Diebold Security Foiled Again

XenoPhage writes "Yet again, Diebold has shown their security prowess. This time they posted, on their website, a picture of the actual key used to open all of their Diebold voting machines. Ross Kinard of Sploitcast crafted three keys based on this photo. Amazingly enough, two of the three keys successfully opened one of the voting machines. But fear not, Diebold has removed the offending picture, replacing it with a picture of their digital card key. Take that, hackers!"

Still in business

[j00r0m4nc3r]

How can these guys still be in business? It seems like every couple weeks for the past 3 or 4 years I have been hearing about them screwing shit up, over and over and over and over again. Any other company would have been history long ago. What's with Diebold? Why don't they die?

Re:

[MagicM]

Why don't they die?

Because they're called Diebold. Not Diebold.

Duh.

Re:

[Zordak]

People would be modding this "Funny" if they only got the joke. Go on mods---look up the proper pronunciation of "Diebold" and compare it to how you thought it was supposed to be pronounced.

Re:

[elBart0]

Wow.
It was funny, right up until you had to explain it.

Re:Still in business

[aquabat]

Two words: Government Contracts.

Re:

[Joe The Dragon]

There ATM's if they where to post the atm key then they may go down fast.

This parent has the answer to the problem

[technoextreme]

There ATM's if they where to post the atm key then they may go down fast.

Thank you. I now remember every atm machine I see is a Diebold machine. I remember specifically that fact if only because of the voting machine problems.

Re:Still in business

[gstoddart]

How can these guys still be in business? It seems like every couple weeks for the past 3 or 4 years I have been hearing about them screwing shit up, over and over and over and over again. Any other company would have been history long ago. What's with Diebold? Why don't they die?

That's because they aren't being viewed with a critical eye by the people buying voting machines.

The people who are making those decisions continue to want to have the voting machines in the face of all of the evidence showing how unsecure/not-tamper-proof these things really are.

Apparently, the government doesn't seem too bothered by a vendor who is selling a product which is completely insecure.

Cheers

Re:Still in business

[jc42]

The people who are making those decisions continue to want to have the voting machines due to all of the evidence showing how unsecure/not-tamper-proof these things really are.

There; fixed it for you.

If you think the politicos making the purchase decisions are ignorant of the documented problems, you're incredibly naive.

Re:Still in business

[drinkypoo]

What's with Diebold? Why don't they die?

I believe the following will explain: "The company came under fire last year for a letter that Diebold CEO Walden O'Dell wrote as a fundraising pitch to Republicans. In the letter, O'Dell said he was "committed to helping Ohio deliver its electoral votes to the president." Diebold is based in North Canton, Ohio." (http://money.cnn.com/2004/08/30/technology/electi on_diebold/index.htm [cnn.com])

Frankly no one in power really seems to want a fair election. If they did, they'd be fighting these e-voting machines all the way - as there is absolutely no need for them.

Re:Still in business

[pilgrim23]

In the early 20th century, most cities had Trolly Lines. Most were electric. there was no need for road crowding, smoke billowing Buses. But Detroit realized building buses was a gold mine as long as City planning departments, the Mayor's urban task force and other such public servants could be persuaded to rip up the trolly lines. Thus our public leaders made decisions for the good of us all. The more it changes, the more it stays the same....

Re:Still in business

[mspohr]

Actually, GM, Firestone, and Standard Oil went around to various cities and bought up the trolley lines, ripped out the tracks and replaced them with GM buses.

I believe they called it a "triumph of the free market". http://en.wikipedia.org/wiki/General_Motors_street car_conspiracy [wikipedia.org]

Re:

[drinkypoo]

Besides, the conflict between cars and trains came on the interstate. Not only did we lose that battle but we also lost the battle of freight on trucks vs. trains. Not that lots of freight doesn't still go by train, but it doesn't go as far.

The place for light rail is in the trash. We should be using the sky loop [skyloop.org] concept. It could be used to move both people and freight and would not interfere with vehicles, yet could be installed in essentially the same space.

Re:Still in business

[Anonymous Coward]

"DieBold, Die" is German for "The, Bold, The" - Bob

Re:

[operagost]

Maybe it's because Diebold has other lines of business. Or did you think they popped out of the ground yesterday?

This only makes me more puzzled, really, when I see what kind of impenetrable tanks they use to store money (cash dispensers and ATMs) but they use flimsy pre-teen diary locks on voting machines.

Re:

[pilgrim23]

I have WORKED in a bank. and I do/did....THOUSANDS.

Re:

[cheezedawg]

Halliburton's (specifically Kellog, Brown, and Root) involvement in Iraq is a part of the multi-year LOGCAP contract that they won in 2001 after a competive bidding process. This was the second time that they had won the LOGCAP contract- the first time was during the Clinton administration. The Clinton administration also awarded several other contracts to Halliburton, such as the logistical support for the military action in the Balkans, and praised KBR for their work.

You can choose to see this as a cons

DieBold Security.....

[Prysorra]

To Boldy die where no security has died before!

Better yet...

[eclectro]

A picture is worth a thousand votes.

National Election Commision

[ghoul]

The way to get rid of election controversies is to have a national election commission like in India. India has a lot more voters than the US and a much lower level of education but it manages to pull off general elections a lot more cleanly and fairly just because the standards are same for all elections and all precincts. The decentralized form of elections might have made sense for the age of horse coaches but in the age of internet it is not too tough to have thge same standards everywhere in the US

Also why not have a paper trail .With a paper backup all fraud can be caught given enough time for recounts (again if elections are not controlled by local partisan officials they cant arbitrarily decide not to have recounts).

Re:

[ghoul]

BTW the last Indian general election was an all electronic election with EVMs used in all precincts.

Re:

[truthsearch]

The problem isn't the decentralized standards. Once they're centralized the standards will probably still be inadequate.

Re:

[nuzak]

Tell that to the Nevada Gaming Commission. They have tough standards, but that's because the state's revenue depends on it.

Re:National Election Commision

[Midnight Thunder]

Also why not have a paper trail .With a paper backup all fraud can be caught given enough time for recounts (again if elections are not controlled by local partisan officials they cant arbitrarily decide not to have recounts).

In many ways Diebold et al. are all showing symptoms of not realising that they are trying to add technology to the wrong part of the process. In many ways the punch card system or optical card reader systems are the better systems, since the paper trail exists before the vote is taken into account: WYSIWYG. The proposed solutions provide a paper trail as a result of the process, if at all. The problem with this is that the paper trail may not be a result of what you inputted.

Remember just because technology can be used for a process, it does not necessarily mean that technology is needed for the process. Technology is there to make a complex task simple, not the other way round.

Re:

[cdrguru]

Yes, but...

You are talking about one more area where the federal government intrudes, takes over and replaces a function that is left to the states now. This is not just a little troublesome for some people. The "War Between the States" was essentially over state's rights in one form or another. You should be prepared to believe that many states do not like losing out to the federal government powers that they have held for 200 years and will call out the National Guard (a state militia) to defend their

Re:

[MichaelSmith]

You might get it elevated from a county to a state level, but that is as far as it is going to go.

As with the Indian example we have a federal election commission in Australia, and it works very well. Votes are cast by pencil on paper, counted by casual workers, and the count is mostly finished in a couple of hours. Manual counting doesn't really cost anything because the same people who do the counting are also needed to man the polling places during the day.

I can't see how any kind of count or survey co

Re:

[Zordak]

There is no such thing as a "federal election" in the United States. The very broadest elections are state-wide. That includes electing the President. There is no national "popular vote." It is a fiction created by newscasters, I assume to gauge the popularity of the candidates. The only thing that matters is whom you elect to the Electoral College. And I don't think MORE centralization will be a good thing. Power is already too heavily concentrated in Washington, D.C. If we had a single election sy

Re:

[Gropo]

You might get it elevated from a county to a state level, but that is as far as it is going to go. Today it is that way in many states already so it wouldn't be that big a leap. But no way could it be taken away from the states.

That may not be necessary. Strongarm states that don't conform their own laws to national 'standard' election laws by threatening Federal funding sanctions. That's been the common practice for quite a while, as far as I understand it. For instance, when the legal drinking age was rai

Google

[Daemonstar]

Diebold has removed the offending picture

However, it remains (scaled down) in Google's image cache. :) Might not be of much use, but it is there.

Re:

[mastershake_phd]

Then get off your lazy ass and find it! It's the Internet.....

You mean- Then sit on your lazy ass and find it! It's the Internet!

Google link

[SpaceLifeForm]

Link [google.com]

New Vendor

[Divebus]

It's time to look at some other vendor for voting machines and whatever else they make. Our future is too important to leave to stumbling bumblers like that. Anything can be defeated but shouldn't be as easy as this.

Re:

[symbolic]

They all suck. I say ditch the technology entirely.

Security through...

[griffjon]

Hey, at least we know they're not relying on security through obscurity!

This is a security company?

[Schraegstrichpunkt]

Do they even have any security-minded people working at this company? Publishing a picture of a real key is an understandable mistake, but why does the same key open every single voting machine?

Re:

[truthsearch]

Publishing a picture of a real key is an understandable mistake

How? I've never heard of anyone ever intentionally taking a picture of a key. And if it's a master key it's absolutely not an understandable mistake.

Re:

[cdrguru]

Can you actually imagine the operational nightmare that would ensue if every machine had a unique key?

Ignoring the potential for screwups in distribution (machine ships with no key, machine ships with wrong key), you have the wonderful situation of a large county (like Cook County, IL) with 10,000 machines and 10,000 unique keys.

Of course, you cannot access the machine to do anything without the single, unique, correct key.

I am sure that unique keys would be much, much worse than one key fits all.

Re:

[e4g4]

I agree that a unique key for each machine would be a logistic nightmare, but a single key that can open every machine used in the US? That's a disaster waiting to happen. A reasonable solution would be a single key for every 10-20k units, or perhaps even more.

Re:

[rblum]

Yes, let me think about that. Secure elections, or convenience for the election officials? Clearly, we must choose the latter!

Re:This is a security company?

[SatanicPuppy]

When you've only got seconds to doctor the votes, you can't be fumbling around with a big keychain.

Jeez. I'd have thought that was obvious... ;)

Re:

[MichaelSmith]

why does the same key open every single voting machine?

I am pretty sure that the same flat head screwdriver would open each of those locks as well.

Re:

[PitaBred]

But the key will open it without anyone knowing that it was done, which is the whole trick to rigging something. You don't want anyone to know it's been tampered with.

Re:

[drinkypoo]

A better question would be why are they using a key? We all know that a simple key lock is not suitable security. You can defeat locks through bumping or picking. Or if you can get multiple people onto the same voting machine in sequence, one can spray into the lock, another can insert a blank and wiggle it, the key can then be cut out from the marks, and then the key can be brought back in and used. A key is simply not any kind of security whatsoever. It would make more sense just to put time locks on them

It's a pin-based lock?

[RyanFenton]

As long as it's a normal lock, like 90+% of the locks out there (likely including your own front door), then Lock bumping [wikipedia.org] is going to allow just about any person, regardless of skill, to defeat the lock using extremely simple tools, in a matter of seconds, likely with no signs of intrusion at all.

Ryan Fenton

Re:

[morgan_greywolf]

And if it's not an it uses a registered or otherwise restricted key blank, like, say, a mailbox or P.O. Box key, then bumping is next to impossible because you simply can't get a blank without permission.

Re:

[drinkypoo]

And if it's not an it uses a registered or otherwise restricted key blank, like, say, a mailbox or P.O. Box key, then bumping is next to impossible because you simply can't get a blank without permission.

All I need is one cut key and an upright mill and I can make as many blanks as you want. How many do you need? You can score a nice BIG bridgeport upright mill on ebay, typically with some tooling, for around $1500 plus an obscene charge for shipping something that heavy. And you'll need three phase power

Re:

[morgan_greywolf]

You, uh, also have to know how to operate a bridgeport upright mill.

Last I checked, bridgeport operating was a specialized skill that actually pays pretty well in my area (Metro Detroit) because it requires some training and experience to actually know what you're doing.

Re:

[bhsx]

Yeah, I guess if you were really serious about trying to rig an election it'd be hard to find someone with those skills... Oh wait...

Re:

[drinkypoo]

Last I checked, bridgeport operating was a specialized skill that actually pays pretty well in my area (Metro Detroit) because it requires some training and experience to actually know what you're doing.

Last I checked, it was called "milling", not "bridgeport operating". And you can go to a community college and gather the requisite skills in a three unit, one-semester class. Frankly milling is not very hard, it's not even slightly hard. The hardest part is remembering which way the table will move when yo

Re:

[morgan_greywolf]

Around here people put in ads for 'Bridgeport Operator' when they mean they want someone who can operate a manual lathe like the Bridgeport. Otherwise, the ads are for 'NC Machinist' or 'CNC Machinist', when they are looking for an operator skilled with a computer-operated mill.

Re:

[drinkypoo]

Around here people put in ads for 'Bridgeport Operator' when they mean they want someone who can operate a manual lathe like the Bridgeport.

that's pretty hilarious. I guess they figure that people willing to work churning out parts may or may not even know that it's called a "vertical mill", but that a significant (maybe dramatic is a better word) percentage of vertical mills are made by bridgeport.

After all, an actual "machinist", someone who can make things by hand on horizontal mill, or vertical mill,

Re:

[Tim C]

it requires some training and experience to actually know what you're doing.

So? How much time do you think you have between elections anyway?

Find a tool and die maker

[vinn01]

There are plenty of tool and die makers around. I could order a few blanks ^W, - I mean custom metal parts, for a hell of a lot less than $3,000.

Re:

[drinkypoo]

I'm just pointing out that the technology is neither expensive nor hard to acquire. I'm aware that there are already people out there who have the technology. If you make the blanks yourself, though, you eliminate other people from the mix. You keep a secret by not telling anyone and there's a zillion legitimate business uses for a milling machine.

Undaunted

[imaginaryelf]

Our hero copied the smartcard from their photo on the website and keyed in the password 12345, the master password that unlocks all diebold machines.

Re:

[ptbarnett]

Our hero copied the smartcard from their photo on the website and keyed in the password 12345, the master password that unlocks all diebold machines.

1 2 3 4 5? That's amazing! I've got the same combination on my luggage!

Re:

[The MAZZTer]

I used to on mine as well, but I foiled any potential hackers by changing it to 5 4 3 2 1! HA!

Re:

[Goaway]

You know, if you look at the photo of that key, it sure looks a lot like it encodes a value very similar to "12345".

What concerns me even more

[Iphtashu Fitz]

... is the fact that Diebold also manufacturs ATMs. Makes me wonder if my bank account is safe...

Re:

[Stripe7]

Maybe that is how they stay in business. :D

Re:

[Anonymous Coward]

What, are you serious? You think they'd ever put out a system that would lose them money? Sure, every once in a while you hear about an ATM that had the factory default password still in place or took some common key but those are usually the fault of lazy/incompetent banks. Well, maybe not with the key.

But think about it, how often is it that anything errs in your favor? Bank magically gives you an extra $20? Phone company charges you at half rate?

Remember that story about the ATM that was pumping out

Re:

[wpegden]

No, fear not. Like you, the people up top are much more concerned about correctly counting pennies than votes. Rest assured, your bank account is much more secure than any of your "freedoms" or "rights".

Re:

[zakezuke]

... is the fact that Diebold also manufacturs ATMs. Makes me wonder if my bank account is safe...

I would *think* if someone managed to open an ATM, I think the money would be the first thing to grab. I don't know how much cash your average cash machine holds but
http://www6.diebold.com/gssssps/pdfs/DBD_ATM_Cash_ Mgt_PC.pdf [diebold.com]
Diebold machines do employ cash maangement, making sure to keep track of how much is needed.

Besides, and pointed out in other slashdot articals, phishing schemes seem to be most effective.

Re:

[SpaceLifeForm]

$20,000 is a good guess. It depends upon the volume,
and many are loaded with less cash than that.

Isn't this...

[SnarfQuest]

Isn't this the same key that will open mini-bars?

I think the hotel owners should be able to sue over this release.

Re:Isn't this...

[Physics Dude]

Isn't this the same key that will open mini-bars?

Yes. From the article:

" ... and beyond that, it could be opened with the same keys typically used with hotel minibars and jukeboxes."

Re:

[pla]

Isn't this the same key that will open mini-bars? I think the hotel owners should be able to sue over this release.

For the non-refridgerated mini-bars, you don't actually need the key. Grasp the handle firmly and push/rotate it outward (hard to describe but trivial to do - Basically you want to put torque on it so the bolt of the lock on the inside rotates away from the door jamb).

As an aside, this works on a lot of simpler locks on thin-metal cases - The weakness comes from the fact that the door and

Winner

[liak12345]

This time they posted, on their website, a picture of the actual key used to open all of their Diebold voting machines.

Diebold just won the golden "Are You Fucking Kidding Me?" Award of 2007.

Re:Winner

[imsabbel]

Dont they every year?

Re:Winner

[miro f]

Sony won it for 2006

Re:Winner

[SeaFox]

We thought they would, but the votes came out strangely skewed for Sony in several key states.

Diebold's slogan is "We Won't Rest"

[8127972]

..... So will they not rest until our security is completely compromised?

Fear not, indeed

[ReverendLoki]

But fear not, Diebold has removed the offending picture [CC], replacing it with a picture of their digital card key.

Using this picture as a base, I have crafted three digital card keys...

diebold: dumber than you can measure

[swschrad]

these guys cannot accidentally conjure up this many screwups in a row. it has to be by design. the interesting question is, what are they pulling while we're laughing ourselves onto the floor over this butch?

hillary vs cheney, perhaps, in 2008?

Could be worse

[Jon Luckey]

It could have been this Diebold key that provided access

http://images.google.com/images?svnum=10&hl=en&lr= &q=GS-567331-1000_d.jpg&btnG=Search [google.com]

At least with the key under discussion, one had to do some metal work to duplicate it from a photo.

For the key in that image, I suspect that the same trick using a bic pen [wired.com] to open that kind of lock would work.

Hmm.... I wonder what that GS-567331 was supposed to open..... The page isn't working right now :)

Florida House 13

[bloodstar]

Why are people ignoring what is going on in Florida House District 13?

The Rebublicans are claiming a 369 vote victory. However the EVMs in Sarasota county, reported an undervote of 18,000. or 1 in 6 of the total votes, which is much higher than the undervote in both the other counties and on average. Sarasota County also happened to be where the Democrat challenger won the vote by 6 percentage points (of the votes cast in that county).

There are some obviously severe issues with Electronic Voting, Particularly when there is no paper trail (as in the case for this district). Sure, there are ways to change the vote on a paper verification ballot, however large scale fraud becomes problematic to implement.

Links Below:
http://www.heraldtribune.com/apps/pbcs.dll/section ?CATEGORY=NEWS0521&template=ovr2 [heraldtribune.com]
http://en.wikipedia.org/wiki/Florida's_13th_congre ssional_district [wikipedia.org]
http://www.verifiedvotingfoundation.org/article.ph p?id=6423 [verifiedvo...dation.org]
http://www.cqpolitics.com/2006/12/the_cqpolitics_i nterview_chris_1.html [cqpolitics.com]

Living up to the name

[Anon-Admin]

Determining
  Inaugural
  election
  Ballot
  Outcome (on)
  Lousy
  Data

DIEBOLD :)

You're barking up the wrong tree

[inviolet]

This time they posted, on their website, a picture of the actual key used to open all of their Diebold voting machines.

Voting machines should not be relying on physical security in the first place, because it is not practical to physically protect them 24/365. Their trustworthiness should be the result of double-handshake cryptographic authentications between the touchscreens, consoles, memory cards, and the central tabulator. Being able to open the cabinet should not be a vulnerability, because poll workers are invariably going to need to do so.

So, if Diebold machines implement proper authentication, then the cabinet key is not an interesting exposure. But if they don't (and we already know that they don't), then the cabinet key doesn't make them significantly more vulnerable than they already are.

Public Key?

[fahrbot-bot]

they posted, on their website, a picture of the actual key used to open all of their Diebold voting machines

I hear Diebold is looking into different security measures and is interested in this new-fangled "Public/Private" key stuff. Perhaps this was their Public key...

The real world

[Kilz]

In the real world there are Election Judges. People who watch whats going on. This unlocking and tampering isnt going to happen in front of them. This is a proof of concept idea, and like a lot of them it takes some things for granted. Like "you will be able to do this and no one is looking, or will stop you". But in the real world that isnt the case. Try this in a real polling place and go to jail, go directly to jail, do not pass go , do not collect 200 dollars.

Re:

[grommit]

You're forgetting that in the real world many precincts allow election workers to take the voting devices home in the days prior to an election. This would give them both plenty of time and plenty of privacy to do whatever they want with the machines.

Re:

[pilkul]

Great. So bank vault locks don't need to work properly either, since in the real world there will usually be people around. Antivirus programs aren't necessary, since the firewall ought to block everything. Restricted user accounts aren't necessary, since bad guys should be stopped from entering the system in the first place.

The point of multilayer security is that they provide essential fallbacks when other layers fail. If an inner layer fails, despite the fact that it is mitigated by the existence

Security... Paper Trail...

[Evets]

There are always a lot of complaints about the security of any Diebold voting machines. Then there's the constant complaint of a paper trail (my county now has paper-trail making diebold machines).

What people should be pushing for is a voting system on commodity hardware. There's no sense in putting a million dollars forward for a small amount of "proprietary" machines that are all crap anyways. The only reason for wrapping a software solution in proprietary hardware like this is security through obscurity.

Instead of complaining all the time about Diebold et all, what we should be doing is putting together a GPL voting solution. Once it is mature and stable, push our representatives to make the move.

Re:

[Danse]

There are always a lot of complaints about the security of any Diebold voting machines. Then there's the constant complaint of a paper trail (my county now has paper-trail making diebold machines).

It's not just about having a paper trail. It's about how that trail is created, and whether the procedures are sufficient to make it effective. From what I've seen, the paper trails in many places are unreliable, and practically useless for getting an accurate recount and preventing vote tampering.

I Think It's Great!

[Greyfox]

Based on Diebold's actions in this area I think they must be an extreme case of an equal opportunity employer! Most employers do not disciminate on the basis of Race, Creed and Color. Diebold has obviously taken this to the next level in that they don't disciminate on the basis of Ability, either. We shouldn't be slamming them! We should be applauding them for taking bigotry down another notch! If it weren't for Diebold all those guys would be out on the street or having to work in the exfoliating scrubber factory or something! Hooray, Diebold!

Re:the only thing..

[jfengel]

Apparently they're not very good at that, either.

Re:

[Jeff DeMaagd]

I think the additional scrutiny made cheating harder to pull off without noticing.

Re:the only thing..

[truthsearch]

Funny how you only seem to be responding to the average media coverage and not the facts. Was no one interested or was the media (even non-mainstream) not interested? Plenty of investigations occurred. You apparently just didn't hear about them.

Re:

[dan828]

Actually, I'm just talking about the groups and people that make grandious statements and public acusations (Jesse Jackson comes to mind, he was making public statements about how they were going to investigate this and that, then was no where to be seen after the results came in and his guys won).

Anyone with even a bit of intellegence would want independent oversite of elections. But the media whoring, FUD mongering, jackasses on both sides I can do without. In recent years, with the House, Senate, and

Re:

[dan828]

Yeah, even with the typo the point still stands.

Re:

[truthsearch]

Come on. I got details from the Democracy Now radio program, but a search is not difficult:

http://www.google.com/search?hl=en&lr=&client=safa ri&rls=en&as_qdr=all&q=%222006+election%22+investi gation+OR+stolen&btnG=Search [google.com]

Re:the only thing..

[SatanicPuppy]

It's because the exit polling was a much closer match to the actual results, rather than having substantial irregularities or, as in the case of the 2004 election, actual instances of election fraud.

Having both sides being extremely skeptical of the computer returned election counts is the only thing keeping anyone honest.

Re:

[Sj0]

What does it matter who wins or loses a single election if you hold the keys to the gate?

It's troubling that so many people are such linear thinkers. It makes it really easy to pull off Machiavellian subterfuge.

Re:

[dan828]

Yeah because in the last elec......um......the election before the last one, there were voting irregularities!!

Re:Its from the please-think-then-vote dept.

[PeeAitchPee]

Perhaps you can explain why Maryland's previous Republican governor Robert Ehrlich fought against the Diebold machines tooth and nail, even asking for millions of dollars instead to support a traditional election process, only to have them rammed down his throat by the (Democratic) MD legislature and state board of elections? Our state elections administrator, Democrat Linda H. Lamone is still fighting their removal and even against adding a paper trail! [gazette.net] Hell, she doesn't even want printers because she says adding printers to the existing equipment "would disrupt the voting system."

If you think the Republicans are the only ones who want to use Diebold machines to manipulate votes, you're an idiot.

Re:

[MECC]

Diebold voting machines are safe.

Even whey they publish openly all but explicit instructions on how to break into them. This may be a good thing, however, since it may compel them to actually put good locks on their machines. Probably not, though. As per the usual closed-source mentality, they'll just take the pic down and somehow believe that will somehow make the problem go away. Security through obscurity never works.

In effect, a closed source Diebold has been put through the ringer.

Perhaps,

Re:

[Trails]

Yeah, it's the anarchists! And the commies! And the terrorists! And Kin Jong Il! And Mahmoud Ahmadieboldsucksdonkeyballsinejad! They all want to hax0|2 Diebold, and elect the democrats!

Re:

[Runefox]

And the current government is...?

Break them.

[SanityInAnarchy]

I'm dead serious.

I don't mean actually change the vote so these assclowns don't keep getting elected. I mean, bring your cracking kit (including a key and a printout of the screenshot of their website), and if you find one of these machines in your booth, walk out and complain to election officials. Don't just demand that you, yourself, be allowed to vote with something else -- demand that the machine be removed, and tell them that you are prepared to demonstrate just how insecure it is.

Then, if they don't

Re:

[wtansill]

Anyone else in the Slashdot community up to making a real voting machine, an ATM machine if we get bored. I'm pretty sure we won't make that many slip ups. After all they set the bar low for us.

Call this guy: http://yro.slashdot.org/article.pl?sid=04/08/04/19 51202 [slashdot.org]