A hacker armed with a $25 PCMCIA card can, within a few minutes, change the vote totals on an aging electronic voting machine that is now in limited use in 13 U.S. states, a cybersecurity vendor has demonstrated. The hack by security vendor Cylance — which released a video of it Friday — caught the attention of noted National Security Agency leaker Edward Snowden, but other critics of e-voting security dismissed the vulnerability as nothing new. The Cylance hack demonstrated a theoretical vulnerability described in research going back a decade, the company noted. The hack is “not surprising,” Pamela Smith, president of elections security advocacy group Verified Voting, said by email. “The timing of the release is a little odd.” … The Cylance demonstration was “not new and badly timed,” said Joe Kiniry, a security researcher and CEO at Free and Fair, an election technology developer. “This kind of attack has been demonstrated on almost all of the widely deployed machines used today.”Full Article: Security vendor demonstrates hack of U.S. e-voting machine | Computerworld.
Nov 8 2016