Computerworld - Looking to quell fears about the potential for vote tampering with electronic voting machines, the state of California is sponsoring a hacking test of an optical scan voting device from Diebold Election Systems.
The initial hacking was slated to be held yesterday but was postponed, said Jim March, an investigator at Black Box Voting Inc., a Renton, Wash.-based nonprofit voter advocacy group. His organization has been prodding California Secretary of State Bruce McPherson's office to test Diebold's AccuVote optical scan gear for alleged vulnerabilities.
The move comes amid recurring concerns that e-voting gear, including optical scan and touch-screen voting machines, are vulnerable to intrusion or rigging. In this case, March claimed that a vulnerability in the memory card in the Diebold optical scan machine could allow a hacker to replace code and "doctor the results."
Black Box Voting had planned to provide a hacker for yesterday's demonstration, a Finland-based security expert and "uber-geek" named Harri Hursti, March said. Working with Black Box Voting, Hursti last May successfully hacked a Diebold machine in Leon County, Fla. (download PDF).
A spokeswoman for the California secretary of state said that McPherson decided to sponsor the security test because of the Florida experiment. She also said the exact protocols and logistical details to be used in the hacking attempt are still being finalized with Hursti. The testing would involve the random selection of an AccuVote machine currently in use in one of California's voting precincts. No new date for the hacking attempt has been set, but California officials said they hope to conduct it by year's end.
McKinney, Texas-based Diebold denied that its optical scan gear is vulnerable and said it will work with McPherson on the upcoming hacking attempt. A Diebold spokesman also called the Leon County, Fla., hacking invalid. "We weren't ever aware of it," David Bear said. "The election official bringing [Hursti and Black Box] in gave them complete and unfettered access and the passcode." In a real election, doing so is bad policy and something elections officials would not allow to happen, he said. Bear also said that security procedures during elections extend beyond the safety of the equipment.
"If I gave you the keys to my house and told you when I was out, you would have a good chance to get in," Bear said. He also noted that the optical scan machine records the actual vote in a memory card and on paper ballots that are audited during the mandatory canvassing period to guarantee the integrity of the results.
On another front, Diebold's status as a provider of e-voting equipment in North Carolina was in limbo earlier this week after a judge denied the company's request for protection from the state's election transparency laws.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
