The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Voting Machines Based On WinCE Found To Be Security Risks

Voting Machines Based On WinCE Found To Be Security Risks

by , 8:00 AM EDT, July 25th, 2003

This just isn't Microsoft's week.

Yet another security problem with one of Microsoft's products has reared it head, this time the problem is with Windows CE, Microsoft's earlier version of its PDA OS. It seems that the OS was used in an electronic voting system of which the source code was inadvertently left where Internet surfers could find it. A team of security gurus scrutinized the code and deemed it lacking adequate security. From the C|Net News article, Voting Machine Fails Inspection :

Using an earlier version of the source code that powers machines manufactured by Diebold Election Systems, the security experts--three from Johns Hopkins University and a colleague from Rice University--performed an audit and found numerous security holes.

"Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts," said the researchers in a paper published Wednesday on the Internet, concluding that "as a society, we must carefully consider the risks inherent in electronic voting, as it places our very democracy at risk."

The criticisms echo a fundamental issue that many security researchers have raised with most current systems: there is no way to verify that a vote was correctly recorded and no permanent record is kept.

The issues also come as direct recording electronic (DRE) voting systems are taking off. In the 2002 election, 19.6 percent of the electorate could have cast an electronic vote, up from 7.9 percent in 1996, according to Election Data Services .

...

Several issues became evident when the code was audited, said Avi Rubin, an associate professor of computer science at Johns Hopkins University and one of the authors of the paper.

For one, the manufacturer chose Windows CE as the operating system--a bad choice from a security standard, Rubin said. "Windows has a long history of new releases of patch just about every week," he said. "You can't run voting machines on Windows."

Read the entire article at C|Net.

The Mac Observer Spin:

We know it seems like we're picking on Big Redmond, but the fact is that Microsoft brings this type of scrutiny, and the resulting bad publicity, on itself. The company gets into every facet of our lives with products that has been shown to be inferior time and time again.

We believe that Microsoft can make a good product if it sets it mind to it. Just look at Word and Excel, both great products, especially on the Mac (note that some might feel them to be a bit bloated). It seems, however, that with Big Redmond, 'good enough' is enough. That may be true when dealing with the average computer user, but 'good enough' won't cut it when things more fundamental are at stake.

In this case, Diebold should actually be the ones feeling the heat since it was they who decided to use Windows CE (of all things) on which to base their voting machines. There are a multitude of options, even some from Microsoft, that would have been a better choice. So, we're left scratching heads and wondering, "What were they thinking?"

While it is true that the code found on the Web is an older version, experts wonder how secure the current code is. We agree that, at the very least, an independent party should look over the code to ensure its integrity for such public uses.

The bottom line is this: When dealing in areas of national security or where lives are at stake, companies cannot afford to 'make do'. Our governmental representatives have an obligation to demand systems that work and are free of problems that could cause a person or our nation harm. It seems that with all the the flag waving in recent years, the only flags some companies hold dear are the corporate flags, and the only thing sacred is the bottom line.

What does all of this have to do with Apple, Macs, or OS X? Nothing, other than to say that we hope that if Apple were in Microsoft's shoes, they would fare better. We would like to think they would.

Notice that we purposefully avoided making the obvious jokes about voting machines and Florida. Everyone deserves a break now and again.

Recent TMO Headlines - Updated January 19th

Fri, 6:10 PM
Spotting Bad Science, Information Overload – TMO Daily Observations 2019-01-18
Fri, 6:01 PM
Motorola Razr Flip Phone Making a Comeback
Fri, 5:37 PM
2019 Will Be the Year of the Display and Apple Should Get Ready
Fri, 3:29 PM
Coinstar Machines to Sell Bitcoin in the Future
Fri, 3:14 PM
Google Investigation Shows Apple Was Right About Face ID
Fri, 2:54 PM
Final Cut Pro 10.4.5 Released With Performance, Stability
Fri, 1:05 PM
Bring Your Apps to Life withBundle of UI Design Elements for Social Media, e-Commerce, More: $19
Fri, 10:44 AM
A List of macOS Touch Bar Apps
Fri, 10:00 AM
Some Guidelines on how to Spot Bad Science
Fri, 9:44 AM
Facebook Documents to Show how it Preyed on Kids
Fri, 9:42 AM
Apple Pay Support Coming to ING in Spain 'Soon'
Fri, 9:02 AM
Data Broker Acxiom Backs Tim Cook's Call for Privacy Law
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!