Guest Blogged by John Gideon
The UK's SC News reported today that Princeton's Professor Felten discovered that the key to gain entry to the memory card slot on the Diebold AccuVote TS is the same key that you may have to open your desk drawer, filing cabinet or even a hotel mini-bar [emphasis added]:
Felten said he became aware of the problem when, after performing a demonstration concerning the security flaws of Diebold machines, Princeton staff member Chris Tengi noticed the key that came with the voting machine was the same one he had at home.
"This seemed like a freakish coincidence - until we learned how common these keys are," Felten said. "Chris' key was left over from a previous job, maybe 15 years ago. He said the key opened either a file cabinet or the access panel on an old VAX computer. A little research revealed that the exact same key is used widely in office furniture, electronic equipment, jukeboxes and hotel mini-bars. It's a standard part, and like most standard parts, it's easily purchased on the internet."
Avi Rubin, Johns-Hopkins University Professor and computer scientist, points out in his blog this morning:
So we now have a key that can be obtained from nearly anywhere and a "secret" password  that everyone knows, and Diebold's David Bear says if proper access controls are maintained at the polling place there should be no problems. Perhaps Bear is talking about someone looking over the voter's shoulder to ensure they don't spend two minutes hacking into the machine?
As well, it comes on the heels of the challenge to the Busby/Bilbray special U.S. House election in June in San Diego when these Diebold voting machines were sent home overnight --- in violation of both state and federal law --- for "sleepovers" with poll workers for days and weeks prior to the election. Here's a video that we missed at the time: Poll workers, on May 30th, taking home their pre-programmed, election-ready Diebold voting machines to store in their houses and cars 7 days prior to the June 6th election!
Any of them could easily have opened the "secure" systems with a mini-bar key, or, as the Princeton folks demonstrated on FOX "News" last week, they could have picked the lock themselves in 10 seconds. Of course, as we now know, it would have taken them less than a minute thereafter to insert a vote-flipping virus on the machines which could then affect every other machine used in the race.