Feeds

Play chess on your nearest e-voting machine

Dutch go Irish

Protecting users from Firesheep and other Sidejacking attacks with SSL

IT professionals in the Netherlands have demonstrated that the type of e-voting machines chosen by the Irish government for election counts can be secretly hacked.

Using documentation obtained from the Irish Department of the Environment, Dutch IT experts from anti e-voting group, "Wij vertrouwen stemcomputers niet" (We don't trust voting computers), went on the "Een Vandaag" television programme on Wednesday to reveal that NEDAP e-voting machines could be made to record inaccurate voting preferences and even be reprogrammed to run a chess program.

According to Colm MacCarthaigh, a representative from Irish Citizens for Trustworthy E-Voting (ICTE), the machines hacked by the IT professionals, were almost exact replicas of those selected by the Irish Government for use in elections here in Ireland.

"The machines use the same construction and components, and differ only in relatively minor aspects such as the presence of extra LEDs to assist voters with the Irish voting system," said MacCarthaigh.

"The machines are so similar that the Dutch group has been using only the technical reference manuals and materials relevant to the Irish machines as a guide, as those are the only materials publicly available," he added.

The NEDAP e-voting machines were originally purchased by the Irish government for use in the local and European elections on 11 June 2004. However, the decision to introduce e-voting at that time had to be abandoned following the publication of an interim report from the Commission on Electronic Voting (CEV), which raised doubts over the accuracy of the software used in the system.

Since that report was released a number of other studies have cast further doubt on the reliability of the NEDAP machines. Moreover, in its final report before it dissolved, CEV concluded that while the actual machines designed for citizens to cast their votes on are robust, reliable and well-suited to their purpose, the software intended for collating votes is "inadequate," and it recommended its complete replacement.

Despite the fact that public confidence in e-voting has diminished following the release of such reports, the Irish government has consistently raised the possibility of using the machines in future elections, and even went so far as to issue a tender to assess and test the NEDAP system in June 2005.

The total storage costs for the machines is around €700,000 per annum and it's estimated that the e-voting system itself has cost the taxpayer between €52m and €60m.

Fergus O'Dowd, Environment spokesman for the Irish opposition party Fine Gael, has criticised the government over its e-voting strategy, claiming that it was a "debacle" that was getting worse by the month.

"It is frightening to consider that, were it not for strong resistance by the opposition parties, this country would have had e-voting foisted upon us by Fianna Fail and the PDs and would be forced to use it in the upcoming General Election," said O'Dowd.

At the time of writing, the Department of the Environment had not returned ENN's calls requesting a comment.

Copyright © 2006, ENN

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.