[E-voting] Diebold voting machines vulnerability

Adrian Colley aecolley at spamcop.net
Wed Sep 1 13:02:59 IST 2004 

On Wed, Sep 01, 2004 at 09:16:15AM +0100, Casey, Dermot (GE Consumer Finance) wrote:
> Diebold voting machines vulnerability
> *Cory Doctorow*: Diebold's voting machines have a stunning security defect:
[...]
>     By entering a 2-digit code in a hidden location, a second set of
>     votes is created. This set of votes can be changed, so that it no
>     longer matches the correct votes. The voting system will then read
>     the totals from the bogus vote set. It takes only seconds to change
>     the votes, and to date not a single location in the U.S. has
>     implemented security measures to fully mitigate the risks.

Incredible.  From http://www.blackboxvoting.org/?q=node/view/77 :

> Jeffrey Dean, according to his own admissions, is subject to blackmail
> as well as financial pressure over his restitution obligation. Police
> records from his embezzlement arrest, which involved "sophisticated"
> manipulation of computer accounting records, report that Dean claimed
> he was embezzling in order to pay blackmail over a fight he was
> involved in, in which a person died.
>
> So now we have someone who's admitted that he's been blackmailed over
> killing someone, who pleaded guilty to 23 counts of embezzlement, who
> is given the position of senior programmer over the GEMS central
> tabulator system that counts approximately 50 percent of the votes in
> the election, in 30 states, both paper ballot and touch screen.
>
> And just after he is hired, multiple sets of books appear in GEMS,
> which can be decoupled, so that they don't need to match, by typing in
> a secret 2-digit code in a specific location.

I'm a bit dubious about this, because it sounds too blatant.  But it
warrants investigation, even if it turns out to be disinformation
designed to make Ms Harris look like a conspiracy theorist.  I wonder
what this "2-digit code" is supposed to be?  The story is singularly
vague on that point.

This snippet is especially interesting for us:

> Microsoft Access encourages those who create audit logs to use
> auto-numbering, so that every logged entry has an uneditable log
> number.  Then, if one deletes audit entries, a gap in the numbering
> sequence will appear.  However, we found that this feature was
> disabled, allowing us to write in our own log numbers.  We were able
> to add and delete from the audit without leaving a trace.

because Nathean complained about a lack of autonumbered keys in the
Powervote IES.  Of course, an attacker could simply delete and restore
(most of) the contents of the audit log without leaving gaps.

 --Adrian.

-- 
GPG 0x43D3AD19 17D2 CA6E A18E 1177 A361  C14C 29DB BA4B 43D3 AD19
http://user-aecolley.jini.org/

More information about the E-voting mailing list