[E-voting] huge security vulnerabilities exposed

Catherine Ansbro cansbro at eircom.net
Tue May 16 23:26:06 IST 2006

This has been breaking over the last week in the USA.  It is huge.  It 
relates to the most serious security vulnerabilities uncovered so far, 
as the result of Harri Hursti and Security Innovation's examination of 
the Diebold TSx voting machine in Emery County Utah as carried out by by 

The vulnerabilities are so devastating that they cannot be remedied.  
There are several levels of vulnerabilities--

1) bootloader (this vulnerability is the most serious of all)
2) the Operating System (Windows CE)
3) software relating to the voting/counting application (we knew about 
some of these already)

There are catastrophic hardware vulnerabilities as well.

The only mechanisms that could be used to "clean" a compromised machine 
could also be used to reinfect it  And there's virtually no way to check 
for contamination in the first place.

Avi Rubin, Doug Jones and others are practically shitting bricks over 
this.  (One compared it to a "nuclear bomb"; another said what they knew 
from previous reports was a 6 out of 10 but this one is a 10 out of 10.)

There are a number of outstanding threads at BlackBoxVoting.org about 
all this, including a link to Hursti's first report which covers the 
three serious vulnerabilities mentioned above.  A second report will be 
issued tomorrow dealing with 12 more vulnerabilities which, though also 
serious, are not in the same league of seriousness or irremediability as 
the first three.

There is obviously LOTS more to be said about this.

*Among other things - regarding the Irish system *(which has hopefully 
bit the dust but since there's no CEV report out yet we cannot be sure).

For example,
Did the technical team hired by the CEV have actual physical access to 
actual voting machines, preferably chosen by them at random?
Was the OS available for full code inspection?
Would their inspection have been forensic in nature, and would it have 
uncovered potential backdoors in the bootloader or elsewhere?


More information about the E-voting mailing list