Latest in Andrew appel

Image credit:

Princeton prof picks up e-voting machines on the cheap

Evan Blass
02.16.07
Share
Tweet
Share
Save

Sponsored Links


It's no secret that e-voting machines here in the US and around the world have more security holes than a slice of Lorraine Swiss, but it took a Princeton professor and $82 to discover just how bad the situation really is. Now, one would think that election officials would destroy their old terminals instead of selling them to the general public for practically nothing (the ~$5,000 devices are going for less than $20 apiece), yet that's exactly what Buncombe County, North Carolina did with 144 of its retired Sequoia AVC Advantages. First manufactured in the late 80's, the Advantages use old-school push buttons and lamps instead of the touchscreens found on more modern models -- and yet according to Princeton's Andrew Appel, they're actually more secure than those Diebold machines that fellow faculty member Ed Felten totally pwned several months back. Still, Appel and his students found numerous problems with these Sequoias that are still being used in parts of Colorado, New Jersey, Pennsylvania, and all across Louisiana: not only were they able to pick the machines' locks in under seven seconds, they discovered that the non-soldered ROM chips were easily replaceable, allowing a hacker-in-the-know to potentially swap them out with outcome-altering data. A Sequoia spokesperson claims that any tampering with the machines would set off an alarm at their headquarters, but Appel argues that this security precaution could easily be overridden with the right code. So this is just great: now we know that a determined individual could easily pick up still-in-use machines (for a song), reverse engineer them to figure out the security roadblocks, and then sneak into a church basement or gymnasium where many of these terminals gather dust for 364 days a year. This is a big problem, folks, and let's hope it doesn't take an election Enron for some serious changes and regulations to be enacted by the feds.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share
Save

Popular on Engadget

'Gears 5' will add new modes and maps in its first six months

'Gears 5' will add new modes and maps in its first six months

View
Hulu's 'Castle Rock' season 2 teaser shows the origins of 'Misery'

Hulu's 'Castle Rock' season 2 teaser shows the origins of 'Misery'

View
YouTube is shutting down its TV-friendly web interface

YouTube is shutting down its TV-friendly web interface

View
SIM-based attack has been used to spy on people for two years

SIM-based attack has been used to spy on people for two years

View
Discord is pulling its subscription service's free games library

Discord is pulling its subscription service's free games library

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr