Featured Research

from universities, journals, and other organizations

Researchers Reveal 'Extremely Serious' Vulnerabilities In E-voting Machines

Date:
September 14, 2006
Source:
Princeton University
Summary:
A group of Princeton computer scientists say they have created demonstration vote-stealing software that can be installed within a minute on a common electronic voting machine. The software can fraudulently change vote counts without being detected.

Edward Felten (center), director of the Center for Information Technology Policy, has coauthored a paper with graduate students Ariel Feldman (left) and Alex Halderman on a demonstration vote-stealing software that highlights security vulnerabilities in electronic voting machines.
Credit: John Jameson, Princeton University

In a paper published on the Web this week, a group of Princeton computer scientists said they created demonstration vote-stealing software that can be installed within a minute on a common electronic voting machine. The software can fraudulently change vote counts without being detected.

"We have created and analyzed the code in the spirit of helping to guide public officials so that they can make wise decisions about how to secure elections," said Edward Felten, the director of the Center for Information Technology Policy, a new center at Princeton University that addresses crucial issues at the intersection of society and computer technology.

The paper appears on the Web site for the Center for Information Technology Policy.

The researchers obtained the machine, a Diebold AccuVote-TS, from a private party in May. They spent the summer analyzing the machine and developing the vote-stealing demonstration.

"We found that the machine is vulnerable to a number of extremely serious attacks that undermine the accuracy and credibility of the vote counts it produces," wrote Felten and his co-authors, graduate students Ariel Feldman and Alex Halderman.

In a 10-minute video on their Web site, the researchers demonstrate how the vote-stealing software works. The video shows the software sabotaging a mock presidential election between George Washington and Benedict Arnold. Arnold is reported as the winner even though Washington gets more votes. (The video is edited from a longer continuously shot video; the long single-shot version will be available for downloading from the center's site as well.)

The researchers also demonstrate how the machines "are susceptible to computer viruses that can spread themselves automatically and invisibly from machine to machine during normal pre- and post-election activity."

Felten said that policy-makers should be concerned about malicious software infecting the Diebold AccuVote-TS and machines like it, from Diebold and other companies. "We studied these machines because they were available to us," the researchers wrote in their Web posting. "If we had gotten access to another kind of machine, we probably would have studied it instead."

Felten said, "There is reason for concern about other machines as well, even though our paper doesn't directly evaluate them. Jurisdictions using these machines should think seriously about finding a backup system in time for the November elections."

Felten, a professor of computer science and public affairs who is known for his groundbreaking work in computer security, said that some of the problems discussed in the paper cannot be fixed without completely redesigning the machine.

Other problems can be fixed by addressing software or electronic procedures. "But time is short before the next election," he said.

According to the researchers' paper, the Diebold machine they examined and another newer version are scheduled to be used in 357 U.S. counties representing nearly 10 percent of all registered voters. About half those counties, including all Maryland and Georgia, will use the exact machine examined by Felten's group.

Felten said that, out of security concerns, the Diebold machine infected with the vote-stealing software has been kept under lock and key in a secret location.

"Unfortunately election fraud has a rich history from ballot stuffing to dead people voting," he said. "We want to make sure this doesn't fall into the wrong hands. We also want to make sure that policy-makers stay a step ahead of those who might create similar software with ill intent."

Princeton's Center for Information Technology Policy includes members from diverse departments, including computer science, economics, electrical engineering, operations research and financial engineering, sociology and the Woodrow Wilson School of Public and International Affairs.


Story Source:

The above story is based on materials provided by Princeton University. Note: Materials may be edited for content and length.


Cite This Page:

Princeton University. "Researchers Reveal 'Extremely Serious' Vulnerabilities In E-voting Machines." ScienceDaily. ScienceDaily, 14 September 2006. <www.sciencedaily.com/releases/2006/09/060913190951.htm>.
Princeton University. (2006, September 14). Researchers Reveal 'Extremely Serious' Vulnerabilities In E-voting Machines. ScienceDaily. Retrieved September 21, 2014 from www.sciencedaily.com/releases/2006/09/060913190951.htm
Princeton University. "Researchers Reveal 'Extremely Serious' Vulnerabilities In E-voting Machines." ScienceDaily. www.sciencedaily.com/releases/2006/09/060913190951.htm (accessed September 21, 2014).

Share This



More Computers & Math News

Sunday, September 21, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

What This MIT Sensor Could Mean For The Future Of Robotics

What This MIT Sensor Could Mean For The Future Of Robotics

Newsy (Sep. 20, 2014) MIT researchers developed a light-based sensor that gives robots 100 times the sensitivity of a human finger, allowing for "unprecedented dexterity." Video provided by Newsy
Powered by NewsLook.com
How To Protect Your Data In The Still-Vulnerable iOS 8

How To Protect Your Data In The Still-Vulnerable iOS 8

Newsy (Sep. 20, 2014) One security researcher says despite Apple's efforts to increase security in iOS 8, it's still vulnerable to law enforcement data-transfer techniques. Video provided by Newsy
Powered by NewsLook.com
How Much Privacy Protection Will Google's Android L Provide?

How Much Privacy Protection Will Google's Android L Provide?

Newsy (Sep. 19, 2014) Google's local encryption will make it harder for law enforcement or malicious actors to access the contents of devices running Android L. Video provided by Newsy
Powered by NewsLook.com
Virtual Reality Headsets Unveiled at Tokyo Game Show

Virtual Reality Headsets Unveiled at Tokyo Game Show

AFP (Sep. 18, 2014) Several companies unveiled virtual reality headsets at the Tokyo Game Show, Asia's largest digital entertainment exhibition. Duration: 00:48 Video provided by AFP
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins