If your state is planning to use one of the Diebold machines in an upcoming election, you should be concerned. Apparently, these things are really easy to compromise. Just about anyone with physical access to one of these machines can install malicious rootkit or patch. And the worst part is that there is no reliable way to find if a given machine has been compromised.
Am I surprised? Hell no! I knew this is going to happen. Putting the OS in a read-write memory in a voting machine is total idiocy. The systems software for those machines should be contained on a ROM chip that cannot be flashed or updated. Anything that can be patched “on the spot” can be potentially tampered with.
Hell, most of this stuff should be mechanical, not electronic. Touch screens are nice, but hard-wired buttons are more robust and easier to account for. And there should always be a hard copy log of the vote generated on the spot via punch holes, printing and etc… In effect, you should have a dual system – one completely mechanical that would react to a button push, and punch a card or something, and another that would count votes electronically.
Sigh… I still can’t understand how can we even allow voting machines to run on proprietary software. Who is checking diebold’s code? Are those people the same governmental specialists who do research for software patents? Because we know how effective those guys are…
This is yet another reason to drop Diebold, and get someone to develop a more reliable, hardware based, open source alternative. Why there is no governmental contract on an open source voting project? We spend bazzilions on the war, and Iraq contracts, but we can’t spare some money to implement a reliable solution for electronic voting? WTF?
