Diebold Voting Machines Vulnerable to Virus Attack 122
mcgrew writes "PC world is reporting that Diebold's super-popular voting machines are coming under even more scrutiny. A security review has revealed that they are simply 'not secure enough to guarantee a trustworthy election.' This is according to a report from the University of California Berkley, who did a two-month top-to-bottom review of all California e-voting systems. That's a subject we've discussed before, but Diebold's setup is truly unsettling. An attacker with access to a single machine could disrupt or change the outcome of an entire election using viruses. From the article: 'The report warned that a paper trail of votes cast is not sufficient to guarantee the integrity of an election using the machines. "Malicious code might be able to subtly influence close elections, and it could disrupt elections by causing widespread equipment failure on election day," it said. The source-code review went on to warn that commercial antivirus scanners do not offer adequate protection for the voting machines. "They are not designed to detect virally propagating malicious code that targets voting equipment and voting software," it said.' Oddly, my state of Illinois, long known for election fraud, has paper trails (at least in my county) and according to Black Box Voting doesn't use Diebold anywhere."
waht we've all been wondering... (Score:2, Insightful)
I wonder if UC Berkley would recommend *BSD? (Score:2, Insightful)
(Any number of non-windows OSes would fit, but the *BSD family just fits so well here.)
Edison was still wrong (Score:3, Insightful)
If you ask me, it's just pointless. Why can't the state government(s) just get rid of the machines and reinstate the good ol' paper votes like they used to? Do they REALLY want to keep on using Diebold machines and/or voting machines in general?
Re:waht we've all been wondering... (Score:4, Insightful)
Re:Electronic voting is just part of the problem (Score:3, Insightful)
The catch is, the fraud that you would be committing (registering as a non-citizen) would only affect the election by at most 1 vote, and that single vote is quite unlikely to change the election.
The danger in using insecure voting machines is that a single fraudster can swing an election by many votes, making it much more likely that their intervention affected the final outcome.
Re:waht we've all been wondering... (Score:3, Insightful)
MisUnderestimate (Score:5, Insightful)
This is not the typical play stupid situation that sells so well in the USA. This is clear-cut intentional negligence and I shouldn't need to go into the many possible motives for anybody to pull such scams. This isn't even that other large voting machine company who elected their own OWNER!
The difficulty is NOT making a computer COUNT or securing the totals, they distract you with the irrelevant technical details. Its in WHO YOU TRUST to implement, maintain, and secure the system that is the unsolvable difficulty (I for one, will welcome our evolved computer overlords when they take over...)
The ultimate purpose for Rube Goldberg designs is POWER (job security and customer lock in being most common motives.) When you place the power in the hands of a few you always run into trouble. IRONICALLY, the purpose for democratic voting is totally being forgotten in this pseudo debate about how the publicly inaccessible voting system operates!
Canada figured it out; however, I'd like to see a weighted voting system well implemented. Also, I would like to see a new kind of elector system so my friends can just give me their votes; its hard enough to get them to the polls on a WORK DAY... (yes, the pro-"democracy" USA never respected democracy enough to make election day on par with memorial day. Irony has become redundant.) While I'm at it, I'd like senators to go back to state appointment because the intent was to prevent an all powerful federal government.
USA geeks please take action (Score:3, Insightful)
Please, if you are a USA geek and care about the integrity of your democracy, force the public to take notice. You think they are going to care if people say that something is theoretically possible? No, they think it's a conspiracy theorist, or, at best, "The government would never let that happen, would they? I'm sure somebody is taking care of it." The only way to fix this is to make the public realise that this directly affects them. Otherwise they are too apathetic and myopic to do anything about it.
So rig the next election. And I don't mean for Mickey Mouse, that can easily be caught and covered up on the day. It has to be a landslide for a believable candidate. Write an encrypted letter to your local newspapers beforehand that explains what you are going to do and how you are going to do it. Leave a marker on the system to prove that you were there, and mention it in the letter. After the election, send them the key that decrypts the letter, proving that the recent landslide was totally rigged. For bonus points, own up to it instead of doing it anonymously, but only do this if you have an impeccable public persona. Rosa Parks wouldn't have had quite the impact she did if she dealt weed on the side.
If you don't do this, somebody less honest than you will. They may already have done it. The only people who can solve this are honest American geeks.
Re:waht we've all been wondering... (Score:3, Insightful)
Pretty f*cking hard, I expect. The problem is roughly equivalent to making a secure DRM system, which everyone on Slashdot claims is near-impossible. In both cases, you need to give someone physical access to the machine and its contents, and yet somehow prevent them from secretly modifying the machine's behavior to suit their liking.
Correction (Score:2, Insightful)
I had to correct this because "Democracy is defined as 51 percent of the populous telling the other 49 percent what to do." - Thomas Jefferson
That is why we have a REPUBLIC.
It should read "god help the future of our republic."
It was once stated that "Democracy is two wolves and a lamb voting on what is for dinner. Liberty is a well armed lamb contesting the vote." - Benjamin Franklin
Re:Is it just me (Score:4, Insightful)
However, I think self-redacting/auto-revising article text is a bad idea. Have you ever lurked on (for example) the Associated Press feed and watch an article headline slowly morph from "Bush puts off decision" to "Bush faces tough decision" and finally end up as "Bush makes decision" while the text, in which he clearly puts off the decision, stays static? I have. Or worse yet, both the headline and the body texts change according to an agenda.
There is pressure being brought on news agencies to make those changes, which are becoming commonplace. This is the danger of Internet publication in the information age. It becomes unreliable. It's too easy to change it.
So I prefer a news feed to retain previous revisions so I can get a good idea of the reliability of the news source. If there's an update, I expect it to be published as a separate note, not superseding the article text in place. I expect the act of publication to have permanent consequences, not be an act that you can wash away with something more responsible at a later date.
My expectation, of course, is not realistic. It is borne of growing up with a print media. The only logical expectation is that Internet publication will be abused, and that "print media" is now less reliable, because it is no longer in print. I only ask that you understand the consequences of your demand that Slashdot "clean up" their articles. Your desire for "clean" can rapidly turn into an engine for censorship and yellow journalism.
I can assure you of one thing: that CowboyNeal's article will fall off the bottom of the page soon enough, and you can then feel at ease.
--
Toro
Re:what we've all been wondering... (Score:4, Insightful)
I cannot see WHY they feel they have to network them to accumulate the results. Best way to propagate a virus: wire them all together (or, worse, through the internet - however "secure" the connection).
I still can't see anything wrong with using the machines to accumulate the votes and then polling each machine, by hand, to copy the tallies - having enough witnesses from all parties will keep the results accurate and they can still be communicated to the appropriate location as they've always been.
I thought the main purpose of new machines over the older mechanical ones was the reduction of complexity of the machines (hence increasing their reliability), accessibility by the handicapped, and ease of recounting (just run the forms through another scanner and see if they total identically) - at least that's the line parroted by our idiot secretary of state (bysiewicz, Connecticut).
It's obvious that machines wired to each other can be more completely tampered-with than individual machines, SO WHY DO IT?
Re:waht we've all been wondering... (Score:3, Insightful)
Not very hard. But such a system would not be based on Windows or any normal version of Linux, or any other such operating system. The underlying code should be programmed as firmware which means it is stored in EEPROM or flash memory that cannot be changed by the machine itself. It should be electrically/hardware impossible for the code being run to be changed by the platform running it.
A microcontroller (take your pick... 8052, ARM, even lowly PICs) is the ideal platform for a voting system. The small architecture makes it easy to develop an entire system without an underlying operating system so that all the code being run can be reviewed easily. The platform could be such that the code cannot be changed by the hardware running it (some microcontrollers include in-application programmability, but such parts would be specifically excluded as options). And even an 8-bit microcontroller with 64k of program memory is more than enough to implement a functional and secure modern voting system with touch-screen GUI.
The use of complex OS-based system, whether Linux or Windows, is going to make any system vulnerable to unexpected problems, intentional hacking, and intentional or careless problems due to viruses. A voting system should be like a microwave or a refrigerator: It just goes and is essentially impossible to hack. That does not exclude modern electronic voting systems, but it does exclude such systems based on Linux/Windows in virtually all cases.
Re:waht we've all been wondering... (Score:3, Insightful)
Adding numbers within a layer is a parallelizeable problem. It can certainly be handled in a pyramid such that the height of the pyramid increases no faster than the log2 N increases with size of the count. (I.e., the number of layers needed would be proportional to log2 N, where N =the number of votes.)
I'm dissatisfied with this explanation, but I can't think of how better to say it without drawing pictures. Note that this is for the votes on any one candidate or ballot measure. Separate pyramids of counting should be constructed for each candidate/ballot measure. (Actually, for each binary choice on the ballot.)
At all events, this implies that it would be only slightly more complex to handle the US than to handle Austrailia. More volunteers would be needed, but only slightly more as a percentage of the population, and the rate of increase in volunteers needed would be proportional to log N. (Actually, probably to a*N + b*Log N, with a and b being constants, but I think that a is small in comparison to b, though it would clearly come to dominate after awhile.)
My impression is that the reason that governments prefer electronic voting over hand counts is that it allows elections to be manipulated remotely rather than requiring local support for corruption. (This isn't a new cynicism on my part, but each time the voting machines are analyzed, it seems more and more like the only reasonable rationale.)