Hardware Hacking a Voting Machine in 4 Minutes

goombah99 writes "Bev Harris of BlackBoxVoting.org has acquired an actual Diebold Acu-vote ballot scanner. Rummaging through King County's trash, she managed to get her hands on some of their tags and seals. She has since demonstrated a successful penetration of the seals without breaking them ... all in under 4 minutes with no training or technical skills required. There's a nice how-to with photos over at Verified Voting New Mexico." More from goombah99 below. "The demo is particularly relevant in light of the recent experience in Ohio in which there were large discrepancies between the electronic record and the paper trail, and also since many counties still permit the machines to be taken home by individuals before voting day (as a means of distributing them to precincts). These 'sleepover' machines were involved in the contentious narrow-margin San Diego Election, and are in continued practice in many states. Moreover, it's common practice for counties to contract out deliveries to third parties, such as in New Mexico where in one election, unlicensed delivery drivers took the machines on an unauthorized field trip and only got caught when they crashed the delivery truck after a stop at Hooters. The good news here is that the penetrated Diebold system in the photo essay is an optical scan system. It's not a touchscreen electronic voting system, so there is a paper trail. What hack really shows is that without mandatory random spot checks on the paper ballots, these may be as potentially vulnerable as the touchscreen direct recording electronic voting systems. It's perhaps worth noting that the open source voting system being developed by the Open Voting Consortium features a 100% reconciliation of every single paper ballot with an independent electronic record."

My Perception Has Changed Again

[eldavojohn]

My initial concerns about these voting machines was someone obtaining one through other means than stealing one from the government and then creating trojan software for it. I mean, if other people can buy these ... then they can study them and learn how to hack them. On the converse, if we can't study them, how do we know the government isn't rigging them?

So there was this interesting catch-22 where you couldn't let them into the general population for fear of a trojan being created and inserted into a group of normal ones on election day. But you also can't trust your government. Especially not the current one in the United States and considering the voluntary resignation of the Diebold CEO, I think we should at least ask for third party verification of these machines. In fact, I for one consider Black Box Voting to be a champion protector of my right to vote for publishing this information. You might not feel as strongly about them but had I not read two articles from them, I would still be ready to use a voting machine in the next presidential election.

Black Box Voting had me convinced these machines were at least a liability and at best a luddite's fear. After reading this quick "how-to" about these machines, my perception is no longer that we need to define how these machines are bought, sold & handled ... but instead my opinion is now that we may be trying to use something that shouldn't be used at all.

Product created with shoddy security features. Get rid of Diebold and hope the market brings a new contestant into the ring for the much sought after prize of the American public's voting machine contract!

The Diebold Acu-vote has failed as a product that requires the utmost security. I am a dissatisfied consumer and I sincerely hope every citizen of the United States agrees with me.

Re:My Perception Has Changed Again

"The Diebold Acu-vote has failed as a product that requires the utmost security. I am a dissatisfied consumer and I sincerely hope every citizen of the United States agrees with me."

Unfortunately, you're not Diebold's customer. The elected officials who in turn buy the machines responsible for reelecting themselves are Diebold's customers.

Re:My Perception Has Changed Again

[jZnat]

But we as the American taxpayers pay for it, so we are the customers.

Re:My Perception Has Changed Again

[Chaffar]

The Diebold Acu-vote has failed as a product that requires the utmost security.

Honestly how hard would it have been for them to adapt their ATM's to become a voting machine?

Press the button next to the name of the person you want to vote for. Thank you for voting. Yes, it IS as simple as that.

This is the part where you're suppose to realize that it's because Acu-Vote was never designed to be "secure" :)

Re:My Perception Has Changed Again

[1984]

You seem to miss the point of a closed ballot: voter security. If you can check who someone voted for, you can intimidate and threaten individuals regarding their vote. Imagine large chaps stood outside the voting station encouraging you to vote a particular way having the luxury of knowing exactly how you voted when you're on your way back out.

Not that groups can't terrorize entire districts suspected of leaning toward the other side, but it's all that much easier when you can point the finger at individuals. What the parent poster is talking about is the thin end of this particular wedge, and you're being obtuse describing that as sophistry.

Re:My Perception Has Changed Again

[drinkypoo]

Again, not to advocate open voting, but to simply point out the problems you stated aren't really all that bac. You can get another job with someone who doesn't care who you vote for, as oppossed to working for some bastard you don't like. And if your friends or family know who you voted for, and you can't look them in the face afterwards and defend your position, maybe just maybe you voted the wrong way.

Is the ivory tower up your ass cold? Does it chafe?

You can't necessarily just get another job. People with families to support can't always make the decision they'd like to make.

Anyway, the vote was closed not only for that reason, but to prevent people from selling their vote. You can't sell your vote if it can't be proven which way you voted.

So the question really What bothers you more, an Unelected Government who stole power from the people, or everyone knowing who you voted for?

Mu. What I want is freedom. I can't truly posess that without BOTH of those things being untrue. Thus opening the vote is not a solution at all. You've presented a false dichotomy. This is not an either-or situation.

Re:My Perception Has Changed Again

[compro01]

i may be a technophile, but i still prefer our old fashioned secret paper ballot that we still use up here in Canada, which goes into a cardboard box, which is then counted by human eyes. sure, it is a bit more error prone, but it is significantly more difficult to rig, as you'd have to bribe quite a number of people counting the votes.

i would still prefer to keep my vote secret to the majority of the population. if you ask me, i'll likely tell you, but the thing would be that I choose who i want to tell.

There is only one problem with electronic voting:

[BandwidthHog]

It is not needed.

We geeks love to bitch about solutions in search of a problem; is there a clearer example?

Good Enough for Government Work

[stealie72]

Seriously, it seems like the voting system is just shoddy, not specifically corrupt. But the shoddyness sure does help the corruption.

If only people thought their vote mattered, they might be concerned about this.

Re:Good Enough for Government Work

[monoqlith]

Exactly. It's a vicious cycle. People are convinced that their vote doesn't matter; therefore, our election administrators can get away with an opaque, shoddy, and potentially corrupt election system. Then, stories like this come out which confirms people's mistrust, cynicism, and resulting apathy, entrenching the popular opinion that the individual vote doesn't matter. Instead of being galvanized, most people(including myself, but not anymore) just sit back and declare that the ideal of popular representation has been dead for many years already or they wait for other people(the government?) to take care of the problem. Or they declare that there is no difference between the platforms; that all politicians are the same nihilistic creatures. Or they just don't feel like worrying about it. Or they don't understand why having a privatized election system administered by political appointees and elected officials, entails a conflict of interest. There are failures of curiosity at every level of public life.

This is not at all to say that stories like this are bad at all. They are very very good. They bring attention to probably the most important issue of our time; if we have no say in our government, then every other political issue is quite literally irrelevant. I applaud black box voting for taking this seriously, and hope that I can justify their efforts by helping to galvanize people to demand transparent voting. It is absurd that our election process is subject to error at all.

  As I've said before, it's just counting

Why can't we get it unequivocally right? It is so easy that there has to be some interest behind not making it as transparent and rigorously accurate as humanly possible. We need to draw out these interests and cancel out any undue influence they have over our system.

why is it secured in the first place?

[wfberg]

What I wonder is: why is it secured in the first place?

No really, why should a memory card containing results need to be secured with a coverplate? It's the contents of the card that matters. Can't the authenticity of the card's content be ascertained without needing it NOT to fall in wrong hands? Is there no encryption used, no message authentication? Is there no protocol whereby officials at least sign off on a print-out containing the count, and some checksums? Wouldn't there need to be no need to secure the card itself? I mean, the machine (and it's RAM), obviously, but the card should only contain a copy of the results - a copy that will be in tomorrows papers anyway.

The fact that someone (at Diebold even!) saw the need to put a coverplate in front of the memory card speaks volumes as to the system's design assumptions. That the machines are left with people overnight only makes things much, much worse.

And that website's "web 2.0" ajaxy slidey photo thingy makes me dizzy and kinda nauseuous..

Re:What about hacking paper ballots?

[MrNaz]

A pile of electrons is a little easier to hide than a pile of election ballots.

Re:What about hacking paper ballots?

[Zenaku]

Depends on what you mean by "rigging." If you wanted to say, register in 5 different precincts, then vote at each one, you might get away with it. But that's 4 extra votes. If you wanted to say, change every 5th vote from a district, or just plain "lose" the results of the district entirely, you'd have a hard time doing it on paper.

In general, I'd say that any kind of large-scale vote rigging done by paper ballots would require a conspiricy involving multiple staffers and observers at the polling places. You'd need to physically replace thousands of paper ballots with fake ones. Good luck doing that by yourself. And afterwards, if the results look fishy, there is a good chance that the fraud could be discovered on a recount.

With these Diebold machines, on the other hand, any one person, even one without any special access given to election workers, could modify as many votes as they want, while arousing no suspicion, leaving no physical evidence in the form of discarded ballots, and leaving no trace of the original results should a recount or investigation be ordered.

There will always be some dishonest people who see democracy as a game they can "cheat" at to win. But if a voting machine doesn't produce a solid meat-space record that can be guarded, stored, and re-examined, the effects of those cheaters on the outcome is greater by orders of magnitude.

Some things should NOT be electronic

[Unlikely_Hero]

This just goes to show that there are a great number of things that should not be computerized/network connected etc.
Just as one should not have an internet accessible refrigerator "mom! someone hacked the fridge again and turned the cooling off! Oh god the smell!!"
One should not have electronic voting machines. Seriously, why the hell do we need electronic voting other than that a great deal of people were, excuse my honesty, too goddamn stupid to understand how to use a paper ballot.
Another case of the ignorant masses rising up, bitching about how things are "too hard" and overcoming those of us who can follow simply printed instructions with their sheer moronic numbers.
Fellow /.ers (particularly those of us in the states). Do you ever feel like you're strapped to a chair with a wet towel over your head surrounded by people who can't tie their own shoes without managing to injure themselves?

Re:Some things should NOT be electronic

[Volante3192]

The problem isn't that it's electronic, the problem is it's not being held to any sort of secure criteria. Just compare Nevada slot machines to a Diebold device. Hell, compare Diebold ATMs to Diebold voting machines. It's a world of difference.

It also shows the importance we place on money versus our government...

I'm all for this, but no one has proven they can do it right. Maybe we should just replace voting machines with slot machines...

Re:Just my guess

[Osty]

But I think there is an assumption that the people running the polls will not allow a team of hackers to sit there at the Diebold machine prodding and prying at it, soldering logic boards onto it, and all the other funky stuff they've been doing to Diebold machines to make them mess up. I could just drive a truck into it, that would be even easier than hacking it!

It's not people at the polling place that they're concerned with. Its the corrupt officials who get to take the machine home with them, who could replace valid vote data with a trumped up memory card showing a clear majority win for whoever is paying them the most. The "tag" on the metal cover is supposed to prove that the machine has not been tampered with. This article proves that you can tamper with the data all you like without breaking that tag.

In a sense, this is even worse than a hacker attacking the machine right at the polling place. In this scenario, you feel like you've excercised your right to vote and contributed to the process of making things better, but in reality your vote never got counted at all. It was replaced by a dummy vote.

It's like television.

[Grendel+Drago]

It's kind of like television. You are not the networks' customer. The ad companies are the customer; you are the product that is sold to them. Everything else is just flim-flam designed to keep you in front of the tube.

Re:It's like television.

[joseph@ctc.com]

But if the election is rigged, then the fear of being turned out of office disappears, no? (That's me being as cynical as I want.)

Re:What about hacking paper ballots?

[Smidge204]

Paper ballots are certaintly not perfect. They can easily be altered, lost or destroyed... but so can electronic records and the physical media they are stored on.

However, changing one vote on a paper ballot requires modifying or replacing a sheet of paper. Changing 100,000 votes requires changing or modifying 100,000 sheets of paper. Changing one electronic vote requires a few keystrokes. Changing 100,000 electronic votes requries... a kew keystrokes.

Even better, to alter a paper ballot you need physical access to the ballot. To change an electronic vote you do not necessarily need physical access to the computer on which is resides.

100,000 paper ballots also takes up a bit of volume, os it is not something that can be easily concealed without having a lot of people in on the plot, and would take some time to prepare, swap and dispose of the evidence. A memory card holding 100,000 electronic votes can be slipped into a shirt pocket, can be prepared in minutes, and all traces of the original data can be destroyed almost instantly.

Lastly, anyone can read and verify a paper ballot. Only people with the proper equipment, software, and technical knowledge (and cryptographic keys, if any are used) will be able to look at and verify the electronic votes.
=Smidge=

Re:So okay wait.

[Red+Flayer]

If Democrats win in the fall elections, and these machines are still being used, will there still be an uproar?
I'm doubtful.

C'mon, don't make this a partisan issue. Democrats are making a lot of noise about it right now because they were the ones most recently burned. Plenty of Republicans, Libertarians, Greens, and independents are just as upset about it.

Oh, and a big difference -- the Republican party has been demonstrably messing with the election process. From worse gerrymandering (of course the Dems do it too), to manipulation of the voter rolls, Republican control of the voting apparatus has lessened the democracy of the US. When the Democrats are also demonstrated to have systematically abused the voting apparatus to rig elections, then there will be just as large an uproar.

And one final note -- what uproar? I haven't seen one. The MSM hasn't covered this to any extent. Joe Q. Public is unaware there is a problem. If you're trying to say in your post that the media is biased, or that coverage of the issue is biased, or that Democrats are only making an issue of this because they lost, you'e way off base. It isn't the Democratic party that's making an issue of this.

Fear the DMCA.

[Peter+Trepan]

I'm not a lawyer, but I think these instructions should immediately be posted to sites hosted outside the U.S., so that Diebold can't get an injunction to shut the site down under the DMCA, and so they'll have less reason to take legal action against the poster, since doing so won't erase the evidence.

Here is my solution

[deadline]

If the SSN, home address, home phone, etc. of all the legislators who voted for the machines were placed on the memory card (and the officers of the companies that made them), then you can be damn sure the machines would be tamper proof and there would be a well documented chain of custody of each machine as well.

Better, yet put all their pension money in an Swiss bank escrow account and place the number in the memory card. Then things get serious.

Good security is possible. My guess is that the Diebold machines, rather than being some diabolical plot, are just a sloppy product designed for the government feeding trough. The whole e-voting thing is a windfall for these companies. It is mandated business.

Re:What about hacking paper ballots?

[k98sven]

Here here! All the old fogys are afraid of the "darned electric voting boxs" when it was and still is easier to "acidentally" destroy all the black voters paper ballets or not count "pregnant chads". I'm not even taking into account thinks done by non-government forces.

Bullshit. How exactly is it easy to destroy ANY ballot when you have multiple election workers with their eyes on them at every moment? Plus any number of election observers, which may be representatives of all parties involved, plus any number of federal or foreign observers.

The ONLY way you can destroy a paper ballot is if there are no observers, and all present voting administrators are corrupt. (And observers are usually deployed to exactly the places where there are suspicions of corruption).

Now let's consider an "e-voting" machine that leaves no verifiable paper trail, shall we? The officials and observers at the polling station have no way of knowing that the vote the machine actually registered was accurate, and neither do you. Nor can they tell if the machine is malfunctioning. All you need is ONE person to tamper with the machine, and do so at ANY time.

If the machine is compromised it can still display "Zero votes registered" when the poll opens. But I'd sure like to see you do the same trick stuffing paper slips in a ballot box and still having it look empty.

To ensure a fair election with paper ballots you need: At least one honest election official. And/or at least one impartial observer. To ensure a fair election with an electronic voting machine you need: All people who've ever had the opportunity to tamper with the machine to be honest. You need the software to be correct and bug-free (yeah, right). You need to be able to verify the correctness of the software.

It's true that it's impossible to guarantee fair elections. All you can do is reduce the risk of cheating, and the possible magnitude of cheating. Electronic voting machines do neither. All they do is cost less money.

Re:So okay wait.

[Red+Flayer]

The national "mainstream" (center-left) media will do their obligatory piece on it and let it die.

Still buying that piece of horse-crap? The news media is center-right. Yes, even ABC, NBC, etc.

Also, you need to rethink your definitions of left and right. Do you mean just regarding social issues? Or also fiscal issues? Because honestly, your post made almost no sense without a definition of terms.

/., on the whole, leans moderately left.

If that were so, we wouldn't see so many posts like yours getting modded up. It's a guaranteed upmod -- just spout some nonsense about some tangentially liberal/conservative dichotomous issue, and then say slashdot leans left.

Newsflash: the center has moved to the right, largely due to the media and the greater birth rate among conservatives. What you consider left-of-center used to be the center.

It saves money!?

[chocolatetrumpet]

It saves money!? Great!

Democracy isn't worth the price of paper ballots anyway.

Re:There is only one problem with electronic votin

[sgt_doom]

Well, the "solution" to everything from this administration has been to "privatize" it...that is, to contract it out for fraudulent overbilling, embezzling, and plain not getting the job done -- but receiving the taxpayer's funds in payment anyway. The clear solution is to quit "privatizing" everything

Re:Ok

[lynx_user_abroad]

You make an excellent point here, but you don't make it strongly enough.

The elections not only have to be fool-proof, but fool-accountable too, so that the common voter can clearly understand, and verify the process of voting. That alone means no electronic voting, because 99% of the voters don't understand it, and even if they do, they can't verify the process.

The Diebolds and the Mexico's of the world are just now starting to understand this: It doesn't matter if the voting machine actually rigs the vote or not, if there's a possibility that the voting machine could have allowed the vote to be rigged, people with an axe to grind are going to grind it.

Diebold (and digital voting advovcates like them) will always hide behind the shield of "no one has ever proven that the election was rigged" while ignoring the damage that "no one has ever proven that the election wasn't rigged" does to the entire election process.

Digital voting is an assault on democracy. It really is as simple as that.

Re:Nuts

[BobTheLawyer]

Strongly agree. Paper voting is easily understood, and the voting, security arrangements and counting can be observed in plain sight by representatives of the candidates. Fraud is very difficult indeed. I'm not sure how, even in principle, you could obtain equivalent security and transparency with an electronic system.

As far as practicality goes, with sufficient manpower, counting tens of thousands of ballots in a voting district can be accomplished surprisingly speedily, and to a very high degree of accuracy. Most countries do this without a problem. It perhaps gets more difficult if you have Californian-style ballots which include dozens of separate items (e.g. citizens' referenda). Not sure how practicable it is to count all this by hand, but perhaps the Presidential ballot could be treated differently?

Fair and Balanced Vote Fraud

[Doc+Ruby]

Has anyone found any independently verified evidence of any of these digital voting devices used in an election won by a Democrat?

Until someone does this in an actual election..

[TomRC]

Until someone does this in an actual election, and then announces that they've skewed the results (and they'd better do it anonymously, or jail awaits them), no on in power is going to pay any attention. Reform only happens after actual problems get the public upset.

Non-violent protest

[hairykrishna]

I keep reading about how these machines are insanely easy to hack. Surely the next election will be determined by the patriotic hackers of america? Apply yourself people.

Re:Nuts

[BalanceOfJudgement]

It perhaps gets more difficult if you have Californian-style ballots which include dozens of separate items (e.g. citizens' referenda). Not sure how practicable it is to count all this by hand, but perhaps the Presidential ballot could be treated differently?

When I volunteered on the voting staff there a few years ago, it wasn't a problem. The votes were all counted within 2 hours of being submitted to the sorting center - and these were punch card ballots that had to be hand verified and hand fed into counting machines.

So yeah, you're right - electronic voting really isn't buying us anything, and in fact is probably selling out quite a bit more than we bargained for.

Sigh.. this is how democracies end. When confidence in the voting process dies, that is the beginning of the end of a nation's freedom.