Why will Ohio, Florida and New Mexico sell many PDA’s in 2008?

Here’s your answer, courtesy of threat level:


Report: Magnet and PDA Sufficient to Change Votes on Voting Machine

A new study (PDF) on the security of voting machines was released in Ohio on Friday. The report, one of the most comprehensive and informative that I’ve seen yet, contains some pretty astounding information about the security of voting machines that hasn’t been revealed before. Unfortunately, the report isn’t receiving the kind of attention it deserves.
It’s the first independent study to examine machines made by Election Systems & Software, the largest voting machine company in the country — the company’s machines are used in 43 states. (A similar study of voting systems done in California earlier this year did not examine ES&S machines.)

What the researchers discovered is pretty significant.

They found that the ES&S tabulation system and the voting machine firmware were rife with basic buffer overflow vulnerabilities that would allow an attacker to easily take control of the systems and “exercise complete control over the results reported by the entire county election system.”

They also found serious security vulnerabilities involving the magnetically switched bidirectional infrared (IrDA) port on the front of the machines and the memory devices that are used to communicate with the machine through the port. With nothing more than a magnet and an infrared-enabled Palm Pilot or cell phone they could easily read and alter a memory device that is used to perform important functions on the ES&S iVotronic touch-screen machine — such as loading the ballot definition file and programming the machine to allow a voter to cast a ballot. They could also use a Palm Pilot to emulate the memory device and hack a voting machine through the infrared port (see the picture above right).

Advertisements
Why will Ohio, Florida and New Mexico sell many PDA’s in 2008?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s