Friday, December 07, 2007

Voting Machines Sinking On Security In California

ES&S iVotronic voting machine - Image Credit:

Voting Machines Sinking On Security In California

A team from the office of the California Secretary of State found that voting machines manufactured by Dibold and Sequoia have significant security vulnerabilities. A new round of testing that focused on the machines sold by ES&S found that these machines were just as insecure than the rest.

Image Credit: California Secretary of State

While we all would like to see honest and open elections take place here in the good ol” Golden State, we are not delusional. We know that being a conservative in California places us solidly in second place.

Why would any conservative fear insecure voting machines here in this state?

Image Credit: California Secretary of State

This excerpted from Ars Technica, LLC -

ES&S e-voting system used in California cracked wide open
By Ryan Paul Published: December 05, 2007 - 09:01AM CT

Earlier this year, California Secretary of State Debra Bowen established strict new standards for electronic voting machines, requiring independent code audits, Red Team security testing, and support for paper records. The Red Team testing process primarily involves subjecting the machines to review by security experts who attempt to hack the software and bypass the physical security mechanisms. Recent Red Team tests of ES&S voting machines have uncovered serious security flaws.

The first round of tests focused on the physical security of the Polling Ballot Counter (PBC), which the Red Team researchers were able to circumvent with little effort. "In the physical security testing, the wire- and tamper-proof paper seals were easily removed without damage to the seals using simple household chemicals and tools and could be replaced without detection," the report says. "Once the seals are bypassed, simple tools or easy modifications to simple tools could be used to access the computer and its components. The key lock for the Transfer Device was unlocked using a common office item without the special 'key' and the seal removed."

After bypassing the physical security of the voting machines, the Red Team researchers were able to gain direct access to all of the files on the systems, including password files. "Making a change to the BIOS to reconfigure the boot sequence allows the system to be booted up using external memory devices containing a bootable Linux copy," according to the researchers. "Once done, all the files can be accessed and potentially modified, including sensitive files such as the password file which can be cracked by openly available cracker programs. New users may be added with known passwords and used by the same attacker or other attackers later."
The Election Loader System is populated with data from an Election Distribution CD, which is generated by a special Election Converter Application. The researchers were able to break the encryption used on the generated CD to "breakdown the CD, revise the election definition, and replace the CD with a new encrypted CD with an alternate election definition." The researchers note that this tactic could be used to alter vote tallies.
The results of the Red Team test, which demonstrate beyond doubt that the security of ES&S voting machines is utterly inadequate for use in elections, make it seem unlikely that ES&S will be able to continue peddling their defective products in the state.
Reference Here>>

Image Credit: California Secretary of State

Liberals with socialist, bigger government leanings (read that Democrats and Decline to State) will always get elected by large margins ... and our state, which sports a 10 billion (with a “B”) budget deficit, will eventually sink from the lack of fiscal responsibility.

We, at MAXINE feel that having incorrect and corruptible automated voting results in California is a little like moving chairs on the Titanic. Who cares?

Let the voting begin. Paddles will not matter!

No comments: