Friday, October 20, 2006

Another Diebold source code leak

This week, three disks containing Diebold source code, that appear to have come from Wyle Labs and Ciber Inc, the independent testing authorities that certify voting machines for federal qualificaiton, were delivered anonymously to a former Maryland state delegate. The story was covered this morning in the Washington Post and the Baltimore Sun. I was asked by a reporter to inspect the disks to verify their contents, and I enlisted Adam Stubblefield and my Ph.D. student Sam Small, and together we examined them.

The disks contained source code for the BallotStation software, which is the software on the voting machine, and what was labeled as GEMS, which is the back end tabulation system. The GEMS disks were password protected, and while I'm certain we could have cracked them, we chose not to. The BallotStation source code was not protected at all. It was the 2004 version, which is newer than the source code we analyzed in 2003, and appears to be slightly later than the version analyzed by the Princeton team. I would love the opportunity to perform a similar analysis on this code, but yesterday, we were only given the opportunity to inspect to the code to determine whether it was genuine. As a condition to inspecting the disks, we agreed not to make copies or to perform any other activity with the software. An analysis of this source code would answer many questions that I've been asked about whether Diebold fixed the problems we encountered in our previous analysis. Of course, I don't believe that all of the problems we found back then are even fixable, but some of them are.

I've been getting calls all day asking exactly what the significance is of the new software leak. I'm not really sure. If the software leaked out of Diebold, then they obviously have not learned any lessons about securing their proprietary information. If, as I suspect (due to the labels on the disks), the software leaked out of the testing labs, then that is a serious problem that has to be addressed. Don't get me wrong - I think that voting system software should be available to the public, but that is a different issue from whether or not testing labs are competent at protecting things that they are trusted with and that they believe they are supposed to protect.