The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Critical Security Issues with Diebold Optical Scan Design

Posted by Xavier Ashe on August 3, 2005

The
findings of this study indicate that the architecture of the Diebold
Precinct-Based Optical Scan 1.94w voting system inherently supports the
alteration of its basic functionality, and thus the alteration of the
produced results each time an election is prepared.

The fundamental design of the Diebold Precinct-Based Optical Scan 1.94w
system (AV OS) includes the optical scan machine, with an embedded
system containing firmware, and the removable media (memory card),
which should contain only the ballot box, the ballot design and the
race definitions, but also contains a living thing – an executable
program which acts on the vote data. Changing this executable program
on the memory card can change the way the optical scan machine
functions and the way the votes are reported. The system won’t work
without this program on the memory card. Whereas we would expect to see
vote data in a sealed, passive environment, this system places votes
into an open active environment.

With this architecture, every time an election is conducted it is
necessary to reinstall part of the functionality into the Optical Scan
system via memory card, making it possible to introduce program
functions (either authorized or unauthorized), either wholesale or in a
targeted manner, with no way to verify that the certified or even
standard functionality is maintained from one voting machine to the
next.

Read the full PDF on Black Box Voting.  I was led to this from Washburn's World, where a friend of mine is one a one man mission to fix the voting system in Wisconsin.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: