Diebold Voting Machines Vulnerable to Virus Attack

mcgrew writes "PC world is reporting that Diebold's super-popular voting machines are coming under even more scrutiny. A security review has revealed that they are simply 'not secure enough to guarantee a trustworthy election.' This is according to a report from the University of California Berkley, who did a two-month top-to-bottom review of all California e-voting systems. That's a subject we've discussed before, but Diebold's setup is truly unsettling. An attacker with access to a single machine could disrupt or change the outcome of an entire election using viruses. From the article: 'The report warned that a paper trail of votes cast is not sufficient to guarantee the integrity of an election using the machines. "Malicious code might be able to subtly influence close elections, and it could disrupt elections by causing widespread equipment failure on election day," it said. The source-code review went on to warn that commercial antivirus scanners do not offer adequate protection for the voting machines. "They are not designed to detect virally propagating malicious code that targets voting equipment and voting software," it said.' Oddly, my state of Illinois, long known for election fraud, has paper trails (at least in my county) and according to Black Box Voting doesn't use Diebold anywhere."

Re:waht we've all been wondering...

[SolusSD]

As someone who had been contracted by Diebold, the machines are running Windows, the software is written in Visual Basic, and the database is Access. And no, this isn't a troll.

god help the future of democracy.

Re:Edison was still wrong

[MillionthMonkey]

Well Edison was so late 19th-early 20th century. We have to "update elections for the computer age" and "build a bridge to the 21st century". Apparently this means loading elections onto a bus and driving them over just as our new bridge collapses.

Re:waht we've all been wondering...

[Klickoris]

Might want to use a grammar check as well.

Re:waht we've all been wondering...

[jhylkema]

I bet i could write a secure voting machine that could handle state and federal elections securely in a couple of days in any language from assembly to bash!

Bonus points if you can write it in INTERCAL.

List of Diebold Vulnerabilities

[ukemike]

The follow is a list of attacks or hacks which the Diebold machines are known to be vulerable to:

Sneezing in their vicinity,
Looking at them cross eyed,
Armpit farts,
Dancing counterclockwise around them,
Voting,
Sarcastic comments,
Pixie dust,
My mother-in-law's meatloaf, and
Bad Bob Dylan cover songs.

Seriously, several years ago three or four different versions of the GEMS software (that's the name of the Diebold voting software) were available for download in a few places on the internet. Accessing the voting database was a simple as creating a new database and copying the password you created over to the voting database. The security log didn't have sequentially numbered entries so deleting your tracks was as simple as opening the log and deleting the pertinent lines. With ZERO experience with Access, and a single page of written instructions I was able to break in, alter voting data (on my PC not a real election PC!), and cover my tracks within just a few hours of installing the software. These machines are set to autorun anything that is inserted in the PC card slot!!! PC cards are what are used to carry vote data from the precincts to the central tabulator so dozens of cards are typically inserted in the central tabulator on election night. Fixing an election is as simple as writing a script on a PC card and inserting it in the PC card of the central tabulator. It's not far fetched either. Unidentified people have been seen fiddling with the central tabulators in several counties in elections when there were surprising results. My conclusion was not that these machines were badly designed, but that they were well designed for the purpose of enabling election fixing.