Calif.: All Vote Machines Tested Hackable

(AP)  Secretary of State Debra Bowen released the first part of her review of California's voting systems Friday, seven days before she must decide whether to decertify any of the systems for the presidential primary.

It found that computer experts were able to breach all the systems they studied and change the machines' results. But the experts did that under artificial conditions, with unimpeded access to the equipment, a situation that ordinarily would not occur.

Matt Bishop, a computer scientist at the University of California, Davis, who led the team, said the findings must be evaluated in light of the security systems that county election officials have in place before any conclusions can be reached about whether the machines are reliable.

Bowen, who has made electronic voting security the centerpiece of her administration, said she needed to spend the weekend reviewing the reports before commenting on them.

"I am still in analysis mode," she said during a conference call with reporters, "and do not have any conclusion based on reports I have not read."

The review has been rushed because of the earlier-than-ever primary on Feb. 5. It did not include voting systems used in Los Angeles, San Francisco and Contra Costa counties.

Bowen said that was because the company that makes the machines, Election Systems & Software, had refused to give her the information she needed in time. A company spokesman said they delayed because they wanted more information about how the review would be conducted.

By law, Bowen must let counties know six months before the election that she is going to decertify their equipment. That means she must decide by Aug. 3, too soon to complete reviews of Election Systems & Software's equipment.

Instead, a spokeswoman for Bowen said she could subject that equipment to higher standards.

County elections officials see Bowen's "top-to-bottom review" as unnecessary. They say their equipment already meets federal standards and was approved by Bowen's predecessor, Bruce McPherson.

Steve Weir, president of the state association of registrars, said it was not news that voting systems could be breached under ideal conditions.

"They were given permission to get into the systems," he said. "It's not a real world test."

Experts examined systems built by Diebold Election Systems, Hart InterCivic and Sequoia Voting Systems.

One team tried to breach the machines' security. Another tested to see how accessible they were for voters with disabilities. A third group looked at the source code used in the machines. That report was withheld Friday because of concerns that it might contain proprietary information.

Among the findings:

The physical security was weak (Testers were able to access the internals of Sequoia's machines by unscrewing screws to bypass locks, and compromise Diebold's AccuVote TSx machine without prompting reminders to voters to check their printed records).

Software was overwritable with malicious code (Testers could load a program into a machine's memory which, at the next reboot, loaded malicious firmware, at which point an attacker could manipulate the election results, with no access to source code required; attacks on Diebold's machines allowed testers to overwrite firmware, which could change vote totals, and escalate privileges from those of a voter to a poll worker or central count administrator, enabling them to reset an election, issue unauthorized voter cards, and close polls; testers overwrote Hart's eScan software and issued administrative commands.)

• 1
• 2
• Next Page »

[gunownerdan]

Not only are we forced to vote for either a dirty democrat or a rotten republican, the stupid voting machines are easily hackable or secretly programmed.
The next president will be whoever big-money wants and most Americans couldn't care less.

"Today we need a nation of minute men; citizens who are not only prepared to take up arms, but citizens who regard the preservation of freedom as a basic purpose of their daily life and who are willing to consciously work and sacrifice for that freedom.
The cause of liberty, the cause of American, cannot succeed with any lesser effort."
- President John F. Kennedy, January 29, 1961

[venkata4--2008]

"Two brothers, Bob and Todd Urosevich became executives in the two biggest voting system companies in the US. Bob Urosevich ran Diebold Election Systems --
Imagine a candidate getting an extra 3893 votes in just 1% of the precincts nationwide. Is it coincidence that the machines that gave bush the 3893 extra votes were by Diebold, whose CEO Walden O'Dell had promised to deliver Ohio's electoral votes for Bush?
Posted by firststate at 09:55 PM : Jul 30, 2007"

That is exactly the point. Now these machines are qualified to be put 2008 November elections. Good job Diebold & 2008 is to be delivered .

[firststate]

BobEBenson missed the point. When you consider the problems the machines have had and then you add in the potential for hacking and tampering, you can't KNOW that Gore actually lost in any state. Diebold awarded 3,893 bonus votes for bush in one Ohio precinct. If that happened in just 100 precincts out of the thousands in each state, that would be 389,300 bonus bush votes per state. That number is greater than bush's margin of victory in most of the states he's supposed to have carried. Did that happen? Probably not, but the point is we don't KNOW.

[bobebenson]

Hey folks, none of this would be a problem if Al Gore hadn't lost in his OWN STATE in 2000. If he would have carried his own state, Florida wouldn't have made any difference.

[firststate]

Two brothers, Bob and Todd Urosevich became executives in the two biggest voting system companies in the US. Bob Urosevich ran Diebold Election Systems, while his brother Todd is an executive at Election Systems & Software ES&S. Between them, the two brothers' companies account for 80% of the votes in the US.

There are noteworthy errors. In 2004, Franklin Co., Ohio Bush got 3893 extra votes from nowhere, Bush 4258 to Kerry 260, with 638 total votes in that precinct. In Florida, a machine allowed only 32,000 votes, after it hit 32,000 it started counting backward. In North Carolina 4,500 votes were lost after there was simply no more hard disk space available. According to USA Today, more than 20% of the machines tested failed to accurately record votes. These are problems with the machines, before any hacking or tampering.

Imagine a candidate getting an extra 3893 votes in just 1% of the precincts nationwide. Is it coincidence that the machines that gave bush the 3893 extra votes were by Diebold, whose CEO Walden O'Dell had promised to deliver Ohio's electoral votes for Bush?

[keithle1]

As if a 100% hacker-proof voting machine could be made. Ah well. Back to the chads. "Greg, do you agree with me? Does it look like this person intended to vote for the American Communist Party?"

[gunownerdan]

Not only can electronic voting machines be easily hacked, they can also be secretly programmed.
Of course the government will try hard to keep you thinking your vote actually counts.....

[infidel_us]

and then the supreme court that was horrible. We cannot have that again.
Posted by starleo146 at 01:56 PM : Jul 30, 2007

We won't. We now have Stevens and Roberts! :) It went from 5-4 leaning left to 5-4 leaning right. nice of you to blame the lefties for siding with Bush! LOL

[infidel_us]

Ok, if a Republican wins in CA, we'll KNOW they were hacked! :)

[homespunlady]

There's been all sorts of games and finagling with the elections. This country has PROVEN that even IRAQ has a BETTER ELECTION PROCESS!!
Ironic really. America has INSISTED that there be POLL WATCHERS in third world elections.
There were some poll watchers in 2006 and guess what - they found some really interesting irregularities that they'd probably not even find in those third world countries. Nothing like America showing the world CORRUPTION rather than Democracy.