I’ve always been a big believer in digital democracy, but companies like Diebold make me wonder if we’re really grown up enough to handle it.
Princeton professor and info security legend Edward Felton has been a thorn in Diebold’s side. Last fall, he and two graduate students demonstrated how they could easily introduce vote-altering viruses into Diebold’s electronic voting machine. Diebold responded by adding a hinged, locked door over the memory card reader. Diebold was so proud of the solution that it boasted about it on its website.
In a wonderful post from last week, Felton’s graduate assistant, Alex Haldeman, describes how he was able to deduce from photos on Diebold’s site the type of key and ridge configuration needed to unlock the door. He made three keys to look like the ones in the Diebold photograph and, amazingly, two of them worked. So Diebold’s clever solution was undone by its own promotion. All Diebold machines use the same lock, by the way. It’s one used in hotel mini-bars and apparently pretty easy to pick.