UC Davis Concludes E-Voting Systems Hackable

• By Paul McCloskey
• 08/10/07

A report by the University of California, Davis has found three electronic voting machines being considered for California state polling are susceptible to both physical and electronic tampering from tools ranging from screw drivers to Trojan horse programs.

The study was commissioned by the state of California to check the integrity of three brands of electronic voting devices.

The report, written by University of California investigator Matt Bishop, concluded that the biggest threat was that a Trojan horse or other malicious software could overwrite the systems' firmware. In all three systems, UC testers were able to accomplish this.

Bishop also said the Windows operating system, the underlying software used by all three systems, was vulnerable.
 
"As Windows is known to be vulnerable to many forms of attack," Bishop wrote, "vendors should ensure that the underlying Windows system is locked down sufficiently to counter these threats. If an attacker can gain privileged access to the underlying operating system, they can control the election management system."

In response to the report, California Secretary of State Debra Bowman decertified electronic voting machines made by the industry's biggest vendors, including Diebold Election Systems, Sequoia Voting Systems, Hart InterCivic, and
Election Systems and Software, unless new measures are implemented to safeguard against abuse.

Read More:

• Reports on Voting Systems