Monday, September 18, 2006

How to steal an election with a Diebold AccuVote-TS machine

(Bumped)

Edward Still at the Votelaw blog points to a research paper at Princeton's School of Engineering and Applied Science by Ariel J. Feldman, J. Alex Halderman, and Edward W. Felten titled "Security Analysis of the Diebold AccuVote-TS Voting Machine."

From the abstract:
Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities — a voting-machine virus. We have constructed working demonstrations of these attacks in our lab. Mitigating these threats will require changes to the voting machine's hardware and software and the adoption of more rigorous election procedures.
Take a look at the Demonstration Video accompanying the paper here.

0 Comments:

Post a Comment

<< Home