http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/ Wed, 20 Aug 2008 16:43:35 +0000 http://wordpress.org/?v=2.5.1 http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/#comment-511 jerins Sun, 10 Feb 2008 04:28:17 +0000 http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/#comment-511 It seems interesting to me that most of the exploits and security issues that you see involve some variation of the victim simply handing access or control to the attacker. Many examples (such as this one) are unbelievable in how easy the job of the attacker is made. These issues can obviously have more or less of an impact depending on the situation, but I think it is clear that in the matter of voting machines, the impact is very high. Voting machines have been the target of an amazing amount of controversy, and the motivation of people to break or influence such systems is extremely high. So if we do in fact go to any sort of electronic voting option, it would be imperative that the security measures be of a standard much higher than is displayed in this example. It seems interesting to me that most of the exploits and security issues that you see involve some variation of the victim simply handing access or control to the attacker. Many examples (such as this one) are unbelievable in how easy the job of the attacker is made. These issues can obviously have more or less of an impact depending on the situation, but I think it is clear that in the matter of voting machines, the impact is very high. Voting machines have been the target of an amazing amount of controversy, and the motivation of people to break or influence such systems is extremely high. So if we do in fact go to any sort of electronic voting option, it would be imperative that the security measures be of a standard much higher than is displayed in this example.

]]> http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/#comment-427 Kris Plunkett Sat, 09 Feb 2008 01:26:00 +0000 http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/#comment-427 Link to an article about this: http://www.bradblog.com/?p=4066#more-4066 Link to an article about this: http://www.bradblog.com/?p=4066#more-4066

]]> http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/#comment-410 felixctc Fri, 08 Feb 2008 18:56:37 +0000 http://cubist.cs.washington.edu/Security/2008/02/07/dieboldpremier-voting-machine-key-copied/#comment-410 I think this brings up another issue also. People need to be aware of security vulnerability. For example, why in the world would you put the code on FTP and a picture of the key online. This is screaming "Please exploit me". If they were more aware of the consequences, this wouldn't have happened. As technology advances, people and companies need to learn the importance of security and how easy it is for adversaries to exploit vulnerabilities after given a little information. I think this brings up another issue also. People need to be aware of security vulnerability. For example, why in the world would you put the code on FTP and a picture of the key online. This is screaming “Please exploit me”. If they were more aware of the consequences, this wouldn’t have happened. As technology advances, people and companies need to learn the importance of security and how easy it is for adversaries to exploit vulnerabilities after given a little information.

]]>