SoylentNews is people
SoylentNews
The Virginia election commission, which is responsible for certifying whether machines are fit to be used in elections, has decertified the Advanced Voting Solutions WINVote and for many very good reasons. Amongst the many security flaws in this product are:
- Weak administrator passwords such as "admin" or "abcde"
- Use of an embedded version of Windows XP which hasn't been updated since 2004
- Use of WEP for Wifi encryption
- An absence of any firewall
Worse still, this machine has been used in actual elections and its lack of any logging or record-keeping means that we'll never know if its weaknesses were used to manipulate the outcome of an election. As a proof of concept, security researchers successfully demonstrated accessing the machine and manipulating the recorded vote counts.
This discussion has been archived.
No new comments can be posted.
WINVote Voting Machines Used in Virginia Elections are Shockingly Insecure
|
Log In/Create an Account
| Top
| 35 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
The truth about a man lies first and foremost in what he hides.
-- Andre Malraux
(Score: 0) by Anonymous Coward on Friday April 17 2015, @04:51AM
Given the history of badly insecure voting machines, ATMs, POS systems and other devices which *should* be fundamentally secure made by various companies, are we really that shocked anymore?
It all really looks more like standard operating procedure than accident or even negligence... to the point where the machines probably aren't even *supposed* to be secure... security just isn't even a basic feature/requirement in these types of machines.