H/T to Yahoo! Tech for the story. As usual, the problem is government. In particular, after the "Hanging Chad" election in 2000, the congress passed the Help America Vote Act of 2002. Among other things, the Act banned punched-card and mechanical-lever voting machines. This led to the inevitable gold rush to suck up that gubmint money by producing voting machines. And just as the War on Some Drugs money has always been spent so wisely; like the Quadro Tracker, the $1000 empty box with a 'diving rod' on it, so was spent the Help America Vote money.It was so bad that Virginia has banned their use because the security is so wretched:
Switching to Epstein's summary for a moment:RTWT for the whole horrifying thing.
If an election was held using the AVS WinVote, and it wasn’t hacked, it was only because no one tried. The vulnerabilities were so severe, and so trivial to exploit, that anyone with even a modicum of training could have succeeded. They didn’t need to be in the polling place – within a few hundred feet (e.g., in the parking lot) is easy, and within a half mile with a rudimentary antenna built using a Pringles can. Further, there are no logs or other records that would indicate if such a thing ever happened, so if an election was hacked any time in the past, we will never know.How bad was it? How about the shiny key to lock the machine? Epstein reports “All the keys are the same for every Winvote that’s ever been made, because that way it’s easier,”
• Winvote’s machine runs a version of Windows XP that hasn’t had patches installed since 2004 — four years before AVS deservedly went out of business.• Its wireless network is “safeguarded” with insecure WEP encryption — and the password is abcde. (and that was unchangeable)• The Windows admin password is (no, I’m not making this up) admin. (and that seemed unchangeable as well)