Feeds

Play chess on your nearest e-voting machine

Dutch go Irish

Providing a secure and efficient Helpdesk

IT professionals in the Netherlands have demonstrated that the type of e-voting machines chosen by the Irish government for election counts can be secretly hacked.

Using documentation obtained from the Irish Department of the Environment, Dutch IT experts from anti e-voting group, "Wij vertrouwen stemcomputers niet" (We don't trust voting computers), went on the "Een Vandaag" television programme on Wednesday to reveal that NEDAP e-voting machines could be made to record inaccurate voting preferences and even be reprogrammed to run a chess program.

According to Colm MacCarthaigh, a representative from Irish Citizens for Trustworthy E-Voting (ICTE), the machines hacked by the IT professionals, were almost exact replicas of those selected by the Irish Government for use in elections here in Ireland.

"The machines use the same construction and components, and differ only in relatively minor aspects such as the presence of extra LEDs to assist voters with the Irish voting system," said MacCarthaigh.

"The machines are so similar that the Dutch group has been using only the technical reference manuals and materials relevant to the Irish machines as a guide, as those are the only materials publicly available," he added.

The NEDAP e-voting machines were originally purchased by the Irish government for use in the local and European elections on 11 June 2004. However, the decision to introduce e-voting at that time had to be abandoned following the publication of an interim report from the Commission on Electronic Voting (CEV), which raised doubts over the accuracy of the software used in the system.

Since that report was released a number of other studies have cast further doubt on the reliability of the NEDAP machines. Moreover, in its final report before it dissolved, CEV concluded that while the actual machines designed for citizens to cast their votes on are robust, reliable and well-suited to their purpose, the software intended for collating votes is "inadequate," and it recommended its complete replacement.

Despite the fact that public confidence in e-voting has diminished following the release of such reports, the Irish government has consistently raised the possibility of using the machines in future elections, and even went so far as to issue a tender to assess and test the NEDAP system in June 2005.

The total storage costs for the machines is around €700,000 per annum and it's estimated that the e-voting system itself has cost the taxpayer between €52m and €60m.

Fergus O'Dowd, Environment spokesman for the Irish opposition party Fine Gael, has criticised the government over its e-voting strategy, claiming that it was a "debacle" that was getting worse by the month.

"It is frightening to consider that, were it not for strong resistance by the opposition parties, this country would have had e-voting foisted upon us by Fianna Fail and the PDs and would be forced to use it in the upcoming General Election," said O'Dowd.

At the time of writing, the Department of the Environment had not returned ENN's calls requesting a comment.

Copyright © 2006, ENN

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.