Too Much Work To Test E-Voting Machines For Security?

from the you-stop-when-it's-secure dept

Fri, Oct 13th 2006 1:07pm — Mike Masnick

As the problems with Maryland's e-voting system keep getting attention, along with reports of just how hackable many of these machines are, it looks like one county in California just doesn't want to bother with doing a full security test before approving the machines. They did have a test that just looked at the security of the voting process (which found some problems), but did not bother to test to see if the machines were hackable -- which you would think would be a big deal. However, when challenged on this, the elections official stated: "I'm sure it's true more testing could be done. I'm not sure where it ends." This seems like an odd statement for someone in charge of running a fair election. First of all, the testing should never end. If there's any vulnerability at all, they should want to know about it so that it can be corrected (or the machines can be scrapped). But, something as basic as testing to see if the machines can be hacked doesn't seem like an extraordinary request -- especially given all of the other reports of how easy it is to hack some e-voting machines. The response seems to be that the machines won't be hackable because of security tape and tags -- but it's already been shown that (at least on other e-voting machines), they don't do very much.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

11 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ajax 4Hire, 13 Oct 2006 @ 2:00pm

Test, Test and more Test..
Never trust a system where the Designer says that there has been enough testing done.

As an Engineer, I can speak from the other side where marketing will joke its time to shoot the engineer and ship the product. You are never satisfied that the system has been fully tested, so the final, last test is to ship to the customer. The customer becomes the live tester.
[ link to this | view in chronology ]
Anonymous Coward, 13 Oct 2006 @ 2:24pm

Doesn't really matter...
Do they really need testing? The media decides the elections and besides, the system is already rigged for either a Dem or Rep. There is no discernable difference between these two parties anymore.

I'd like to see someone rig a voting machine for a Independent, then there would be a full investigation!
[ link to this | view in chronology ]
Kevin, 13 Oct 2006 @ 2:36pm

The response seems to be that the machines won't be hackable because of security tape and tags -- but it's already been shown that (at least on other e-voting machines), they don't do very much.

OK, so you put security tape and tags on the machines, the memory slots, etc, so that you can identify whether any of the machines have been tampered with. So what do you do when you detect tampering? You obviously can't trust the votes on that machine anymore, so do you throw them all out? If you do, not only have you discarded the fraudulent votes, but you have also likely discarded a significant number of legitimate votes. Every person who used that machine to vote would have been disenfranchised.

More to the point, that's an even easier way to throw an election than actually hacking the machine. A single person from Party A could conceivably work at a polling station (or vote at one) in a precinct that traditionally votes heavily for Party B, and by tampering with security tape create the appearance that votes have been manipulated. Using that method, they could conceivably get all of the votes of that precint thrown out, which could definitely throw an election one way or another, especially if such efforts are wide spread.

You can't just say "that's good enough." The people who want to rig elections certainly don't, and so like any other security effort it will require constant vigilance, testing, and improvement to prevent fraud.
[ link to this | view in chronology ]
STJ, 13 Oct 2006 @ 2:43pm

leave them as is
so when the election is over, the lozer can blaim the machines for their lose, and you get another month of counting, recounting, and revoting.
[ link to this | view in chronology ]
SimonTek (profile), 13 Oct 2006 @ 3:00pm

OS voting machines
I think later this year, I will build a prototype voting machine, with a built in printer. Then have an open source project to set it up. I am tired of seeing security been a non-issue with the manufactures, I have worked on Diebold machines, I know I can build a better machine.

SimonTek at gmail dot com if you want to contact me on the idea.
[ link to this | view in chronology ]
JPP, 13 Oct 2006 @ 3:07pm

Rolling Stone had an article about the company
that makes these machines. According to a former employee (who may or may not just be upset at his former employer), the CEO of the firm (I think that it was Diebold) spent the days before an election in Georgia conducting "emergency" patches to the software in precincts that tended to vote very democratic...oddly enough, at the end of the polling, those precincts happenned to be at 51%-55% republican....I'll bet you can guess what political party the Pres of the company supports...Reaed the full story, You will want to puke.
http://www.rollingstone.com/politics/story/11717105/robert_f_kennedy_jr__will_the_next_electi on_be_hacked/print
[ link to this | view in chronology ]
Harsesus, 13 Oct 2006 @ 3:13pm

Do something about it
With all the talk of how easy they are to hack, there needs to be a concerted effort to hack these machines, during a major election, by a group like black box voting, where everyones vote counts as "Nelson Mandella" or "Felix the Cat" or something absurd like that. A clear signal to everyone, these machines are a joke. Politicians don't do anything unless there pushed to do it by there constituents. They know where there bread is truly buttered. Something like that would shock the public into an outcry, and the politicians would be forced to act.
[ link to this | view in chronology ]
Annoying Bastard, 13 Oct 2006 @ 5:24pm

Don't worry
Maryland is a traditionally a democratic state.

At least it will be this year.
[ link to this | view in chronology ]
Hack The Planet..., 13 Oct 2006 @ 5:45pm

HTP
I am with ya! We need to send out the masses of hackers, and have the pwnzor these boxen on vot3ing day...

Okay, fucktard, yes, you, up there.... Get a clue, either put up or shut up. Build a better mouse trap and the world will beat a path to your door, right? In other words, quit whinning about it, and build one that is secure!!!
[ link to this | view in chronology ]
Frink, 13 Oct 2006 @ 9:46pm

I don't believe this country will ever see another election that does not end up being decided by a court of law. The voting process has been broken for a very long time and it's now officially dead.
[ link to this | view in chronology ]
Kelly, 14 Oct 2006 @ 8:30pm

For the person who posted that there is no discernable difference btwn the Democrats and Republicans: You have not been paying attention and need to be more discerning. Specifically germane to the point of vote scamming and deliberate obstruction of all Congressional attempts to ensure integrity in the vote count: Bills have been repeatedly introduced by Democrats in Congress to protect the vote, only to be repeatedly shot down by the Republicans. Look specifically at the obstruction by Congressman Ney, who has just been convicted of several counts of felony fraud and influence peddling arising from his intimate connection with Abramhoff. Ney personally led the effort to award $3.8 billions dollars for electronic voting, directly benefiting his Ohio patron Diebold. For a brief but well articulated video presentation on the issue, featuring bi-partisan condemnations of the new electronic systems, go to this link and watch the video. And then pass it on and get involved. http://video.google.com/videoplay?docid=-2189785998591450323
[ link to this | view in chronology ]