[ISN] Hacking of voting machines put on hold

From: InfoSec News (isn@private)
Date: Tue Nov 29 2005 - 22:29:29 PST


http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2005/11/29/BAG8TFVC2M1.DTL

Chronicle Staff Report
November 29, 2005

Sacramento -- A state-sanctioned attempt at hacking one brand of
electronic voting machines will not occur Wednesday, Secretary of
State Bruce McPherson said Monday at what's billed as the nation's
first summit on voting machine testing.

The hacker, a computer security expert from Finland, needs more time
to prepare before trying to show that the latest voting machine model
made by Diebold Election Systems is vulnerable to attacks by hackers.

"We have imposed the strictest voting system tests in the country. We
think this should be part of it too," McPherson said about the
attempted hack.

California and its 58 local election officials face a Jan. 1 deadline
to comply with requirements imposed by the federal Help America Vote
Act of 2002.

Among them is creation of a statewide database of voters and allowing
disabled persons to vote unaided. The state requires all electronic
voting machines have a paper-ballot backup to record votes for the
June 2006 primary.

Diebold's new voting machine system had its certification for use
yanked in May 2004 by then Secretary of State Kevin Shelley. It has
failed to win it back.

Last May, Harri Hursti, a computer security expert from Finland who
has been asked by Secretary of State Bruce McPherson to attempt to
infiltrate one of the voting machines made by Diebold, successfully
hacked a Diebold voting machine in Florida, changed election results
and inserted a new program that flashed the message "Are we having fun
yet?" on the machine's screen.

The 1 1/2 day summit, with representatives of 23 states and 18 local
California election officials among its attendees, is designed to help
the state create the best approach to testing voting machines for
reliability and accuracy.

A public hearing is scheduled for February to synthesize the summit's
results.



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Tue Nov 29 2005 - 22:55:36 PST