Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hotel Minibar Key Opens Diebold Voting Machines

Posted by ryuzaki0 on from the expensive-miniatures-and-macademia-nuts dept.

Billosaur writes, "As if Diebold doesn't have enough to worry about! On the Freedom To Tinker blog, Ed Felten, one of the co-authors of the recent report 'Security Analysis of the Diebold AccuVote-TS Voting Machine', reveals an even more bizarre finding related to the initial report. It turns out that you can gain access to an AccuVote-TS machine using a hotel minibar key. In fact, the key in question is a utilitarian type used to open office furniture, electronic equipment, jukeboxes, and the like. They might as well hand them out like candy."

29 of 341 comments (clear)

  1. Why would we expect anything else? by KingSkippus · · Score: 5, Insightful

    I know I'm preaching to the Slashdot choir, and it's been said a thousand times before, but as long as we have closed voting processes, we're going to have people screwing up by doing things like having voting machines accessible with hotel minibar keys. We hate Microsoft for their closed-source software, yet we continue to accept this kind of idiocy.

    Quick question: If we have viable alteratives, such as those presented by the Open Voting Consortium, why do we continue to bother with these stupid Diebold machines? I know, dumb answer, because Diebold pays the people who decide lots and lots of money.

    I would say write to your Congresscritters and let them know that you want these screwed up pieces of junk out of our polling locations, but like I said, I know I'm preaching to the Slashdot choir, and you won't do it. >:-( But realistically, just know that until you do, we can look forward to many, many more articles about this kind of thing. Ooh, at least until we see the one that says, "Electronic voting machines hacked! Election results tainted!." Or even better, when we see nothing at all and Richard M. Stallman is mysteriously elected President in a write-in landslide.

    sigh Oh well, it was worth a shot. Just give me my damn +5 and go back to reading about lasers on Intel's chips now.

    1. Re:Why would we expect anything else? by daveschroeder · · Score: 3, Insightful

      Open source systems are just as useless as the Diebold equipment without a permanent voter-verified paper trail.

      It's no surprise that enterprise and commercial vendors of all stripes will maintain closed and proprietary software.

      What we need to require is a permanent, voter-verified, auditable paper trail, as I have discussed here.

      That's the easiest and simplest course of action, and is a goal we should all be working toward, rather than trying to unseat established enterprise equipment vendors.

      ---
      Temporary disclaimer, since this seems to have been an issue for people reading my posts lately: I am not a Republican, did not vote for Bush in the last election, and have always voted for more non-Republican (usually Democratic) candidates since I have been voting.

    2. Re:Why would we expect anything else? by daveschroeder · · Score: 1, Insightful

      I know that they and others advocate for a paper trail; but for those reading the grandparent thinking "open source" is the solution, my point is that by itself it's not: as I said, open source is just as useless without a paper trail.

      And further, initiatives designed to unseat traditional enterprise and commercial vendors in this space may have less chance of getting anything done than just simply working for a paper trail on ANY systems in use, no matter where they come from, "open" or no.

    3. Re:Why would we expect anything else? by Wiseleo · · Score: 1, Insightful

      The GOP already does that on a regular basis... Competition is good for the business ;-)

      --
      Leonid S. Knyshov
      Find me on Quora :)
    4. Re:Why would we expect anything else? by FLEB · · Score: 3, Insightful

      You don't have to actively fsck things up to get the machine pulled. IMHO, merely opening the machine up would make for a good act of civil disobediance.

      Or, if that's even too heavy for your tastes, just get everyone you know to wear an office furniture key jewelry (on a necklace or lanyard, perhaps) on voting day. T'would make 'em nervous, no doubt.

      --
      Information wants to be free.
      Entertainment wants to be paid.
      You just want to be cheap.
    5. Re:Why would we expect anything else? by Moofie · · Score: 2, Insightful

      "why do we continue to bother with these stupid Diebold machines? "

      Indeed. It's almost like the people who run elections have a vested interest in preventing anybody other than the Republicans or Democrats from controlling elections.

      Shocking, that.

      --
      Why yes, I AM a rocket scientist!
    6. Re:Why would we expect anything else? by he-sk · · Score: 2, Insightful

      Thank you for letting the voter keep a copy of his vote. This way I can easily verify that my employees have voted for my candidate or I can fire them if they have not.

      Your's truly,
      The Factory Boss

      --
      Free Manning, jail Obama.
    7. Re:Why would we expect anything else? by Concerned+Onlooker · · Score: 2, Insightful
      That's the easiest and simplest course of action, and is a goal we should all be working toward, rather than trying to unseat established enterprise equipment vendors.

      I don't think those two things are mutually exclusive. When a manufacturer sells enterprise equipment that helps subvert our constitution/constitutional rights we should work toward a voter-verifialbe paper trail, which at the same time should put those companies out of business. I'm talking about simple paper ballots, possibly not even scantrons. I don't know about you but I'm willing to wait a couple of days to get the result if it's the least prone to fraud.

      --
      http://www.rootstrikers.org/
  2. What's needed now by daveschroeder · · Score: 5, Insightful

    Electronic systems - including electronic voting machines - will always be able to be tampered with, no matter who makes them, no matter what their CEOs stupidly say, no matter what ongoing audit mechanisms are implemented, whether they're open or proprietary, and no matter what legislation or other initiatives mandate or recommend them.

    Finding out that computer systems can be tampered with and that some large-scale enterprise-class systems can have shoddy security, physical and otherwise, should come as no surprise to us, particularly in this community. On this particular issue, a generic security key is used because of key management issues and the fact that casual access is what's being prevented. Neither of which excuses this or any of the numerous other glaring shortcomings and flaws in this equipment. No one - citizen, politician, or party - benefits from universally shoddy security on electronic voting systems. No one.

    Remember, too, that voting legislation, in large part in response to issues in the 2000 election, designed to ensure fair, uniform, and universal access to voting for all citizens by mandating electronic voting equipment, such as HAVA (2002), were Democratic and bipartisan efforts.

    The real issue is that Congress screwed up: they inherently, and erroneously, believed that since we trust so many critically important things to machines, certainly reliable electronic voting is possible, and indeed, we use automation, computers, and machines in almost every aspect of our lives to increase efficiency and reliability - why should voting be any different?

    Except for one problem: when you're trying to administer a one-vote-per-person system that also maintains anonymity, and also disallows any external entity from discovering who voted for which candidates, when there is no permanent, voter-verified paper trail, the system as a whole cannot be trusted, since any level of security will always be able to be overridden. This has nothing to do with open source versus proprietary, or how shoddy physical security on e-voting systems is. A permanent, voter-verified paper trail solves all of these problems.

    The only problem is that no legislation mandating electronic voting systems includes or speaks to any provisions requiring permanent paper receipt printing capability. All of the major e-voting vendors - Diebold, ES&S, and Sequoia - have this capability, but it's an add-on that requires retrofitting existing equipment, or in some cases, purchasing new equipment. And that takes money many counties and municipalities - particularly in the most hotly contested areas - don't have. (Hint: it's not just poor areas that have long lines)

    Our focus now should be on passing legislation that requires permanent voter-verified paper trail capability on all newly deployed e-voting systems, and allocates funds and creates a timeline for deployment on existing systems. Please, continue to raise this issue with both your county election officials and your elected representatives.

    This issue is too important and too critical to the integrity of our election process to let rest.

    ---
    Temporary disclaimer, since this seems to have been an issue for people reading my posts lately: I am not a Republican, did not vote for Bush in the last election, and have always voted for more non-Republican (usually Democratic) candidates since I have been voting.

    1. Re:What's needed now by Soon-to-be+Has-been · · Score: 0, Insightful

      You cannot blame congress for this one. Voting systems, or even voting methods, are not federally mandated because this is NOT a function of the federal government. Article 2, section 1 of the constitution reads: "Each State shall appoint, in such Manner as the Legislature thereof may direct, a Number of Electors..." In other words, the framers ducked the issue! As a result, 50 states are free to "in such a manner...direct" the voting for their electoral college representatives. Which means that there is no way to legislatively mandate VVPAT or any other technology, for what is interpreted as a "states rights" issue.

      Secondly, there is no trick to creating security voting systems--but there is also little profit. This is a tiny, tiny marketplace, with a tiny profit margin, in which no one (vendor, official, or citizen) really wants to pay the high costs of security--be it better systems, better proceedures, or better wages for voting judges. Who else but the retired have the time or desire to spend working a polling site for minimum wage? Who would pay for a bonded courier to get the pieces delivered to and from the site in a guaranteed tamper-proof process? Who would pay to develop for a completely open code, if they could not guarantee a profit? And who should pay the lab costs for the review and certification of the open code, to ensure that it meets necessary standardss?

  3. It's a selling point! by garcia · · Score: 2, Insightful

    They might as well hand them out like candy.

    And that's exactly what the politicians are looking for.

  4. Can't say I'm surprised... by TripMaster+Monkey · · Score: 2, Insightful


    After all, these machines were never seriously designed with security in mind...they were designed to be easily compromised.

    I think I'll take a hotel minibar key down to my local ATM to see if I can score some free money. If Diebold is honestly this incompetent, it'll be a snap. If, however, the voting machines are specifically designed to be compromised, I'll probably have a harder time of it.

    Any bets on the outcome of my little experiment? Didn't think so.

    --
    ____

    ~ |rip/\/\aster /\/\onkey

    1. Re:Can't say I'm surprised... by daveschroeder · · Score: 4, Insightful

      After all, these machines were never seriously designed with security in mind...they were designed to be easily compromised.

      That's bullshit, and you know it.

      When these systems are vulnerable, it's just as easy for ANYONE to take advantage of that fact. Not one party or one political stripe.

      As for ATM security:

      Citibank ATM fiasco "worst ever"
      ATM reprogrammed to give out 4 times more money
      Diebold ATMs hit by Nachi worm

    2. Re:Can't say I'm surprised... by hamburger+lady · · Score: 2, Insightful


      Citibank ATM fiasco "worst ever" [boingboing.net]
      ATM reprogrammed to give out 4 times more money [hamptonroads.com]
      Diebold ATMs hit by Nachi worm [interesting-people.org]

      the first two aren't diebold machines, as far as i can tell. and the third has nothing to do with picking a lock.

      unless you can show me that a diebold ATM can be easily picked as well, i have to go by the assumption that diebold's voting machines are deliberately lacking in physical security, if they indeed build ATMs which can't be easily picked. there really isn't any other good explanation for it.

      --

      ---
      Is this the MPAA? Is this the RIAA? Is this the DMCA? I thought it was the USA!
    3. Re:Can't say I'm surprised... by Dhalka226 · · Score: 2, Insightful

      An ATM costs at least $10,000, not counting the cash you stock it with. But I doubt anyone is willing to pay more than $1,000 for a voting machine. So it's natural that the voting machine will have cut-rate security.

      Even assuming your first supposition is true, why does that mean worse security?

      If the two machines were equally complex, I would agree with you, but I don't think they are. An ATM has some sort of moving parts, or at least some way to move the money around in the machine. It has a magnetic stripe reader. It has some sort of connection to the outside world so it can talk to your bank and check/update the balance, and all the hardware and software logic that entails. It has a printer in it to offer you receipts.

      A voting machine? It MAY have a printer--I don't know if the Diebold ones do; lack of a paper trail is something complained about on /. rather constantly--but other than that all it should really do is take a series of inputs and count when the operator presses a button, then store the new tally someplace. It doesn't--it damn well shouldn't!--be talking to the outside world. There are really no moving parts.

      You're telling me that the voting machine gets shitty security because it's cheaper to buy? Well it's cheaper to make, too. That's not an excuse. And we're not talking about something complex or expensive here, either. They have a lock so simple a minibar key can open it. Hell, for $15, they could go out and buy a lock from the store retail and that would at least be a half step up in the physical security department. Are you telling me that counties are really going to balk at paying $1100 per machine instead of $1000 to make sure somebody can't walk up and steal the election?

      I'm not interested in getting into the conspiracy theory debates, but the way I see it, there are only three possible reasons they could do something this bone-headedly stupid: Either they are incompetent, they do not care about the possibility of people tampering with an election, or they are doing it deliberately.

  5. The point of electronic voting again? by lymond01 · · Score: 1, Insightful

    Wasn't the point of electronic voting to save time tallying the votes? Without a paper trail, of course, there can be no recount, so that certainly speeds things up. But if there WERE a paper trail, everyone would be clamoring for a manual recount anyway.

    I suppose, like upgrading to Microsoft Office 2003, and thus requiring better computing hardware, we did it for the economy.

  6. NOT A RECEIPT! by argent · · Score: 5, Insightful

    The only problem is that no legislation mandating electronic voting systems includes or speaks to any provisions requiring permanent paper receipt printing capability.

    Do not use the word "receipt" in this context. A receipt is something that you take with you, as a personal record of a transaction. A receipt is worse than useless here... you don't WANT people to be able to show the party bosses that they voted the "right way".

    What is needed is a "permanent paper ballot capability", where the ballots are retained at the voting place and serve as the primary official paper (ahem) trail.

    1. Re:NOT A RECEIPT! by spitzak · · Score: 2, Insightful

      Sure it's proof. The fact that you "have" the reciept, even with no identifying information, is pretty good proof you voted. Maybe you stole it from somebody else, but that seems an unlikely way to avoid voter coercion. And if it is easy to make a fake one, then the reciept is useless to prove anything, so you might as well leave it in the voting booth.

  7. Simple semi-solution: destroy the machines. by Anonymous Coward · · Score: 1, Insightful
    I've written and called all my reps about this repeatedly, and none of them care at all, and they do not even pretend to care.

    I honestly thing we have no good solutions left, except to organize, and on mid-term election day, if faced with an electronic voting machine (with no paper verification of course), we must have the courage and patriotic discipline we have expected of ourselves all our lives, and destroy the machine beyond repair immediately, on the spot. If on election day, I find myself in front of a Diebold machine, I really don't know what aill happen. But if I have confidence that I won't be alone in doing the only thing morally defensible, I certainly DO know what will happen.

    So. Anyone interested?

  8. Bad Article Summary by Aqua_boy17 · · Score: 2, Insightful
    As if Diebold doesn't have enough to worry about!

    As if the American People didn't have enough to worry about. There, fixed that for ya.

    How long are we going to tolerate this?
    --
    What if the Hokey Pokey really is what it's all about?
  9. Who benefits from shoddy vote counting equipment by Harmonious+Botch · · Score: 2, Insightful

    "Finding out that computer systems can be tampered with and that some large-scale enterprise-class systems can have shoddy security, physical and otherwise, should come as no surprise to us, particularly in this community. On this particular issue, a generic security key is used because of key management issues and the fact that casual access is what's being prevented. Neither of which excuses this or any of the numerous other glaring shortcomings and flaws in this equipment. No one - citizen, politician, or party - benefits from universally shoddy security on electronic voting systems. No one."

    Sorry, but I disagree with one part what is otherwise an insightful post. Some people do benefit from shoddy vote counting equipment. Who? The party machinery of the two major parties who already have people in the polling places.
    There are three qualifications for a person(s) who benefits:
    1) they have to have a reasonable excuse for being in physical proximity to the machine.
    2) They have to have a reasonable excuse for having a key. According to TFA, this is easy.
    3) They have to be part of a group for whom a small margin of change change results in a benefit. ( if a Dem or Rep gets 51% instead of his predicted 48%, nobody really suspects. When some third party candidate gets 51% instead of his predicted 3.5%, that is too obvious. )

    There are people who benefit. Unfortunately, these are the same bunch of people who give their stamp of approval on voting machines. The wolves are in charge of the henhouse here.

  10. Re:they make ATM machines for christsakes! by Rob+T+Firefly · · Score: 3, Insightful
    Diebold's primary business is to make ATM machines. They obviously understand security and correctness of results. Why can't they build voting machines properly?
    They obviously can. Yet, they are choosing not to. That's why it's really frightening.
    --
    Slashdot Burying Stories About Slashdot Media Owned
  11. Terrorist conspiracy? by Iphtashu+Fitz · · Score: 2, Insightful

    Maybe I'm being paranoid here but this seems like the sort of thing that could easily be exploited in a really nasty way. A group of well funded [fill in your favorite conspiracy theory related group of individuals here]* could theoretically get people into key places around the country where these machines are in use then infect them with a virus that siphons the vast majority of votes to a candidate that has no choice at all of winning (Ralph Nader or something like that). Imagine the exit polls on CNN, etc. showing a close race between the Democratic & Republican candidates and then the Green Party actually winning by a landslide. Something like this would cause such an increase of mistrust of the government that election results for an entire generation would be questioned. It wouldn't be terrorism in the classical sense, but it would generate a huge groundwell of mistrust that could damage the federal government for a long time to come.

    * <tinfoil_hat=on>Of course the unnamed group could even be a major political party</tinfoil_hat>

  12. Heres why : by unity100 · · Score: 2, Insightful

    Quick question: If we have viable alteratives, such as those presented by the Open Voting Consortium [openvotingconsortium.org], why do we continue to bother with these stupid Diebold machines? I know, dumb answer, because Diebold pays the people who decide lots and lots of money.

    Things like Diebold are needed tools for fixing elections.

    Republicans may not like it, but their candidates for the last 2 elections had the elections fixed.

    Nomatter what you do, unless entire entourage of republican party officiers in counties related to suspicious activity are fired off, republican party will always carry a stain of dishonor.

    --
    Read radical news here
  13. Open Source vs Open Process by Ahnteis · · Score: 4, Insightful

    I think the distinction that needs to be made here is that voting needs to be an open process -- not just use open source software, but apply some of the same principles. (Mainly that ANYONE can verify the voting process is valid.) So things like paper trails, open source software, and voting officials who can actually verify what is going on (because with diebold, all they can do is lug the boxes around).

  14. DOS, here we come; a thought experiment by Anonymous Coward · · Score: 1, Insightful
    What's to prevent someone doing something like this:
    1. Check into a hotel.
    2. Bring minibar key from hotel to polling place.
    3. Sign in and get in line to vote. Bring a confederate with nothing incriminating on his person (spouses work best, since they can't be forced to testify against you).
    4. Open Diebold machine and remove media card.
    5. Leave polling place. Quickly.
    6. Confederate gets into booth after you.
    7. After giving you enough time to get out of the building, confederate acts surprised that the machine doesn't work right.

    OK, I'm missing the ??? and Profit!! steps, but this seems like a pretty easy way to DOS the machine. Of course, the election officials would catch on, eventually. And does the machine make a beep when it's being tampered with?

  15. Why even have a key? by Beardo+the+Bearded · · Score: 3, Insightful

    I'm not saying your last election was a fraud.

    I'm also not saying that you guys suck at democracy.

    I am saying that you suck at capitalism.

    Let's assume that you want to get at the card or whatever is behind the panel.

    Why isn't this panel made out of glass that you have to shatter with a little hammer or teflon paper that you have to cut? That way, there's obvious proof of access. The vendor can repair the windows for the next election - it's a revenue stream for them. If the replacement costs $500 or so to install (due to all the fancy features like holograms, RFID, and seals, etc.) then fakes would be prohibitively difficult to get. It would be better physical security than a "Bic" lock.

    I think Diebold was lazy, not conspiring. The rest of you were lazy by allowing these lazily built machines to run your election.

    --

    ---
    ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
  16. Paper Ballots by mrosgood · · Score: 2, Insightful
    What we need to require is a permanent, voter-verified, auditable paper trail...


    I disagree. What we need to retain (and often times regain) is paper ballots.

    Voter-verified paper audit trails are a placebo. What assurance do you have that what is printed is the same as what is recorded? None.

    All attempts to date to actually audit a VVPAT, to the best of knowledge, have demonstrated just how infeasible the task is. Jill LaVine, Sacramento County's Registrar of Voters testified to the EAC that their audit took 1h 15m per ballot printed on the VVPAT.

    Meanwhile, many people, like VerifiedVoting.org are proponents of Rush Holt's HR 550, which would require all electronic voting machines to have a VVPAT. Even though I utterly oppose all electronic voting, I do not oppose HR 550. Why? Because HR 550 requirements would demonstrate the folly of using electronic voting machines and the voter verified paper audit trail.

    I will note here that New Mexico (VoterAction.org), Connecticut (TrueVoteCT.org), and others are successfully throwing out the DREs and bringing in voter-correctable precinct-based opticals scanners. That is today's best available solution.
  17. Say NO to Computerized Voting Machines by tele_player · · Score: 2, Insightful

    Something I've never seen questioned in all these discussions - What's the point of going electronic? The old systems, while far from perfect, were not bankrupting the society, and through their clumsy diversity, were resistent to centralized attempts to manipulate the elections. My feeling - the true cost greatly outweighs any legitimate benefit. This is a case where we should all 'Just Say No'. I'm certainly a computer person, but I don't think everything needs to be done using a computer.