After the hanging-chad fiasco of the 2000 presidential election, Congress funded a nationwide drive to replace punch-card ballots and lever-operated voting machines in time for November 2004. The Help America Vote Act of 2002, or HAVA, authorized $3.9 billion over three years to help state and local governments upgrade their election equipment. The only replacements being considered seriously are electronic voting booths: stand-alone kiosks for which voters are given an encrypted smartcard that identifies them to the computer and lets them vote exactly once. But a report released last week by the Information Security Institute at Johns Hopkins University says the touch-screen machines are Swiss cheese—full of holes—for hackers. "Common voters, without any insider privileges, can cast unlimited votes without being detected," the report claims. It's based on an analysis of the software source code for voting machines made by Diebold Election Systems, a division of a company that makes automated teller machines. Someone at Diebold accidentally placed the code on a publicly accessible Internet server in January, resulting in its dissemination around the Net.
Diebold boasts only 33,000 machines in use nationwide, and Omaha, Neb.-based Election Systems & Software, which claims to count 56 percent of America's vote, has installed a mere 30,000 touch-screen machines in 15 different states. But the state of Maryland, which bought 5,000 of Diebold's machines last year, just awarded Diebold a contract to replace the rest of the state's booths with 11,000 more touch-screen units. That's probably why Baltimore-based JHU's report sounds like it's lunging for the emergency brake. "Our analysis shows that this voting system is far below even the most minimal security standards," it thunders on page one. The report claims the code is riddled with "unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes" (Ack! A geek's worst insult!) before spelling out a scenario in which a middling hacker steals the vote by stamping out fake voter smartcards using a $100 desktop printer.
Are there bugs in Diebold's code? Of course there are, same as with any program longer than "Hello, world." But instead of 'fessing up, Diebold has issued one press release after another trying to discredit the Johns Hopkins report. Too bad the company didn't decide to go with the flow instead, by claiming it put the source code on the Internet on purpose. Open-sourcing its software was the smartest mistake Diebold could have made. It's the only way security experts (real or self-imagined) will ever take the company seriously. The security track record of open-source programs such as the Linux kernel and the Apache Web server suggests that an all-hands review would improve Diebold's product. And unlike most software products, there's little business risk. Unlike pirated music CDs, bootleg voting booths based on Diebold's copyrighted code would be a tough sell to local governments, either in the United States or in the 178 other member nations of the World Intellectual Property Organization.
more...
http://slate.msn.com/id/2086455/