Hacking Diebold voting machines with $10.50 worth of parts

Diebold dominates the voting machine market in spite of multiple security issues raised over the years. The Vulnerability Assessment Team at Argone National Laboratory in Illinois just released information about a man-in-the-middle exploit that can change votes while leaving no trace of the attack.

"$10.50 worth of parts and an 8th grade science education" can do the trick, along with access to the physical machine. For an additional few dollars, a remote control unit can access the hacked voting machine from up to a half mile away. Changes are made when the user pushes the "vote now" button. Since there's no paper trail provided by the majority of electronic voting machines, voters will never know their votes were changed, and there's no audit trail About a third of all voters use this type of voting machine.

Voting machines are carefully watched on election days, but are stored for days or weeks ahead of time at voting locations. Do you trust the security of your elementary school, recreation center, or church basement storage locations? If not, push the "vote now" button on the verification screen with crossed fingers and hope.

Ostrich pose

As long as people are willing to vote on insecure systems, they have no leverage to demand secure systems.

Mark E. Smith on bradblog.com

Nobody will want to touch this issue because it's too expensive and seemingly too complicated to fix. Then, somewhere down the line, there will be irrefutable proof that an election was hacked. Public trust in our public institutions will decline further, to the detriment of all. Just a matter of time, I'm afraid.

Shank on salon.com

There's NOTHING TO SEE HERE. MOVE ALONG NOW. These ARE NOT the droids you're looking for!

Hankydub on bradblog.com

Politics

It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything.

Joseph Stalin on brainyquote.com

Actually, in Germany the highest court declared electronic voting to be unconstitutional on the grounds of deficient comprehensibility in 2009. Maybe we can use this argument in other countries, too.

binbasti on news.ycombinator.com

When there were some scandals after the 2002 midterms -- notably, the very odd victory of Saxbe Chambliss, and the fact that a computer file called "robgeorgia" was found, Diebold promised to fix the vulnerabilities of their machines by -- wait for it -- 2006. Conveniently, AFTER the next Presidential election.

Susan Wood on salon.com

There is nothing in the electronic voting debate that won't make you scratch your head wondering why they don't use known-good techniques. The only time-worthy thing to do is to oppose them until open-source solutions are accepted. Everything else will be a through-and-through scam by Diebold or one of their cohorts.

rhizome on news.ycombinator.com

Technology

With mass-production, of course, we can expect the price to come down further....

An Infinitude of Tortoises on bradblog.com
For a very comprehensive rundown of all the awful things about electronic voting from someone who has been researching it for 12 years, see the following hour long talk given at google: Electronic and Internet Voting (The Threat of Internet Voting in Public Elections)JonnieCache on news.ycombinator.com

It no longer matters if any E-Voting machines have ever been hacked. The problem now is trust in the system, trust has been questioned so many times and in so many different ways, e-voting machines should be banned until the electorate can once again trust e-voting.

ErstO on salon.com

It looks to me that the hardware in the voting machine was designed and installed so as to allow manipulation of the vote because it is doubtful that is "glitch" just happened to be in the guts of the machine.

Botany on bradblog.com

Here's where you vote whether you are worried or not about this issue: Worried / Relaxed. The results will be posted according to my whim and remote control hack.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies