Felten said he and his colleagues felt it necessary to publish the
paper as quickly as possible because of the possible implications for
the November midterm elections.
About 80 percent of American voters are expected to use some form of
electronic voting in the upcoming election, in which the makeup of the
U.S. House will be decided, as well as 33 Senate seats and 36
governorships.
The AccuVote-TS is commonly used across the country, along with a
newer model, the AccuVote-TSx.
While Felten wasn't able to test the new machine, he said he thought
much of what he found would still apply.
The machine Felten tested, obtained in May from an undisclosed source,
was the same type used across Maryland in its primary election
Tuesday, according to Ross Goldstein, a deputy administrator with the
state's Board of Elections.
Goldstein said he couldn't comment on the report until he read it.
Diebold and other machine manufacturers, including California-based
Sequoia Voting Systems Inc. and Nebraska-based Election Systems &
Software Inc., have been the subject of lawsuits, claiming the
machines are vulnerable to hacking and breakdowns that can assign
votes to the wrong candidate.
Election officials in some states have also complained.
Previous studies have claimed hacking vulnerabilities with the
machines.
But Felten claims his study is the first time that an independent
research group has obtained an actual machine and tested it
extensively.
Felten and graduate students Ariel Feldman and Alex Halderman found
that malicious programs could be placed on the Diebold by accessing
the memory card slot and power button, both behind a locked door on
the side of the machine.
One member of the group was able to pick the lock in 10 seconds, and
software could be installed in less than a minute, according to the
report.
The researchers say they designed software capable of modifying all
records, audit logs and counters kept by the voting machine, ensuring
that a careful forensic examination would find nothing wrong.
The programs were able to modify vote totals or cause machines to
break down, something that could alter the course of an election if
machines were located in crucial polling stations.
It was also possible to design a computer virus to spread malicious
programs to multiple machines by piggybacking on a new software
download or an election information file being transferred from
machine to machine, Felten said.
``I think there are many people out there who have the type of
technical ability to carry out the sort of attacks we describe here,''
he said.
From The Associated Press, 9/13/06:
http://www.siliconvalley.com/mld/siliconvalley/rss/15511598.htm?source=rss&channel=siliconvalley_rss
Princeton prof raises new alarm over electronic voting machines
TRENTON, N.J. (AP) -
A Princeton University computer science professor added new fuel
Wednesday to claims that electronic voting machines used across much
of the country are vulnerable to hacking that could alter vote totals
or disable machines.
In a paper posted on the university's Web site, Edward Felten and two
graduate students described how they had tested a Diebold AccuVote-TS
machine they obtained, found ways to quickly upload malicious programs
and even developed a computer virus able to spread such programs
between machines.
__________________________________________________________
Video demonstration: How elections are stolen on Diebold e-voting
machines
http://itpolicy.princeton.edu/voting/
Harry
.
|
