Edward Felten, a Princeton University computer science professor, along with two of his graduate students on Wednesday stirred up controversy surrounding the usage of electronic voting (e-voting) machines in U.S. elections by releasing a paper that claims they were able to hack the machines and upload malicious programs that could potentially modify vote tabulation, as well as shut down the machines, the Associated Press reports via Forbes.com.
Felten posted the paper on the Princeton website, and it describes how he and his students obtained and tested a Diebold AccuVote TS e-voting machine and found a handful of vulnerabilities, including a flaw that allowed them to introduce a virus that could spread potentially harmful programs to various voting machines by “piggybacking” on software updates or data file transfers, according to the AP. They said they were even able to cover their tracks so modifications could not be detected by auditors, the AP reports.
Mark Radke, Diebold Election Systems’ marketing director, said the report was inaccurate because Felten and his team tested a machine with outdated software and security safeguards, the AP reports. He also said many of Felten’s suggested fixes had already been added to the system, according to the AP.
“I’m concerned we weren’t contacted to educate these people on where our current technology stands,” Radke said, according to the AP.
Radke also noted that Felten hadn’t submitted his paper to peers for review, as is often the case with such research; however, Felten defended his actions by saying he wanted to make the information available to the public before the upcoming November midterm elections, the AP reports. The elections will determine the makeup of the U.S. House of Representatives, as well as a number of Senate seats and governor posts, according to the AP.
Roughly 80 percent of U.S. voters will likely use an electronic voting process in said elections, the AP reports.
The Diebold AccuVote TS—and its updated counterpart, the AccuVote TSx—are two of a handful of machines used in the United States during elections, according to the AP. Though Felten did not get his hands on the newer model, he said he suspected many of same flaws could be found, the AP reports.
Diebold and a number of additional e-voting machine vendors have already been hit with lawsuits over their machines’ potential to be hacked and skew election results, according to the AP.
Though there have been other research papers released that claim to document flaws in e-voting machines, Felten said he was the first to obtain a machine and perform intensive vetting, the AP reports.
Felten and his team said they accessed a memory card slot and power button on the Diebold machine’s side panel by picking a lock on the door, after which they installed malicious software, according to the AP.
Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.