A study commissioned by the state finds voting machines currently certified for use by its residents are riddled with vulnerabilities, prompting calls for greater attention to security.
Forgive me if this isn't some major news flash, but let's document it for posterity anyway: University of California computer scientists have recently shown it's possible to carry out a bevy of hacks on electronic voting machines currently certified for use in the Golden State.
In reports released late last week, the researchers chronicle their five-week endeavor, at the request of California Secretary of State Debra Bowen, to exploit examine machines made by Hart InterCivic, Sequoia Voting Systems and Diebold. The same models are also in use in many other states, according to a database compiled by the Election Reform Information Project.
Their conclusion? "The security mechanisms provided for all systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results," wrote principal investigator Matt Bishop, a computer science professor at the University of California, Davis. (Click here for a PDF of that report.)
In each case, the testers were able to overwrite at least some of the firmware used on the machines and replace it with malicious programs--which, at times, could alter the recording, reporting and tallying of votes.
There were other flaws as well. With the Diebold AccuVote-TSX system, they found that a "well-known static security key" was used by default on the machine. On the Hart eSlate machine, the testers succeeded in remotely capturing the audio from an audio-enabled vote session, which poses a potential violation to a voter's privacy.
The researchers were quick to note that they didn't attempt to quantify how difficult or plausible it would be to pull off the attacks. Most of the attacks could be prevented by better physical security surrounding the devices, staff training and contingency planning. The testers also said their study would have benefited from additional time and that they were denied all the code and information--in particular, from Hart representatives--needed to conduct thorough scrutiny.
The Secretary of State planned to hold a public hearing on Monday in Sacramento to receive feedback on the reports from the voting machine vendors subject to the tests and from public commenters. California must act on any changes to its 2008 election equipment by Friday.
Sequoia, for its part, put out a press release that criticized the study's approach. The company said it concluded "none of the threats outlined represent a realistic threat if the normal, procedural mitigations are in effect."
The findings are likely to fuel an ongoing Capitol Hill debate over whether to ban the use of electronic machines that lack paper trails. According to a recent New York Times report, sponsors of such an effort in the House of Representatives are hoping to pass a compromise version--requiring the paperless machines to be scrapped by 2012 instead of 2008--before Congress departs for its August recess at week's end. The Senate, however, appears to be moving more tentatively.
But the California findings suggest the paper trail requirement may not be a cure-all by itself: the testers, after all, were also able to manipulate the paper receipts produced by touch-screen machines in the Diebold and Hart machines.