taint.org: Justin Mason’s Weblog

Here’s a press release from ICTE that’s well worth a read if you still trust voting machines:

Concerns expressed by many IT professionals about the security of the e-voting system chosen for use in Ireland were today shown to be well-founded when a group of Dutch IT Specialists, using documentation obtained from the Irish Department of the Environment, demonstrated that the NEDAP e-voting machines could be secretly hacked, made to record inaccurate voting preferences, and could even be secretly reprogrammed to run a chess program.

The recently formed Dutch anti e-voting group, “Wij vertrouwen stemcomputers niet” (We don’t trust voting computers), has revealed on national Dutch television program “EenVandaag” on Nederland 1, that they have successfully hacked the Nedap machines – identical to the machines purchased for use in Ireland in all important respects.

ICTE representative Colm MacCarthaigh, who has seen and examined the compromised Nedap machine in action in Amsterdam, notes “The attack presented by the Dutch group would not need significant modification to run on the Irish systems. The machines use the same construction and components, and differ only in relatively minor aspects such as the presence of extra LEDs to assist voters with the Irish voting system. The machines are so similar that the Dutch group has been using only the technical reference manuals and materials relevant to the Irish machines as a guide, as those are the only materials publicly available.”

Maurice Wessling, of Wij vertrouwen stemcomputers niet, adds “Compromising the system requires replacing only a single component, roughly the size of a stamp, and is impossible to detect just by looking at the machine”.

Both ICTE and Wij vertrouwen stemcomputers niet view this as yet another demonstration that no voting system which lacks a voter-verified audit trail can be trusted. According to ICTE spokesperson Margaret McGaley “Any system which lacks a means for the voter to verify that their vote has been correctly recorded is fundamentally and irreparably flawed”.

Margaret McGaley highlighted that it is the machines themselves that are at risk. “This particular issue is not about the vote counting software, which we already know must be replaced, this is about the machines that the Taoiseach has claimed were ‘validated beyond any question’. We now have proof that these machines can be made to lie about the votes that have been cast on them. It is abundantly clear that these machines would pose a genuine risk to our democracy if used in elections in Ireland.”

ICTE is repeating its call, which reflects the opinions shared by IT expert groups, including the E-voting group of the Irish Computing Society, that any voting system implemented must include a voter-verified audit-trail.

This is a major exploit. Colm’s earlier mail noted

As we knew already, the machines run on m64k processors, and it’s relatively easy to reverse engineer what all of the registers and inputs correspond to. The dutch group were able to successfull assemble code to run on the machine, and even burn it on the very eeprom that comes in the machine.

Since the NEDAP design does not include XBox-style boot-time cryptographic verification of the EEPROM’s contents, undetectable replacement of the operating system is a 2-minute matter of unsticking the trivial ’seals’ on the voting machine’s access panels, popping out an EEPROM chip, and replacing with a modified one, then closing it up again.

Once that’s done, the election is rigged, as WVSN have demonstrated.

Update: here’s their paper describing the attack in detail — well worth a read.

Tags: e-voting, icte, nedap, wvsn

E-Voting: Paul Krugman: Fear of Fraud:

It’s election night, and early returns suggest trouble for the incumbent. Then, mysteriously, the vote count stops and observers from the challenger’s campaign see employees of a voting-machine company, one wearing a badge that identifies him as a county official, typing instructions at computers with access to the vote-tabulating software.

When the count resumes, the incumbent pulls ahead. The challenger demands an investigation. But there are no ballots to recount, and election officials allied with the incumbent refuse to release data that could shed light on whether there was tampering with the electronic records.

This isn’t a paranoid fantasy. It’s a true account of a recent election in Riverside County, Calif., reported by Andrew Gumbel of the British newspaper The Independent.

Here is Gumbel’s account. It’s quite simply crazy:

On March 4, Floyd and Cassel saw the second Sequoia employee, Eddie Campbell, return to the registrar’s office and watched him pop into his pocket what looked like a PCMCIA card similar to those used to store votes on individual touchscreen machines. The Sequoia AVC Edge machines do not make a paper record of individual votes, and any record of total votes for a potential recount — vital in a race separated only by 45 votes — would only be stored on that kind of card.

Floyd shouted out: ‘Where are you going with that?’ But he received no answer.

Incredible.

Tags: account, card, challenger, count, e-voting, election, fear, fraud, record, recount, sequoia

eVoting: Lore Brand Comics on e-voting. (thanks, Ben!)

Tags: comics, e-voting, funny, lore-brand, via:ben

E-Voting: Very interesting page reproducing a translation of part of an expert report detailing an incident that occurred during an ‘electronic election’ in Belgium on May 18th 2003.

The latest EDRI-gram notes:

The total number of preferential votes cast on a specific candidate was higher than the total number of votes for his list. A series of tests was conducted on the computer of the president of the voting committee, but the error could not be reproduced. The difference in votes was exactly 4096, leading the research-team to the conclusion that the error was probably due to a spontaneous inversion of a binary position in the read-write memory of the PC.

This serves as a pretty good pointer to how, even if the software is audited to death and pronounced reliable, the hardware can still trip you up. Computers are fundamentally unreliable.

The solution? Why, a Voter-Verifiable Audit Trail of course. ;)

Tags: e-voting, election, error, expert, incident, may, number, page, part, report, translation

E-Voting: Do not miss this fantastic round-up on the e-voting situation in the US. It contains these amazing quotes from the leaked Diebold memos:

”Over (the past three years) I have become increasingly concerned about the apparent lack of concern over the practice of writing contracts to provide products and services which do not exist and then attempting to build these items on an unreasonable timetable with no written plan, little to no time for testing, and minimal resources. It also seems to be an accepted practice to exaggerate our progress and functionality to our customers and ourselves then make excuses at delivery time when these products and services do not meet expectations.’ (Source: ‘Resignation’, announce.w3archive/200110/msg00001.html, dated 5 October 2001)

‘It does not matter whether we get anything certified or not, if we can’t even get the foundation of Global stable. This company is a mess! We should stop development on all new, and old products and concentrate on making them stable instead of showing vaporware. Selling a new account will only load more crap on an already over burdened entity. … You are taxing the development team beyond what they can handle. … Why is it so hard to get things right! I have never been at any other company that has been so miss managed (sic).’ (Source: ‘Fw: Battery Status & Charging—and too much bull!!’, announce.w3archive/200110/msg00002.html, dated 20 October 2001)’

I’m speechless. At least the NEDAP system planned for Ireland isn’t this bad — or is it? We can’t tell.

Support the calls for a Voter-Verifiable Paper Audit Trail. There’s no other way to continue to have a trustworthy democratic system with widespread use of e-voting in place.

Tags: archive, company, development, e-voting, html, msg, october, practice, source, system, time

e-Voting: Wired has an absolutely mind-numbing list of issues with the security of Diebold voting machine procedures, including passwords printed in manuals which the staff can take home, that same password being reused for multiple systems including the on-site machines at polling stations, tamper-resistance measures being omitted, poll supervisors hired without background checks, bicycle locks being used to secure voting machines, one shared key used to ’secure’ the memory cards, etc.

‘The election process is mainly based on trust,’ Ginnold said. ‘We trust that poll workers are not going to be tampering with them.’

It’s simply insane to replace a known-good voting system (even if it’s just First-Past-the-Post instead of Proportional Representation, but that’s another issue) with a quick hack like this, IMO.

Please vote anyway, if you’re a CA citizen. And not for the fondling meathead, naturally.

DMCA: EFF: Unintended Consequences: Five Years under the DMCA. An incredible list of cases where the DMCA was used unfairly to restrict competition, research, or fair use, some of which I didn’t even know about. For example, I didn’t realise that the International Information Hiding Workshop Conference will no longer hold conferences on US soil after Professor Ed Felten was threatened over their SDMI paper.

Politics: Michael Moore on how to talk to your conservative brother-in-law. MM may play to the gallery now and again, but sometimes, he’s a genius:

Paying workers more money makes you money!

Dear brother-in-law, when you don’t pay people enough for them to take care of life’s essentials, it ends up costing you and everybody else a lot of money. When you pay your employees more money, what do you think they do with it? Invest it in stocks? Hoard it in offshore accounts? No! They spend it! And what do they spend it on? The stuff you make and sell! If you pay people squat, or lay them off, they can’t buy your stuff. They become a drain on the economy; some turn to crime, and when they turn to crime, it’s your Mercedes they want, not some junker Oldsmobile in their poor neighbour’s driveway.

Science: IgNobel prize winners 2003, including a prize for the nation of Liechtenstein for renting out the entire country for ‘corporate conventions, weddings, bar mitzvahs, and other gatherings’.

Tags: brother-in-law, diebold, dmca, e-voting, list, money, poll, security, stuff, voting, wired