Feeds

E-voting fears run high as election day looms

'Flipped' votes reported in three states

SANS - Survey on application security programs

USA '08 With just a week to go before the US presidential election, academics, politicians, and voters are voicing increased distrust of the electronic voting machines that will be used to cast ballots.

In early balloting in West Virginia, Texas, and Tennessee, voters using e-voting machines made by Nebraska-based Election Systems & Software (ES&S) have reported the "flipping" of their vote from the presidential candidate they selected to the candidate's rival. In some cases, voters said their choice had been changed from Democrat Barack Obama to Republican John McCain while others reported just the opposite.

The reports prompted the Brennan Center for Justice and a group called Verified Voting on Tuesday to write voting officials in 16 states where the ES&S iVotronic machine is used to be on the lookout for problems.

"There is a real chance that voters using iVotronic machines in your state will experience 'vote flopping' similar to that experienced by voters in West Virginia," the letter warned. It went on to urge poll workers to recalibrate machines when in doubt, and when possible to confirm voters' candidate choices with a verified paper trail.

The vote flipping warning comes on the heels of a 158-page report (PDF) computer scientists from Princeton University released two weeks ago warning of serious deficiencies in another commonly used e-voting machine. The Sequoia AVC Advantage 9.00H touch-screen voting machine, made by California-based Sequoia Voting Systems, is "easily hacked" in about seven minutes by replacing a single read-only memory chip or swapping out a separate processor chip.

The findings have prompted one candidate for the mayor of Bayonne, New Jersey, to ask the state's secretary of state to oversee the town's municipal election.

The study was ordered by a New Jersey judge who is presiding over a lawsuit challenging the use of e-voting machines in that state. Plaintiffs in the case argue the machines don't meet election law requirements for accuracy. State officials counter that they do.

ES&S has strongly refuted (PDF) the report, saying the researchers, among other things, improperly removed security seals and hardware before conducting their tests.

Even far from the nation's heartland, there were still more reports of botched e-voting. Finland's Ministry of Justice said Tuesday that about 2 percent of votes cast in an election held Sunday could not be counted because voters hadn't followed instructions. The machines, developed by IT services group TietoEnator, required voters to press a button marked OK twice before removing a smart card from the machine terminal. Voters who failed to do so were unable to cast their ballots.

Tuija Brax, the country's justice minister, expressed surprise at the snafu, telling NewsRoom Finland the machines had been "tested, tested and tested again." ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.