Monday, September 18, 2006

Professor and Students Hack Into Diebold Accuvote-TS Machine

Princeton prof hacks e-vote machine: Students uploaded viruses able to spread to other machines
Associated Press
MSNBC

TRENTON, N.J. - A Princeton University computer science professor added new fuel Wednesday to claims that electronic voting machines used across much of the country are vulnerable to hacking that could alter vote totals or disable machines.

In a paper posted on the university's Web site, Edward Felten and two graduate students described how they had tested a Diebold AccuVote-TS machine they obtained, found ways to quickly upload malicious programs and even developed a computer virus able to spread such programs between machines.

The marketing director for the machine's maker — Diebold Inc.'s Diebold Election Systems of Allen, Texas — blasted the report, saying Felten ignored newer software and security measures that prevent such hacking.

"I'm concerned by the fact we weren't contacted to educate these people on where our current technology stands," Mark Radke said.

Radke also question why Felten hadn't submitted his paper for peer review, as is commonly done before publishing scientific research.

Felten said he and his colleagues felt it necessary to publish the paper as quickly as possible because of the possible implications for the November midterm elections.

About 80 percent of American voters are expected to use some form of electronic voting in the upcoming election, in which the makeup of the U.S. House will be decided, as well as 33 Senate seats and 36 governorships.

The AccuVote-TS is commonly used across the country, along with a newer model, the AccuVote-TSx. While Felten wasn't able to test the new machine, he said he thought much of what he found would still apply.

The machine Felten tested, obtained in May from an undisclosed source, was the same type used across Maryland in its primary election Tuesday, according to Ross Goldstein, a deputy administrator with the state's Board of Elections. Goldstein said he couldn't comment on the report until he read it.

Diebold and other machine manufacturers, including California-based Sequoia Voting Systems Inc. and Nebraska-based Election Systems & Software Inc., have been the subject of lawsuits, claiming the machines are vulnerable to hacking and breakdowns that can assign votes to the wrong candidate.

To Read the rest of the article

No comments: