"It is like the nuclear bomb for e-voting systems," said Avi Rubin, computer science professor at Johns Hopkins University. "It's the deal breaker. It really makes the security flaws that we found (in prior years) look trivial."
-- From Security Focus, 5/12/06
Pennsylvania officials warned local election registrars last week about the vulnerability in the mechanism that installs and upgrades software on Diebold equipment. It said the risk of the vulnerability being exploited was "low".
-- From AP, 5/11/06
The first graf above, quoting Rubin, comes from a superb and indepth article by Robert Lemos at Security Focus on the latest Diebold security disaster. We recommend his report for a host of reasons, amongst them; his broad coverage of dozens of the stories we've yelled and screamed about here at The BRAD BLOG over the past several months, but also because he adds loads of details to the latest Diebold mess which is finally being picked up by the mainstream media. Big time. (Here's an eye-popping compilation of scores of articles from just last Wednesday, Thursday and Friday, with many more to come.)
We point to Rubin's quote --- similar to on the record statements from of the other computer scientists and e-voting security professionals familiar with the details of the built-in "feature" in Diebold's touch-screen systems now revealed to be an extraordinary security vulnerability --- by way of contrast to the way both Diebold and the State of Pennsylvania (and subsequently the bulk of the media) reported their characterization of the problem. That would be the second graf of this story in which AP quotes PA officials describing the risk as "low."
From Diebold's Mouth to Your Ears...
We're often asked, by media folks and others, why it is that Election Officials seem to stand by their E-Voting Machines and Vendors, such as Diebold, ES&S and others, instead of holding them accountable and independently verifying their (usually unsupported) claims about the security and reliability of their voting machines --- as Leon County, FL Supervisor of Elections, Ion Sancho and Emery County, UT County Clerk, Bruce Funk, both rare exceptions --- did.
Setting aside that both Sancho and Funk have been fighting with state officials to hang on to their jobs ever since, The BRAD BLOG has obtained a few documents which underscore what's really at work in the bulk of Election Official/Election Machine Vendor relationships...