which was made famous in the underground hacker classic Election, starring Matthew Broderick and Reese Witherspoon.

    Members of the security community are said to be flabbergasted at the general level of public apathy towards these vulnerabilities, which the taskforce has given its highest threat rating.

  8. Re:Captain Obvious Strikes Again by Smidge204 · · Score: 3, Funny

    So what really needs to happen is someone to rig the election... what do you think would happen if Bush got 500,000,000 votes in the state of Montana? :)

    =Smidge=