Computer scientists reveal new voting machine hack successfully changed votes
A team of computer scientists at University of California, San Diego, the University of Michigan and Princeton University announced a new way to electronically steal votes Monday.
“We wanted to find if a real criminal could do this, starting from scratch, with no access to source code or other closely guarded technical information,” the announcer begins. “We faced several challenges: getting a voting machine, figuring out how it works, discovering a weakness, overcoming the machine’s security features and constructing attack software.”
“In the end we found that it is possible to undetectably change votes and that such an attack takes a lot less time and money than one might expect,” the announcer said.
A Princeton professor was able to acquire five voting machines for just $82 that had been resold on a government surplus website. The acquired machines were originally sold by Sequoia Voting Systems.
While the voting machines were older and had been discontinued by North Carolina, where they were originally used, the voting apparatus are still in use in Louisiana and New Jersey.
Professors and computer science graduate students found that they could switch votes use a technique called “return oriented programming.”
The students theorized that voting machines could be easily broken into by attackers the night before the election, and vote hacking software installed. The following day, machines would produce altered votes without being able to be detected.
The study was done using 16 graduate students and cost a total of $100,000 — a tiny fraction of the money spent by both parties during the 2008 presidential campaign.
This video is from University of California, San Diego, broadcast Aug. 10, 2009.
Diebold Quietly Patches Security Flaw in Vote Counting Software
- By Kim Zetter
- August 12, 2009 |
- 8:00 am |
- Categories: Cybersecurity, E-Voting
Premier Election Solutions, formerly Diebold, has patched a serious security weakness in its election tabulation software used in the majority of states, according to a lab that tested the new version and a federal commission that certified it.
The flaw in the tabulation software was discovered by Wired.com earlier this year, and involved the program’s auditing logs. The logs failed to record significant events occurring on a computer running the software, including the act of someone deleting votes during or after an election. The logs also failed to record who performed an action on the system, and listed some events with the wrong date and timestamps.
A new version of the software does record such events, and includes other security safeguards that would prevent the system from operating if the event log were somehow shut down, according to iBeta Quality Assurance, the Colorado testing lab that examined the software for the federal government.
It’s not known if Premier will offer the more secure version to election officials who purchased previous software. The company did not respond to a call for comment Tuesday.
Called the Global Election Management System, or GEMS, the software is used to tabulate votes cast on Premier/Diebold touchscreen and optical-scan machines, among other functions, and is used in more than 1,400 election districts in nearly three dozen states. Maryland and Georgia, which use Premier systems exclusively, count every vote statewide with the software. GEMS runs on the Windows 2003 and Windows XP operating systems.
Official federal voting system standards require audit logs to record all normal and abnormal events that occur on the system.
Premier publicly acknowledged the flaw two months after Wired.com’s report, in a public hearing last March. When asked by a member of the California secretary of state’s staff if Premier had done anything to address the problem, Justin Bales, general service manager for Premier’s western region said, “No, not yet.”
Bales went on to say that the GEMS logs had been the same since the software was first created more than a decade ago.
“We never, again, intended for any malicious intent and not to log certain activities,” Bales said. “It was just not in the initial program, but now we’re taking a serious look at that.”
At the time, California Secretary of State Debra Bowen called GEMS auditing mechanism “useless.”
Officials at iBeta say the federal officials at the Election Assistance Commission — which recently began overseeing the testing and certification of voting systems — specifically asked the lab to pay careful attention to testing for the audit log issue.
Gail Audette, quality manager at iBeta, said Tuesday that version 1.21.5 of the GEMS software passed their tests. The software now records all “normal and abnormal” events, she says.
“It’s really up to interpretation what is an abnormal event and what is a normal event,” Audette says. “[But] everyone interprets the deletion of votes as abnormal events.”
IBeta tested Premier’s Assure 1.2 voting system, which includes its optical-scan and direct-recording electronic touchscreen devices and version 1.21.5 of the GEMS tabulation software.
Audette said the logs in the latest GEMS software record the date and time that events occur, and also record any attempt to login to the server, successful or not.
The lab tested the audit logs to ensure that they cannot be deleted or modified. If the GEMS event logs shut down for some reason, Audette said the GEMS software will not operate.
Testers also attempted to modify votes in the GEMS database and delete the database, but were unable to do so.
“The database is encrypted and protected by [Windows] WorkSpace,” Audette said.
IBeta’s report on the Premier system (.pdf) and testing plan offer an interesting and rare look at the testing and certification procedures for voting systems, which until recently were closely guarded secrets.
Voting-machine vendors used to pay labs directly to test their systems and forced them to sign nondisclosure agreements to prevent election officials and anyone else from learning about problems the labs found with the systems.
This changed only recently. In 2002 Congress passed the Help America Vote Act, which established the Election Assistance Commission, in part to oversee the testing and certification of election systems. It took until this last February for the EAC to certify its first voting system.
Under the new scheme, instead of paying labs directly for testing, voting machine vendors are required to pay into a general fund, from which the EAC covers the testing costs. Test reports are also now published on the EAC’s web site.
We’d encourage readers to look closely through the report, particularly Appendix E (.pdf), which lists problems encountered during the tests and the vendor’s responses to them.
Map image from Premier Election Solutions
No comments:
Post a Comment