image placeholder

Last summer, the UCSB
Computer Security Group took part in www.sos.ca.gov/elections/elections_vsr.htm">the
Top-To-Bottom Review (TTBR) of electronic voting machines in
California, ordered by Secretary of State D. Bowen.

The group’s task was to detect vulnerabilities in the Sequoia voting
system and to implement exploits that would “cause incorrect recording,
tabulation, tallying or reporting of votes” or that would “alter
critical election data such as election definition or system audit
data.”

The Security Group designed and implemented a number of these
attacks. In particular, they proved that is possible to develop a
virus-like malicious software that automatically spreads to as many
voting machines as possible. These attacks were described in a report published by the California Secretary of
State and in an academic paper.

Recently, the group also released a video that shows how the
malicious virus could be injected into the system and demonstrates a
number of vote stealing attacks enabled by the virus. This video has
been featured on a number of news outlets, such as: Slashdot: http://
it.slashdot.org/article.pl?sid=08/09/09/1426246 and
BoingBoing: http://www.boingboing.net/2008/09/08/security-research-vi.html