California Reviews… And Decertifies… More ES&S E-Voting Machines

from the a-lesson-in-weak-security dept

Remember how e-voting firm ES&S was so against letting California’s Secretary of State have an independent security team review their e-voting machines? Well, now we know why. The state had already released one damning security report and sued ES&S for giving the state uncertified machines. Now the state has come out with another report on more ES&S machines and the story gets worse and worse and worse. The good news is that California won’t certify any of them. The bad news is that ES&S appears to not only be belligerent in not wanting to let California review its machines, but it also seems to be incompetent as well. As Dan Wallach notes in reviewing the report, ES&S appears to have outright ignored issues that the state asked them to address. As for the machines themselves? There seem to be all sorts of problems, including an awful lot of data stored in cleartext rather than encrypted, easily accessible and easily changed or corrupted data, and seldom-used and easily-broken password protection. Physical locks were all easily picked (some within 5 seconds, the rest within a minute). In other words, the security is a near total joke. This, despite the fact that people have been pointing out these kinds of security concerns for over five years. I wonder if the guy from ES&S who showed up a year ago and told us all we had no clue what we were talking about and swearing up and down that the machines were safe will come back and explain these latest results.

Filed Under: ,
Companies: es&s

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “California Reviews… And Decertifies… More ES&S E-Voting Machines”

Subscribe: RSS Leave a comment
Rusty Shackleford says:

Dont think E-voting will ever work

besides the troubles in the technology… the people running the countries are so dirty that even when you have the best guy in the world running for office… you wouldnt know it because he sounds like all the rest… and thatsa real shame for the people. Getting these machines into the voting process only creates the opportunity for more underhanded events to happen… such as recounts are useless… the number is the number… and that can be changed by whoever sees fit to change it… I would love to see evoting work… I just dont think, in t5his dishonest world it will ever work to the satisfaction of the people

Donald King (user link) says:

Re: Are Automated Teller Machines secure?

ATMs are in a different category than voting machines. If an ATM has a security flaw, the bank knows who owns what account and which ATM was used when, and both you and the bank have all the paper records you’ll ever need.

With voting, anonymity is a very important goal. If the voting machine prints out perfectly accurate receipts that you can use to double-check how your vote was counted, then (employers|union bosses|mobsters|etc.) can threaten you into voting for the “right” candidate. So a voting machine is almost the exact opposite of an ATM.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...