Says local registrar of voters: ATMs have “changed our paradigm of what we view as safe.”
[Whaddaya think the odds of a similar technique being used to attack a voting
system are? Is this the level of security we want in our voting systems?
Gail is our county registrar of voters. She’s a nice person, and they are dedicated folk who do an excellent job, but I can attest from personal experience that the level of technical sophistication in that office is limited (as it is in just about every local government agency I’ve dealt with). I suggested that they embed a certain type of link in the county web page containing candidate statements, and the response was, “We can’t do that, because the system we use to generate them is incompatible.”
It was obvious that they had no clue how to do anything other than manipulate the software in the predetermined ways they had been trained for, so I didn’t even bother trying to point out that what I suggested simply required a minor text edit.
And I’m supposed to believe that these folks are capable of evaluating the security of an electronic voting system?!?
-Thomas]
“Touch screens are truly amazing. People with disabilities will be able to vote using blow sticks, joysticks and headphones,” she [local elections officer Gail Pellerin] says. “All the hoopla reminds her of how people used to feel about ATM machines. None of us trusted them when they first came out, but today who still prefers to go to the teller? They’ve changed our paradigm of what we view as safe.”
Source: Santa Cruz Metro Nuz Column
I suppose it would be a bit unfair to send Gail a copy of this…
[From latest Security and Network Systems (SANS) newsletter.]
–Man Pleads Guilty in ATM Skimming Case
(11 August 2003)
Kok Meng Ng has pleaded guilty in NSW (New South Wales, Australia)
district court to four charges of violating the Commonwealth Financial
Transactions Act and computer offenses. Ng was involved with an
operation that “skimmed” information from ATM users; a device installed
in the ATMs obtained the cards’ magnetic strip contents, while a camera
positioned above the machine recorded customers’ PINs. Ng’s accomplices
have apparently fled the country.
There is a fascinating disparity in the amount of money allegedly
stolen. The first link was 643k; then 500k
http://www.smh.com.au/articles/2002/11/17/1037490056082.html
And there are several news stories with 200k
http://www.themercury.news.com.au/common/story_page/0,5936,5519299%255E421,00.html
http://heraldsun.news.com.au/common/story_page/0,5478,5519299%255E421,00.html
[Editor’s Note (Grefer): This approach has been around for quite a
while, with widespread use in Germany and other parts of Europe over
the last decade. One common variation includes a transparent
“protective cover” placed over the ATM’s keypad, allowing to capture
the actual keystrokes in combination with an ultra-thin card reader
attached right in front of the ATMs reader, capturing card information
while the card is passed through.]
