December 7th, 2004, 03:58 AM
electronic voting fraud?
In a sworn affidavit (pdf file) Monday, a former programmer for a NASA contractor said that he developed a vote-rigging prototype at the request of a then-Florida state representative who is now a member of the U.S. House of Representatives.
While working for Yang Enterprises in Florida, the 46-year-old programmer says he was instructed by then-Republican state representative Tom Feeney to “develop a prototype of a voting program that could alter the vote tabulation in the election and be undetectable.”
This is definately something I think everyone and espeically people here on AO need to be aware of. Its especially funny to notice that the programmer claimed he was intially told that the reasons for being assinged the task was to prevent democrats from abusing the new electronic voting systems...but later he realizes its a double-sided knife and rolls over to authorities. Does anyone actually buy that load of crap, or pick the more sensible notion that he got screwed out of a payoff so he went public and tried to remain the innocent middle-man? Chalk one more up for Open Source.
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
December 7th, 2004, 04:57 AM
I have heard something about this, there is a small little article in Exploiting Software about the implications of voting machine software, and it's security or Lack-there-of.
The most interesting thing, is that besides having someone go through and check the code, there is not really much that can be done to check. The next problem that comes up, is that companies that make these products, are very secretive about their code. The algos they use, are really really under tight watch.
So if you even wanted to check the code, it would take an act of congress to get the companies to release the code to be read.
December 7th, 2004, 10:52 AM
Either that or a rooting of a dev machine
You can still perform black-box testing on it, sure it's not as reflective of security as white-box testing but one can assume that a malicious attacker only has access to the finite version of the software. I'm not sure however if there's a public version of the software anywhere that could even be subjected to black-box testing...
December 7th, 2004, 04:37 PM
Somehow I'm not surprised that no sooner than computerized voting technology became more widely used that someone would seek to exploit the system...
Let's look at radar detectors for a close analogy -
Cops get improved radar so they can nail more speeders.
Speeders get improved radar detectors *from the same companies that make the radar units* to beat them.
Cops have to spend still more $$ to get laser.
Speeders get laser detectors added into their radar detectors for more $$. Again, the same companies that make the radar units are responsible.
It's all about the money - we look at the cost of developing the ruddy computerized voting system in the first place, then how much will have to be spent fixing the exploit....then how much more will have to be spent fixing the new exploit, etc ad nauseum. The fact that a Congressman started all this is just a byproduct - anyone could have and eventually would have done it. I'm curious if this very same congressman holds a chunk of stock in the development firm?
Even a broken watch is correct twice a day.
Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!
December 7th, 2004, 07:23 PM
I think the system would work better, if the voters are still given a reciept that would be the ultimate authority in the case of a disputed vote. Electronic votes might be altered, but as long as there is a paper trail to back everything up, then the system can work.
Total electronic voting.......it'll never work unless everyone trusts the source of the code, the code is open to scrutiny and persons that have no political motivations can oversee the election.