Voting machine fails inspectionBy Robert Lemos
Staff Writer, CNET News.com
July 24, 2003, 5:25 PM PT
University researchers delivered a serious blow to the current crop of electronic voting systems in an analysis of one such system's source code in which they concluded that a voter could cast unlimited ballots without detection.
Using an earlier version of the source code that powers machines manufactured by Diebold Election Systems, the security experts--three from Johns Hopkins University and a colleague from Rice University--performed an audit and found numerous security holes.
"Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts," said the researchers in a paper published Wednesday on the Internet, concluding that "as a society, we must carefully consider the risks inherent in electronic voting, as it places our very democracy at risk."
<snip>
http://news.com.com/2100-1009_3-5054088.htmlHigh-Tech Votes Can Be Hacked, Scientists Say Thu July 24, 2003 06:06 PM ET
By Andy Sullivan
WASHINGTON (Reuters) - Software flaws in a high-tech voting system could allow vandals to tamper with election results in several U.S. states, computer security researchers said on Thursday.
Interest in electronic voting systems has grown since the 2000 presidential election, when problems with primitive punch-card systems in Florida led to a bruising, weeks-long recount battle ultimately settled by the Supreme Court.
But researchers at Johns Hopkins University and Rice University said they had uncovered bugs in a Diebold Inc. DBD.N voting system that could allow voters and poll workers to cast multiple ballots, switch others' votes, or shut down an election early.
"It's unfortunate to find flaws in a system as potentially important as this one," Tadayoshi Kohno, a graduate student at the John Hopkins Information Security Institute, said in a telephone interview.
<snip>
http://reuters.com/newsArticle.jhtml?type=technologyNews&storyID=3155955Security Of E-Voting Systems Seriously QuestionedJuly 24, 2003
Computer researchers claim to have found 'critical flaws' in software used for U.S. electronic voting.
By George V. Hulme (InformationWeek)
Three computer researchers from the Information Security Institute at Johns Hopkins University, with help from a computer scientist at Rice University, say they've uncovered vulnerabilities in the software purportedly used by Diebold Election Systems. As a result, one person can cast multiple votes, elections can be delayed, the anonymity of voters can be breached, and cast votes can be modified or even deleted, the researchers say.
<snip>
http://www.informationweek.com/story/showArticle.jhtml?articleID=12803024 US researchers critical of electronic voting systems By Online Staff (The Age, Australia)
July 25 2003
Researchers at the Information Security Institute at Johns Hopkins University in the US have given electronic voting systems in use in the country the thumbs down, pointing out that even common voters could cast unlimited votes without any insider help.
<snip>
The researchers took issue with the fact that the voting system itself was written in what they considered an unsafe language - C++.
"...the software is written entirely in C++. When programming in an unsafe language like C++, programmers must exercise tight discipline to prevent their programs from being vulnerable to buffer overflow attacks and other weaknesses. Indeed, buffer overflows caused real problems for AccuVote-TS systems (the name of the system) in real elections," they said.
<snip>
http://www.theage.com.au/articles/2003/07/25/1059084190013.html