Well, I voted today. A few impressions.

[ My feelings echo Tom's somewhat. I think the most dangerous aspect of these machines is the certification process, pre-election access to the devices, malicious or shitty code, and hardware failure.

If you could pull smartcard shenanigans, as Decius says, it'd be all over... no one pays attention once you walk up there and pop in the card. I did notice that the cards were yellow today, but were white the last time i voted. Perhaps you'd need to take the step to match the color if you were gonna swap.

The machines plainly indicate how many votes it's taken for the day. When i went at about 10 am, my machine had already processed about 30 votes. That's only 10 an hour, so maybe each machine registers 100-250 votes... Even if somehow you could get 2 minutes per person average, you could only cram in 360 for the day. As Decius says, this substantially mitigates the effect of a single machine compromise... the election would have to very close.

I'm still not happy with these things, overall, but it could be worse. -k]

k wrote:
] [ My feelings echo Tom's somewhat. I think the most dangerous
] aspect of these machines is the certification process,
] pre-election access to the devices, malicious or shitty code,
] and hardware failure.

I'm also concerned about the use of the network to tabulate an "unofficial" count.

] Perhaps you'd
] need to take the step to match the color if you were gonna
] swap.

Good observation, although I don't think they'd notice if the card that went in the machine was a different color. They'd notice if you walked away from the machines and handed then one that was different though. It mostly enforces their verification that you are registered to vote there.

] The machines plainly indicate how many votes it's taken for
] the day.

Oh! I forgot to mention. The person who gave me the smart card suggested that I "use one of the machines on the left because they haven't been used as much today." I thought that was an odd comment. Maybe the things only hold so many votes...

] Oh! I forgot to mention. The person who gave me the smart card
] suggested that I "use one of the machines on the left because
] they haven't been used as much today." I thought that was an
] odd comment. Maybe the things only hold so many votes...

Maybe he noticed you signed up on a democratic ticket ballot. I wouldn't trust someone telling me which machine to use. (Use this one, its broken and we know it.)

Like I said, I hate these things.

My concerns:
Its running on proprietary software so I worry more about a covert code section in a patch causing the vote to be skewed. This could happen at any computer or any place votes are tabulated - at any application or process level.

Touch screens need calibration sometimes. If calibration went off you might vote for someone that you didn't mean to.

At my polling place it would have been very easy to walk out with a card.

I know one of the ladies that 'certified' these machines. I had to clean up her machine because it was totally hacked. Backweb, subseven and msblaster.exe all on this machine with a serve-u ftp server tons of porn and she thought the cd-rom didn't work right.
That concerned me more than anything.

I did give her my 2 cents about the machines. Electronic voting. ICK.
-k.

Decius wrote:
] Well, I voted today. A few impressions.
]
] 1. There seemed to be a lot of polling locations around my
] apartment, and a lot of machines. No lines when I showed up
] (at 3). If you DOSed one machine I think it would have little
] effect on the outcome unless a race was very close.
]
] 2. You can't get access to the machines unless you are
] registered to vote in the district in question. This means
] that you would either have to attack your own district or you
] would need to be able to effectively fake the identity of
] someone in the district of choice while preventing them from
] showing up before or during your visit.
]
] 3. Old people can easily distract poll workers with stupid
] questions.
]
] 4. Swaping the smart cards would have been dead easy. If the
] system could be attacked with a bad smartcard, then you could
] get away with this, and you would have at least 10 minutes to
] play around on the console without drawing any attention.
]
] 5. You're not in an enclosed booth, so putting a sniffer
] inline between the smart card and the reader might get
] noticed. You'd have to be pretty slick to hide it. Maybe drop
] your copy of the league of women voter's guide on top of the
] reader once the card is inserted. Also, the card snaps into
] place in the reader. That mechanism might interfere with any
] custom hardware, but it depends.
]
] 6. The smart card reader is attached to the machine with a
] plainly visible rs232 cable. If you were really slick you
] might be able to place a device inline between the reader and
] the cable, but you might get noticed, and certainly such a
] device would be discovered later.
]
] 7. You could probably Van-Ek phreak polling places. I don't
] think anyone has discussed that. I was happy to see that in
] Georgia they enter you registration on a scantron form. In
] Tennessee they used a computer, which seemed to be network
] conected. I figured one might be able to associate votes with
] people because of that.
]
] 8. If Diebold could devise a way to make the machine start
] beeping in the event that one of the critical processes
] crashed or the administrative modes were accessed this would
] be a somewhat effective security mechanism. Any attack would
] depend on a lot of slight of hand under the noses of other
] people. Things that make loud noises tend to draw attention.
] Obviously this could never be fool proof.
]
] 9. The UI was nice. I had some trouble getting the touch
] screen to recognize some of my presses, but all in all it was
] a good voting experience.