Slashdot Mirror
Critical Security Hole Found in Diebold Machines
ckswift writes "From security expert Bruce Schneier's blog, a major security hole has been found in Diebold voting machines." From the article: "The hole is considered more worrisome than most security problems discovered on modern voting machines, such as weak encryption, easily pickable locks and use of the same, weak password nationwide. Armed with a little basic knowledge of Diebold voting systems and a standard component available at any computer store, someone with a minute or two of access to a Diebold touch screen could load virtually any software into the machine and disable it, redistribute votes or alter its performance in myriad ways."
So the closed-source company with apparent links to the incumbent government and a record of blocking any attempts to investigate their code turn out to have security flaws?
Okay - closed-source versus open-source is a non-issue, but I expected something like this from Diebold sooner or later.
I'm seriously worried though. Here in Australia a lot of ATMs have been replaced recently with shiny new Diebold machines. I've no doubt they're harder to hack, but it's not an encouraging sign.
REALLY. OMG. Who'd a thunkit.
seriously, that practices going on around this company made me assume that such a thing was possible. security through obscurity was the mantra i kept hearing from diebold, which to me translates as a few people get to have holes that the majority don't know enough about to stop. 3rd party audit people. even if it's not released publicly.
What's so bad about the optical scanners and the ballots where you fill in a circle? I remember a study that showed they were the most secure, you have a paper trail, and any idiot can figure it out after 13 years of standardized testing. Electronic voting, on the other hand, smacks of boodoggle, fraud & overall shoddiness.
Making these devices large, restricted to the government, bulky & containing GPS units in the case of them being stolen.
Not to sound pessimistic, but the government is precisely the people we need to protect this machine from. I would think that the only way to address this would be to:
If an irregularity occurs, the entire process must be repeated and the citizens must be allowed to vote again. This will eliminate the posibility of people just tampering for the purpose of getting the precinct thrown out of the count.
____
~ |rip/\/\aster /\/\onkey
Why does Diebold design these machines in such a way that they *CAN* be hacked? I think that involving an Operating System and software in the design of such a machine is a critical error. As a computer engineer, I realize that overcomplicating things can lead to errors. DSP's can make hardware extremely cheap, but there are places where analog circuits are cheaper and more realiable! Why hasn't Diebold designed a hardwired electronic circuit or a mechanical system with failsafes such that the machine can't be hacked, and the wrong candidate will not be selected if the machine fails? There are so many places where their current design can and will go wrong. I believe that it's time for these loonies (or preferrably someone else who has more sense) to come up with a more rudimentary and failsafe design!
They make a voting machine that is atrocious and faulty.
To be fair, even if it were someone else, voting machines that submit the vote in electronic form simply have fundamental problems with accountability. Yes, Diebold has had some atrocious engineering problems, but even if you took the best group of engineers on the planet and asked them to replace the pencil or hole punch machine with a fully electronic form, they'd still have a vastly more exploitable system than the traditional system.
I view Diebold as representative of a lot of companies that get government contracts -- obtaining unneeded pork, doing a fairly half-assed job. However, while some things (like the criminal records of people presiding over the project) were a little disturbing, I'm more willing to say that Diebold probably has nothing more malicious in mind than getting as much money as possible and not caring much as to how useful (or dangerous) their work is.
The real problem is that no voting administrator wants to be in the shoes of the Florida people, where questionable ballots exceeded the margin by which Bush won. An electronic form throws away all data other than a simple vote -- it may not be more accurate, but it covers the asses of voting administrators.
The fact that the whole system is much less accountable and more open to abuse and attacks than a physical system is more an issue that not of the involved people (voting officials and Diebold) just don't care about than one that I expect that they intend to personally exploit.
Any program relying on (nontrivial) preemptive multithreading will be buggy.
How come no political party makes this a central campaign argument ?
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
1. Do you have any stats to back this up? I am unconvinced by someone saying the word "FUD".
2. Diebold doesn't need to tamper with the election to make using their voting machines a horrible idea. As this article points out, there are extreme security flaws that allow others to tamper, which means Diebold has failed miserably at the goal of creating secure voting machines.
3. Assuming your stats are correct, is it a coincidence that the Diebold machines were installed in heavily Republican areas? Who got to decide on the voting machines/mechanisms used?
4. You say "yet another liberal urban legend" without giving any examples. Do you think there are more liberal urban legends than conservative ones? That would be a very difficult claim to defend. Which is probably why you just put it out there as if it was obvious in hopes that people would just agree. Sadly, this works all too well all too often in the political world. Your post is a couple of undefended partisan claims, and nothing more. If you're actually thinking about anything, please show us what you're thinking. Otherwise you might as well just say "REPUBLICANS RULE! DEMS SUCK! GO BUSH!" and keep contributing to the us and them sports fan mentality that American politics has become. Well that turned into a bit of a rant, didn't it?
It's pointless talking about securing something that's inherently a terrible idea. You can't have voting performed by something that is, for most people, magical.
A good way to be certain these machines are sending the correct votes is to have a paper trail. When a person votes, a transaction id and their vote are printed to a piece of card or something, which is then put in a ballot box.
To verify that no votes have been sent by the machine without interaction, a random set of votes is selected from the result the machine sent and these are checked against the paper votes. To check that all votes have been sent correctly, a random set of paper votes are checked against the records sent by the machine. If either of these doesn't correlate, the paper votes are always assumed to be correct.
Even if this were to happen, it would (probably) take almost as much effort as counting the votes by hand!
Are you implying that it is not important that republican votes be accurately accounted for? Maybe that it was a forgone conclusion that Bush would receive all or significantly close to all republican votes, so assurance of accuracy is not of significant concern?
A frightening excusatory remark indeed... I may have semi-predictable voting patterns that lead me to vote predominantly democratic, but if a voting machine picks up my vote as being for Hillary Clinton in 2008, I guarantee you I'd wish to be aware of the error regardless of what I was expected to do.
Actually, this is FUD, not the original post. The original poster's concerns are shored up to a great extent by the very article under which the concerns were posted. What I just quoted from you is just a random claim you tossed out about some apparently nebulous web of deceit, yet I see nothing you've posted along with it that actually suggests any such thing exists.
Just because you SAY there are monsters under the bed doesn't make it so, and I don't see any beady eyes or claws peering out at me.
Please stop spreading this FUD.
An apt idea that you might consider applying to yourself in the future.
I still puzzles me why americans don't use something simpler...
hell, if India (with a BIGGER population) is capable of holding elections without soo much trouble, why can't the US do it?
I live in Soviet Canuckistan you insensitive clod!
Suppose DieBOLD's ATM machines had a backdoor key sequence that would enable me to get the whole stack of 20's. How long would it take them to slam that door shut?
When the people fear their government, there is tyranny; when the government fears the people, there is liberty.
---sung to the tune of Woody Guthrie's Hard Travelling
D
Diebold's stealing elections, I thought you knowed.
Diebold's stealing elections
A7
on machines with closed source code.
D
We dont need no double dealing,
G
electronic vote stealing.
A7
Diebold's stealing elections,
D
Lord.
Diebold's stealing our votes, the right that makes us free.
Diebold's stealing our votes, oh cant you see.
How can they say I'm free if their machines can vote for me?
Diebold's stealing our votes, Lord.
Diebold's stealing our votes, I thoought you knowed.
They've been shredding the paper trail at the end of the road.
It doesn't matter who you choose, when you're sure you're gonna lose.
Diebold's stealing our votes, Lord.
I'm gonna vote with pen and paper I thought you knowed.
I'm gonna see it counted at the end of the road.
I'm gonna vote with pen and paper so I know that there's a record.
And I'm gonna go vote my conscience Lord.
A quick couple of notes (so to speak)...
The chords are right as far as I know. The words are mine, though they dont fit quite right in all the places. Either apply Tom Leherer's rule that "it doesnt even matter if you fit a few extra syllables into a line" or use the folk process to make it fit so you can sing it.
Also, I've got one line with no verse to put around it...
"Voting wont be so scary if the countings not binary"
The main thrust of this song is to educate and protest on the issue of electronic voting. I am a New York State resident and for those who dont know we are being sued by the feds to upgrade our nice mechanical voting machines to electronic voting. If we do not they are going to withhold federal money for the upkeep of our voting system. This is blackmail, the same kind of blackmail that was used to put the 55 mph speed limit in place.
Our voting machines have worked for a century with the same design. We trust them to do the job and know where the flaws and weak spots in the security are. We, as a group, when polled, do not show a desire to change the system at this point and our state voting commission and legeslative review boards have rejected electronic voting as an unsecure and immature technology. The peculiarities of how a state does it's voting is a state's right to decide, which is why different states have different rules about every aspect of the electoral process. Some states are proportional, some are by district. Some states use machines and others use punchcards. Election laws are made at the local level.
The lawsuit by the federal government smacks of blackmail and manipulation. Why is the federal gov trying to control the electoral process at the local level? What do they hope to gain?
If I were at all cynical, I'd say because filling out thousands of fake ballots takes longer than tampering with the Diebold machines.
This is a voting machine, not a toaster! Even my mobile phone doesn't allow flashing of unsigned firmware.
But unlike a phone, voting machine is a multi-user device, which should be secure by design at every level.
So, maybe in this case Trusted Computing may find one of a few of its good applications?
Rediculous is ridiculous!
I would consider myself an authoritative source on the matter since I was involved in the 2004 recount in Ohio. I observed in an official capacity the recount in Clark and Shelby counties and in an unofficial capacity the recount in Greene county. I will now state some facts that you may take as you will.
Punch cards were used in all these counties. None of the equipment used was Diebold equipment. Recounts were run more loosely in Greene and Shelby counties (Republican strongholds) than in Clark county (about 50-50). I spoke with the Greene county board chairman. He said that he took responsibility for not realizing that increased voter registration would mean they would need more machines (his exact words were, "We dropped the ball on that").
On your points:
1) Most of Ohio was using Florida-style punch card ballots. A few places used optical scan. Fewer yet used the Diebold electronic machines. I cannot recall which counties had Diebold machines. If you care to research it yourself, keep in mind that most of Ohio is red except for areas near the lake and the rust belt regions of Akron, Canton, and on over to Youngstown. Columbus and Dayton are swing regions. Cincinnati is very red for a large city.
2) Yes, the security practices of Diebold, Inc. border on the criminally negligent.
3) Local boards of election, IIRC, decided how the votes would be recorded. Elections are run by our Secretary of State, but local boards are given some freedom as well. I am not sure exactly who makes the final decisions. It should be noted that our boards of election are not elected, but are appointed and must have equal numbers of registered Republicans and Democrats on them.
The only board of election under investigation of impropriety is the Cuyahoga board (the bluest county in Ohio). The allegation is that they pre-counted the "randomly" selected ballots themselves in order to make sure the count came out correctly so that they wouldn't have to recount all the ballots by hand. In our recent primary election, the same board had trouble with getting the machines running in a certian precinct. Usually our polls are open from 6:30a - 7:30p. That precinct didn't open until 1:30p, which prompted a judge to order it open until 9:30p.
The more local the election boards, the less likely that a wide-spread, concerted, and coordinated effort to perpetrate voter fraud can occur. When the original post states that "government" is whom we should be protecting this from, I'm sure the meaning of government is closer to central government than local government. There is an important distinction -- and I don't think it's "anti-government Slashdot pandering" to say so.
quiquid id est, timeo puellas et oscula dantes.