Study finds computer voting system vulnerable to tampering

[InfoSec News <isn () c4i org>]

http://www.siliconvalley.com/mld/siliconvalley/6376399.htm

July 24, 2003

BALTIMORE (AP) - An electronic voting system used in some states as an
alternative to the troublesome punch-card ballots is highly vulnerable
to fraud, computer security experts warned in a study released
Thursday.

The study found ``significant security flaws'' with the system
designed by Diebold Election Systems. The system was vulnerable to
unscrupulous voters as well as ``insiders such as poll workers,
software developers and even janitors,'' who could cast multiple votes
without a trace, the study said.

The system allows ballots to be cast on a 15-inch touchscreen.

The study was the first review of the software by independent
researchers.

Avi Rubin of Johns Hopkins University, a lead researcher on the study,
said there is no quick fix for the software.

``You would have to start over,'' he said.

Mike Jacobsen, a spokesman for North Canton, Ohio-based Diebold,
declined to comment in detail until company officials had more time to
review the study. But he said the company's systems ``pass rigorous
certification tests at the federal and state governmental levels.''

``However, we welcome the opportunity to work with credible
organizations, including Johns Hopkins, to continue to improve and
strengthen the security of our systems,'' Jacobsen said.

Jacobsen also said the software analyzed in the study was about a year
old, and problems with it may have been fixed.

The researchers were critical of a ``smart card'' used in the system.  
An ATM-like card given to each voter is designed to make sure that
voter casts only one ballot. But the researchers said a voter could
easily bring a specially programmed counterfeit card to the polls and
use it to cast multiple votes.

Bogus cards could be made by a 15-year-old computer enthusiast,
researchers said.

Rubin said a glaring weakness in the system is a lack of a verifiable
audit trail that could be used to double-check voting results.

``I think they need to have paper trails, and I don't think these
kinds of machines should be used for voting,'' he said.

The researchers concluded that the system was vulnerable to a group or
foreign government wanting to influence an election, or to poll
workers who wanted to alter ballots.

The results are significant as cities and states consider computer
screen voting as an alternative to the antiquated systems that caused
problems during the 2000 presidential election.

Last year, about 33,000 Diebold voting stations were used in elections
in Maryland, Georgia, California and Kansas and other locations,
according to the company.

Diebold reached an agreement this month with Maryland to provide up to
$55.6 million in voting technology, expanding the use of touch screens
from four counties to the rest of the state.

Rubin said he planned to urge state officials not to use the system.

``You guys just bought something that doesn't work,'' Rubin said he
planned to tell Maryland election officials. ``Go get a refund.''

The findings were based on a July study of the computer code used in
the voting system. The code was posted anonymously on the Internet
earlier this year.

For the study, three researchers from the Johns Hopkins Information
Security Institute and a computer scientist at Rice University
analyzed tens of thousands of lines of programming code.

Rebecca Mercuri, an independent consultant who specializes in studying
electronic vote tabulation, said the report raises questions about the
security of electronic voting systems. But widespread manipulation of
the system described in the study was ``highly unlikely,'' she said.

``There would have to be a massive violation, systematically, of a
huge amount of protocols, for this to take place,'' Mercuri said.

On the Net:

Johns Hopkins Information Security Institute:  
http://www.jhuisi.jhu.edu




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.