Feeds

Play chess on your nearest e-voting machine

Dutch go Irish

Seven Steps to Software Security

IT professionals in the Netherlands have demonstrated that the type of e-voting machines chosen by the Irish government for election counts can be secretly hacked.

Using documentation obtained from the Irish Department of the Environment, Dutch IT experts from anti e-voting group, "Wij vertrouwen stemcomputers niet" (We don't trust voting computers), went on the "Een Vandaag" television programme on Wednesday to reveal that NEDAP e-voting machines could be made to record inaccurate voting preferences and even be reprogrammed to run a chess program.

According to Colm MacCarthaigh, a representative from Irish Citizens for Trustworthy E-Voting (ICTE), the machines hacked by the IT professionals, were almost exact replicas of those selected by the Irish Government for use in elections here in Ireland.

"The machines use the same construction and components, and differ only in relatively minor aspects such as the presence of extra LEDs to assist voters with the Irish voting system," said MacCarthaigh.

"The machines are so similar that the Dutch group has been using only the technical reference manuals and materials relevant to the Irish machines as a guide, as those are the only materials publicly available," he added.

The NEDAP e-voting machines were originally purchased by the Irish government for use in the local and European elections on 11 June 2004. However, the decision to introduce e-voting at that time had to be abandoned following the publication of an interim report from the Commission on Electronic Voting (CEV), which raised doubts over the accuracy of the software used in the system.

Since that report was released a number of other studies have cast further doubt on the reliability of the NEDAP machines. Moreover, in its final report before it dissolved, CEV concluded that while the actual machines designed for citizens to cast their votes on are robust, reliable and well-suited to their purpose, the software intended for collating votes is "inadequate," and it recommended its complete replacement.

Despite the fact that public confidence in e-voting has diminished following the release of such reports, the Irish government has consistently raised the possibility of using the machines in future elections, and even went so far as to issue a tender to assess and test the NEDAP system in June 2005.

The total storage costs for the machines is around €700,000 per annum and it's estimated that the e-voting system itself has cost the taxpayer between €52m and €60m.

Fergus O'Dowd, Environment spokesman for the Irish opposition party Fine Gael, has criticised the government over its e-voting strategy, claiming that it was a "debacle" that was getting worse by the month.

"It is frightening to consider that, were it not for strong resistance by the opposition parties, this country would have had e-voting foisted upon us by Fianna Fail and the PDs and would be forced to use it in the upcoming General Election," said O'Dowd.

At the time of writing, the Department of the Environment had not returned ENN's calls requesting a comment.

Copyright © 2006, ENN

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.