Friday, October 03, 2003

voting machines

Bruce Schneier’s lates CryptoGram had a reference to an interesting article about voting systems. Systems in active use in the US seem to be substantially flawed in a security sense. According to the article it’s relatively easy for an attacker to shutdown elections early, and even modify voting results on the machines. Also contifuration settings of the machine might be altered. This way a voter selecting Candidate A can result in the system wrintg a vote on Candidate B into the vote log (MS Excel equivalent of reordering Column B with candidate names while not selecting Colum A with their ID’s). It is *realy* worrisome that voting machines like this are actually in real use. I can only think of software instructing some hospital’s Intensive Care facilities, or a nuclear plant, of being more essential than a voting machine. And I can asure you the aforementioned software works a lot better,. At least it won’t be flawed as the software described in the specific article.
Reading about these machines, I wondered how the systems work we have here in the Netherlands. The’re other systems definetely, as the’re not working with smart card in the first place. As a voter you are presented a big plate of buttons which you’ll have to push to make your choice. This is not a real touchscreen however, but still your vote must be saved on some persistent memory. However, how the results are sent to the central computer I don’t know. Let’s hope at least they dial in directly to it, so the data is sent over a private line instead of the internet. Only now time is lacking me to do some more Googling into this matter