Security Experts Able To Hack Into Nearly Every E-Voting Machine

from the seems-a-bit-troublesome dept

Back in March, California decided that after years of negative publicity about the security of e-voting machines (and certainly enough evidence to suggest they weren't very secure) that it would allow independent security experts to try to hack into any machine before it got approval to be used in California elections. Those researchers have gone ahead and found that every machine they tested was hackable -- often very easily. The researchers were able to hack into Diebold, Sequoia and Hart InterCivic machines. They didn't get a chance to test ES&S machines because, as you may recall, ES&S stalled before handing over their source code (and included a nasty threatening letter with it). To be fair, these machines were tested in non-normal conditions, where the researchers had access to all sorts of documentation, the full source code and no election going on where people might spot them tampering with a machine. That is, this doesn't mean that it's necessarily easy to hack an election. It just means that all of the machines have some insecurities -- most of which we didn't know about before. The key here is that we can now understand these insecurities and whether or not they're adequately protected by other measures. What still doesn't make sense is why the e-voting firms are so against this process. All it's really doing is helping those companies improve their products to make them more secure. Of course, one key reason is that the researchers found that many of the security problems are because the machines weren't built with security in mind -- but only had it added as an afterthought. In other words, these companies probably should be redesigning their machines from scratch, which they don't want to do. Of course, does it worry anyone else that the machines weren't designed with security in mind in the first place?

Filed Under: california, e-voting, security
Companies: diebold, es&s, hart intercivic, sequoia

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Pinkynarf, 31 Jul 2007 @ 4:50am

    What if we looked at cars this way?

    Come on. Of course you can hack a machine if you have access to it in a dark closet where nobody is looking. We aren't talking the real-world here. This is all just a bunch of propoganda.

    What if the police department hired an outside firm to examine the next fleet of police cars they were going to purchase? The independant organization would find that none of the police cars are safe: They can go too fast, use explosive gasoline, don't provide adequate security measures to prevent a theft, are too heavy, may lose control when taking a corner too fast...

    Now really, if you look at anything at all you can pick it apart and find something wrong with it. Is E-voting secure? I doubt it. Is hand-counting fool-proof? I doubt it. Is the world going to end? Yes, absolutely.

    We wouldn't need some many stupid laws and security if people followed the 2 commandments from God: Love God, and Love your neighbor. That pretty much covers it all.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.