HOME ALL STORIES LATEST NEWS COLUMNS OPINIONS GUEST VIEWS SHORT TAKES DATA WATCH SPECIAL REPORTS ZEICHICK'S TAKE SD TIMES 100 EDITORS' BLOG

IPHONE APP

RSS FEEDS

FACEBOOK

TWITTER

WHITE PAPERS SPONSORED PROFILES JOB BOARD WEBINAR CENTER FREE SOFTWARE BZ RESEARCH ALMSHAREPOINT EVENTS CALENDAR PRINT/PDF EDITION PRINT/PDF BACK ISSUES

SUBSCRIBE TODAY CUSTOMER SERVICE EDITORIAL CALENDAR EDITORIAL BEATS GUEST VIEW GUIDE SD TIMES 100 GUIDE EVENTS CALENDAR ADVERTISING ARTICLE REPRINTS REPORT A BUG SITE MAP

ABOUT US BZ MEDIA NEWS BZ RESEARCH SYSMANNEWS SPTECHCON IPHONEDEVCON ANDEVCON ESDC PRIVACY POLICY CONTACT US

Printable version

HOME >> LATEST NEWS

Most Read Latest News Blog Resources

IP protection comes to Android apps
Arxan's software uses "Guards" to handle defense mechanisms for code

Microsoft pushes Windows Phone 7 development tools
Ahead of the smartphone's release, Microsoft is letting developers download its tools in a...

Red Hat turns its eyes to the cloud
The company's new PaaS strategy will incorporate the JBoss enterprise middleware stack and...

Updated Redis NoSQL can store hashes, save datasets
More than just a key-value store, version 2.0 of Redis pushes it as a jack-of-all-trades N...

IP protection comes to Android apps
Arxan's software uses "Guards" to handle defense mechanisms for code

Red Hat turns its eyes to the cloud
The company's new PaaS strategy will incorporate the JBoss enterprise middleware stack and...

Microsoft pushes Windows Phone 7 development tools
Ahead of the smartphone's release, Microsoft is letting developers download its tools in a...

VMworld hops to it
Data center operating systems play a big part at VMworld, but it's still too soon.

Certificate program for secure cloud computing
The Cloud Security Alliance introduces user certification.

What does the Army's Crusher tank and RIM's tablet computer have in common?
RIM plans to use Crusher tank technology on its yet-to-be-announced tablet.

Some helpful links
A list of links to example programs implemented across multiple languages.

Realize Effective Distributed Development via a Virtual Software Factory Explore the ways in which IBM Rational can make distributed development a reality in your...

Simplify Issue & Project Tracking - Free 30 Day Download Application development teams constantly find themselves under pressure to increase the s...

Agile Development Requires Agile Processes For far too long, the general demeanor for software development lifecycle (SDLC) process i...

Application Lifecycle Management in the Oracle Environment If your organization has invested in Visual Studio and you develop on Oracle databases, yo...

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

GET THE APP!

Touch-Screen Voting Machines Not Counted On

Security experts say optical scan best way to ensure election accuracy

By Jeff Feinman

February 13, 2008 — (Page 1 of 3)
In Avi Rubin’s eyes, the best way to improve direct-recording electronic voting machines, or DREs, is to stop using them altogether.

Rubin, a computer science professor at Johns Hopkins University and longtime critic of electronic voting methods of all stripes, said that U.S. states are moving away from the questionable DRE machines, also known as touch-screens, to optical scanning, and he couldn’t be happier.

The issue has come to the fore again during this primary voting season in the United States, as Americans in both the Democratic and Republican parties choose their candidate for the November presidential elections.

Using optical scan machines, voters fill in an oval beside the name of a candidate, and the optical scan could reject an invalid ballot. Because it uses a paper ballot for scanning, this method offers the ability to audit ballots and perform recounts, while DREs keep vote totals on computer file and lack ballots.

“You just have to trust that everything is working correctly inside the machine,” Rubin said. “I think optical scan has its own challenges, but it does provide a mechanism to audit the election, which I don’t think should ever be compromised. The optical scanners are computers just like the touch-screens, but they have much less code in them, and less code means fewer bugs, and it’s easier to audit.”

Rubin knows all too well about the vulnerabilities of electronic machines. In 2004, he manually reviewed leaked source code from Diebold electronic voting equipment and discovered problems. Since then, he has been urging states to move away from DREs.

Questions Surround DREs

The most common vulnerability found in the machines’ software is memory buffer overflows, according to Rob Rachwald, product marketing director at Fortify Software, which sells testing software for security.’s director of product marketing. By using the overflow condition to bypass normal operation, hackers could potentially adjust the vote count or eliminate votes by bringing down a system.

Another issue uncovered by Fortify’s SCA scanner was vulnerabilities in password storage for the administrators who access the machines.

Pages 1 2 3

Share this link: http://www.sdtimes.com/link/31718

Integration Watch: A smart programming project Developers looking to hone their programming skills can try programming a virtual machine that implements a virtual processor

Not a Cease-Fire, Not a Truce Sun wants to expand the penetration of Java within the enterprise, and more tightly couple the well-known Java brand around...

Zeichick’s Take: Mainframes are not legacy systems! Mainframes are still a vital part of businesses; declaring them obsolete is nothing more than marketing spin

Add comment

Name*
Email*
Country

Comment
Preview

News on Monday
more>>
SharePoint Tech Report
more>>

Download Current Issue
ISSUE 9/1/2010 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?

VMworld hops to it
Data center operating systems play a big part at VMworld, but it's still too soon.
09/02/2010 01:42 PM EST

Certificate program for secure cloud computing
The Cloud Security Alliance introduces user certification.
09/01/2010 04:20 PM EST

What does the Army's Crusher tank and RIM's tablet computer have in common?
RIM plans to use Crusher tank technology on its yet-to-be-announced tablet.
08/25/2010 04:16 PM EST