News

Worst Ever Security Flaw Found in Diebold TS Voting Machine

»

    Worst Ever Security Flaw Found in Diebold TS Voting Machine
    By Alan Dechert Refere
    BellaCiao.org

    Monday 31 July 2006

    Sacramento, California - "This may be the worst security flaw we have seen in touch screen voting machines," says Open Voting Foundation president, Alan Dechert. Upon examining the inner workings of one of the most popular paperless touch screen voting machines used in public elections in the United States, it has been determined that with the flip of a single switch inside, the machine can behave in a completely different manner compared to the tested and certified version.

    "Diebold has made the testing and certification process practically irrelevant," according to Dechert. "If you have access to these machines and you want to rig an election, anything is possible with the Diebold TS - and it could be done without leaving a trace. All you need is a screwdriver." This model does not produce a voter verified paper trail so there is no way to check if the voter's choices are accurately reflected in the tabulation.

    Open Voting Foundation is releasing 22 high-resolution close up pictures of the system. This picture, in particular, shows a "BOOT AREA CONFIGURATION" chart painted on the system board.

    The most serious issue is the ability to choose between "EPROM" and "FLASH" boot configurations. Both of these memory sources are present. All of the switches in question (JP2, JP3, JP8, SW2 and SW4) are physically present on the board. It is clear that this system can ship with live boot profiles in two locations, and switching back and forth could change literally everything regarding how the machine works and counts votes. This could be done before or after the so-called "Logic And Accuracy Tests".

    A third possible profile could be field-added in minutes and selected in the "external flash" memory location, the interface for which is present on the motherboard.

    This is not a minor variation from the previously documented attack point on the newer Diebold TSx. To its credit, the TSx can only contain one boot profile at a time. Diebold has ensured that it is extremely difficult to confirm what code is in a TSx (or TS) at any one time but it is at least theoretically possible to do so. But in the TS, a completely legal and certified set of files can be instantly overridden and illegal uncertified code be made dominant in the system, and then this situation can be reversed leaving the legal code dominant again in a matter of minutes.

    "These findings underscore the need for open testing and certification. There is no way such a security vulnerability should be allowed. These systems should be recalled."

IN ACCORDANCE WITH TITLE 17 U.S.C. SECTION 107, THIS MATERIAL IS DISTRIBUTED WITHOUT PROFIT TO THOSE WHO HAVE EXPRESSED A PRIOR INTEREST IN RECEIVING THE INCLUDED INFORMATION FOR RESEARCH AND EDUCATIONAL PURPOSES. TRUTHOUT HAS NO AFFILIATION WHATSOEVER WITH THE ORIGINATOR OF THIS ARTICLE NOR IS TRUTHOUT ENDORSED OR SPONSORED BY THE ORIGINATOR.

"VIEW SOURCE ARTICLE" LINKS ARE PROVIDED AS A CONVENIENCE TO OUR READERS AND ALLOW FOR VERIFICATION OF AUTHENTICITY. HOWEVER, AS ORIGINATING PAGES ARE OFTEN UPDATED BY THEIR ORIGINATING HOST SITES, THE VERSIONS POSTED ON TO MAY NOT MATCH THE VERSIONS OUR READERS VIEW WHEN CLICKING THE "VIEW SOURCE ARTICLE" LINKS.

Comments

This is a moderated forum.  It may take a little while for comments to go live.

Add a comment:
The content of this field is kept private and will not be shown publicly.
CAPTCHA
The following question is for testing whether you are a human visitor and to prevent automated spam submissions. Please enter the two words seen below. If you cannot read them you may use the button with circling arrows to get a new one.