Time to Recall E-Vote Machines?

From: Arthur Keller <arthur_at_kellers_dot_org>
Date: Wed Oct 08 2003 - 15:16:31 CDT


"Time to Recall E-Vote Machines?"
Wired News (10/06/03); Zetter, Kim

Despite assurances from officials in Alameda County, Calif., that the
Diebold touch-screen voting machines the county will use for the
recall vote are adequately protected from fraud by usage policies and
procedures, a recent training session for Alameda County poll workers
indicated that the election is anything but tamper-proof.
Voting-machine experts discovered flaws that could enable a poll
worker or an outsider to alter the votes in machines without being
found out: For example, ballot files could be changed prior to the
election because the machines are left unattended days before the
vote, and contain memory cards with preloaded ballots. A recent
Maryland report disclosed flaws in Diebold machines that could allow
elections to be rigged, and published recommendations to lower such a
risk; Alameda County assistant registrar of voters Elaine Ginnold
insisted that usage procedures would protect the e-voting systems,
but these procedures were apparently not implemented as of last
week--the password for the card used to shut down a machine can be
easily learned, and the county has not placed tamper-proof tape over
memory card compartments, as per the Maryland report's
recommendations. Adam Stubblefield, who co-authored a July report
from Johns Hopkins and Rice University on Diebold software flaws,
warned that the ballot definition file stored on an e-voting
machine's memory card could be altered by people armed only with a
laptop. He also said that votes could be intercepted in transit,
assuming Alameda County is using a leased, dedicated T1 or ISDN line
that links voting centers to the courthouse while bypassing the
Internet. Ginnold remarked that the data traveling along these lines
lacks encryption, and Johns Hopkins report co-author Dan Wallach
stressed this as a vulnerability. "If someone can reprogram the
phone switches, which is not impossible to do, then they can
intercept the data," he explained.

Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Fri Oct 31 23:17:02 2003

This archive was generated by hypermail 2.1.8 : Fri Oct 31 2003 - 23:17:07 CST