In July, 2007 a similar report was released on the Diebold TSX, which demonstrated that that the state’s choice of Diebold Optical Scan was far superior to the Diebold DRE option, however, the October 2006 report is the one that applies to our voting systems.
We identify a number of new vulnerabilities of this system which, if exploited maliciously, can invalidate the results of an election process utilizing the terminal. Furthermore, based on our findings an AV-OS can be compromised with off-the-shelf equipment in a matter of minutes even if the machine has its removable memory card sealed in place…Such vote tabulation corruptions can lay dormant until the election day, thus avoiding detection through pre-election tests
The vulnerability assessment provided in this paper is based only on experimentation with the system. At no point in time had we used, or had access to, internal documentation from the manufacturer we conclude that attackers with access to the components of the AV-OS
system can reverse-engineer it in ways that critically compromise its security, discover the vulnerabilities presented here in and develop the attacks that exploit them.
Unfortunately, presumably the secret programming of each election by Diebold allows access to the memory cards by those with all the documentation.
