I haven’t covered it here at Iowavoters because it didn’t look like an Iowa story, but now it is. This week computer scientists at Princeton University released a paper and a video on how to hack a Diebold touchscreen vote manipulating device, the TS. In Iowa we have the successor model, the TSx.
This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates.
On Wednesday Diebold responded:
“By any standard - academic or common sense - the study is unrealistic and inaccurate.”
Today University of Iowa computer scientist and voting machine expert Doug Jones rebutted Diebold:
Diebold owes the public a list of the third party security analyses that have found their system to be secure. None of the analyses I’m aware of drew positive conclusions.
All three of the above links go to short documents. You really can afford to follow all three if you are interested.