Difference between revisions of "Premier Election Solutions"
m (Text replacement - "|twitter= " to "") |
(→2003: copy Diebold Princeton analysis over here) |
||
| Line 15: | Line 15: | ||
==Leaks== | ==Leaks== | ||
===2003=== | ===2003=== | ||
| − | Sometime in the spring of 2003 an unknown hacker broke into Diebold computers and obtained a large portion of their email archives, which was posted online. The source code to their voting machines was also leaked. Researchers at [[Johns Hopkins University]] and [[Rice University]] published a damning critique of the products, based on an analysis of the software. They stated that it would be easy to program a counterfeit voting card to work with the machines and then use it to cast multiple votes inside the voting booth. | + | Sometime in the spring of [[2003]] an unknown hacker broke into Diebold computers and obtained a large portion of their email archives, which was posted online. The source code to their voting machines was also leaked. Researchers at [[Johns Hopkins University]] and [[Rice University]] published a damning critique of the products, based on an analysis of the [[software]]. They stated that it would be easy to program a counterfeit voting card to work with the machines and then use it to cast multiple votes inside the voting booth. |
| + | |||
| + | ==== Diebold Princeton analysis ==== | ||
| + | {{QB| | ||
| + | Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss. We have constructed demonstration software that carries out this vote-stealing attack. Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines. AccuVote-TS machines are susceptible to voting-machine viruses and computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre and post-election activity. We have constructed a demonstration virus that spreads in this way, installing our demonstration vote-stealing program on every machine it infects. While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.<ref>http://web.archive.org/web/20200906145401/https://jhalderm.com/pub/papers/diebold-ttbr07.pdf</ref><ref>https://www.princeton.edu/news/2006/09/13/researchers-reveal-extremely-serious-vulnerabilities-e-voting-machines</ref><ref>https://citp.princeton.edu/our-work/voting/videos/</ref> | ||
| + | }} | ||
| + | |||
===2006=== | ===2006=== | ||
Another leak occurred in 2006.<ref>https://www.computerworld.com/article/2547648/security0/diebold-source-code-leaked-again.html</ref> | Another leak occurred in 2006.<ref>https://www.computerworld.com/article/2547648/security0/diebold-source-code-leaked-again.html</ref> | ||
Revision as of 21:46, 10 November 2024
 Premier Election Solutions(Company)    | |
|---|---|
| Interest of | Athan Gibbs |
Diebold Election Solutions was renamed Premier Election Solutions, after multiple leaks and charges that their voting software was insecure.
Leaks
2003
Sometime in the spring of 2003 an unknown hacker broke into Diebold computers and obtained a large portion of their email archives, which was posted online. The source code to their voting machines was also leaked. Researchers at Johns Hopkins University and Rice University published a damning critique of the products, based on an analysis of the software. They stated that it would be easy to program a counterfeit voting card to work with the machines and then use it to cast multiple votes inside the voting booth.
Diebold Princeton analysis
Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss. We have constructed demonstration software that carries out this vote-stealing attack. Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines. AccuVote-TS machines are susceptible to voting-machine viruses and computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre and post-election activity. We have constructed a demonstration virus that spreads in this way, installing our demonstration vote-stealing program on every machine it infects. While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.[1][2][3]
2006
Another leak occurred in 2006.[4]
References
- ↑ http://web.archive.org/web/20200906145401/https://jhalderm.com/pub/papers/diebold-ttbr07.pdf
- ↑ https://www.princeton.edu/news/2006/09/13/researchers-reveal-extremely-serious-vulnerabilities-e-voting-machines
- ↑ https://citp.princeton.edu/our-work/voting/videos/
- ↑ https://www.computerworld.com/article/2547648/security0/diebold-source-code-leaked-again.html
