Artifact One

Tadayoshi Kohno, Adam Stubblefield, and Aviel D. Rubin members of the Johns Hopkins University Information Security Institute and Dan S. Wallach Department of Computer Science of Rice University were the ones behind the document "Analysis of an Electronic Voting System."

http://www.eff.org/Activism/E-voting/20030724_evote_research_report.pdf was where I found this document. After reading the first page of this document I found out some really interesting facts. They mentioned how in 2003 Maryland payed 55.6 million dollars for touch screen voting systems. After our current 2006 elections it would be hard to believe many Marylanders don't know how unreliable those systems were. People wait outside during peak voting hours for as much as two hours at a time leaving family, children and jobs behind. After those two hours they finally got in the building (if they had the will power to stay outside for that long.) They still had still had to wonder if their vote was counted.

Under section 2, they have in this document, they have exactly how the Diebold DRE voting machine works. Including how at the end of the polling period how the administrator of the voting area goes about retrieving the results. Even as a non-voter (because of my age) I have still had experience with how unreliable the system is. At 12 noon I was outside the polling area, helping the candidates I was supporting by campaigning. At exactly noon, one of the other people who was standing outside campaigning for votes when into the building removing all support stickers from her clothing went into the building. She was hired to go in and collect the mid-day results. She came back to where we were all standing and talking and enjoying some hot chocolate and coffee and told us the results. She told us that a 16 point difference between the number of voters who signed in and the number of votes cast. You can imagine our surprise.


"In order to use (or create) an administrator card, the attacker must know the PIN associated (or to be associated) with the card. Because the system’s use of smartcards was poorly designed, an adversary could easily learn the necessary information, thereby circumventing any security the PIN might have offered." This quote was taken directly from the file itself explaining a major gap in the voting system and how anyone with enough information, know how or patience could hack into the system and change anything they want to the votes that are cast.

This artifact is so full of information I could have come up with pages and pages, unfortantly I am in a time crunch so I was not able to dive into this information further. Please expect to see more information out of this group breaking document in my next post.