Diebold/Premier Voting Machine Key Copied

By esoteric at 4:26 pm on February 7, 2008 | 3 Comments

Adding to the current furor of news surrounding the issue of electronic voting machines, an egregious mistake by American voting machine producer Diebold (now known as Premier Election Systems) has lead to heightened doubts concerning the integrity of electronic voting.

Diebold has a history of security mishaps dating back to 2003, when they posted the source code for their voting software on a public FTP site. The availability of this code led to the discovery of an exploit in 2004 that would allow for the manipulation of votes as they are tabulated at a central location.

In the company’s most recent debacle, the first major issue of note is that the same physical key can be used to open the locks on all of the touch-screen voting machines that Diebold produces. Secondly, Diebold unwittingly posted a picture of this key on their website on a page that described how replacement keys can be ordered by official account holders. Ross Kinard of sploitcast.com was able to construct several keys based on this image that proved to successfully unlock a test voting machine.

The implication of this security breach is that it is now much easier for an adversary to gain physical access to the innards of a voting machine and attack it by modifying the software via a flash drive or by altering the hardware. This could result in misappropriated votes or denial of service attacks where people’s votes are rendered useless.

Many policy makers are lobbying to make a return to paper ballots, which arguably have fewer undetectable vulnerabilities, but are more tedious to deal with. It is unclear whether electronic voting machines will continue to be used in future or not, but serious changes need to be made before they become even remotely secure. In addition, companies like Diebold/Premier rely on their reputations, and they must earn and maintain the trust of the public in order to be successful.

Youtube video of a homemade key opening the lock on a Diebold electronic voting machine:


Filed under: Current Events,Integrity,Physical Security3 Comments »

Just for fun

By jessicaf at 1:40 pm on Comments Off on Just for fun

I came across this on xkcd.com.  Thought you all might enjoy it!

Exploits of a Mom

For more fun, check out  http://xkcd.com/341/ and read through  http://xkcd.com/345/.

Filed under: MiscellaneousComments Off on Just for fun

New York’s Total Snoop Grid Moving Forward

By imv at 12:22 am on | 2 Comments


The article describes the “mission creep” going on in our war on terrorism. While the purported reason for installing thousands of cameras in Manhattan is to protect us from terrorism, Manhattan seems an odd place to be spending to prevent terrorism. The cameras and license-plate readers will inevitably be used by government agencies on our own citizens, as has already been proven with the misuse of powers granted to federal agencies under the Patriot Act (the Pentagon snooped on peaceful protesters, students, and Quakers in the antiwar movement). This basically sums it up: “the electronic panopticon is not about terrorists or car thieves, it is about fine granularity surveillance of the population at large.”

Another facet of this mission creep is the Threat and Local Observation Notice (TALON) database, currently being used to disperse information between federal agencies. Though TALON’s stated goal is to fuse data regarding domestic terrorism, the criteria for what may be included are overly broad, namely “non-specific threats” and “suspicious activity”.

As if you didn’t already know, we’re on our way to becoming a police state…

Filed under: Current Events,Privacy2 Comments »