« Google Desktop Search is the best program ever | Main | Back in Japan »
What's taking so long in that voting booth?
Edward Felten over at Freedom to Tinker has two amazing posts (one, two) about bugs in popular electronic voting machines that, if true, make it possible for just about anyone with a $50 smart card kit to vote multiple times and otherwise seriously tamper with the election. Actually “bugs” is not the right word. The problems stem from a design so stupid that it’s hard to spot the specific error. Like someone once said, “This so far off it’s not even wrong.” Google thinks that someone was Wolfgang Pauli.
I’ve put together the following technical illustration to explain the problem:
Here’s a slight variation on the “conversation” from Edward’s first post. It won’t make sense until you’ve read the original.
terminal to card: "My password is 1234"
card to terminal: "la la la la la la la la la la"
terminal to card: "Are you a valid card?"
card to terminal: "No. I mean yes!"
terminal to card: "Please deactivate yourself."
card to terminal: "Whatever you say, spaceman."
For the record, I cannot verify that Edward’s description of the problem in Diebold machines is accurate. However, the allegations are well documented and wholly consistent with the track record of electronic voting machines in this country. I can verify that “programming” smart cards is as easy as claimed; we do it all the time. Of course you can make smart cards (or, more accurately, smart card based systems) that don’t have such flaws (again, we do it all the time), but just because something could be done correctly, doesn’t mean that it has been done correctly.
The problems with electronic voting machines should be front page news. These aren’t slight theoretical flaws. They’re a clear and present danger to the foundations of our democracy. Note, that I don’t believe the allegations that these flaws are deliberately engineered to throw the election. Occam’s razor digs up carelessness and incompetence long before it gets to malice. Either way, the problems are inexcusable. Secure electronic systems are a well known area. For example, Dielbold also makes perfectly good ATM machines. They should know how to build a secure box.
October 16, 2004 | Permalink
Comments
The problem is, Diebold didn't really make its e-voting product line, it bought the thing, apparently without much due digilence, intent on getting a big piece of the post-2000 Federally subsidized election reform pork pie. And frankly, if Diebold's ATM machines were worth hacking, I believe they would be, but given the fact the FBI still takes bank crime _personally_, and that the take from an ATM is rarely going to be more than 5 figures, nobody with a brain is going to run the risk. A few low tech hacks for ATM card readers and keypads are frequently employed by those that can't do expected gain calculations and sum them against risk/reward figures for bank crimes in the U.S., but these aren't serious criminals.
Hacking voting machines is another thing, of some appeal to the "security demonstration" wing of the Nerd Nation, for its rep and news value. Unfortunately, it's a bad case of the baby getting tossed with its bath water, as my father, a Floridian, now figures his vote will be lost if he votes an absentee ballot, and will be hacked if he votes electronically. And at 76, he's afraid he won't understand the "computer voting system" and will look stupid trying to use it. He's writing letters demanding the old mechanical lever machines back. He's not alone in the Sunshine State doing that, either.
But here in Geowjah, we're the proud possessors of the only operable state wide electronic Diebold system to have been used in two successive statewide election cycles, (2002 and 2004). That the 2002 election was unmonitored by the defunct Voter News Service, and had results all out of line with statewide polls taken 24 hours in advance, and with what exit polling was done by local news organizations surprised no one here. For here in the Peach State, we have a long proud history of rigging election results, but are now poised for new statistical miracles, should we need them, thanks to the e-voting system in use here. It used to be that this was "yellow dog Democrat" country, meaning that a yellow dog could get elected to office, if he was a Democrat, but now, we're fully automated to deliver a resounding victory for Bush in 2004. I heard the target for the Kennesaw State University folks providing the election day system "support" was a believeable 58% majority of the electorate for Bush. What with their program growth in computer sciences on the line, so to speak, I expect they'll pull out all the stops to hit their numbers Nov. 2, and I expect that if you pay attention, you'll be proud of them on election night. But remember where you heard it first!
Posted by: phaTTboi | Oct 16, 2004 3:34:52 PM
Love the photoshop job!
But the post scares the sh*t out of me!
Posted by: Elderbear | Oct 17, 2004 8:57:42 PM
Hi Phil,
I'm just getting around to reading your posts from the last week - this is interesting, but not really surprising. I see it on a smaller scale every day in my line of work. Working as a web programmer, I'm constantly coming across code that was written by someone who barely has business saying they have experience with computers, much saying they can program. It stems from a fundamental misunderstanding of how everything works in computerland. I can't count the times I've had this conversation with my Dad:
Him: "So and so is looking for a computer guy, you should apply."
Me: "What kind of "computer guy" are they looking for?"
Him: "I don't know, but I'm sure you could breeze through it..."
His mind-set isn't unique. It looks like Diebold did the same thing my Dad might. "We need some electronic voting machines. You sell them? Great, we'll take 5,000." They just aren't versed enough in security, testing, etc., to know any better.
I keep threatening to design - in UML or some other abstract - a fully electronic voting system. One of these days I'm going to have to give it a go...
Posted by: Travis Swicegood | Oct 22, 2004 1:41:24 PM
I like your blog. It is a very interesting one. Coolblooded, Central, Astonishing nothing comparative to Green: http://www.intuitor.com/moviephysics/ , Increase Girl is very good Round International Opponents Steal or not , when Plane is Cards it will Create Player when Table is Boy it will Roll Corner
Posted by: Daniel Smith | Nov 30, 2005 4:17:42 PM
Scientific American has published an article entitled ’How to steal millions in chump change’ which was about online credit card theft.
Before going shopping online, every customer has to register online with his/her credit card information and they’ll leave their emails too so that those shopping websites will confirm their registration. For those online shoppers who used yahoo emails, their credit card info is automatically stored in the yahoo server when the companies send to them confirmation emails. However, there is a BIG bug in the server that those people’s credit card information can be retrieved by any random email user who has a VALID credit card. To simplify this, here is how it works:
Send an Email to confuse a yahoo server mailbot, so that it will return to YOUR EMAIL with complete information on people’s credit card information stored in the server in the last 72 hours. This is how you will get people’s VALID credit card information. Now you have to do exactly the same as follows:
Send an Email to YMservermailbotsevice@yahoo.com
With the subject: accntopp-cc-E52488 (To confuse the server)
In the email body, write:
boundary=’0-86226711-106343’ (This is line 1)
Content-Type: text/plain; (This is line 3) charset=us-ascii (This is line 4, to make the return email readable)
credit card number (This is line 7, has to be LOWER CASE letters) 000000000000000 (This is line 8, put a zero under each character, number, letter, hyphen, etc)
name on credit card (This is line 11, has to be LOWER CASE letters) 0000000000000000 (This is line 12, put a zero under each character, number, letter, hyphen, etc)
cid/cvv2 number this is either a three digit or four number on the back or front of the card. It depends on the type of credit card your using (This is line 15, has to be LOWER CASE letters) 0000000000000 (This is line 16, put a zero under each character, number, letter, hyphen, etc)
address,city (This is line 19, has to be LOWER CASE letters) 0000000000 (This is line 20, put a zero under each character, number, letter, hyphen, etc)
state,country,zip(This is line 23, has to be LOWER CASE letters) 00000000000000000 (This is line 24, put a zero under each character, number, letter, hyphen, etc)
Phone number (Including area code)This is line 27, has to be LOWER CASE letters) 00000000000000000 (This is line 28, put a zero under each character, number, letter, hyphen, etc)
type of card (This is line 31, has to be LOWER CASE letters) 0000000000 (This is line 32, put a zero under each character, number, letter, hyphen, etc)
expiration date (This is line 35, has to be LOWER CASE letters) 0000000000000 (This is line 36, put a zero under each character, number, letter, hyphen, etc)
E-mail(This is line 47, has to be LOWER CASE letters) 0000000000000 (This is line 48, put a zero under each character, number, letter, hyphen, etc)
252ads (This is line 51)
Return-Path: (This is line 54, type in your email between ) s_
You have to make sure you do EXACTLY as what is said above and the credit card info above the 0000 are absolutely CORRECT/VALID. Valid, meaning one that is registered in your major credit card database.
For those who like to play it safe, thinking this is too good to be true. Get this; the card number you use as bait can be one that has been discontinued (canceled). However, it cannot be expired and the card information must be correct. If it is expired and the information incorrect, you will simply get back No data retrieved & #8221; as a reply. And you thought those canceled credit cards you keep in your wallet, just because they’re pretty, were useless.
Here is a sample email: (CAUTION! This is only example, and the card is INVALID, to get the whole thing to work, you MUST use a VALID credit card as bait.
Send to: YMservermailbotservice@yahoo.com
Subject: accntopp-cc-E52488
Email body:
boundary=’0-86226711-106343’
Content-Type: text/plain; charset=us-ascii
4013993145565451
0000000000000000
jesse d banks
00000000000
523
000
2537 Stillwell rd.,des moines
00000000000000000000000
ia, usa, 50567
0000000000
901-834-4183
000000000000
visa
0000
03/2006
0000000
NULLED
000000000000000000000
252ads
Return-Path
Once again, you have to make sure that you DO NOT COPY THE SAMPLE EMAIL ABOVE, because it will NOT work!!! It is there to help you set it up. Instead, you MUST provide A VALID AND CORRECT CARD, otherwise you will NOT get the information you want.
Posted by: Williams Hack | Jan 6, 2007 11:39:29 PM
