As the debate over e-voting machines continues, Ed Felten has a somewhat scary discussion about how Diebold set up their machines to read smartcards -- and how easily it could be hacked to let someone vote repeatedly. Basically, rather than making sure the smartcard is valid, the system just asks the smartcard if it's valid, and then accepts a "yes" response. As long as someone with a $50 smartcard reader (assuming DirecTV hasn't shut them all down) can figure out how to send the simple "yes" command (and two other "okay" answers) they could create accepted smart cards and keep on voting. While someone in the comments notes that the disparity between the number of votes and the number of voters would be noticed, it's still not clear how they would figure out which votes are legitimate. I guess this isn't that surprising from a company that set up the universal password for their e-voting machines to be 1111. This is what happens when you try to build security by obscurity into systems that need to be secure -- and why open source voting systems make much more sense to make sure that security holes are found and plugged early on.
If you liked this post, you may also be interested in...
- ACLU Calls For Ban On Nonlethal Weapons In Schools After Tased Student Ends Up In Coma
- Lightning Strikes Twice: Wannabe Murderer Butt-Dials His Almost-Victim
- Companies Developing Crowd Analysis Programs To Detect 'Abnormalities' In Behavior And Match Faces Against Giant Databases
- Facebook Needs To Learn It Can't Teach Tolerance By Acting As An Overzealous Censor
- Microsoft To Encrypt Data Center Links; Says NSA Hacking Would Be Unconstitutional