NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2008-q4

[ISN] Report: ES&S Voting Machines Can Be Maliciously Calibrated to Favor Specific Candidates

From: InfoSec News (alertsinfosecnews.org)
Date: Wed Nov 05 2008 - 02:02:51 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://blog.wired.com/27bstroke6/2008/11/report-ess-voti.html

By Kim Zetter
Threat Level
Wired.com
November 03, 2008

Touchscreen voting machines at the center of recent vote-flipping
reports can be easily and maliciously recalibrated in the field to favor
one candidate in a race, according to a report prepared by computer
scientists for the state of Ohio.

At issue are touchscreen machines manufactured by ES&S, 97,000 of which
are in use in 20 states, including counties in the crucial swing states
of Ohio and Colorado. The process for calibrating the touchscreens
allows poll workers or someone else to manipulate specific regions of
the screen, so that a touch in one region is registered in another.
Someone attempting to rig an election could thus arrange for votes for
one candidate to be mapped to the opponent.

"If one candidate has a check box in one place and a different candidate
has it in a different place, you can set it up so that if you press on
one candidate it gets recorded for another candidate," said Matt Blaze,
a computer scientist at the University of Pennsylvania who led one of
three teams that co-wrote the report (.pdf) [1] last year. "But if you
press on the other candidate, it gets recorded correctly for that
candidate. You can make it work perfectly normally in most of the
screen, but have it behave the way you want in small parts of it."

The report illustrates a shocking vulnerability in a charged race that's
already seen voter-fraud allegations on both sides, and an ugly spate of
voter suppression tactics targeting Democratic voters in several states.
The behavior described is also eerily similar to problems already
observed in early voting on ES&S machines and during a 2006 race in
Sarasota, Florida.

[1] http://www.sos.state.oh.us/SOS/upload/everest/14-AcademicFinalEVERESTReport.pdf

[...]

______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]