Wednesday, August 25, 2010

Indian Voting Matchines NOT hackproof? Researcher Arrested

An IT security researcher, India, has been arrested this week for disclosing problems with the Indian Electronic Voting Machines [EVM]. His video shows how the I-EVM can be tampered with and votes be counted in any individual's favor.



               I was on the "WIRED" webpage when the news line "Researcher arrested in India" caught my attention. It seems that Mr.K.Hari Prasad, security research expert, netIndia, has been arrested early Saturday morning after he refused to disclose the whereabouts of how he was able to acquire an actual Government owned Electronic Voting Machine. The fuss is, that, Mr.Hari and two of his friends in research, J.Alex halderman, computer scientist at University of Michigan and Rop Gongripp, a famous Dutch hacker and E-voting activist had been able to acquire the voting machine from an anonymous source. Over the series of days the had been able to completely analyze the machine, with their press release quoting that the machine is NOT tamper-proof and anybody with required amount of skills can turn the election tide in his favor.

India, for over a decade, has been using this I-EVM with promise that its tamper-proof. The recent information leaked out by Mr.Hari has taken the government by storm and investigations are on.



Mr.Hari demonstrates the vulnerabilities in the following video. Its surprisingly easy to manipulate as quoted.




Upon his arrest, he quotes " This kind of intimidation will hit the hearts of volunteers, and no volunteer will come forward if this kind of thing happens in future". I, personally agree that such penetration testing is a must, as any quantifiable theory must be put to the test. Maybe, the only error Mr.Hari has done is leaking it out into the public and it still remains a mystery how he was able to get hold of an actual machine used by the government?!

It is to be noted that the Election Committee is quite frustrated on this matter, though it does backs its word by promising that they are open to and highly respect the report of such vulnerabilities, But, (yes, there's always a But) this research was done in, rather, lets say, an Illegal way?

You can read the entire article here at Wired.
Have your say

No comments:

Post a Comment