Diebold Brushes Off Yet Another Damning Security Report

from the accountability? dept

Just a day after Avi Rubin discussed many of the real world problems of some Diebold e-voting machines in action, Ed Felten has come out with his quite damning independent review of the machines -- noting just how problematic the security is and how easy it was to upload malicious programs (including a virus that could spread dangerous software from machine to machine). This is hardly the first time we've seen such a report, but it seems like each report is progressively worse. By this point, you'd have to have lived in a hole to believe e-voting machines are secure. Diebold, in typical fashion, has responded not by admitting to any problems, but by attacking Felten's report -- claiming that his test (done on a machine acquired just a few months ago) was based on older software. Still, given the sheer number of reports of security problems with Diebold machines over the years, it's quite difficult to believe that between a couple months ago and now, they've solved all the security issues. In fact, given Rubin's report from yesterday -- it sounds like their "security measures" are so weak as to be a joke. What's most amazing of all is that Diebold continues to act defiantly about this, despite overwhelming proof that their machines have tremendous fundamental problems. Given the importance of secure and accurate elections, Diebold's continued denial of problems and attitude that there's no problem at all should concern just about everyone. Yet, it seems like they're being used almost everywhere.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Nilt, 14 Sep 2006 @ 6:37am

    Expected this response

    Having read the actual report in full, I expected Diebold to come up with exactly this remark. On page 2 of the report it states:
    The machine we obtained came loaded with version 4.3.15 of the Diebold BallotStation software that runs the machine during an election.1 This version was deployed in 2002 and certified by the National Association of State Election Directors (NASED) [11]. While some of the problems we identify in this report may have been remedied in subsequent software releases (current versions are in the 4.6 series), others are architectural in nature and cannot easily be repaired by software changes. In any case, subsequent versions of the software should be assumed insecure until fully independent examination proves otherwise.

    The real issue at hand, which Diebold refuses to accept responsibility for, is that their previous claim of the software being secure has now been shown to be absolutely false. Why should we now, absent any proof whatsoever, accept that the new version is any different? Hopefully this study will get some attention and we'll see some change.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown for basic formatting. (HTML is not supported.)
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.