Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Pen-testing Diebold's Voting Software

from [Chuck Herrin] Network Security [Permanent Link]
Subject: Pen-testing Diebold's Voting Software
Date: Sat, 13 Nov 2004 16:11:34 -0500 
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All, 

Some of you may have seen the reports that Diebold's vote tabulation
software was certified to run on a Windows machine without being
pen-tested by the certifying organization(?!?!).  When I read that, I
took blackboxvoting.org up on their challenge to test it myself, and
the results are staggering.

I was able to change over 11,000 votes in my sample election in just
a few minutes, then review the audit logs to make sure there were no
traces.  The full report, with screenshots and timestamped reports
and audit logs, is available at my website,
www.chuckherrin.com/hackthevote.htm.  It was so easy, I hate to even
call it "Hacking".

Partisan politics aside - we've got to fix this.  

Thanks, 

Chuck Herrin, CISSP, CISA, MCSE, CEH
All outgoing correspondence is digitally signed.  Lack of a valid
signature indicates possible forgery.

My public key is available at
http://www.chuckherrin.com/ChuckHerrin.asc

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBQZZ4hqbL2AcPBTOlEQKuYQCeOnghpidOET7Ukl4yVPohBls4ssUAn1/n
qvMPM8cTxxTaMac95hzjeEow
=nQmg
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Pen-testing Diebold's Voting Software, Chuck Herrin <=
Previous by Date:  Re: Skype vulnerabilities?, Jirtme
Next by Date:  PDA Risks, Andrew Stephen
Previous by Thread:  Re: Skype vulnerabilities?, Jirtme
Next by Thread:  PDA Risks, Andrew Stephen
Indexes:  [Date] [Thread] [Top] [All Lists]