Monday, August 10, 2009
Scientists at the University of California, San Diego have devised a software program that once again challenges assumptions that electronic voting machines can be made secure.
Computer Science Professor Hovav Shacham says it’s possible to reprogram electronic voting machines by scrambling the existing software. He likens it to cutting up newspaper headlines to create ransom notes.
This is important, Shacham said, because proponents of touch screen voting machines assume a hacker would need to introduce new code to tamper with results.
"This assumption is actually untrue," Shacham said, "an attacker can simply slice and dice parts of existing programming to construct any behavior that he wants, without ever introducing any new code."
Working with researchers at Princeton and Michigan Universities, the team used so-called “return oriented programming,” to tamper with voting machines used in North Carolina.
California currently restricts touch screen voting machines to one per polling place, and requires a paper trail to audit results.