|
|
1.
Malicious software running on a single
voting machine can steal votes with little
if any risk of detection. The malicious
software can modify all of the records,
audit logs, and counters kept by the voting
machine, so that even careful forensic
examination of these records will find
nothing amiss. We have constructed
demonstration software that carries out this
vote-stealing attack.
2. Anyone who has physical access to a
voting machine, or to a memory card that
will later be inserted into a machine, can
install said malicious software using a
simple method that takes as little as one
minute. In practice, poll workers and others
often have unsupervised access to the
machines.
3. AccuVote-TS machines are susceptible to
voting-machine viruse! s - computer viruses
that can spread malicious software
automatically and invisibly from machine to
machine during normal pre- ! and
post-election activity. We have constructed
a demonstration virus that spreads in this
way, installing our demonstration
vote-stealing program on every machine it
infects.
4. While some of these problems can be
eliminated by improving Diebold's software,
others cannot be remedied without replacing
the machines' hardware. Changes to election
procedures would also be required to ensure
security. |
|