- 595 immigrants arrested at electronics plant
- Techiest celebrity endorsements
- Network failure delays flights across U.S.
- Alcatel-Lucent intros Gigabit Ethernet switches
- Firefox browser gets security boost
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Computer-science researchers from Johns Hopkins University and Rice University are heaping criticism on electronic voting machines built by Diebold Election Systems, based on software code for the machine said to have been posted publicly to the Internet by an activist.
Avi Rubin, technical director of the Information Security Institute at John Hopkins, along with computer science doctoral students Adam Stubblefield and Toshi Kohno, say their research of the code from the Internet shows a voter could find it very easy to trick the Diebold Election Systems into accepting more than one ballot per voter.
Another researcher, Dan Wallach, assistant professor of computer science at Rice University, echoed the findings, which have been issued in a technical report, saying the country needs to have extensive independent security evaluation of all electronic voting machines on the market.
In response, Diebold indicated that the released code was not a current version of the voting machine's software.
"The work we've released is part of a dialog nationally we want to have," said Wallach, who reviewed the findings of the Johns Hopkins team’s two-week security evaluation of the Diebold software code that had been posted to the Internet. "My opinion is that the code we looked at is deeply unsuitable for an election."
According to the university researchers, the tens of thousands lines of code for the Diebold Elections Systems voting machine obtained from the Internet had several serious and irremediable flaws.
For one thing, the electronic voting system could be easily exploited by an individual or group intent on tampering with election results. The researchers pointed to the smart card necessary to use the machine to cast a single ballot. The researchers said it would be easy to program a counterfeit card, hide it in a pocket and then use it inside the booth to cast multiple votes.
"A 15-year-old computer enthusiast could make these counterfeit cards in a garage and sell them," said Johns Hopkins’ Rubin. Rubin has conducted other research in the area that makes him feel high-tech balloting should not be conducted in haste. "People are rushing too quickly to computerize our method of voting before we know how to do it securely," he stated.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment