Electronic voting machines built by Diebold have been at the center of controversy over security issues discovered by researchers; Diebold has attempted to refute these claims only to see those responses refuted in turn.
Security systems vendor Diebold has a subsidiary, Diebold Election Systems, that makes electronic voting terminals. The business has experienced a number of situations where the accuracy and security of the results recorded in their hardware has made Diebold a lightning rod for criticism.
The most recent kerfuffle started last week, when Ariel J. Feldman, J. Alex Halderman, and Edward W. Felten of Princeton University released their ” fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software.”
Diebold’s voting system came off poorly in the analysis:
…an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities – a voting-machine virus.
The researchers noted the problems they found are correctable ones, but will require hardware and software changes, and “the adoption of more rigorous election procedures.” As an encore, the researchers also found that keys for such disparate items like file cabinets and hotel minibars could open the AccuVote-TS.
Diebold refuted the research in a statement attributed to Diebold Election Systems president Dave Byrd, and claimed the researchers assessed “security software that was two generations old,” along with other complains about the study.
Felten dissected Byrd’s claims on his Freedom to Tinker blog. Most notably, Felten indicated several times that the measures extolled by Byrd would not stop the attacks the researchers were able to accomplish.
Being the Internet, much of the opinion seems to favor Felten et al rather than Diebold. The only way to be fully certain of the adequacy of voting system accuracy and security would be through a thorough third-party test and auditing of votes cast at these terminals.
—
Tag:
Add to 
Bookmark Murdok: 
David Utter is a staff writer for Murdok covering technology and business.
