Source code for voting machines has been leaked once again by a development company. The code could be used to create a counterfeit voting card that could influence election results. According to experts at InfoWatch, the developers of such vitally important software have to be much more careful when protecting their intellectual property.
Diebold Election Systems have suffered yet another leak of source code for voting machines. A former Maryland state legislator who has regularly spoken out against electronic voting was anonymously given disks containing source code to Diebold's BallotStation and GEMS (Global Election Management System) tabulation software used in the 2004 elections. An analysis of the disks revealed that they were created by two federal voting machine testing labs run by Ciber and Wyle Laboratories.
This is not the first time that source code for electronic voting machines has been leaked into the public domain. In early 2003 a Diebold critic uncovered similar source code while conducting research using Google's search engine. It would be easy for criminals to program a counterfeit voting card to work with the machines and then use it to cast multiple votes inside the voting booth.
Representatives from Diebold say the company has introduced security enhancements to its products, but the fact that the company's sensitive source code has again leaked out is bad for the firm’s reputation. In particular, a number of politicians have said the company should have learnt a lesson after the first leak. Nevertheless, the second leak has given plenty of ammunition for those opposed to the idea of electronic voting. Diebold said, however, that the source code was for a version that is no longer being used in the US, or is being used in a "limited number of jurisdictions." The FBI is currently investigating the leak.
“The developers of critically important software have to take great care over things like their source code. It is namely things like source code that constitute those data assets and intellectual property that a whole company depends on. Therefore, protecting such information from leaks is a top priority,” says Denis Zenkin, marketing director at InfoWatch.
Source: ComputerWorld
