Report: ES&S Voting Machines Can Be Maliciously Calibrated to Favor Specific Candidates
By Kim Zetter November 03, 2008 | 3:51:06
Touchscreen voting machines at the center of recent vote-flipping reports can be easily and maliciously recalibrated in the field to favor one candidate in a race, according to a report prepared by computer scientists for the state of Ohio.
At issue are touchscreen machines manufactured by ES&S, 97,000 of which are in use in 20 states, including counties in the crucial swing states of Ohio and Colorado. The process for calibrating the touchscreens allows poll workers or someone else to manipulate specific regions of the screen, so that a touch in one region is registered in another. Someone attempting to rig an election could thus arrange for votes for one candidate to be mapped to the opponent.
"If one candidate has a check box in one place and a different candidate has it in a different place, you can set it up so that if you press on one candidate it gets recorded for another candidate," said Matt Blaze, a computer scientist at the University of Pennsylvania who led one of three teams that co-wrote the report (.pdf) last year. "But if you press on the other candidate, it gets recorded correctly for that candidate. You can make it work perfectly normally in most of the screen, but have it behave the way you want in small parts of it."
The report illustrates a shocking vulnerability in a charged race that's already seen voter-fraud allegations on both sides, and an ugly spate of voter suppression tactics targeting Democratic voters in several states. The behavior described is also eerily similar to problems already observed in early voting on ES&S machines and during a 2006 race in Sarasota, Florida.
...
Blaze said the calibration function on the ES&S machine isn't password-protected, making it easy for a poll worker -- or even a voter -- to access the calibration menu in the middle of an election using a PEB device (Personalized Electronic Ballot), which election officials insert in a port on the face of the machine. A PEB might be stolen or purchased online, or an intruder can simulate a PEB by using a Palm Pilot or other handheld device with an infrared port.
With no more than a minute's access to a voting machine, someone could recalibrate the screen, and to observers the action would be indistinguishable from the normal behavior of a voter in front of a machine or of a poll worker starting up a machine in the morning, said Blaze, who discusses the issue on his blog.
....
http://blog.wired.com/27bstroke6/2008/11/report-ess-voti.html