US Election Assistance Commission - Voluntary Voting System Guidelines Vote
EAC Home
Introduction
View Guidelines
View Comments
Glossary

View Comments

Section CommentsGeneral CommentsGlossary Comments
 
Name :   Ron Crane
Organization :   N/A
Post Date :   9/30/2005

Section Comments
Section :  6.4.1
Page no. :  
Line no.:  
Comment :  7c1.

c. The Guidelines require only minimal documentation of firmware9 and do not require anyone to inspect it for the presence of vendor-provided malicious code.

This omission allows an unscrupulous vendor to instrument its firmware to replace - at runtime - the
voting application (or a portion of it) with code that cheats. See item 9 for more details.