Wednesday, August 26, 2009

UC Berkeley Professor Ruzena Bajcsy receives Technical Leadership Award

The winner of the Anita Borg Technical Leadership Award, awarded to a woman that has inspired the women's technology community through outstanding technological and social contributions, is Ruzena Bajcsy, Professor of Electrical Engineering at the University of California, Berkeley as well as Director Emerita of the Center for Information Technology Research in the Interest of Society (CITRIS). Dr. Bajcsy has spearheaded new research fields, guided national policy regarding social issues and lead the computing community in addressing them.

See press release at MarketWatch.

Wednesday, August 12, 2009

Sequoia e-voting machine commandeered by clever attack

Using a method known as return-oriented programming, computer scientists have figured out how to trick a widely used electronic voting machine machine into altering tallies by bypassing measures that are supposed to prevent unauthorized code from running on it.

The Sequoia AVC Advantage machine is programmed to execute code only when it's stored on read-only memory chips that are difficult to install and remove. By expressly forbidding running code in random access memory, the intention was to make it impossible for attackers to inject malicious programs that might compromise the integrity of an election.

However, a computer science research team from Princeton, UC San Diego and the University of Michigan succeeded with an attack by reverse engineering first the hardware on a legally purchased Sequoia AVC Advantage and then also reverse engineer the software it ran by analyzing the ROM. The research was presented this week at the 2009 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections.
"It's excellent research," said David Wagner, a computer scientist from the University of California at Berkeley who attended the conference. "The research is significant because it illustrates that attacks get better over time and it shows just how difficult it is to protect paperless voting systems." ®

See article in The Register.