Hardware Hacking a Voting Machine in 4 Minutes

goombah99 writes "Bev Harris of BlackBoxVoting.org has acquired an actual Diebold Acu-vote ballot scanner. Rummaging through King County's trash, she managed to get her hands on some of their tags and seals. She has since demonstrated a successful penetration of the seals without breaking them ... all in under 4 minutes with no training or technical skills required. There's a nice how-to with photos over at Verified Voting New Mexico." More from goombah99 below. "The demo is particularly relevant in light of the recent experience in Ohio in which there were large discrepancies between the electronic record and the paper trail, and also since many counties still permit the machines to be taken home by individuals before voting day (as a means of distributing them to precincts). These 'sleepover' machines were involved in the contentious narrow-margin San Diego Election, and are in continued practice in many states. Moreover, it's common practice for counties to contract out deliveries to third parties, such as in New Mexico where in one election, unlicensed delivery drivers took the machines on an unauthorized field trip and only got caught when they crashed the delivery truck after a stop at Hooters. The good news here is that the penetrated Diebold system in the photo essay is an optical scan system. It's not a touchscreen electronic voting system, so there is a paper trail. What hack really shows is that without mandatory random spot checks on the paper ballots, these may be as potentially vulnerable as the touchscreen direct recording electronic voting systems. It's perhaps worth noting that the open source voting system being developed by the Open Voting Consortium features a 100% reconciliation of every single paper ballot with an independent electronic record."

Format of the linked article

[ergo98]

Try viewing it without JavaScript (e.g. like those of us with NoScript). Look at the source -- OMG.

That now qualifies as the most atrocious use of JavaScript I've ever seen - Jesus, render this garbage on the server. Feeding some oddball marked up nonsense to the browser, yielding a circa-1997 page, seems a little...unnecessary.

Re:why is it secured in the first place?

[Jarnis]

Because the braindead system can be r00ted using a memory card - if a specially prepared card is in at boot, it can boot from the card and utterly pwn the software inside.

Logic being 'ease of updating', but the safeguards in place against inserting something other than an authorized, verified and certified update are close to nonexisting.

So, in essence, if you have access to the memory card slot, some time, and capability to reboot the machine, you can pwn the election. And it will most likely be untraceable.

To Trust or Not To Trust

[misterhypno]

That is the question. And, considering the declining number of people voting every election, the rising number of complaints about the elctronic systems being used to tally the votes, the complaints about the butterfly ballots, the delays in counting the votes, the political maniuplations OF the votes when a dispute happens, the public seems to be getting ready to say, "To hell with the whole system!"

And that's bad.

Very few people trust the election system as it now stands on a national basis. There is NO national standard, NO overwatch that is politically independent and NO way to VERIFY the states that are using the electronic-only voting methods.

The gaps are obvious: we need a national standard for the voting process; one that allows verification of EVERY vote on a papertrail basis; we need an independent overwatch OF the voting process; and we need an electronic voting system that is far more secure than the one that is currently being used.

And the probability of that happening amounts to one Big FAT CHANCE.

The excuses? It costs too much, it will take too much time to put into place, it violates State's Rights, there is no way to keep the politics out of the system and no system is completely secure.

How much are we willing to spend to defend our shores from attack? Is .01% of that too much to ask to put into place a secure election system? How about siphoning off some of that pay hike the Congress just voted itself for this instead?

With regards to State's Rights, this is for a national election. Sorry kiddies, doesn't apply as far as standards of the systems themselves go. You still have control of WHO votes and that's where the REAL power resides, so STFU. Keeping the politics out of the system? Well, there's no easy fix for that, but making the election review board similar to the Supremes, but with a requirement of 4 and 4 from each party and only 1 being appointed by the LAST sitting Prez might work... subject to Congressional approval and all that, of course. And secure? Well, nothing is ever totally secure, but we should be able to do better than a four-minute, no-break-the-seal-non-techie-hack!

Lee Darrow,
Chicago, IL

Private Voting, Public Counting

[mrosgood]

There's lots of good posts. I'm glad we geeks are talking about this important issue.

I spoke briefly with Bev Harris recently. See below.

I'm at work, so I need to make this brief. Just four points.

First, the two pillars of our democracy (United States of America) are private voting and public counting. We adopted the Australian Ballot (aka secret ballot) a while back. Things like electronic voting and forced mail voting (e.g. 100% vote by mail) take away the secret ballot. Here in Washington State, our constitution says we need a secret ballot. Disagree if you want. There's lots of ideas. Like voting receipts and no more secret ballots. But please start by changing our laws. Meanwhile, any attempt to take away the secret ballot (private voting) is unconstitutional.

Second, there is no technical way to have an electronic voting system which both preserves the secret ballot and the public vote count. If the ballots are secret, then there's no verifiability, meaning no public count. If the system is verifiable, then there's no secret ballot. You can have one or the other, but not both. Electronic counting, as with the precinct-based optical scanners, can be done constitutionally.

Third, currently the most reliable way to vote in the USA is to use a voter-correctable precinct-based optical scanner (PBOS). Sorry, I don't have the cites handy (my bad), but dig a little and you can find the research on this. Brennan Center, GAO reports, MIT Voter Project, etc. The basic idea is that you mark a ballot and feed it into a machine. If there's a problem, the machine spits the ballot back out, giving the voter a chance to correct the problem. Yes, these machines need to be better designed, open source, yadda, yadda. But before anyone proposes a better system, please work to understand the best system currently available. (Thank you for your patience.)

Many juridictions have wisely moved away from touchscreens and other DREs and adopted PBOS systems with a low-cost, verifiable solution for disabled voting. TrueVoteCT.org just had a huge win. And Voter Action sued and got the touchscreens in New Mexico replaced with PBOS systems. (Please visit both orgs and give them cash. Activism is not cheap!)

Fourth, and lastly, Bev Harris made an incredibly important point: Our elections have to be understandable for all the voters. Blackbox Voting has spents years digging and researching. I've personally spent 2 years learning all that I can about elections, voting, and these systems. I'm a computer geek and I readily admit that I had to work pretty hard to understand stuff. Bev has a lot of contact with experts, computer scientists, security dudes, etc. Her point is that we cannot rely on those sage gurus to weigh in on our election systems. We all need to understand how our democracy works. Not just the wonks. That means our election and voting systems must be simple and straightforward.

(PS- I saw Bev during King County Washington's "logic and accuracy testing" of our new Diebold AccuVote TSx touchscreens last Tuesday. You can read "Report: Testing of Diebold AccuVote TSx" on my blog, on WashBlog, or on dailyKos. Please holler if anyone has questions. I'll do my best to reply in a timely fashion.)