Slashdot Mirror


More Diebold E-Voting Vulnerabilities

presmike writes "ok, it looks like Diebold has more to worry about now that it is possible to change votes with a 5 line VB script. 'The vulnerabilities involve the Global Election Management System, or GEMS, software that runs on a county's server and tallies votes after they come in from Diebold touch-screen and optical-scan machines in polling places.'"

39 of 535 comments (clear)

  1. A Better Voting Machine by Anonymous Coward · · Score: 4, Funny

    After reading all these stories on Slashdot about Diebold voting machines having security holes, I did a little bit of research on my own. I believe I finally found the perfect voting tabulation and candidate selection system, impervious to cheating. Here is the website; it includes video of the machines in operation (Windows ASX format).

    Perhaps some of you security experts could evaluate whether this machine is more or less accurate and secure than Diebold's machines, but I'm pretty confident in its ability to surpass Deibold's accuracy. (Note to foreign readers: To interpret the results from the videos: if the red ball 21 or less, that's a vote for Kerry; 22 or more, Bush.)

  2. And in a related story... by Weaselmancer · · Score: 5, Funny

    George Bush and John Kerry sign up for MSDN subscriptions.

    --
    Weaselmancer
    rediculous.
  3. Bow to your next president... by siskbc · · Score: 4, Funny

    ...Me. After 150,324,123 mysterious write-in votes.

    --

    -Looking for a job as a materials chemist or multivariat

    1. Re:Bow to your next president... by IronicCheese · · Score: 2, Funny

      Welcome to Slashdot, Mister Bush.

  4. hchange? by Anonymous Coward · · Score: 1, Funny

    Is that in Hungarian notation? A handle to a change object?

  5. Priceless by TheJavaGuy · · Score: 5, Funny
    From Yakov Shafranovich's blog:

    Microsoft Windows 2000: $200
    Microsoft Access 2000: $200
    PC: $500
    Hiring an embezzler to put in three set of election results into your voting software controllable by a hidden combination of keys known only to you: $60,000 Changing the election results in favor of your candidate: priceless

    "Of course, there are some elections that money can't buy. For everything else, there is Diebold."

    --
    Opera Watch - An Opera browser blog.
    1. Re:Priceless by Anonymous Coward · · Score: 2, Funny

      From Yakov Shafranovich's [shaftek.org] blog...

      In Soviet Russia, voting machines el-- oh, wait. My mistake.

  6. Re:Another good example by mrpuffypants · · Score: 2, Funny

    Any representatives reading this?

    No.

  7. It's not BREAKABLE! by Anonymous Coward · · Score: 4, Funny

    Why, it's used by the FAA to for radio communications! They wouldn't use something like Windows if it wasn't safe...

  8. uh-oh by ch3ch2oh · · Score: 5, Funny

    President CowboyNeal?

  9. Re:Blimey by ackthpt · · Score: 5, Funny
    Getting a warm and fuzzy feeling yet?

    I think it's nausea.

    You know... Diebold does a lot of work with financial systems. Is this what they call the Harbinger of Doom?

    --

    A feeling of having made the same mistake before: Deja Foobar
  10. What will this do to homecomming? by Anonymous Coward · · Score: 2, Funny
    The only real question is how will this effect the homecomming king and queen selections this fall? If geeks only need five lines to get whoever they want will they nominate their friends and win?

    What will become of the High School social scene? Horror or Horrors.

  11. In other news... by blcamp · · Score: 3, Funny


    I now have been elected governor in 15 states, plus chief justice in 4 others (but not in Caleefornya). I'm also now hold 22 of the Senate seats, 134 of the House, and I'm the Drain Commissioner in 2/3 of all counties in the US... ...and I am now also the Magistrate and/or District Judge everywhere I normally drive my car.

    --
    The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
  12. Re:Another good example by Anonymous Coward · · Score: 4, Funny

    Any representatives reading this?

    If you make a reference to Guybrush Threepwood in your comment I always mod it up. Go Monkey Island!


    So what you're saying is, we should elect Guybrush Threepwood for president? Viva la Threepwood!!!

  13. Re:diebold by ackthpt · · Score: 2, Funny
    I hope no one uses them again.

    'Diebold' is probably some obscure germanic dialect for

    Lowest Cost Bidder
    --

    A feeling of having made the same mistake before: Deja Foobar
  14. VBScript? by ottergoose · · Score: 2, Funny

    You have to do:
    VoteForGuyA = VoteForGuyA + 1

    Instead of:
    VoteForGuyA++;

    God I hate VBScript.

    On another note, how much money does Microsoft stand to make from this? If they're running VBScript, they're using Windows (I suppose they could use DOS, but I doubt they do) - I would imagine MS makes quite a bit when hundreds of thousands of these voting machines all need a copy of Windows.

  15. Nice Diebold quote by Anonymous Coward · · Score: 5, Funny
    "Diebold spokesman David Bear said by phone that no one would risk manipulating votes in an election because it's against the law and carries a heavy penalty."

    Yeah, that's why there's never been any vote fraud in this country...I gotta remember to keep my shotgun loaded this November, that's when the dead people come out to vote in Chicago...

    1. Re:Nice Diebold quote by spitzak · · Score: 2, Funny

      Aha! That's why nobody murders or robs anybody else. It's that heavy penalty! Thanks for explaining it, mr Bear!

  16. Well now by TiggertheMad · · Score: 2, Funny

    Hey Dibold, you ever hear that old saying, 'Vote early, vote often'?

    Well, don't worry, I will...

    --

    HA! I just wasted some of your bandwidth with a frivolous sig!
  17. why not this by codepunk · · Score: 2, Funny

    del stupidaccess.mdb

    --


    Got Code?
  18. US Elections 2004: Battle of the Scripts by Control-Z · · Score: 4, Funny

    What's the big deal about voting machine fraud? If you see any fraud being commited, just write an NEGATIVE SCRIPT to offset those fraudulent votes. That way we'll keep the election nice and balanced.

  19. BSOD by sleepnmojo · · Score: 3, Funny

    I don't see a problem here. No one will be able to use the machines anyway. They will all be blue screened, so we will have to go back to the old way.

  20. Voting machines designed by Sting? by FunWithHeadlines · · Score: 4, Funny
    "You go in and press buttons and then hit "cast vote" and it goes "doo doo doo"

    Then it goes "de da da da," and finally it tells you, "is all I want to say to you."

  21. Re:Blimey by TheCaptain · · Score: 1, Funny

    "I am committed to helping Ohio deliver its electoral votes to the President next year."

    Well...the president next year will likely have deserved them. Not sure if it'll be Bush or Kerry though...certainly not Nader, IMHO.

    * Note to the disfunctional moderators out there: This is what I pass off as humor.

  22. Re:Amazing by T3kno · · Score: 3, Funny

    No no no, it's the other way around. You should always use Diebold ATMs in the hope that you get someone elses money :)

    --
    (B) + (D) + (B) + (D) = (K) + (&)
  23. Re:Amazing by XMyth · · Score: 3, Funny

    Want to buy some tinfoil hats?

  24. Re:obligitory plug for blackboxvoting.org by Anonymous Coward · · Score: 1, Funny

    You are hereby found to be in contempt of the legally binding consumer protection laws as described hereforth at the Halfbakery:

    http://64.233.179.104/search?q=cache:KXtKuHTgyksJ: www.halfbakery.com/lr/idea/Legally_20Binding_20Use _20of_20Factorials+factorial+halfbakery&hl=en

    Utilising a factorial in an attemp to add hyperbole to your point is now a punishable offense. Unless you can prove the existance of (5! = 120) "Different demonstrations", we ask that you cease and desist in violating this new code.

    Thank you,
    Management

  25. Re:Blimey by Marxist+Hacker+42 · · Score: 3, Funny

    Given that- here's the five lines in pseudocode:

    1. Set an ADODB Recordset
    2. Open recordset with select statement for tables with the totals in them.
    3. rs(fieldforcandidate)=new total
    4. rs.update
    5. rs.close

    Or better yet, if you have a copy of access with you, skip the stupid script, open Access, and simply change whatever totals you want to.

    --
    SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  26. Re:As an outside observer by Anonymous Coward · · Score: 1, Funny

    Wtf is wrong with the US?

    perhaps as a nation they just aren't ready for democracy and real freedom ?

    in a nation that has more of its people in jail than the rest of the entire western world *combined* speaks volumes about the direction they are heading

  27. Nothing new. by ScytheBlade1 · · Score: 2, Funny

    At my school, I was asked to write a voting booth for the school. It's done via PHP and MySQL.

    I wrote it. I've got the access which I technically don't have.

    Pedro for President, anyone?

  28. Re: "diebold" (German) == "theif old" (English) by neitzsche · · Score: 2, Funny

    Oh my, I thought that was pretty funny, and that you were just joking, but NO! translate.google.com really DOES translate that just so.

    I blew my mod points a while ago, hopefully someone else will be gracious to you (even though you did post as AC.)

    --
    "God is dead." - Frederik Nietzsche
  29. Re:Amazing by Anonymous+Writer · · Score: 2, Funny

    Want to buy some tinfoil hats?

    Just make sure they're not made by Diebold.

  30. Re:Blimey by AuMatar · · Score: 3, Funny

    In perl? More like 5 characters.

    --
    I still have more fans than freaks. WTF is wrong with you people?
  31. Re:Blimey by John+Courtland · · Score: 4, Funny
    Can someone explain me the exact problem with it ?
    It doesn't ensure victory?
    --
    Slashdot is proof that Sturgeon's Law applies to mankind.
  32. Re:Amazing by c13v3rm0nk3y · · Score: 3, Funny
    They are working for the govt in this case, which is notorious for not paying attention until it becomes and a campain issue.

    Dude, I love this word you created:

    Campain \Cam*pain"\, n. [F. campaigne, It. campagna, fr. L. Campainia the level country about Naples strewn with band-aids, fr. campus field. See Camp, and cf. Champaign, Champaigne.]

    1. An field of pain; a large, open pain without considerable pills. See{Champaign. --Grath.
    2. (Mil.) A connected series of military operations which cause significant pain.
    3. The feeling one gets during and after a political operations preceding an election; a canvass. [Cant, U. S.]
    4. (Metal.) The period during which a blast furnace is continuously in operation while your face is in it.
    --
    -- clvrmnky
  33. Re:Blimey by AJWM · · Score: 2, Funny

    The wealthier you are, the higher the likelyhood that it will be republican-leaning.

    Well, except in Hollywood.

    --
    -- Alastair
  34. Re:Blimey by BigT · · Score: 2, Funny

    none of which will be alphanumeric.

    --
    Is it weird in here, or is it just me?
  35. Re:Die, democracy, Die by Suidae · · Score: 2, Funny

    And I think the selection of the leader of the most powerful country in the world should have a little more confidence than two ten-thousandths of a percent.

    I agree. When it is that close we should force them to get married and share the oval office. They can alternate days in control and mud-wrestle for the monthly paycheck.

  36. Re:Blimey by NuclearDog · · Score: 2, Funny
    <?
    $db = mysql_connect("127.0.0.1", "diebold", "abcdef");
    mysql_select_db($db, "votes");

    while ($choice!='quit') {
    echo "1) George Bush";
    echo "2) John Kerry";
    echo "3) CowboyNeal";

    $vote = readline($vote);

    if (!ereg("^[1-3]$", $vote) && $vote!='quit') {
    echo "Invalid vote.\n";
    } elseif ($vote=='quit') {} else {
    $result = mysql_query("UPDATE `votes` SET `votes`=votes+1 WHERE `candidate`='$vote'", $db);
    if (!$result) {
    echo "Voting failed!\n";
    } else {
    echo "Vote successful!\n";
    }
    }

    }

    mysql_close($db);

    ?>
    Of course, it would require much more error checking and the screen would have to be cleared after each vote, etc. etc.

    If I 14 year old can program this in */me checks clock* 4 minutes, I'm sure Diebold could program something much better with the amount of time\money they have. If not, the only reason I can think of is that they are complete and total dumbasses.

    Anyways, I know, being Slashdot, 10 other people will pipe up and tell me how I could have done it better. If not, I know someone will correct my grammar, and to you I say: 'telnet nucleardog.com'

    That is all.

    ND
    --
    This statement is forty-five characters long.