California Wants All E-Voting Machines To Get Independent Review By Security Experts

from the good-for-CA dept

One of our biggest complaints with e-voting systems is that all of the testing is done under severely limited conditions. Neither the voting machine companies nor election officials (with a few very rare exceptions -- who are quickly punished) are willing to let security researchers fully explore the machines for security flaws. No good explanation is ever given for this. Diebold once protested such tests by saying it would undermine "the public's confidence in the security and accuracy" in the machines. That's funny -- if Diebold is worried that such testing would make the public lose confidence in its machines, isn't that an admission that the machines aren't secure enough?

We may soon find out. California politicians are proposing a new e-voting law that would require all e-voting machines in the state to be available for hacking attempts by "red teams" of computer security experts. Of course, the e-voting firms are already complaining, saying there wouldn't be enough time for the firms to upgrade machines -- which, again, certainly sounds like an admission that the firms know that the current machines aren't secure or accurate. You would think that any company that was confident in the security and accuracy of its machines would be overjoyed at the opportunity to have third-party security experts show how secure their machines are.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Casper, 29 Mar 2007 @ 10:05am

    Whining...

    This is a good thing. Anything this important can not be left up to individual companies quality control. All they want it to do is work, but they don't spend nearly enough time trying to break it. On the contrary, that is exactly what a person with malicious intent will be doing.

    Look at it this way, it's free testing by professionals. Stop complaining and build a better product.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Mar 2007 @ 10:21am

    These guys are mentally on another planet. We're not going to accept any excuses--ANY--hear that? You're providing equipment for a sacred purpose. I expect no complaints about any measure of caution or any degree of concern. If I was on a board responsible for making these purchasing decisions, I would immediately disqualify any firm that I heard bitching and moaning.

    reply to this | link to this | view in chronology ]

  • identicon
    Ajax 4Hire, 29 Mar 2007 @ 11:28am

    Microsoft, Oracle, IBM all

    give free reign to the world to try to crack their software (as well as any flavor of Linux).

    If the eVoting machine makers are so fearful I can only guess it is because they have reason to fear; their machines are so security weak that they would not stand even minor testing.

    I will huff and puff and blow your eVoting machine down. It needs to withstand the brick test.

    I like the previous note about RIAA lawsuits:
    "Straw will burn."

    reply to this | link to this | view in chronology ]

  • identicon
    Geekfather, 29 Mar 2007 @ 12:14pm

    Careful Cali...

    Diebold may sue you over this!

    reply to this | link to this | view in chronology ]

  • identicon
    Mischa, 29 Mar 2007 @ 12:50pm

    According to the linked article, it is the county election officials who are complaining about lack of time for upgrades, not the e-voting companies themselves.

    reply to this | link to this | view in chronology ]

  • identicon
    Ajax 4Hire, 29 Mar 2007 @ 1:15pm

    I was careful to not mention the

    eVoting machine vendor name.

    For anything to last it must stand the test of time.
    MSDOS, feudalism, eatable underwear, communism, IBM PCs and the AMC Gremlin can attest to the harsh wind of time.

    The eVoting machine will be attacked. Someone will try. The only question is how well the eVoting machine will repel the attack.

    reply to this | link to this | view in chronology ]

  • identicon
    Coward, 29 Mar 2007 @ 2:06pm

    Bring on the Red Team!

    Major companys have independant red teams check for security flaws. I sure would feel a better if independant security expert had a chance to hack them.

    reply to this | link to this | view in chronology ]

  • identicon
    Adam, 29 Mar 2007 @ 2:07pm

    so..

    Feudalism, edible underwear, and most certainly communism, (and to a greater extent socialism) are all still VERY around. find better examples

    i agree with your point though.

    and most certainly agree with the notion that these companies very clearly are hiding something.

    that was patently obvious when that "evoting machine company employee" happened across this blog a while back.

    reply to this | link to this | view in chronology ]

  • identicon
    Adam, 29 Mar 2007 @ 2:09pm

    also..

    ... does the term "red team" remind anyone else of a certain scene from a certain themed movie with a certain popular "news" entertainer spouting off about teams of armed men hiding in the bushes on the back of a 20 dollar bill? man?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Mar 2007 @ 6:58pm

    Between plain stupidity and corrupt politicians, we're all f****d - unless we get real loud and tough.

    I'm mad as hell and I won't take it anymore.
    (what movie was that from?)

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.