September 19, 2004

While the votes are being tallied at the central computer, "inserting a very short (6-line) text file on any disk or CD, which self-executes" ... I dunno, I don't use Windows. Can this happen? "... 5. RISK MANAGEMENT FOR INSERTING VB SCRIPTS TO MANIPULATE ELECTION: ... manipulating the election with the GEMS central tabulator is easily achieved by inserting a very short (6-line) text file on any disk or CD, which self-executes upon placing the disk in the central server computer. The procedures I observed on 9/14/2004 (popping disks in and out of the server during the middle of the count, with very sloppy disk management) put this security risk at a high level for King County. ...."

I dunno. I feel like we're seeing a democracy bubble that's as illusory as the New Internet Economy, right now -- it all seems to work, and the skeptics sure aren't getting much press aside from the weblogs. Worries, anyone?

posted by hank 20 years ago
  • I see absolutely no upside to the deployment of these systems in the upcoming election. The security flaws are massive, systematic and apparent to all. If they are exploited then what is an already tremendously contentious election will become a madhouse. The US will risk serious internal strife, possibly lasting the course of the entire next presidency. If voting proceeds without problem (or without apparent problem, since it is so incredibly easy to manipulate the vote in these systems without getting caught), electronic voting proponents will use that as a lever for further deployment, with the attendent fraud being only inevitable and likely more widespread.
  • Yeah, I think the statement is alluding to something on the order of an "autorun.inf" It's weird how they can get ATM's right, but voting ends up being so difficult.
  • If a gentleman who works at a bank in Nigeria ends up getting several million votes, I am going to be very suspicious....
  • I have to give a lot of credit to those who are working to show the flaws in electronic voting. A few centuries from now, they'll surely be looked back upon as our age's selfless protectors of democratscracy. That is, if there is enough remaining freedom of speech for anyone to do the looking. b0b0b0b: when money is involved, you can be sure they'll get it right.
  • they're using ms access as their database. ms access is an application first, database second. like all the other ms applications- outlook, ie, word, etc- it's made to be easy to use and made to integrate with windows and the internet and the other applications through vbscripts, activex, etc. this compromises the security. look at all the visuses that only affect people using outlook or ie. that's how easy it is to manipulate the data in an access database. it's designed that way- these interfaces can actually be used to do useful things, which is why they're there. but in any situation where security actually matters, you need to do it yourself, because access just doesn't come that way.