Interesting People mailing list archives
A "red team" review of the Diebold touch-screen electronic voting system
From: Dave Farber <dave () farber net>
Date: Fri, 30 Jan 2004 08:33:20 -0500
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Fri, 30 Jan 2004 08:11:54 -0500 From: tim finin <finin () cs umbc edu> Subject: A "red team" review of the Diebold touch-screen electronic voting system To: dave () farber net Maryland will use Diebold voting machines throughout the state in the March 2 primary. The Baltimore Sun has a front page story today reporting on the results from a local security firm's "red team" exercise to discover vulnerabilities. Their report is available at http://www.raba.com/text/press.html?id=9 -- Md. computer testers cast a vote: Election boxes easy to mess with In Annapolis, tales of trickery, vote rigging By Stephanie Desmon, Sun Staff, January 30, 2004 http://www.sunspot.net/news/local/bal-te.md.machine30jan30,0,4050694.story?coll=bal-home-headlines For a week, the computer whizzes laid abuse - both high- and low-tech - on the six new briefcase-sized electronic voting machines sent over by the state. One guy picked the locks protecting the internal printers and memory cards. Another figured out how to vote more than once - and get away with it. Still another launched a dial-up attack, using his modem to slither through an electronic hole in the State Board of Elections software. Once inside, he could easily change vote totals that come in on Election Day. "My guess is we've only scratched the surface," said Michael A. Wertheimer, who spent 21 years as a cryptologic mathematician at the National Security Agency. He is now a director at RABA Technologies in Columbia, the firm that the state hired for about $75,000 to look at Maryland's new touch-screen voting machines scheduled to be unveiled in nearly every precinct in Maryland for the March 2 primary. The state has no choice but to use its $55 million worth of AccuVote-TS machines made by Diebold Election Systems for the primary. The old optical scanners are gone. Yesterday, Wertheimer calmly presented his eight-member team's findings to committees in the House and Senate, explaining the weaknesses they discovered and a plan for how to plug many of the cracks, at least in the short run. ... Sneaking in, via modem Meanwhile, William A. Arbaugh, an assistant computer science professor at the University of Maryland, College Park and part of the team, easily sneaked his way into the state's computers by way of his modem. Once in, he had access to change votes from actual precincts - because he knew how to exploit holes in the Microsoft software. Those holes should have been patched through regular updates sent to customers, patches that haven't been installed on the elections equipment since November. "There's no security that's going to be 100 percent effective. But the level of effort [needed to get into the system] was pretty low," Arbaugh said. "A high school kid could do this. Right now, the bar is maybe 8th grade. You want to raise the bar to a well-funded adversary." "Every system is vulnerable somehow," said Karl Aro, director of the state's Department of Legislative Services, who commissioned the study for the legislature. "The system's not bad but it needs some work." No system is completely secure. In fact, the more elections the state holds, the more opportunities there will be for hackers to see how it works and launch new attacks, experts said. "If you had the time and the money, the sky's the limit on what you could do to make a secure system," McLarnon said. "You just need to raise the level of effort needed to exploit it so it's not feasible to do," said fellow consultant John Ormonde. ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- A "red team" review of the Diebold touch-screen electronic voting system Dave Farber (Jan 30)