Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dutch Blackbox Voting Pwned

Posted by ryuzaki0 on from the playing-chess-at-the-polls dept.

An anonymous reader writes, "In a just-published report (PDF, in English, cached here), the Dutch we-don't-trust-voting-computers foundation (Dutch and English) details how it converted a Nedap voting machine, of a type used in Holland and France, to steal a pre-determined percentage of votes and reassign them to another party. The paper describes in great detail how 'anyone, when given brief access to the devices at any time before the election, can gain complete and virtually undetectable control over the election results.' As a funny bonus, responding to an earlier challenge by the manufacturer, the researchers reflashed a voting machine to play chess. The news was on national television (Dutch) last night and is growing into a major scandal. 90% of the votes in the Netherlands are cast on these machines and national elections will be held in a month." Please create mirrors for the 8.1-MB PDF and post their URLs. You might also try John Graham-Cumming's l8r.org service to tell you when the slashdot effect subsides from any of the mirrors.

6 of 353 comments (clear)

  1. Re:"Pwned"?! by Anonymous Coward · · Score: 1, Interesting

    Hey, language evolves. Get used to it.

  2. FIELD / SERVICE by achurch · · Score: 3, Interesting
    From the PDF:

    4.3 Maintenance mode: "GEHEIM"

    The ISS software has a `maintenance mode' that is supposed to be only accessible to members of the "verkiezingswacht", the Nedap election-day helpdesk. You need a password to get the software in this mode. A quick look in the binary revealed this password to be "GEHEIM", the Dutch word for "SECRET".

    Hello? Did someone not get the memo about secure passwords? Or better yet, no default passwords at all? Granted, physical access makes the point rather moot, but if this is the kind of security the designer had in mind, it looks like they can give Diebold a run for their money . . .

  3. Re:The Dutch get outraged but Americans don't? by syphax · · Score: 1, Interesting


    Because in the US we need sex in a political story to catch peoples' attention?

    The Dutch, I think they have all the access to sex they could ever want (if they so desire), so their minds are free to pay attention to issues that matter.

    Not that inaction over the behavior of a pedophile who happens to serve in Congress doesn't matter...

    --
    Simple Unexpected Concrete Credible Emotional Stories
  4. Re:create mirrors? by Red+Flayer · · Score: 2, Interesting
    But here we have an "editor" instructing the readership to do slashdot's work for them.
    Erm, I'm sorry, where does it state that it is Slashdot's job to mirror linked sites and documents?

    I think you're viewing Slashdot as a content provider, which is not what it is -- at its most basic level, it's a content indexer. The whole point of Slashdot (IMO) is the community -- it's the community discussion that I log in for, and it's the community who can choose to help out linked sites by creating and posting mirrors.

    This all just points to the fact that OSTG will pay the bandwidth bills if it means ad revenue, but doesn't want to actually foot the bill to use their server complex for disseminating information.
    Have you considered that doing so could put OSTG under the gun for copyright infringement? It's not just about bandwidth costs.
    --
    "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
  5. Re:The Dutch get outraged but Americans don't? by Red+Flayer · · Score: 2, Interesting
    I don't think the Founding Fathers would have done it the same way if they'd anticipated there'd be another 37 states.
    Or if they'd anticipated 820k people per Member of the House instead of 30k. That's where the accountability really drops off for the legislative branch.

    They sure as heck didn't want to be elevated to the status of unquestionable demigods.
    I find this statement very funny, sorry -- because ascribing them such a humble perspective across-the-board does kind of elevate them to that status. I'm sure some of them wouldn't have minded one bit if they were elevated to that status.
    --
    "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
  6. Re:there will always be problems with a secret bal by lynx_user_abroad · · Score: 2, Interesting
    So far it doesn't seem any of the alternatives measure up.

    That's a hard standard to beat. However, there's an interesting proposal from Ron Rivest (the 'R' in RSA) called Three Vote [PDF] you might be interested in. It proposes a system whereby each voter gets to keep a copy (receipt) of the vote he cast, but can't use the receipt to prove how he voted and every ballot cast is essentially 'put on a bulletin board' for public verification. An interesting system, which can be implemented using existing voting technology.

    --

    The thing about things we don't know is we often don't know we don't know them.