More security woes for Diebold
by Evan Blass 
posted Aug 1st 2006 at 3:41PM
[Via The Register]
Filed under: Misc. Gadgets
[Via The Register]
[Via The Register]
Previous
Palm Pixi review
ASUS UL80Vt review
HP Envy 15 unboxing and hands-on
Motorola DROID review
Crazy-hinged Dell Adamo XPS hands-on!
BlackBerry Bold 9700 hands-on and impressions
HTC's HD2 hands-on
Sony Ericsson XPERIA X10 hands-on
Engadget Podcast 171 - 11.13.2009
Breaking news Feed
- Palm Pre WebOS 1.3.1 update available now
- T-Mobile launching BlackBerry Bold 9700 on November 16 for $199.99
- Dell Mini 3i officially set for imminent launch in Brazil and China
- Samsung Behold II hits T-Mobile on November 18th, unboxed today (now with video!)
- Boxee inks deal with first hardware partner: a 'Boxee Box' is coming
- Palm's Pixi TV spot heads in a new direction, bids adieu to creepy redhead
- Zune HD Marketplace now loaded with free 3D games
- Saygus VPhone to bring video calls and a bit of chub to Android and Verizon
- Kindle for PC app out now, Mac version to soon follow
- Nokia N900 is now shipping!
Featured stories Feed
- The next Engadget Show tapes November 22nd with HTC's Drew Bamford and Chris Grant of Joystiq
- Entelligence: Got game?
- How would you change Garmin-Asus' nuvifone G60?
- HP dm3t review
- The Engadget Show: Philippe Starck Q&A bonus round
- The Engadget Show: Inside the mind of designer Philippe Starck
- Editorial: Hey, AT&T -- drop lawsuits, not calls
- Chumby One review
- Ask Engadget: Best multitouch monitor?
- Samsung Behold II hits T-Mobile on November 18th, unboxed today (now with video!)
- Sprint prepping update for Hero, still 1.5-based
- Creative to show off 'Zii Android mobile phone' next month at Chinese summit
- Xperia X10 launching February 2010 in UK, says Sony Ericsson site
- Don't shop drunk: Verizon's $350 ETF is now live
- Droid experiencing external speaker problems, could be a software issue?
- Best of the Week: Web Stupidity With a Twist, News Corp. Says Google Isn't Fair
- Undercover Wife Busts Husband By Posing as a Chatroom Teen
- After the Hype: Technologies That Never Lived Up to Their Promise
- Nerdy Guy Electrifies Aboriginal Didgeridoo
- Harry Potter's Invisibility Cloak Might Actually Happen, Thanks to Physics
Resources
Sections
WIN Network
- Autos
- Technology
- Lifestyle
- Gaming
- Finance
- Entertainment on AOL
- Lifestyle on AOL
- Sports on AOL
- Travel on AOL
- Also on AOL
Reader Comments (Page 1 of 1)
Eric Cartman @ Aug 1st 2006 4:08PM
Maybe now Gore could win.
SB @ Aug 1st 2006 4:15PM
I hardly see this as the worst flaw.. at least in practical terms. Seems like you would need to alter several machines in order to actually change an outcome. I suppose for local races it could work. But would someone really risk that much in order to get their person elected to the school board.. I suppose.
If everyone wouldnt have complained about the chads then we wouldnt have this problem.
kbiel @ Aug 1st 2006 4:34PM
As an election judge for the last three elections, I find this article to be total BS. Of course there are "security flaws" in the Diebold machine. It's not designed to be a fortress. It's designed to be reasonably secure under the watchful eyes of the election judges. You can bet that I would notice if someone was prying the case open on one of my machines to get to the "switch on the internal motherboard". That machine would be invalidated and its votes would be considered spoiled. The argument against the flash card is a red herring. The PC card slot which accepts the flash memory is behind a locked door and a flash card that keeps a copy of the internal vote count is usually there during normal voting operation.
Of course, all of this could be tampered with before voting starts, but again the election judge is responsible for making sure that machine vote count is 0 and that nothing has been tampered with.
The Diebold machine is nothing but an intelligent bucket. What makes it secure or insecure is the honesty or dishonesty of the election officials. This has always been the case regardless of the technology used, whether it is voting levers, punch cards or Diebold voting machines.
Octavus @ Aug 1st 2006 4:37PM
This can effect very close races, if just several machines in Florida were changed then either side would have easily won. In very close presidental races this can be very big.
Forrest @ Aug 1st 2006 4:38PM
Why can't they just alter the basic design of current ATMs for voting machines? They leave a paper trail, have integrated surveillance, can quickly transmit sensitive data, and are apparently cheap enough to put in just about every gas station in America.
Eric Cartman @ Aug 1st 2006 4:53PM
All hail manbearpig...............
Eric @ Aug 1st 2006 5:25PM
Let's see... Paper trail plus surveillance. There goes our secret ballot!!
David Lazarus @ Aug 1st 2006 5:26PM
RE honesty of election judges. Considering the election fraud re who can and can't vote in Florida, and hanging chads, rigging election disctricts and now diebold machines, the Republicans must be getting very scared come the November elections.
In Europe we have paper and as old fashioned as it is we can check again and again no complaints about who won. Recently one election here recently was a dead heat they drew lots for the seat. You could never get that in the US.
lorien @ Aug 1st 2006 5:43PM
Hey kbiel,
What I want to know, and what you may be able to answer, is what is wrong with the optical reader system? I've used it in every election I've participated in and it works great. There is an instant paper record of my votes which is the original I make and there is an electronic tabulation. Why do we need to add an expensive touchscreen and hackable hardware/software? Why not just stick with the tried and true fill-in-the-dots?
Qyiet @ Aug 1st 2006 5:43PM
I'm intrigued kbiel. How as an election judge (not a term we use over here) would you be able to tell if someone had altered this machine to count every 2nd Vote for Person1 as Person2 before you received the machine?
It would seem from the description that all you need is a little alone time *anywhere* on the machine's journey from the point of manufacture to the polling station and you can replace it's entire set of software with your own.
XiozTzu @ Aug 1st 2006 5:47PM
@ kbiel
Hypothetically: When these boxes are delivered, you would open the case and confirm that all the toggles were properly toggled on the motherboard?
So what if someone checked to see the boxes read 0 when they got there. The tampered software could easily make a double vote for every randomth vote given to some politician.
You one or two of these spread out in a voting district and you could almost untraceably add votes to a particular candidate and no one would be monkeying with the internals of the machines. And anyhow, what could the old geezer that monitors the equipment know about the internals of one of these boxes? They probably couldn't read the fine text on the motherboard. Much less discern a vacuum tube from a processor. :P
eVoter @ Aug 1st 2006 6:05PM
I wonder what hacker is going to be able to remove the TSx from the stand, open it, insert a card, boot the machine, run code, remove the card, reinsert the machine into the stand, and reboot again in the middle of a polling place without being noticed? Maybe if David Copperfield takes up election fraud it could happen…
AJ @ Aug 1st 2006 6:26PM
Qyiet,
How hard would it be for an election judge to examine and then test a machine before the polls opened to ensure it hasn't been tampered with? If you ask me it is likely that they are tested and that it is easy to do so. Kbiel's point is that it's not the security of the machine we should worry about but the integrity of the election judge. As for voting with a paper trail while under surveillance, please let's never think that is a good idea.
Trae @ Aug 1st 2006 6:54PM
A voting paper trail doesn't mean that votes are not anonymous.
Qyiet @ Aug 1st 2006 7:23PM
Actually AJ.. that was exactly my point, and I believe also XiozTzu's.
I believe it would be *very* hard for an election judge to verify just prior to an election that any given machine had not been tampered with, and certainly *much* harder to verify than manual, or mechanical system. Hence I was interested in exactly *how* an election judge would do that.
JD @ Aug 1st 2006 7:49PM
kbeil, Considering the people at my local polling place have difficulty just determining the ballot to give me, I'm not sure I believe that every e-machine would be checked for tampering before and after the election.
According to this site (which I have no idea is legit or not), ...A "zero report" was run indicating zero votes on the memory card. In fact, however, Hursti had pre-loaded the memory card with plus and minus votes... http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/15595.html
The one I was looking for though, was the fact that various Voting Machine Company Employees (not limited to Diebold) were responsible for fixing "damaged" machines, not election authorities. How would you know the machine was working correctly after Diebold or another "tech" fixed it?
XiozTzu @ Aug 1st 2006 10:09PM
@ Eric Cartman
That's funny, I'm cereal.
ECM @ Aug 2nd 2006 12:07AM
"RE honesty of election judges. Considering the election fraud re who can and can't vote in Florida, and hanging chads, rigging election disctricts and now diebold machines, the Republicans must be getting very scared come the November elections."
Oh for the love of God, let this canard die already. This horse has been beaten to death time and time again and two separate, independent, boards of jouranlists ascertained that Gore would have lost under every scenario he wanted to use to recount the votes. Get over it.
bc @ Aug 2nd 2006 12:12AM
#1 lol!
Karl Viklund @ Aug 2nd 2006 12:20AM
I don't understand.
Why don't they just count the votes by hand as they always have done? More secure, more reliable. More verything.
RacetrackOwner @ Aug 2nd 2006 5:58AM
"Why don't they just count the votes by hand as they always have done? More secure, more reliable. More verything."
Because then the libs would have to accept that their candidates actually lost.
MLittle @ Aug 2nd 2006 7:29AM
I for one welcome our un-democratically elected overlords. At least then, those unholy minorities will get what they deserve.
Eion @ Aug 2nd 2006 7:38AM
"Because then the libs would have to accept that their candidates actually lost."
Actually no, I think all of us libertarians pretty much accept it as a foregone conclusion that our candidate is going to lose.
Mike @ Aug 2nd 2006 11:45AM
WHy is touchscreen/computer voting being made so difficult? Everything is done by hand now and they are trying to instantly move to the opposite side where everythig is networked.
WHy not just have some standalone PCs in the voting booths (PC locked up behind it, just the screen in the booth). Then the person goes in, votes for who they want and after the confirm their choices, it locks the screen until a voter worker person punches a code or something to unlock it for the next person.
All the data could just be stored on the main server at that particular voting location. Then each voting location could take their results and send them via whatever method (secure FTP, burn a disk and drive it over, etc) to the main office for everything to be tallied up. But they'd have their own total that the admin person at the site could see real time.
There's no way to hack something like this and it saves all the hassle of errors in paper ballots and everything. The sites don't need to be networked (since they aren't now anyway), it's just so the actual person in the booth can't screw up by mistake.
Shouldn't be all that difficult.
mott @ Aug 2nd 2006 12:10PM
To #1, no Al Gore could not win now. It is well known that Diabold Corp is run by a group of ultra conservative Republicans. Perhaps it is how Al Gore lost. It would appear that ultra conservative Republicans support true democracies every where in the world except in the USA.
Its going to be ironic when we will need UN observers to monitor our own elections.
tim @ Aug 2nd 2006 5:06PM
Three words: Vote by Mail.
Why do I want to go to a polling place with at best questionable polling practives to vote.
Oregon has vote by mail and it is the best voting system every. Touch screen voting is stupid. Waste of money, voters time, and as notes above, it does nothing to ensure the integrity of democracy.
And while Al Gore may have lost Flordia, HE WON THE POPULAR VOTE. More people voted for Gore than any other candidate. If thats democracy, then I've got a toll road you can buy for super cheap. Our so called leaders don't care about democracy anyway, they care about power, as in their power to do as they please.
kbiel @ Aug 2nd 2006 6:34PM
To answer all the questions at once:
I don't know how every county/parish in every state conducts their polling, I can only vouch for how it is conducted, legally, in Texas.
Their is a separate record of the voters who came to vote that is in complete control of the election judge. The election judge is supposed to periodically check the total votes casted versus the total voters every couple of hours (and post the numbers). Therefore, if someone tampered with my machine to double count votes then I would see the discrepancy between the vote count and my records.
As for optical reader ballots, I can't say whether they are better or not than voting machines, that was not the point of my comment.
BTW, I see a lot of people here commenting that there is no paper record with the Diebold machines and that is just bunk. There is an internal paper tape and, to my knowledge, the machine can either be set to print at the time a vote is casted or set to print totals reports when requested. In Texas, we print a zero report before voting begins and a final report after voting has ended. Everthing that happens in between is saved to internal memory and a copy is kept on a flash memory card.
Can this machine be tampered in such a way that I would not detect it? Most certainly. But the same could be said of any voting method. Paper ballots could be premarked or switched later. Optical reader ballots are no different, I imagine.
What it comes down to is the honesty of your election officials. It would be almost impossible to rig an election without having someone inside the election process to help.
Timbobsteve @ Aug 2nd 2006 8:17PM
Alot of people have said it before me, but it all comes down to trust in your governing officials.... and I think we all know how much we can trust the American Dictators.. *cough*... did I say Dictators? I meant leaders... honestly I did.