Major Diebold Voting Machine Security Hole Discovered… Again
from the and-yet,-we-still-use-them dept
It’s been, what, a little over a month since a report of the last major flaws found in Diebold machines, and we’ve already got new reports of what’s being described as a dangerous security hole in those machines. The vulnerability, which is still being kept mostly secret, appears to let someone upload new software to the machines with just a few minutes at the machines — potentially allowing them to change voting results on the machine. This is, clearly, a major issue — and certainly not the first one found on Diebold machines. In the past, we’ve seen reports about weak security, putting ballots online and unprotected, a default easy password used on all machines across the country, reports of miscounts on the machines, evidence that Diebold employees purposely hid security problems, claims that Diebold made last minute changes to voting machine software (in violation of election laws), evidence that other machines were easily hacked and a number of other problems with both the machines and people who worked at Diebold (such as the convicted felons who ran the unit that wrote the voting machine software). In all of this, the strangest thing has been Diebold’s unwillingness to make the simplest of changes that would make people feel more comfortable with the machines: adding a verifiable paper trail, so that the electronic votes could be double-checked later on. For no clear reason, the company has mostly refused to entertain the notion (though, they once said if they were forced to they would charge an exorbitant amount to scare election commissioners away from those machines).
At the same time, the company has repeatedly attacked those who published this information or pushed election officials to more thoroughly test the machines. In some cases, even when serious issues have been shown, the company has publicly laughed them off and then made life difficult for elections officials who are required by law to buy electronic voting machines, by doing things like making them sign contracts that won’t allow these types of security tests. In fact, the whole reason this new serious vulnerability came to light was because of a security test done on the machines for a county elections official in Utah in March. You remember… that was the case where Diebold claimed such tests were a violation of their warranty, and they demanded $40,000 to “recertify” the machines. Because of this, the election official who dared to have the machines tested was yelled at by his superiors and lost his job. Considering it was those tests that discovered this flaw that has Pennsylvania, California and Iowa quickly telling its election officials to “sequester” all of these Diebold machines until they can be updated — doesn’t it seem like Diebold and Utah state election officials owe that local election official a bit of an apology?