Slashdot Mirror

← Back to Stories (view on slashdot.org)

More E-Voting Software Leaks Surface

Posted by simoniker on from the cheating-for-election-and-profit dept.

Christopher Soghoian writes "Sound like something you've seen before? Wired News reports that the software which runs Sequoia's AVC Edge voting machines has been accidentally placed on another company's publicly available FTP server, although this time it's the binary, rather than the source that's been leaked. Machines running this software were used in California's Riverside County for the 2000 presidential election and for last month's California gubernatorial recall election. The system also has been used in counties in Florida and Washington state."

4 of 283 comments (clear)

  1. Here we go again... by tinrobot · · Score: 4, Informative

    Let's see, the software is written on a Microsoft base, is closed source and... shudder... appears to be prone to tampering. Just like Diebold and I would imagine every other vendor's software.

    We need to get the source in the open, and more importantly, we need to have these machines give paper ballot reciepts as well as an internal audit tape like those found on ATMs...

    There is a bill in the House (H.R. 2239) that already has a lot of support and addresses a lot of these issues. Please urge your representative to support it as well.

  2. Embarrassing answer by freeweed · · Score: 5, Informative

    I'll probably embarrass myself even more by my answer, but here goes.

    You can often get a fair bit of source from a binary, but it all depends on what language the source was originally from, what platform it was written for, etc.

    More importantly (as I understand it) is how it was compiled, etc. Source code isn't just translated line by line into machine code. Especially with today's optimizing compilers, there's a lot of automagic going on.

    Now, you usually can get the assembler directives out of a binary (ahh, disassemblers are fun), but even this is dicey. I know from playing around with Atari 2600 roms that often you can't know precisely what parts of the code do what, iirc because code and data were often intermixed in irregular ways. Even if you get the full assembly code, have fun reading it if it's more than a few thousand lines.

    Having said that, there's a lot of incredible stuff a skilled person can do with disassemblers, but it all comes down to the source->machine code translation. There's a lot of factors that come into play here, and it's not just a simple inversion of some always used process.

    There, can I be less specific? :) I'm sure 50 other Slashdotters will expand/correct/make fun of me, but I figure since no one else is answering, I'll take a stab at it.

    --
    Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
  3. Short answer: variable names. by slackergod · · Score: 5, Informative

    To go from, say, a C language file to an exe,
    the compiler first loads the C file (ending in .c),
    and all the files it refers to,
    and then parses all of it into an internal
    structure.

    this structure is then optimized:
    loops are unrolled, functions are inlined,
    and info that is mention but isn't needed
    is stripped out.

    the resulting structure is then
    written out as a series of assembly
    instructions, which are then
    converted to the numeric codes
    the processor understands.

    this is the exe.

    to go backwards, it's (generally)
    trivial to take an exe and get a
    plaintext file containing the assembly
    instructions (this file usually ends in '.a')

    it's the optimization step that causes
    issues: one of the main things the computer
    doesn't need which is stripped out is
    variable names, comments, etc.
    without them, there's no context.
    you can figure out the algorithm from the assembly,
    but you can't easily figure out what
    it's operating on.
    to make things worse, other optimizations
    may alter the code for faster execution,
    making it even harder to figure out.

    Occasionally, mistakes are made...
    Microsoft slipped up a while back,
    and released a windows patch which had
    the 'debugging info' left in it.
    All this really amounts to is the variable
    names, function names, etc...
    which is bloody useful.

    Making this process even worse is that
    some (rare) executeables are self modifying,
    which makes them MUCH harder to predict.

    in summary, it's not that hard to get
    back to C code, assuming the program
    was even written in C. You'd just have
    variable names like 'var0001', 'var0002'
    'func0001', etc.

    It's basically the difference between
    having a nice nested tree structure
    which you can compartmentalize and analyze,
    versus one long list of instructions,
    which the computer may start and stop
    execution of at any point.. sorta like DNA.

  4. It is already been abused. by Pope+Raymond+Lama · · Score: 4, Informative

    Here in Brazil, were we have had last year the largest elections using proprietary-software-equiped-polls, it seens that there have been more than a
    couple of frauds last year.

    The latest news are these ones (In Portuguese. Use
    the fish to read in English).

    There have surfaced accuatins of votings being sold at R$10,00 (~U$3.30) each one, and of a candidate that had more than 1000 votes while they were being counted ending up with zero votes.

    I just hope they get to the only one true: these eletronic polls, as they are, are nothing but election-buying machinnes.

    --
    -><- no .sig is good sig.