Security Experts Able To Hack Into Nearly Every E-Voting Machine

from the seems-a-bit-troublesome dept

Back in March, California decided that after years of negative publicity about the security of e-voting machines (and certainly enough evidence to suggest they weren't very secure) that it would allow independent security experts to try to hack into any machine before it got approval to be used in California elections. Those researchers have gone ahead and found that every machine they tested was hackable -- often very easily. The researchers were able to hack into Diebold, Sequoia and Hart InterCivic machines. They didn't get a chance to test ES&S machines because, as you may recall, ES&S stalled before handing over their source code (and included a nasty threatening letter with it). To be fair, these machines were tested in non-normal conditions, where the researchers had access to all sorts of documentation, the full source code and no election going on where people might spot them tampering with a machine. That is, this doesn't mean that it's necessarily easy to hack an election. It just means that all of the machines have some insecurities -- most of which we didn't know about before. The key here is that we can now understand these insecurities and whether or not they're adequately protected by other measures. What still doesn't make sense is why the e-voting firms are so against this process. All it's really doing is helping those companies improve their products to make them more secure. Of course, one key reason is that the researchers found that many of the security problems are because the machines weren't built with security in mind -- but only had it added as an afterthought. In other words, these companies probably should be redesigning their machines from scratch, which they don't want to do. Of course, does it worry anyone else that the machines weren't designed with security in mind in the first place?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: california, e-voting, security
Companies: diebold, es&s, hart intercivic, sequoia


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Enrico Suarve, 31 Jul 2007 @ 12:27am

    That would have stopped all the fun

    If they'd have allowed testing before people would have known what was going on and that would have been bad for Bush

    "It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything." - Joe Stalin

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.