Posted on 09/14/2006 1:47:32 PM PDT by WmShirerAdmirer
TRENTON, N.J. - A Princeton University computer science professor added new fuel Wednesday to claims that electronic voting machines used across much of the country are vulnerable to hacking that could alter vote totals or disable machines.
In a paper posted on the university's Web site, Edward Felten and two graduate students described how they had tested a Diebold AccuVote-TS machine they obtained, found ways to quickly upload malicious programs and even developed a computer virus able to spread such programs between machines.
The marketing director for the machine's maker — Diebold Inc.'s Diebold Election Systems of Allen, Texas — blasted the report, saying Felten ignored newer software and security measures that prevent such hacking.
"I'm concerned by the fact we weren't contacted to educate these people on where our current technology stands," Mark Radke said.
Radke also question why Felten hadn't submitted his paper for peer review, as is commonly done before publishing scientific research.
Felten said he and his colleagues felt it necessary to publish the paper as quickly as possible because of the possible implications for the November midterm elections.
About 80 percent of American voters are expected to use some form of electronic voting in the upcoming election, in which the makeup of the U.S. House will be decided, as well as 33 Senate seats and 36 governorships.
The AccuVote-TS is commonly used across the country, along with a newer model, the AccuVote-TSx. While Felten wasn't able to test the new machine, he said he thought much of what he found would still apply.
The machine Felten tested, obtained in May from an undisclosed source, was the same type used across Maryland in its primary election Tuesday, according to Ross Goldstein, a deputy administrator with the state's Board of Elections. Goldstein said he couldn't comment on the report until he read it.
Diebold and other machine manufacturers, including California-based Sequoia Voting Systems Inc. and Nebraska-based Election Systems & Software Inc., have been the subject of lawsuits, claiming the machines are vulnerable to hacking and breakdowns that can assign votes to the wrong candidate.
Election officials in some states have also complained.
Previous studies have claimed hacking vulnerabilities with the machines. But Felten claims his study is the first time that an independent research group has obtained an actual machine and tested it extensively.
Felten and graduate students Ariel Feldman and Alex Halderman found that malicious programs could be placed on the Diebold by accessing the memory card slot and power button, both behind a locked door on the side of the machine. One member of the group was able to pick the lock in 10 seconds, and software could be installed in less than a minute, according to the report.
The researchers say they designed software capable of modifying all records, audit logs and counters kept by the voting machine, ensuring that a careful forensic examination would find nothing wrong.
The programs were able to modify vote totals or cause machines to break down, something that could alter the course of an election if machines were located in crucial polling stations.
It was also possible to design a computer virus to spread malicious programs to multiple machines by piggybacking on a new software download or an election information file being transferred from machine to machine, Felten said.
"I think there are many people out there who have the type of technical ability to carry out the sort of attacks we describe here," he said.
Felten said hacking dangers could be mitigated with better software, more restrictions on access to machines and memory cards, and paper receipts verified by the voter.
Radke said Diebold already has implemented many of those things.
This is both factually accurate and intentionally misleading.
Claims? It's pretty much proven.
Felten does have a problem in that he's been threatened with lawsuits from companies over the presentation of previous research that he's done.
Potential Democrat source FOR such machines to tamper with?
Does this mean we can go back to punch cards?
And can elections boards across the nation sue the DNC for a refund?
Seriously, electronic voting, paper receipt, put into a locked box after being verified by the voter. Not a very hard concept - a basic voting system.
Felten and graduate students Ariel Feldman and Alex Halderman found that malicious programs could be placed on the Diebold by accessing the memory card slot and power button, both behind a locked door on the side of the machine. One member of the group was able to pick the lock in 10 seconds, and software could be installed in less than a minute, according to the report.
BUT could it be done while unobserved and could it be done without trigger any internal reset codes?
I know that some PCs have a "tamper" setting to note when the last time the lid was removed.
If somebody could simply upload a program with a memory card that will reprogram the machine, we are in a lot of trouble.
It really doesn't take a rocket scientist. I've been saying the computer count can be programmed for 25+ years. Now they've got us voting by mail in Washington State, and many ballots will not be counted at all because so many people don't read the new special instructions before marking them!
Link to paper's site:
http://itpolicy.princeton.edu/voting/
If they are not networked and physical access is limited, I don't understand what the hype is all about. I worry much more about physical ballot box stuffing and in-eligible voters.
I sense this is a bogus issue meant to muddy the waters now that the Dems won't have their chads.
Yes and yes, especially by a local Dim staffer.
I know that some PCs have a "tamper" setting to note when the last time the lid was removed.
That's just a switch that trips something that can be reset by the administrator. That shouldn't be a problem given that they've figured out how to completely control the machines.
What I like best is that they put a lock on it that can be picked in 10 seconds. That's just sad. It sounds like they're using something like the cheap display counter locks you see at stores. Even a moderately good security lock should take a lot longer than that to pick. I just flat-out do not trust a company that would even think of putting such a cheap lock on a voting machine.
Thanks for the link.
Electronic voting machines should just be electronic card punchers.
Input your vote, the machine punches your card, you verify it, and feed it into a machine built by a second manufacturer, which electronically counts and securely stores the card in tamperproof cases.
Watch the video on the website: http://itpolicy.princeton.edu/voting/
It seems pretty simple to do. It can be done in under a minute.
Put the operating system into rom that requires 256 based encryption to reprogram. Eack box gets it's own individual code and the rom chips are embedded such that thay are inacessable without dismantaling the machine.
Physical access is not that limited, and standard procedure consists of a lot of sneakernetting. If a Dim gets to just one machine, and SOP is to accumulate results on one machine before sending them up, one or many machines can be infected and all votes changed.
bookmark
Get me physical access to two or more machines, and two or more of the removable media devices(the "ballots"), and I guarantee that the results can be pre-programmed across the entire network. And changed at will.
Now how are we going to validate the disenfranchised voter that signed their name "X"? They have no book learnin', and need an assistant to do the readin' and cipherin'. I see it at the polls every single time. "Honey, I am not asking you to tell me who to vote for. Just tell me which one had that nice commercial with the puppies."
That is why in Iraq, and other places where fraud prevention is an ACTUAL PRIORITY paper ballots with the voter's finger prints are used.
And if you stick a wire coathanger in the computer running the system you might well be electrocuted.
10 seconds is a lot of time.
We already know how to defeat them, and it's very easy.
Crooked people could alter the totals without a trace...or a trace so vague as to not be readily identifiable and CERTAINLY incapable of reconstructing the original totals.
Paper ballots, read and totaled by machine are the only way to go...hanging chad and all. It allows the contest to be reconstructed manually and allows for statistical sampling of paper ballots as a cross-check of machine totals that could be WAY out of whack.
This puts me in mind of the gasoline price chicanery that happened around here a few years ago. Most of the pumps now are electronically controlled from a terminal in the store and a program circulated that allowed the prices to be altered progressively. The first 5 gallons was priced properly due to all the folks with 5 gallon outboard motor gas tanks who would be instantly aware when they put 6.5 gallons in their cans. Above 5 gallons the program can be set to deliver progressively smaller gallons. The beauty of it was that when the state guy drove up the clerk merely had to punch F12 or DEL and the pumps were instantly reset to be legal. I got so I bought no more than 5 gallons at a time or went to one of the few stations that still had mechanical readouts. That stuff went on for most of a year until the large number of people involved became its undoing as too many clerks and managers had too many beers and bragged. The perps were all stuck with $3000 fines which seems like it would be worth it. I am sure that the stations that participated made more than 3 grand on it.
Clue: Aliens are much much more crafty than dead people voting.. Like dead people... aliens will never vote republican... Wonder if some college professor has studied this strange FACT.. A needed study.. Seems the RNC could care less about all this.. Another strange FACT..
The Democrats are replacing the Communists, who also spread deliberate lies trying to undermine free countries.
"Radke also question why Felten hadn't submitted his paper for peer review, as is commonly done before publishing scientific research. "
Hmmm. Must be one of those pesky creationists as well...
sorry, coconutt2000, your idea makes too much sense
it will NEVER pass bureaucratic scrutiny
by the way, your tag-line is great:
(NO MORE PEACE FOR OIL!!! DOWN WITH TYRANTS, TERRORISTS, AND TIMIDCRATS!!!! (3-T's For World Peace))
Good system design. The other problem with these machines is that they need to be very cheap, because nobody wants to stand in line behind a single voting machine, and you can't afford a lot of security bells and whistles when each polling station needs 20-30 of them and has a limited budget. By contast, polling places with paper ballots have many stations (basically a chair and a privacy screen) where ballots are filled out, but one ballot box where they are stored. In your analogy, you'd have lots of cheap "electronic" card punchers and then one or two more expensive (and hence better built) electronic ballot boxes to count/store them.
I have a better idea. Put the operating system on a ROM chip which is visible through a window, bears serialized holographic seals from both parties, and is physically incapable of being altered except by replacement. Record votes on a write-once medium which is likewise visible, marked with serialized seals from both parties, and cannot be reused.
Any system which uses software on rewritable media, or which stores votes on rewritable media, is bad, period.
Liberals. Can't win elections so they try to ban elections. Typical.
Is anybody scared that all over the country, we have electronic voting machines.
And all over the country, those machines are being given to left-wing professors and organizations?
And all over the country, those organizations and college leftists are learning how to hack the systems and change the vote totals, all in the name of "securing our votes?"
Does anybody else smell a rat here? Does it seem the leftists are preparing an all-out assault on voting machines to fraudulently steal elections?
bookmark
Someone please explain the problem to me.
A CS PhD can be hired for a tiny fraction of what is currently spent to win an election
IF it is "possible" to hack a voting machine......
it will be hacked, every single time that it matters.
Personally I think this whole story is BS.
I worked as an election judge this year and there isnt a keyboard or anything like one on these computers. They are programmed before they come to the voting station. They are not hooked together by any wires other than the plug which supplies electricity to the machine.How can you spread a virus when the machines are all separated and not connected? No one could change these machines at the voting precinct without being noticed, the guts of the machine are locked with a key given to the chief Judge.
At the end of the day a paper is scrolled with the figures on it and they are sent to the electoral office.
I am no computer expert , but I feel the only way one of these machines could be tampered with is at the electoral office before their introduction to the precinct.
Stop seeing conspiracies behind every corner. Give the Prof some credit for exposing flaws in our voting machines. Public awareness is one way to encourage change.
The video at the website is pretty convincing.
This should be a trivial problem for the Republicans to wrap up ~ just hire these guys to stand in a corner.
A university that employs a death's head SS Totenkopfverbände cheerleader on its faculty has its own serious issues to consider.
"Felten said he and his colleagues felt it necessary to publish the paper as quickly as possible because of the possible implications for the November midterm elections."
Beeeeeeep!!!! Busted.
Without Peer review, my 10 year olds theseis on thermal dynamics in a swimming pool is just as credible as this report.
"Watch the video on the website: http://itpolicy.princeton.edu/voting/ "
I was looking at a web site yesterday where karl Rove was seen on a secret camera going into the World Trade Center. The date on the botton of the video said 9/10/2001.
He got out of a Black Helicopter that had a Texas flag on the door.
So it must be true.
It was meant to be. They produced it. Sorry I cant get Video's with this sorry dial up. I live in one of the area's of the United states where Verizon advertises it and cant produce it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.