Slashdot Mirror
The Diebold Voting-Machine Hack
Warm John writes to mention a short article on Doctor Dobbs Journal about the Hack that couldn't be done. "Hacking a Diebold voting machine was the focus of Cigital's Gary McGraw's keynote at SD Best Practices. He discussed 'Security Analysis of the Diebold AccuVote-TS Voting Machine,' a paper released by Edward Felten, Ari Feldman, and Alex Halderman of the Princeton Center for Information Technology Policy. 'The paper details a simple method whereby the Princeton team was able to compromise the physical security of a Diebold voting machine, infecting it with a virus that could change voting results and spread by memory-card to other machines of the same type.'"
if i flash it can i use it as a calculator too?
i support the right to offend.
I'm in your voting machine stealing your election.
Fundamentalism stops a thinking mind.
Man Diebold looks slimier and slimier every passing week, but I'm more disturbed by Joe Demma's, Salt Lake's chief elections officer, response to Bruce Funk's actions. Granted, Funk acted by going around Demma by calling in Black Box Voting to check the Diebold machines, when presumably Demma is supposed to be responsible for that (just my guess as he's the chief elections officer).
However, Demma seems more incensed at Funk because he may cost the state $40,000 for Diebold's astronomical recertification fee. He doesn't seem to be worried that people might not trust these machines. He doesn't seem to care that a state officer was worried enough to call in a non-profit third party to verify the integrity of these machines. I mean, these things could possibly affect the outcome of a vote, the foundation for a democratic republic! But instead of worrying about these machines he's clearly more upset about the $40,000 and Funk not talking to him about his concerns regarding the voting machines.
And of COURSE Diebold is going to tell you the machines are fine and fair. Sheesh, they want to make money don't they?
Isn't it great that chief elections officers have their priorities straight?
Give me a ballot sheet and a pencil any day over these closed, proprietary black box machines.
Then I don't know what can. We need more information like this to come out because when dealing with elections, the last thing we need--but apparently the opposition wants--is for some kind of shennanigans elecing the wrong person. If electronic voting is ever to be used, it darn well should be open source, and transparent as hell...with two paper receipts (one for the voter and one for the auditors.)
How much more media attention do we need to give these jackasses at Diebold before the person in charge of contracting them goes.. "Hey wait a minute, you guys aren't very good at this ludicrously simple task," and takes a different approach to voting machines that doesn't give ultimate authority to some "company" over whether or not our votes will count.
Meet new people, and kill them.
In Illinois we get a paper printout that you check for accuracy and put in a ballot box; we can actually have a real recount.
That's incredibly weird, considering this IS Illinois, where they say "vote early, vote often," where dead people still have a right to vote, and the last two governors who lost elections went to prison (or will, in the case of Ryan).
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
And no, SpybotSD can't help you.
"Flyin' in just a sweet place,
Never been known to fail..."
I bet either someone is going to have 100% votes for Fred Flintstone, or someone is going to have a 60% write in for some person. Both of which could never happen and would do nothing except expose the voting machines as tamperable. I doubt someone is going to be smart enough to make the election look close, but vote for someone on the ballot. The only way a good ol conspiracy vote could happen is if the hacker got a load of money from a candidate. Well I guess that could happen.
God spoke to me.
This entire thing comes down to the ability to pick a lock so someone can replace the flash card. So why not put more secure locks on the devices? The paper ballots that we all love are also stored in locking containers, and as such are subject to the same fate as the Diebold tablets.
There are certain locks that are extremely difficult to pick... that's the solution.
You have enemies? Good. That means you've stood up for something, sometime in your life. --Winston Churchill
I've seen plenty of pro-Microsoft and pro-Diebold posts get modded up. All you have to do is have a clear point, and show it. You didn't manage that. You said the fraud happens, and it doesn't make a difference if we can trace it or not.
It does make a difference. With a punch card, or a paper ballot, or even a mechanical voting both anyone can trace when fraud has occured. And in those cases we implement some security, track where the fraud came from (if we can) and redo the election.
With the current generation of electronic voting machines, we can't do that. I don't care who makes a good machine, but Diebold hasn't made one. And they've defended that design as if they think it is a good machine. Geeks don't like people who pretend a bad design is a good design. We'll tear into them. If they routinely defend bad design by saying it is good design and overlooking what we think are obvious flaws we'll notice, and start to expect that. Until they change, a group that decides who they like on the technical ability of a company won't like them. They are lying about their technical quality; at least in our eyes.
I found the FAQ interesting. I liked the way they set the tenor of the questions, and included such things as "you weren't supposed to say anything about this!" The research seems pretty clear-cut, and the precautions that the researchers took appears to have been well thought out.
I hope that I underestimate the American people on this (including me), because the next tack that will be taken by Diebold will be, "Well, who in their right mind would want to tamper with an election? Calm down, citizens, this is just scaremongering by the right/left/pedestrians..." Once this is followed up with a suggestion that such might be "fomenting a panic designed to cause a breach of the peace," vague threats of arrest for those involved, and nothing changing.
Well, if nothing else, this voter's going to try his hand at absentee balloting this time around. Just in case...
Strike while the irony is hot! -- The Freethinker
Maybe this is an example of free market forces at work.
One customer wants a secure, hardened, auditable, time proven machine with a user verifiable paper trail.
The other doesn't need any of those features.
Therefore two entirely disparate product lines.
One is designed to protect $.
The other is designed to protect democracy.
Who will guard the guards?
The paper details a simple method whereby the Princeton team was able to compromise the physical security of a Diebold voting machine, infecting it with a virus that could change voting results and spread by memory-card to other machines of the same type.
It's not who votes that counts, it's who counts the votes.
The theory of relativity doesn't work right in Arkansas.
it's called 'peer review' and in the science world it's not only expected but mandatory.
my question is this: has diebold's product undergone any sort of peer review? if it's important enough for someone studying the genetic inheretance of grey hair, it's important enough for someone entrusted with running an election for the most powerful person in the world, dontcha think?
2 1337 4 u!
http://www.openvotingconsortium.org/
It seems to me that write once media could be a partial solution here- a multisession CDR running packet write software, can be analyzed just like paper- but compresses the information.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Sure hackers would be tempted as well, but look at it from a major terrorist network perspective. If they were able to alter the election outcome and prove it (or have it proven), think about the doubt this would cast in all future elections (and possibliy cast doubt on past ones as well if the same tech was used)...and not just for Americans, but world wide. "One man, one vote"....I could see the terrorists laughing as they played video of them voting of a candidate 1 million times or taking down the voting "network" entirely. They wouldn't even need to injure/kill anybody in the process and they would be able to make a major statement.
"Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
and the last two governors who lost elections went to prison (or will, in the case of Ryan).
Ryan didn't lose an election - he won, all the way up until he (plagued with scandal) didn't run again.
paintball
I'll get mod-bombed right back down to Good Karma for this- but I have to say that I'm not at all sure it didn't happen in Ohio and Florida in 2004. The exit poll numbers, which had previously been extremely accurate in just about every election I'd ever heard of, were way off in those two states on the Presidential race- but the numbers were close enough that everybody focused on recounts instead (where possible).
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
How come no one seems to be asking the slot machine manufacturers to make voting machines? They deal with millions - or billions - of dollars a day and seem to be able to account for every single penny accurately. As an added bonus, all they'd really have to do is change the 7's to donkeys and jackpots to republicans... Pull the lever for your new rep! Seriously though - they're the people who should be making the machines...
It isn't enough for computer software professionals to discover problems like this; we need to be able to communicate our results effectively to the non-technical public. Too often we find something disturbing and decend into technical jargon and lose our audience. The Princeton team has done an excellent job avoiding that pitfall and communicating this threat.
Now, if only we could find a reasonably motivated and alert politician to actually act on this.
my question is this: has diebold's product undergone any sort of peer review?
Unfortunately, yes. Many crooks and liars have deemed the system to be "just fine".
--Phillip
Can you say BIRTH TAX
Finally, a Conspiracy Theory that is actually possible, from a technological standpoint.
Now all we have to do is prove that it actually happened.
Any sufficiently well-organized community is indistinguishable from Government.
All the little openings on those things have seals placed over them, so it becomes quite obvious that the box has been tampered with because the seal is broken. True, some county clerk (or Diebold employee maybe) could probably get a replacement to replace it, but it would be hard to cover the evidence. Now i'm not saying that everythings hunky dory just becuase we know if it's been tampered with. Obviously, if a machine is tampered with, you can't trust the votes. Which means they can't (shouldn't) be counted. Which means that some poeple's votes are getting counted when maybe there was no vote changing after all, but you can't tell and the whole process breaks down, because by not counting any of the machines in a certain area of [town|county|state] the vote is, in effect, altered. Similar to what would happen if someone snuck a few hundred forged ballots into the ballot box.... the count wouldn't be right when compared to the rolls, and they couldn't trust the entire precinct's ballots. So why don't they just modify the software so it doesn't 'read' anything from the card, (and yes modify the boot process if need be)... except maybe space left on it. so it can't pick up a virus in the first place. Bah! i never actually post on /. what am i thinking? I'm just a lurker, grrr
From the referenced paper:
Great minds think alike; fools seldom differ.
It does make a difference. With a punch card, or a paper ballot, or even a mechanical voting both anyone can trace when fraud has occured. And in those cases we implement some security, track where the fraud came from (if we can) and redo the election.
Except that they won't. There have been numerous cases recently in which problems were confirmed beyond any doubt. In every case, even when the number of dubious votes would have been enough to potentially change the results of the election, the courts let the election results stand, and no reelections were called.
We don't need to be able to prove that fraud occurred. We need to be able to eradicate it. The only way that is even remotely possible is if the voting process is transparent. This means:
Check out my sci-fi/humor trilogy at PatriotsBooks.
Welcome to democratic government, brought to you by Diebold(R)!
Please choose a candidate:
(1) The incumbent guy who's against the terrorists.
(2) The weasly other guy who likes terrorists and wants your child to
be gay.
[press 2]
You have chosen option (2), for gay marriage. Are you sure?
[press no]
Please choose a candidate.
[press 2]
Let's not be too hasty. We don't want the terrorists to feel good.
Do you want the terrorists to feel good?
[press no]
You have chosen option (1), for the incumbent. Are you sure?
[press cancel]
This may forfeit your vote! Are you sure you wish to cancel not
voting for option (1)?
[press yes]
Thank you for your participation in the democratic process! Printing
receipt
Sorry! Out of paper.
This entire thing comes down to the ability to pick a lock so someone can replace the flash card.
Now that we know the machine itself is virus-susceptable, the next steps are:
1) See if the smartcard reader code has a vulnerability. (Any bets on a buffer overflow bug?)
2) If so, design a virus that can do the initial infection via the smartcard slot.
Succeed at 2) and you can carry a bogus smartcard in, insert it while you "vote", and infect a voting machine. Since the machines are apparently capable of passing the infection during the post-election vote collection process, you can take over the precinct (either all the remaining machines or the one doing the totals) by infecting one voting machine.
Design the virus to self-destruct after doing its dirty work and you don't even leave tracks.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
... paper and pen are cheaper, simpler, and time tested and proven. Plus, a substantial segment of our society still views computer systems with distrust. The goal should be that NO Americans feel there is something shady in the voting process, not just those who are tech savvy enough to understand the issues.
I say this realizing that there will always be people with suspicions, so we have to aim to make that the lowest number possible, which IMO, rules out computerized voting at this time.
"Our morality is good, theirs is repressive."- Partisanship Rule #3
Ed Felten is also the guy who hacked the MS DLL that "integrated" IE into Windows to remove IE without destroying the OS, proving in court that Microsoft's defense of their illegal bundling, "it was technologically necessary", was a lie. Though Felten was not even a Windows specialist, and certainly didn't have the source code to delete IE cleanly, he was the the key to the court finding that MS had violated their antibundling consent agreement, the key to finding they'd violated their monopoly status.
Now he's the guy proving Diebold voting systems are insecure.
Isn't anyone else in our giant, brilliant "computer science" industry doing anything? Or are they all working for the bad guys?
--
make install -not war
>Diebold is well known for banking systems, including ATMs
Diebold ATM turned into jukebox
Diebold ATM infected with Welchia
Compromising Diebold machines seems to be a regular method of swinging elections in Florida ( UC Berkeley )
The white hat community needs to start undermining vulnerable e-voting technologies whenever and wherever possible. Just put a few Democrats into office in the bible belt.
The CEO of Diebold is on record as a dyed in the wool Republican: "Our job is to deliver the election to George W Bush". Problematic for a vendor with so much trust. But once their machines start swinging votes for the other side, they'll soon start adding security.
Ahhh yes, the conspiracy theory. You don't offer any counter example. You don't counter the points made in the article. You just yell 'bullshit'. Great argument.
I, for one, have a better explanation. People are dumb. That's the way Bush got elected last time. I will be honest enough to say I voted for Bush in 2000. But I am, at least, smart enough to admit my mistakes. People got their little payouts in the mail. Bush shored up his base. The folks ignored the two trillion of debt he has piled on us, and the quagmires he lied his way into.
No... I do not buy into the conspiracy theory. You don't need to rig elections except through breasd and circuses.
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
How can one hack a diebold voting machine when they are open?
Shouldn't these just be considered mods?
"Only one thing, is impossible for god: to find any sense in any copyright law on the planet." Mark Twain
So, you're suggesting that the Princeton Center for whatever might have gotten ahold of a machine that someone had already hacked? Yeah, maybe so. Somehow, that doesn't make me feel better about these things.
Oh ... you're suggesting that the flaws identified by the Princeton team may already have been fixed. Possible I suppose, but unless the machine was stolen originally from a back room in the Diebold factory, doesn't that imply that Diebold has, in the past, shipped vulnerable machines? Should that make me feel more secure? Have they been seeking the old vulnerable models out and fixing them?
This may be a case like aircraft safety where really strict, impartial, government monitoring is required to ensure that private industry doesn't screw up. Or we could just go back to paper ballots which are cheap, easy to understand, and auditable.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
This is a congressional hearing of Clinton Curtis in which he explains how easy it is to write software to rig elections, and in fact has been asked to do so by member of the House Tom Feeney (R). Curtis testifies under oath. Feeney says afterwards he does not 'remember' meeting Curtis.
The media has not been reporting on this; though this apparently happened in December 2004 today is actually the first time I saw this hearing by just browsing through youtube.
And when you gaze long enough into the code, the code will also gaze into you.
I'm an OSS fan, but "voter verified" recountability matters, OSS does not.
There is no way for you to independently verify that the VERSION of the OSS software on a machine is actually what you think it is.
You MUST have a system where the voter can verify what their machine thinks their vote is (eg a slip of paper) in such a way that you can reliably recount it by hand (and by multiple people, of course) However, once you HAVE a recountable system suddenly it doesn't really matter how trustworthy the machines are; if anyone suspects anything or it's close you trigger a hand-recount.
Looking for freelance Actionscript (Flash/Flex) or ColdFusion work and/or freelance developers. Email me, put Slashdot