Slashdot Mirror
Electronic Voting Machine Cracker Challenge
An anonymous reader writes "In the ongoing debate on the security of electronic voting, an Atlanta area programmer has confronted Georgia election officials on the potential for fraud in its statewide electronic voting system. She claims that she can be prepared to crack the system within a week, and officials have accepted the challenge." What makes this even more interesting is that the election officials are encouraging the woman, so that any possible exploit can be found and remedied.
Moreover, they said, paper ballots can be tampered with more easily than electronic ones, and they're harder to tabulate.
Sorry, don't believe that. A few locations in memory are easier to change than thousands of paper ballots. Hanging chads notwithstanding...
Nice comeback at the end -
Asked Williams, the computer security expert: "Are you saying there's no such thing as a secure and accurate computer? Do you fly on airplanes?"
I think I'd counter that by asking if he knew of any airplane where all members of the general public were allowed access to the terminals used by the pilots? And if so - does he fly with them?
I don't think I'm very happy. I always fall asleep to the sound of my own screams.
It's going to be her and several other programmers. they have had the source code for months, and know what the problem is. the machines run windows and Access.
blackbox Voting
photosMy Photostream
They did, by accident, months ago, by having the full source code (tar of the CVS repository, actually!) available on an open FTP site.
Whoops!
I browsed through it myself a while ago, the smartcard portion was epecially weak -- it'd take two minutes to write an "Administrator" card (passwords and card-reader keys were in plaintext in the code!) that'd allow all sorts of goofiness.
Although it's good to have an independant security audit of the hardware/software, it's still a far cry from what I would call development of a secure system.
...? What are the logging/auding possibilities? How secure is the data transmitted? How secure is that data stored?
...
Did an independant auditor (or security specialist) audit the design - both hardware and software - from a security point of view? Where there independant audits/reviews of the coding or assembly of the hardware? Can you trust the developers or factory workers? Who is monitoring the deployment, development, good working,
Who will monitor the people who are in charge of the system?
Ultimately, you have to trust someone. And putting trust in the wrong kind of people is the biggest security risk there is
http://blog.astyran.sg
What if no-one finds a flaw? Everybody claims (or at least the dudes who've created the machine) the voting mechanism is secure. But you cant say that. The only thing you can conclude is that there were no flaws found.
If someone would find a flaw he/she would have showed an absence of security in the product. But when he/she didn't find flaws that doesnt necessarily mean the product is secure.
Alan Perlis once said: "A language that doesn't affect the way you think about programming, is not worth knowing"
While as disgusted by the whole Florida debacle as any freedom-loving person would be, I have to say: Until the last presidential election, the US hadn't had a Florida-sized failure, either. In other words, Europe might be doing it right or they might have just been luckier.
The Mongrel Dogs Who Teach
>Does everyone in the entire EU vote for a new president/prime minister/leader at the exact same time? To the second? or to the femtosecond? Seriously: many countries in the EU are significantly bigger than Florida - where I doubt the voting times were the same as say New Hampshire, or California. And the system in the US is based on this last item, as everyone is well aware.
Then again... I see this almost as a copout. If government is to be truely transparent, if the encryption scheme is truely unbreakable, then the machine's code should be open source and subject to public scrutiny.
Of course, there is always a large gap between my ideals and reality =D. This just happens to be one instance where I can see how RMS has it right in ways.
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
I live in the district where this is taking place. Last year, Georgia got its first Republican governor since Reconstruction, along with many, many Republican upsets over Democratic front-runners. The Diebold machines recorded votes that mismatched pre and post-election polling by large percentages.
I would love to see some sort of accountability for these damned things, besides some independent "hacker" trying to break into one. What is needed is a redesign that provides an unalterable record of each vote, along with transparency in the system itself. I'm afraid this challenge is only going to reinforce the system already in place.
-- lk t lv ll th vwls t f wrds. T svs lts f tm t wrt bt ts pn n th ss t rd nd mks m lk lk cmplt dpsht.
I live in Leon County, the capital county of Florida, and the epicenter of the last big (thank you California) voting scam.
u ct=EAGLE&type=Introduction) system which is what we have been using here.
In our county, we use paper ballots which are scanned by an optical scanning system. As far as I can tell, it's the current appropriate technology for this function.
Here are the positives:
1. You only require one (or a few for a big precinct) piece of equipment per polling place instead of a computer for each voting booth.
2. When the votes are entered into the optical scanner (by the voter) any entry errors are immediately recognized and the ballot is rejected. The poll worker can destroy the error ballot and provide a new blank ballot to the voter if they want to try again. There is NO problem with partially marked ballots.
3. There is an acceptable audit trail available for post election research, verification, audits, etc. An earlier poster suggested that paper ballots were easy to screw with, but another poster pointed out that screwing with an electronic file only takes a few lines of scripting.
So in my county (and total admiration to our Supervisor of Elections, Ion Sancho -- http://www.co.leon.fl.us/elect/bio.htm, we didn't have any problems with our count during that pesky election. Our election went smoothly, and the recount was exactly the same as the initial count.
The State of Florida has certified the Sequoia Eagle (http://www.sequoiavote.com/productguide.php?prod
I encourage the woman refered to in the original post to blog her progress and to seek and accept help from the larger world. I consider finding flaws in the touch screen election system as a open source project or perhaps even a contest with a cash prize (no...I'm not stepping up to offer such a prize.
if an expolit is found and patched, are we supposed to feel our voting is safe?
Do you feel safer every time MS patches their stuff with claims of fixing an exploit? Or how many patches does it take to make the public feel safe?
If a politician or political group wanted to exploit such a system, wouldn't they consider hiring someone familiar with cracking such a system? How would you advertise for such a job and even test the applicants?
If I vote electronicly, does that mean I can also participate in a jury electronicly?
I'm sure I can come up with all sorts of other perspectives but doesn't it all come down to simply controlling what the media reports anyway, and that it can eliminate or bypass any electronic counting system? (i.e. with all the media talking down on the Dixie Chicks, how is it that they are the top selling country band? Or how SCO has been so much in the Media lately about stupid stuff... who should believe the media anyway, no matter what the truth is.)
Point being, what verification do I as a voter get?
A: NONE!
I am expected to believe what someone else tells me the results of an election is.
Don't politicians as a profession lie? Especially in campagining for election? And haven't past elected politicians been found to lie to the public?
Doesn't this really all add up to cheating is OK so long as you do not get caught, or can't talk you way out of it?
There was a delay in responding to the olympic park bombing in 1996. The delay was caused by the program of the then new 911 system. It would not allow an assignment of a call to an officer(s) without inputting a valid address. Problem was, nobody thought to give the park an address, though everyone knew where it was, cept the 911 computer program. The call finally went out over old style walkie talkie to those officers who still had such a device. The delay time was perhaps long enough not to have saved those who died.
Point is, humans are smarter than programs. What we make we can break.... Electronic voting is just another place to manipulate the voting process. Another tool to perhaps convince people to vote for someone that is more likely to do something the voter would not approve of anyway.
But if such a systemn could be validated, then I think it could be used for more than just voting a politician into office, but could also be used to handle the day to day decissions of what politicans and their company do..... like slashdot moderation.... but better, more accurate and perhaps more verifiable to the adverage joe..
I'm not concerned if the system is secure or not (well, I am, but it is a side point). What I'm concerned about is that I can't audit the computer system without a paper trail. This is the most important issue. One can have a "secure" voting system which purposefully gives the wrong results on election day. Also, just beacuse one hacker can't crack it doesn't mean that other hackers won't.
Because that would show that it was a farce?
Seriously... other than a pretty face, what does she bring to the debate? Her site has typos and spelling errors. She resorts to ad hominem attacks and taking quotations out of context to support her arguments, which I have found to be an indicator that the person cannot support her thoughts with reason and facts. She seems to be saying "things should be this way because I think so."
She declares the recall to be a farce, even though enough citizens of the state felt that it was warranted that they signed the petitions and the judiciary declared it to be proper. Just what the state needs, another elected official that does not value the thoughts and wishes of the citizens and does not wish to be held accountable for her actions by those citizens.
She also seems to have difficulties with cause and effect. She argues that raising taxes on the wealthiest citizens caused the boom period, but does not bother to consider growth rates where taxes were not raised. She also does not mention the growth spurt that occured when President Kennedy pushed to have the tax rates slashed for the highest income groups. It appears that she does not understand complexities and instead opts for simplistic interpretations.
Having said all of that, I do think there is merit in many of her positions. I just do not think she is the person to implement them.
Fair amount of money at stake if she wanted to auction off her knowledge...
When all of your wishes have been granted, many of your dreams will be destroyed - Marilyn Manson
I know everyone is convinced that chads are the work of the devil, and caused all the problems in the 200 election, but I have to say that everyone is wrong.
There was *no* problem with "hanging chads". The voter's selection had a stick pointed in it. The stick made an indentation, or a partial hole, or a complete hole, or no impression whatsoever. The chad may or may not have been detached. Big woof if not.
The "spectacle" of judges peering at the cards was just that: spectacle. The votes were easily discernable by anyone who was not *trying* to make a fuss. The 'publicans were making a huge, screaming (literally) fuss at the counting tables. There was a non-Republican and a Republican counter at each table, so the validity of the recount was beyond question. If the voter made two choices, or none at all, it was invalid. All others were counted.
The paper ballots worked just fine. It was just politically expedient to pump confusion and hysteria into a normal recount process in order to invalidate the process in the minds of the public.
If Gore had won the initial count, the screams for a recount from the Bushies would have been deafening. This isn't a guess: the political strategy for a close race was already decided. Question the vote. Question the validity of the election, and of the man who won. They had plans for endless lawsuits.
Since Bush won, they used the opposite strategy. And they won not only a cancelled recount from the Supreme Court (well, a half-hour time limit to finish the count is a cancellation), but now the Diebold company, a major Republican player, is replacing a solid and auditable paper system with a system that is emminently cheatable -- and with no recount possible, and no audit trail.
Anyone who's even halfway suspicious of human nature would choke with laughter at the introduction of a private computer system replacing an auditable paper system.
Whether she breaks it or not, she'll be charged with terrorism under the patriot act and tossed in prison for the rest of her life for trying to "hack" into a system to expose dangerous backdoors which will put our precious children in danger.. (permission doesn't matter)
Stupid people make stupid things profitable.
Professional wrestlers & dead men elected to office, controversy in NJ and Fla last year, not to mention Fla contributing to Dubya's overthrow of Gore (even if everything WAS kosher, the family link requires far more conclusive results for appearances sake), and now the freak show in California (Clinton faced impeachment w/o leaving office; Calif. should require something more serious than being left holding the bag post-Enron) but you're worried about *potential* issues in *future* elections? Mod me down all you want, but the bigger issue here is the fact that, realtively speaking, GA is a non-issue...
When all of your wishes have been granted, many of your dreams will be destroyed - Marilyn Manson