This is a prime example of security not being given proper attention during the design / implementation phases…in my opinion. The Open Voting Foundation took apart a Diebold electronic voting machine and documented this with pictures. During their analysis they found that flicking a switch inside the device would allow it to boot from an external flash instead of the internal EEPROM.
I am at a loss for words. This should give serious pause to anyone looking to roll out eVoting initiatives without some standards or oversight for these machines. Maybe there is such a standard but I am not aware of it. I am not saying that eVoting machines should be subject to some new FIPS standard…wait…maybe that wouldn’t be such a bad idea. What is worse, another layer of bureaucracy in the voting process or the real possibility of widespread voting fraud?
I don’t know…
–Chris
Technorati Tags: evoting, Diebold, Open Voting Foundation, flaw
Leave a Reply