Integrity Vulnerabilities in the Diebold TSX Voting Terminal
نویسندگان
چکیده
This report presents certain integrity vulnerabilities in the Diebold AV-TSx Voting Terminal1. We present two attacks based on these vulnerabilities: one attack swaps the votes of two candidates and another erases the name of one candidate from the slate. These attacks do not require the modification of the operating system of the voting terminal (as it was the case in a number of previous attacks). These attacks against the voting terminal can be launched in a matter of minutes and require only a computer with the capability to mount a PCMCIA card file system (a default capability in current operating systems). The security problems are present in the system despite the fact that a cryptographic integrity check appears to be employed in the voting system’s memory card. The attacks presented in this report were discovered through direct experimentation with the voting terminal and without access to any internal documentation or the source code from the manufacturer.
منابع مشابه
Diebold TSx Evaluation SECURITY ALERT : May 11 , 2006 Critical Security Issues with Diebold TSx
Executive Summary Due to the nature of this report it is distributed in two different versions. Details of the attack are only in the restricted distribution version considered to be confidential. This document describes several security issues with the Diebold electronic voting terminals TSx and TS6. These touch-pad terminals are widely used in US and Canadian elections and are among the most ...
متن کاملSource Code Review of the Diebold Voting System
to the California Secretary of State as part of a " Top-to-Bottom " review of electronic voting systems certified for use in the State of California. Executive Summary This report is a security analysis of the Diebold voting system, which consists primarily of the AccuVote-TSX (AV-TSX) DRE, the AccuVote-OS (AV-OS) optical scanner, and the GEMS election management system. It is based on a study ...
متن کاملAn Authentication and Ballot Layout Attack Against an Optical Scan Voting Terminal
Recently, two e-voting technologies have been introduced and used extensively in election procedures: direct recording electronic (DRE) systems and optical scanners. The latter are typically deemed safer as many recent security reports have discovered substantial vulnerabilities in a variety of DRE systems. In this paper we present an attack against the Diebold Accuvote optical scan voting term...
متن کاملSystemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST∗
In response to growing concern about the security and integrity of elections in the state of Ohio, Secretary of State Jennifer Brunner set in motion a comprehensive study of the electronic voting equipment used throughout the state. Known as Project EVEREST (Evaluation and Validation of Election Related Equipment, Standards and Testing), this study attempted to assess the risks associated with ...
متن کاملSecurity Assessment of the Diebold Optical Scan Voting Terminal
We present an independent security evaluation of the AccuVote Optical Scan voting terminal (AV-OS). We identify a number of new vulnerabilities of this system which, if exploited maliciously, can invalidate the results of an election process utilizing the terminal. Furthermore, based on our findings an AV-OS can be compromised with off-the-shelf equipment in a matter of minutes even if the mach...
متن کامل