Thursday, September 14, 2006


The Center of Information Technology Policy Department at Princeton recently conducted a study on the Diebold AccuVote-TS and its newer relative the AccuVote-TSx electronic voting machines.

The Department analyzed the machine's hardware and software, performed experiments on it, and considered whether real election practices would leave it suitably secure. It was found that the machine is vulnerable to a number of extremely serious attacks that undermine the accuracy and credibility of the vote counts it produces. The full study can be reviewed at:

The main findings of the study were:

(1) Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss. The Department constructed demonstration software that carries out this vote-stealing attack.

(2) Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.

(3) AccuVote-TS machines are susceptible to voting-machine viruses — computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre- and post-election activity. The Department constructed a demonstration virus that spreads in this way, installing its demonstration vote-stealing program on every machine it infects.

(4) While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.

No comments: