By Ian Hoffman, Alameda Newspaper Group, April 30, 2004
Hacking a Diebold touchscreen voting machine is astonishingly easy with a few tricks and busy poll workers.
All it takes is a $1 plastic card with a memory chip, like the ones voters use, and the encryption keys and passwords for Diebold's software.
In a report delivered Thursday to Alameda County elections officials, Diebold proposes to lock down some of the most gaping security holes in its e-voting systems nationwide before the November election.
McKinney, Texas-based Diebold Election Systems Inc. wrote or "hard-coded" those encryption keys and passwords into the software itself and put the software on an Internet site accessible via an easily guessed password. It was downloaded by Seattle journalist Bev Harris in January 2003 and circulated.
"If you know that password," said Michael Wertheimer, a former National Security Agency code-breaker, "you can erase all the votes that are in there, you can put 50,000 votes in there ... You can tell it to vote 100 times or 1,000 times or 5,000 and for whom you want it to."
Computer-security analysts were stunned to find the hard-coded encryption keys and passwords -- and that they weren't changed as Diebold touchscreens spread throughout Maryland, Georgia and California.
But it's changed in Maryland, and it's about to change for Georgia and Alameda and Plumas counties in California.
Diebold's proposal depends first on whether California Secretary of State Kevin Shelley today accepts the recommendations of an advisory panel that he allow e-voting in November and also whether he certifies all of Diebold's new software.
If both hold true -- Shelley was agonizing through the first decision on Thursday -- Alameda County voters in November will be touching the same glowing Diebold machines as in the last two years. But the software inside will offer stronger encryption and changeable or "dynamic" passwords.
That's the easiest fix for possibly the worst security vulnerability on Diebold's touchscreen voting machine, one of several uncovered by Wertheimer and colleagues on a team of computer-security experts at RABA Technologies in a live-attack exercise for the state of Maryland.
"It's not as though they did the security poorly. It's as though they didn't think about it all," Wertheimer said.