Teresa Hommel

August 16, 2006



What is a Hacking Test?



Hacking tests are critical to ensuring the security of any computer system. They are essential for voting systems, for which federal and state testing focuses only on functionality. Hacking tests reveal hidden vulnerabilities that functional testing ignores. By analogy to a car, functional testing would tell that the engine is working; hacking tests would reveal the bomb in the trunk.


·        A Professional Hacking Test (“Red Test”) is a test performed by a professional organization. One example is the RABA Technologies test commissioned by the Department of Legislative Services of the Maryland General Assembly that examined the Diebold systems in use in that state.


·        A Public Hacking Test is a test performed by a publicly-acknowledged security expert, such as Harri Hursti, the computer scientist from Finland. Hursti revealed grave security flaws in the equipment used in two counties in brief tests sponsored by Leon County, Florida Supervisor of Elections Ion Sancho and Emery County, Utah Auditor and Clerk Bruce Funk.


·        A Public Challenge test is a test performed when a recognized computer professional or security expert believes that they have found a weakness in a voting system. The Board of Elections would arrange for the test so that the professional or expert could demonstrate the presence of the weakness and suggest ways to remedy it.


All hacking tests need to be performed before the public and press to ensure that the test is legitimate.