Brazilian Breaks Secrecy of Brazil's E-Voting Machines With Van Eck Phreaking

After the report last week that Brazil's e-voting machines had withstood the scrutiny of a team of invited hackers, reader ateu writes with news that a hacker has shown that the Linux-based voting machines aren't perfectly safe; he was able to eavesdrop on them (translated from Portuguese) by means of Van Eck phreaking.

Re:Honestly

It's simple. just throw out the person with the radar dish, oscilliscope, and notepad.

Whew, that was a close one...

[robwgibbons]

"Listening in" and actually breaking the security of the machine are two entirely different things. What's the most someone could do with this exploit? Basically it just allows for a more accurate exit-poll. As far as I see it, the machine's security has still yet to be bested.

Re:Whew, that was a close one...

[Animaether]

What's the most someone could do with this exploit? Basically it just allows for a more accurate exit-poll.

Basically.. all of the reasons you want voting to be done anonymously apply here.

If you can couple the emissions at the location of the machine with the emissions from a particular user - say, their mobile phone's signature - then you can go back to forcing people to vote for X and make sure that they do, roughing them up as an example to the others you told to vote for X if you detected a vote for Y instead, without a need to plant something on them or leaving any trace.

In theory, anyway.

Physical Security

[tetsukaze]

So the cheap devices he used only worked inches away. A more powerful device might work up to 20 meters away. Now, I assume a more powerful antennae is going to mean a bigger one. Isn't this going to stand out? I would hope that there is someone in charge that would notice a foot long antennae being pointed at voting areas. You can secure the machine itself, but if you don't have real people doing their part, it doesn't matter how secure your voting machine is.

Re:Physical Security

[Sarten-X]

If an attacker were able to access the voting location enough to install an unnoticeable antenna, I'd be more concerned with small cameras. Even a large antenna in a nearby building would require somebody watching to see who was using which voting machine, in order to pose any real threat.

Re:Honestly

[robbak]

Several ideas. Of course, use LCDs, as the CRT circuitry is the bad one. Shield the data connections so they don't radiate too much. Make the connections that transmit unencrypted data short. Use low-contrast fonts, so the sharp edges do not cause large voltage (and therefore EMI) spikes. Randomise the low bits of data shown on the screen, so you create obfuscating noise.

Maybe you have to go as far as have a white noise transmitter to mask what you cannot elimiate. Plenty of room to move. Good on them for having such a contest - it flushed out all the 'Ooh, I didn't think of that' problems.

Re:Honestly

[Opportunist]

Easy. Take the machine, hollow them out, put a board in and use their shell as a guard from prying eyes for pen&paper voting. The manufacturers of the machines get the money and we get secure and anonymous voting.

E-paper

[MDMurphy]

Besides all the shielding options, perhaps this is a good use for E-paper displays? The persistent nature of the display would minimize the constant refreshing. The slow screen response would be unlikely to be an issue with a ballot.

This happened with the Dutch in 2006

[JoshuaZ]

As discussed here in 2006, the Dutch had to modify their voting machines back in 2006 due to exactly this sort of attack. http://politics.slashdot.org/article.pl?sid=06/10/14/1641239

Re:This happened with the Dutch in 2006

[RAMMS+EIN]

That's only part of the story.

The voting machines were vulnerable to more than just eavesdropping, although eavesdropping was the official story from the government and also what most of the press was about.

However, the voting machines have since been banned. The latest elections were held with paper and pencil. It's good that way.

Now if people would only understand this ...

Re:Honestly

[biryokumaru]

Of course, use LCDs, as the CRT circuitry is the bad one.

Wikipedia would disagree with an annoying PDF.

Re:Honestly

[Nimey]

Low-contrast fonts are probably right out, since you don't want to disenfranchise old folks and others with vision problems.

No technology will prevent that

[lwoggardner]

Not to say that secrecy isn't important, but once it requires a certain level of technology to eavesdrop then surely you just pick some random people and rough them up anyway telling the people you are intimidating that you have this "magic" eavesdropping technology.

Re:Van Eck Phreacking will always exist

[Frankie70]

If your country really is free (something that Brazil is good at) there is no problem telling everybody who you voted on..
Vote's anonymity only makes it easier to fake elections.

Don't be silly.
Secret ballot is one of the cornerstones of democracy.

In a secret ballot, you don't get bribed to vote for a particular person because you can
always say you voted for him while voting for him.
Likewise, about getting pressured about voting for someone.

As a person in the infosec field

[seifried]

This is why I love the Canadian method: paper with circles, make an "X" in the circle you want, fold the paper and put it in the ballot box. Good luck hacking that on a large scale (what with scrutineers from multiple parties watching the election and the count and each other, plus the people there as independent scrutineers watching everyone else), and monitoring it (little cardboard voting booth on a table, voila, privacy. The only argument I could imagine is finger prints on the ballots, but you can wear gloves if you want.

Re:Honestly

[Jafafa+Hots]

Exactly. It's pretty safe. This shows that a random citizen is unlikely to give an election to Mickey Mouse on a whim.

Instead it would take someone with significant knowledge and even serious funding to sway an election. Probably not just a someone, but even an organization.

So the only way this could ever effect elections would be if there were an organization or group of conspiring individuals with significant monetary resources - AND for that group of people to feel that swaying an election would be in their interest - AND for that group of people to then be so immoral as to decide to do so.

Clearly such a confluence of conditions is so wildly improbable that we can effectively rule out its possibility.

Re:Honestly

[icebike]

Exactly so.

The equipment to carry out this snooping is easily spotted, and more easily foiled.

With more than one voting station in the room, said eaves dropper could never distinguish one vote from the other, and could certainly not CHANGE the results.

You would be better able to guess how persons voted by the color of their tie. http://www.tie-necktie-video.com/tie-color.html