[E-voting] BlackBoxVoting Finds Voting Scan Machines Hackable

Adrian Colley aecolley at spamcop.net
Fri Jun 10 16:35:14 IST 2005

On Mon, Jun 06, 2005 at 05:32:04PM +0100, Catherine Ansbro wrote:
> The canvassing procedure with optical scan machines has three elements, 
> Harris explains. First, there are the Scantron-like ballots which are 
> locked in a box. Second, there are the polling tapes, or receipts, that 
> come out of each voting machine, which give results for each machine. 
> And third, there is the Central Tabulator, or one machine that polls all 
> results and prints.
> "And they check the [latter] two and call it good," Harris said.

I find it almost unbelievable that election officials would go to the
trouble of collecting and securing scanned ballots and then refuse to
examine them when challenged.  It goes to show that the whole system
(including the detailed regulations for procedures surrounding the use
of the equipment) must be examined closely, not just the technical part
of the system.

> "We proved it by going down there," she said. On May 26, 2005, "We made 
> bogus memory cards. We put them on the machines. And the cards told the 
> voting machines how to come out. It proved the memory card was 
> controlling the machine and not the other way around," Harris said.

This is really incredible.  The US is supposed to have a process to
certify software in e-voting systems, and here's a system which actually
makes use of a non-certified runtime element -- effectively a patch --
which could do anything with the votes.  I'm suddenly very interested in
the format of the Nedap vote module.


GPG 0x43D3AD19 17D2 CA6E A18E 1177 A361  C14C 29DB BA4B 43D3 AD19

More information about the E-voting mailing list