Well, this is just fantastic. Following the claims that there's no real problems with e-voting machines, almost immediately followed by reports of massive fraud with e-voting machines in Brazil, Alex Halderman is pointing out that Diebold, in their infinite wisdom, are making it ridiculously easy to break into their machines. Halderman was a part of the team that showed that Diebold's locks on their e-voting machines used a default key that was common to many hotel minibars and could be found easily in many places. However, the researchers who noted this were still careful never to show the actual key, preferring not to help anyone who seriously intended on breaking into the machines. Diebold, on the other hand, isn't so careful. The company, that has continually played down reports of security flaws is apparently selling the very key you need to break into their boxes on their online site... with a picture of the key. You need to be a Diebold account holder to buy it, but anyone can look at the key and then figure out how to make their own copy -- and, in fact, that's exactly what someone did. He used the picture to cut his own keys and sent the keys to Halderman, who found that two of the three keys opened the Diebold locks with ease. The guy who discovered this notified Diebold a month ago, but Diebold did not respond and has not removed the image of the key from their website.
Electronic voting machines count about 87% of the votes cast in America today. But are they reliable? Are they safe from tampering? From a current congressional hearing to persistent media reports that suggest misuse of data and even outright fraud, concerns over the integrity of electronic voting are growing by the day. And if the voting process is not secure, neither is America's democracy. The timely, cautionary documentary HACKING DEMOCRACY exposes gaping holes in the security of America's electronic voting system.
In the 2000 presidential election, an electronic voting machine recorded minus 16,022 votes for Al Gore in Volusia County, Fla. While fraud was never proven, the faulty tally alerted computer scientists, politicians and everyday citizens to the very real possibility of computer hacking during elections.
In 2002, Seattle grandmother and writer Bev Harris asked officials in her county why they had acquired electronic touch screen systems for their elections. Unsatisfied with their explanation, she set out to learn about electronic voting machines on her own. In the course of her research, which unearthed hundreds of reported incidents of mishandled voting information, Harris stumbled across an "online library" of the Diebold Corporation, discovering a treasure trove of information about the inner-workings of the company's voting system.
Harris brought this proprietary "secret" information to computer security expert Dr. Avi Rubin of Johns Hopkins University, who determined that the software lacked the necessary security features to prevent tampering. Her subsequent investigation took her from the trash cans of Texas to the secretary of state of California and finally to Florida, where a "mini-election" to test the vulnerability of the memory cards used in electronic voting produced alarming results.
As the scope of her mission grew, Harris drew on the expertise of other computer- science experts, politicians and activists, among them: Andy Stephenson, candidate for secretary of state in Washington state; Susan Bernecker, Republican candidate in New Orleans; Kathleen Wynne, an activist from Cleveland; Dr. Herbert Thompson, chief security strategist, Security Innovation, Inc.; Ion Sancho, supervisor of elections for Leon County, Fla.; and Harri Hursti, a computer-security analyst. Academics, public officials and others seen in interview footage include: Deanie Lowe, supervisor of elections, Volusia County, Fla.; Mark Radke, marketing director of Diebold; David Cobb, presidential candidate, Green Party; and Rep. Stephanie Tubbs-Jones of Ohio.
Diebold software, or other software like it, is installed in thousands of counties across 32 states. David Dill, professor of computer science at Stanford, says the problem is that there are "lots of people involved in writing the software, and lots of people who could have touched the software before it went into that machine. If one of those people put something malicious in the software and it's distributed to all the machines, then that one person could be responsible for changing tens of thousands of votes, maybe even hundreds of thousands, across the country."
In Florida, Leon County supervisor of elections Ion Sancho presided over a trial "mini-election" to see if the vote could be hacked without being detected. Before votes were actually cast, computer analyst Harri Hursti "stuffed the ballot box" by entering votes on the computer's memory card. Then, after votes were cast, the results displayed when the same memory card was entered in the central tabulating program indicated that fraud was indeed possible. In other words, by accessing a memory card before an election, someone could change the results - a claim Diebold had denied was possible.
Ultimately, Bev Harris' research proved that the top-secret computerized systems counting the votes in America's public elections are not only fallible, but also vulnerable to undetectable hacking, from local school board contests to the presidential race. With the electronic voting machines of three companies - Diebold, ES&S and Sequoia - collectively responsible for around 80 percent of America's votes today, the stakes for democracy are high.
See http://www.hbo.com/docs/programs/hackingdemocracy/index.html
