|
|
|
Princeton Warning on E-Voting Machine Hack Shows Human Touch Can Be a Good Thing
By: Brian Prince
2008-10-27
Article Rating:  / 3
There are 3 user comments on this Network Security & Hardware story.
A report released by Princeton University claims an electronic voting machine used in New Jersey can be hacked in 7 minutes. Sequoia, the company that makes the machines, denies the report's conclusions. Still, the Princeton report is a reminder that, sometimes, it's nice to have a set of human eyes go over data.Sometimes its better to do things the old-fashioned wayat least partly.
Perhaps thats the lesson to be learned from a
report released by Princeton University
that outlines security concerns surrounding an electronic voting
machine used in New Jersey.
With the U.S.
presidential election looming, the report states it is possible to hack the
Sequoia AVC Advantage 9.00H DRE (direct-recording
electronic) voting machine in 7 minutes by loading fraudulent firmware.
By replacing the Z80 processor chip in the machine or removing one ROM chip
from its socket and putting in a new one, a hacker can potentially siphon votes
from one candidate and give them to another.
The fraudulent firmware can steal votes during an election, just as its
criminal designer programs it to do, the report states. The fraud cannot
practically be detected. There is no paper audit trail on this machine; all
electronic records of the votes are under control of the firmware, which can
manipulate them all simultaneously.
The subject of the voting machines entered the legal arena in 2004, when the
Coalition for Peace Action, a Princeton-based civic group, sued the state over
its use of the machines. The case was dismissed by the trial court in January
2005 and then reinstated in 2006 by the Appellate Court. While the appeal was
pending in the summer of 2005, a bill was passed requiring that any voting
system in New Jersey produce a
voter-verified paper ballot as of Jan. 1, 2008. The state was given a six-month extension
to comply on two occasions.
Twitter, Google and Yahoo tailor Web services for the presidential election. Click here to learn more.
Having a verifiable paper ballot, the reports authors say, is the only way
for voters to be safe. A paper record of every vote cast should be generated
and be viewable to the voter at the time the vote is cast. Seems logical
enough, and such a system would provide an extra check for auditing purposes.
However, it also should be noted that no election has ever been overturned in New
Jersey due to the machine, and 7 minutes is a rather
long window for someone to be left alone with a voting machine.
For its part, Sequoia
has responded to the Princeton study with a report
of its own, rebutting many of the claims in the Princeton
report. Whether or not the Princeton findings are valid,
one thing is clear: Going back to the 19th century during election time isnt
going to work. As any election worker can tell you, handwritten ballots come
with their own set of problems, like misspellings and illegible penmanship.
A print-out of a digital ballot and perhaps some additional security for the
sake of chain of custody of the machinesas well as to ensure they are
properly storedseems like a fair trade-off.
Software independence does not mean that computers (and computerized voting
machines) cannot be involved in elections, the Princeton
report states. It means that any calculations done by the computers must be
verifiable independently of the computer program. In fact, it is reasonable and
often desirable to have computers involved in elections, as long as software
independence can be achieved.
|
|
�������xr80�VӮc�]mT!۲)XTF((�ئH�I8NK3n&�t$_ϖ˖�0Ld&�D��?;;~$rɥklJv9�{>�D;;?.ԇP`QP�o�2t}R �
�tӌ5v��:!�M�����>�;|�9|@vD��%�j'aCkc�FcW�2ű5m2�f
�E1;'
�VI�= G6
�#%�}9�K��E!�m$oQT}:�XS=2tНS�[�BT!|@J%h��G�Qu�_a��;/�!�X]~�D4�2]�hj:TN`Uƞfn
KQ��F��3r�;�BM*-�D�ƞ4ICsd#�̒JKA`:tm3��G^A]õ]��ZΑR͌eCwt=��P��z�OMҳB�(�$g�>v?$Q Ig�K�a�S+)K+0�~b[�4I�p\2 ˺}=
:ԍ�|$�.j.9a�M ��
��/dRr�-2Q�Ȳn�Mw�3a[]ѡlwZkuE9,}�<<<��,t��rf_,\hwF}ޅRU5MQ/{W� �?
n0u�h;\AJ�y]J>�eUS��^_�wD_j�0QEVKi�/�ZH���?.gN{���]"x�[�n/4E;J
KHs�=
(2���,#�uG�Ҿoo:6鷏Ϗn:Sd̲1<�ZMӀ��Z�vd�!?[�
ӓkIGN7s!+|vg>!5M0\̱¬:֪V�1?o!&�@"rVJze_R��~:�?_$?�]tIAұ,Oȿ��;Be}U З?7��,Y`M����Imdʩ�$|Ǻ�z�N��ԜYu*�į`K�7B��S��I3Q8�n�ZK}0�[RF&�\� Д��Q�C|dMa�b&DJH?�є6-`i˫� TE��嗋�mESu=
(J�!b^3E�!\J�!=!
g�|�8Jn|?
[�Z&�YzhNԖڂ1W|{?/1e�ޡ:ix>!U.۽^
S�3�G#�洋вn��榣V'c~+�Y�Ee_U�^p�-Aqb2B��c�=M:gvX�Y8��`���;}J_wϧԴfPwH<�:�M�/�}@˥yn1�@�
L�na�
;p�w�>>-Fv13�{Q �{>�0i��CkJ�QD4�״
�l"�&q���3)к`��`2à�F{t(
�,/��G`\@4�8`�$8ʼ��E�]uCb賀B�=���Ś�떭�-�L<�ħ̠~�(~9-R��;C1��"# E�EK�y3@� $h�-4`��z.��=�
�ŊIݑ�vZ)J��Pl=!ԑt݁Z|MfJ9cb -d[b�}I�lΌ�eV&vφa,[Lbo��7�]�,�Sl3-M�us֪%6��ʋzhNC&ǽsyjm��S#�U^?])h�X�L9|�p��p�]?��n;N %=&^9=�Y��->֘MG���D�&� f+Lo�L�hQ�ĸGF6b![ѧ�ShW(f3ᠺN�4S�}�52{B;`a3sUedң{>�I4�5+8dp? �R�y
�|;�pG��9#rUϚX� 5<9.�&B#5w�:�Q)OjBaixʸ*2$,T4��pt�r�K��ݼ~h��";hqNNSНB#D9z�Q=/ORb-xhV+�o�H_ƠR�.�\[K�Ҟ� K
�r�W�}+aԥ �/D�An6dX6�X>}iȜ^dtTRo?mM�tn:�{j,j�&M{?&TYV0>2ei[FohCMۯrv'`ܱ��K���(�)em�*d�?v= �kQDz?{vl>q���lc�p>xBJmH�כAB�
cOЭ,��h�ZW%S=#�kQA�a ��ŵa�a�{�61rt^XԳtg~aٿXXTNۋkʮtՒ�үhOӛvp��u�*>�1f&6X#˦�z`ُ�ޤ
R�TwV~=�V+JIU�?i?怚H|A��2ex�L,`_#݇|ʠ::7�I�V�6ʼnG �q?@+:2
XY 0��(E{h0�qD��N��ҀJ
�^�ƙl)W2ݝ'(U2~-h;_?Z=��`"+j�Uv�~ie��(���#f~~kˣ��
{i#f�
Ma�Fž�nJm^Rk{9i`7,��mC[$
zD�È�i��qņ�Z
J'��g�H�y3V�9y�]%��fZ+e1y[Uz|}hƵYdyE3isS2ڪ�+_O��ˀ�eyM?ڛZJ�=/"JM7ϦW<�sƇ~�ٷ"�YHjV�N|�D�s?n216E�m/POG]մJ
/19�>|6t8Y
TMg_߯X17(p��O,УG'~�w3O>�"�Ǥ_9dYb:5K9�C?9dN u3� U�sf>
��|�`�y3GGu�"�M."�́,08h#2"G=%��`n�/.I�0|�wNT%:@"�c�]f.g�|]~oLQX��G�VUe@�4ỵV1C
e
4v=.EZЋg2|�]��>�/��i�)Ձ",߸X̡֪��~h�JJ]��aQn6=ITP=@Q�>}ݤ1p�
NnU< {H҇>JS-R�tqy-Nn[TrTS+JJgQ�!WݓXm�2B�0q܇VJ3ڟ5^@�M|GZOTK0uhzGSYIzQ\L Cn/�$h ^�!1M�u(@=6{]M茻h] �Lc~u8M<+o�jM&n�@�uz0Rlɪ�+> 2.izIRϢsG:Lpz�]�%Qd:)nQ==Օћ[^Hh#
&w}���A
l(U˚V�*j�ȥe#g��D!)W_�1|ʢ'r ]N7�.�_VZi�va�*�s>PV�9�k۷BlpH75
��SXp|
ޠ[PH�X�XD�>QkfR{e"��nxR*�gF�ccb~f.VWv��/(0�h_�hCm�$\�auv��1g�
+f[i)37+Eus?? %mSvis�O�0�int�x01�v�g�����0�Ї_I_�rH`D\Tc4s!�6:g5>�
�`i8Fnx{H(&}ׇu{5eusu&w�ѳi?
`�y�B�蕣n߽�p.[7g+%E�;$�u�߽�o= rHp�Bj]tή�Xz�F�]9hnO�M1+�0fhRbA�1fF<$FMT�!PR".ݛ
g��|�}Xr�sdQ5Õh�&lꏝ%/a�
Bf-�3�b!bN<ևAPC��{ r
H)'4�-�'Es|;3^t[}h��!�,�:Ua2"穔(BS.hDO�g4}ܽiqsl�}AFJN�^v�Z-g[M7S+t,#?]/8�ʊ��=�?EU.��N:|"=Br�^'18�/:=h)��I�"2c�.A-6Ծ�N= �4�sJd"�:�A%;�?m[ħ{�,�/䎑>�D=:dSN�3U(�iQE�-e9r�tJ9S"\F 6H PV,OҼe=lI1 iK"ih$bbVFRo�wݺڜ6<5ަmƙBmK$�d�cgKE֊r� p�kP�q"��+�b
�>�ϣ��g֢Ѭ]}+
ɏ�h� #:��3e�!�Z� &
2�_,�wг�5^w�Z{�Er@gF�q?Imظ�2U�(3X6
w{�{eB�s��?݁C�O6vuSOF�
95C/3r¸e}l(=h�Gtvڕvd{qOsr<�]1h�n'4vlLcI")VԺ57`\8%'+xr42��Ӣ �@7YM��(f^�#zaВ116onQ;-�4zC��t@�AcI�U~(TR=n
νfO�"J鲇\v%��(c|MU^RRMJ>\$k���@" bY_B�IKwvzYV��N
ئ7=12�~�O� O=q�Զفǣǎ��X�
�*�4lo
azS`[ʅ=RH3�a
d<�Jփ�6˶˷Fp7�N
Ϧf_ O��%�FJ
,-Q`mZ،�9!/�h�vpm�U4b�Zy"N0�R�o��1֢ �I�Mi|o(o&xk5�)
kN7&/6o)�.��i{\nEa�>�xQx7e\ڊ�]�aKn~�'Vv/wYnp8{5xfVԌ̓�uP�ES `.F_�?ٿz9+ֻ�\Xv/GzLӀFnsÊ"�y��Z�Sm�uӗ'��jJUW�!v%�o3�k f!�_g�(ֱ;fx�O`Myr3O���bR/t}Z)Ms�[Ă:9��)�ӢJn�y�[b)ȱ�P�gn!�RU)CA�9wѯ&Om'T�VD
��wT�
�hafJX@2"��,�RscX2�VWѯr7��ǣerN�HA"(avc"�Q2��ގc�m)Hnj5XR1f�}͙t�R�wcH+h�Jq-!b+�v�f7x�v"�ޫhJ|5#l7ðQū�v��6߀�U%U��^70ٹR���EΥ�3ҥ W^gLsx ��� H[I`|�|T#7Ƕqխ.)eIߔoJO�:�c�`.tǶ1u`r{ԗnsq$^%X�?p^ao�jn}-��tכ/[
^Y+)�^'�5%XK�{R'N\[L`�qg.:
>�{E �A���B~[ƘDZ�#ܼVR٥:sĕ}��a@Ao-W.N�}.K�Mq�Gn_s}'��Mt0,�)��S�h,l�� D�,ĐD5�x{0�W3�ᩨFXé��n��k=�%�Ș2g���ZCe9�1!Wu,{`c.!�x��O8|[Q
}�|+\b紧ҥL�OUUNv�+�D@��.����>@Uj��}v��.�]Е>k�BQ0)�j]L-$w�x�$N�j1ln�EVOw065T:W&az/@拀ِK_))r7OŠ
*iHG4ԑz�n BߺcPܶ)n]
&Ry\۟c�w1���-�l���t�
��6y�9g|%|
z 25_�ʆXz)Ndy8L&�c�,z3� �l�oQe�nd�# <��O+};�I4@_ݐ^�{ɒF3�F7�'�ɕ'&+�Ѽ:ъ
FTv(Fحƪh{1h��H'r*[?�@wЅ�:}�$US'�DPJOKɯn`bkDC7b(UE�+$o���o|#�rdO3p!}ťU%- ѿ�LaZk���H88�
�D9ZFmO%)|˫&<
�^IgV@?�]���_C��Ǯmx2[r�{_�,d;m|a�I"IOq.5�^s&j!�� c7`1ހ�$!4�J�SX�nH+|3yskmZ&d�,*�Es~-R�f87��U�@"�ߌ�oyz7a?]t�?~f!x.@c��L"N#Lfv�Lc0е~�/B4ϠG~m7\,Ll۞Onߞ��MwcsZ+^Qb�p!0t/A{u}\\]oL^�Rr��wr�=@�8b C%?�^c�(~)j-�p�-[B/|�͕{[xp3sZ�
D�LŻ2y릷A8=Cm`^�d;2qLHj�~6}A+=V4 �
mX�[`8,O�ċ�M�_<�@VE[6bVԽ�)敲|QRg�&NMw܃�E#�Ь$5:"cRJD:`��F3VL)�2��Jf63ʔj`
�>���,> ztowwv]g�s�4�7
�5yOZ
x_ڋKۨ_x*ȧ%I d^�̷m'�I�,b'�lT?�A1D�b���@/^j2]̩M�-Nuwپ φx٤qS-#D��"�"8E�(=6i[�;l��4>(C^P"^���{M�}1I��s9�|Mk @�ע`�~KZ�� �O��]�c)i%+���ۏAE!Lj�A�%�fZ��ן�Qby3, Y2KW15\R1.\��iE,�zUdI+2&�/ czŇ�R�2&^��OE�*ނ0H>PSaaeJ UH+4h 0�ksM�mN�!Vy
<Lv�Vy
ֵn&*kx�zJ2Ko^;c6�xfU'j*Ika0unS=Ԙh
7p�S�c9Fycq
O�wv̏�dn-&�~iX�x>H�'2t}jh�܇T�ϴJd�i\]TϡVR*jZ?";�Мh˛=:珘Ӝ"Z{2ֱ:�r�JE+�mݷ�#@�
+Hy�<з%L+G� *�&�KN8ǧ30���ǖC0%m4,QNer
tP�?)��P5o�$x^+jB6
"|tR.O3'
H$'th'&v* &V*�tof|{H��-g&_ayZܾ\`{��bX���Yqc[QZJYb;7s":;K[�f�HuGw,}�@8�(�L?di=jX:N#RF¯R��9�̪ f㍸=�#7T�P!�L�TX>�#ZMIh�e�J\�{_#Ƅ`N\�)W'��n�yVmIz .�kx�>a돸�R~Vw!kj��]o;ҁG+qܖ.uflvJ=coKI XPp���MI٫T~ Nz�ـ�jcEl�~%:�td'�6ɽ�:<&&s؏p�{w3�'&௹oX��{+$̽O��g-�s?��MǤ')�45aBx$l��d
�D�ps}z?)mDRRiF�c�tkXa،UЌLjV}Qu�xS�?
@�pj+�ݜr�I;�ʏW�}Nss�?G(ShwVwN
IN9?trʡ��z9埡���fe\�9_�<@�^�}.ss _ yß92z'(S~�9_BeN9U^\�UuݜwAtsO�K7G\�\5
M��^�=�AV�_S^9)�O@O9ۼr�osڿ�\'I9�ru�S)�Jy/*苼k Oy射:)߇�}VU<_`k�9t
_�r
̭L_;ݓBX\jvr+�^e4�vkYA�m���{}�y�s/-#yio2Y9���AQFgG6�+.ȭ-'Hl]=�g%%x�=0?Mu{.�1پWߕ\~Sny�+tq22#s"qG#iP�A�9Ч#�|,y�
|8SNtw<17 }^1�B�8 v�t{z��MtK�n
\��x{��%>��
#r�75iep�xg?9/�yd֪WVFKp'k͠~�%k"N^��赏?to�Ҿj]�[gmЙM�%�Æ>a#^*��B8D�#�`��1z�Ix��Oa4
EL=#9fhNh{ksn �?]w��n����)xT-kZYoZԪ�w俋Ą70k���G�b�3jJ]N��lժ~\��,)g
�/(�@#غ7M{%}C7":fȳRL�
�u+ҷ�J�!'\C�x'��!Rث2f�dof2E�aSOp^v"�H�@0�~Y8P&`.�3�؞.F^φ$�&�w�� a鬍c��6&9Kl]i'b�"'�m%-Ùxɏ,O�~�f+g�-�ԛseSU�rߣQ���B�~�22��VH'ՃoR 0 7oJ/ݳ�x!��K�Q,V+RF�5t0@2u1�x�[Jr�
;��!�ɉؼ!+B0BRhfNX( �8�[]^L�:χA҃+�>��
,L0�V1i����!n�ӗ:�ig�F�`Ƹb�f\c0���601Gx�>}r)�1-�XcLyA��=4&FӴo"9ݜ�ţ2aс(Y�c{XmD8k9t}�y
x��_
݉�Ps�"�?���uK6��siW�-Iœj@@zĶN;��cĤKId .��d⟒|e'0OqkVf�ƽP\�ul70H-��t{z _X�v�{!fϣ�?99L
dh�h%4Id�`'4�s `����C�{)B9
H|\��+<##1Y Mк Z�sJ�dBCw�RF�v/_ v:쭨F���|m)۹f,ӧ6&�'sMz=�>-�L]�М�z�R(|�K9��H%)^xrA߮Ed#�
B㑸z��+
O*_ aNm�%� 1oE)R%*�V*Hvx*�D�Z��e.-s(ŬBSd�<�)O?n'[nA5�y`0v`ehD�PL/Tvy*�*>�% ,�1ܛ!\J�?_�vs[�&e@DqLgHvx566s֨Na^�ۺKAўY�m0o6`�5/�75n�v/-�G�9JrX}P?)�:�OOg�sZ�8��H�ʶ�!�_�,�{��QFb�VB�8u
vKѲ
v�7"ְ0ޏw�PT�|@��xS�a
\bX%e�ܔ�UF.Em�hT4X %*l+�7�W
�9/߶�7qݼ¶"yX\
A\XNڙF
X�<���s+��o5ȉe6�뙣]g0^n,eH}Kqd.5"�$$r嵖I��;;Q0��&iE-ȓl`C�v�_)~ph[?�҈Y�A� wVǰ�>BLN7�S
3pRaL ��(b[и�g~C{%�9�w�:a0>~09�&rX)>�ٔ6�s�ȃoz�^�ju�X��XC`*F"�e31C7Dn0Br�H
d[H_م�t�v3�\j�9/�YH~1
���<9�9�.@OI"cXM1}a`�|Q�!�3}E.t�ʢQ�}��v<:~vڎ�.3J�bq')mw�K�ݛ�,�mݸG�g7ݏW'RTFYzhI:ݛv��J]NN:WgxY`(X�E�Ch_ś|G`bhP
|
Network Security & Hardware 
