March 19, 2024

California Study: Voting Machines Vulnerable; Worse to Come?

A major study of three e-voting systems, commissioned by the California Secretary of State’s office, reported Friday that all three had multiple serious vulnerabilities.

The study examined systems from Diebold, Hart InterCivic, and Sequoia; each system included a touch-screen machine, an optical-scan machine, and the associated backend control and tabulation machine. Each system was studied by three teams: a “red team” did a hands-on study of the machines, a “source code team” examined the software source code for the system, and a “documentation team” examined documents associated with the system and its certification. (An additional team studied the accessibility of the three systems – an important topic but beyond the scope of this post.)

(I did not participate in the study. An early press release from the state listed me as a participant but that was premature. I ultimately had to withdraw before the study began, due to a scheduling issue.)

So far only the red team (and accessibility) reports have been released, which makes one wonder what is in the remaining reports. Here are the reports so far:

The bottom-line paragraph from the red team overview says this (section 6.4):

The red teams demonstrated that the security mechanisms provided for all systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results.

The red teams all reported having inadequate time to fully plumb the systems’ vulnerabilities (section 4.0):

The short time allocated to this study has several implications. The key one is that the results presented in this study should be seen as a “lower bound”; all team members felt that they lacked sufficient time to conduct a thorough examination, and consequently may have missed other serious vulnerabilities. In particular, Abbott’s team [which studied the Diebold and Hart systems] reported that it believed it was close to finding several other problems, but stopped in order to prepare and deliver the required reports on time. These unexplored avenues are presented in the reports, so that others may pursue them. Vigna’s and Kemmerer’s team [which studied the Sequoia system] also reported that they were confident further testing would reveal additional security issues.

Despite the limited time, the teams found ways to breach the physical security of all three systems using only “ordinary objects” (presumably paper clips, coins, pencil erasers, and the like); they found ways to modify or overwrite the basic control software in all three voting machines; and they were able to penetrate the backend tabulator system and manipulate election records.

The source code and documentation studies have not yet been released. To my knowledge, the state has not given a reason for the delay in releasing these reports.

The California Secretary of State reportedly has until Friday to decide whether to allow these systems to be used in the state’s February 2008 primary election.

[UPDATE: A public hearing on the study is being webcast live at 10:00 AM Pacific today.]

Comments

  1. languagehacker says

    I got pulled here by Google looking for Arabic resources, apparently due to the above crazy comment. In case anyone is interested as well, I recommend tolearnarabic.com for an immersive arabic training environment.

    Languages have been tinkered with and hacked for thousands of years as well BTW, if youre interested in a challenge outside of hardware. And no DMCA (although possibly some copyright laws if you try and make Arabic microsoft into a verb).

  2. “When a law goes unpunished the people think it’s okay to do wrong.” Ecclesiastics.
    Why is it that Asians and other cultures don’t demand we give them welfare or march for amnesty after they break laws? Because these cultures have more respect for themselves. Not Mexican illegal aliens! No, as if a nightmare, they could care less and then yell at you you’re “full of hate” and “racist”, if you tell them to quit stealing and sneaking into the USA. The real racist is a person who would hate a country and it’s people so much they show NO respect for it’s laws or people living here! How many times have your children been pushed aside for an illegal alien anchor baby? How many times have you sat in an ER and had to wait because illegal aliens were in there with a cough. How many times have fire, police and social services been summoned to deal with problems dealing with illegal aliens? That’s like some stranger breaking into your Women’s organization and using it for their own purposes and then demanding amnesty. You’d be mad, right? Now do you understand why so many of us our angry? Fed up? The following chutzpah displayed by the Australian Prime Minister is what we need in America regarding the pernicious crime of illegal immigration. Yes, we need a leader, or better yet, leaders, to tell the MEXICAN GOVERNMENT to take back and take care of their citizens—the Mexican citizens (majority of illegal aliens) who storm our borders, steal our social security numbers, abuse, rape and murder our citizens and then, as if this is just a game, happily march in the streets demanding amnesty. Don’t forget, Mexican illegal aliens are a huge part of our collapsing economy. Yet, we’re told to vote for more Indian Gaming to fix the economy. Meanwhile, as more illegal aliens (a few are terrorist cells posing as illegal aliens and crossing into America) the Mexican government expects our great country to lower our standards to accommodate their lawlessness. Nevermind right now, some American solider is giving his life for this country, but Hillary Clinton wants to give illegal aliens free college tuition and McCain wants to “fine them” 2000 bucks and give them citizenship. Is American citizenship that cheap? Are American politicians so weak that all it takes is a bottle of Tequila and a beachfront cabana to sell the rest of America out? Have millions of US Army, Navy and Marines died so that illegal aliens can continue to bankrupt our states and hijack what’s been fought for with blood, sweat and tears? . Americans have had it with bumbling, inept, corrupt Mexican officials telling us how to deal with their citizens. Illegal aliens suck our country dry without the slightest flicker of remorse or shame. And like spoiled brats who need a good butt whipping, they want more and more. It is time for our government to issue arrest warrants (like we do when American criminals steal identities, commit forgery and trespass) and ship these brazen, sociopath illegal aliens back to their own countries of orgins (majority from Mexico) where their own governments will be forced to take care of them. It’s time for every American citizen to write their newspapers, phone, email and get on talk shows and let our voices ring clear that foreign governments will be getting their citizens living illegal in USA back real soon: THE FIESTA IS OVER. Which leader is closet to what we need? Huckabee, Obama and Romney seem the only reasonable choices. Surely, Barak understands illegal aliens are taking jobs from blacks, doesn’t he? Surely, Romney understands that illegal aliens hurt the environment, bankrupt schools and hospitals, right? Surely, Huckabee gets that illegal aliens living in this country are criminals who need to be apprehended and deported? Who are using your social security numbers and credit card numbers. Surely, our wise politicians know Mexican illegal aliens are the biggest METH and HEROIN distributors in the USA< right?

    Prime Minister John Howard – Australia
    Muslims who want to live under Islamic Sharia law were told on Wednesday to get out of Australia , as the government targeted radicals in a bid to head off potential terror attacks.
    Separately, Howard angered some Australian Muslims on Wednesday by saying he supported spy agencies monitoring the nation’s mosques. Quote: ‘ IMMIGRANTS, NOT AUSTRALIANS, MUST ADAPT. Take It Or Leave It. I am tired of this nation worrying about whether we are offending some individual or their culture. Since the terrorist attacks on Bali , we have experienced a surge in patriotism by the majority of Australians.’
    ‘ This culture has been developed over two centuries of struggles, trials and victories by millions of men and women who have sought freedom’
    ‘ We speak mainly ENGLISH, not Spanish, Lebanese, Arabic, Chinese, Japanese, Russian, or any other language. Therefore, if you wish to become part of our society Learn the language!’
    ‘ Most Australians believe in God. This is not some Christian, right wing, political push, but a fact, because Christian men and women, on Christian principles, founded this nation, and this is clearly documented. It is certainly appropriate to display it on the walls of our schools. If God offends you, then I suggest you consider another part of the world as your new home, because God is part of our culture.’
    ‘ We will accept your beliefs, and will not question why. All we ask is that you accept ours, and live in harmony and peaceful enjoyment with us.’
    ‘ This is OUR COUNTRY, OUR LAND, and OUR LIFESTYLE, and we will allow you every opportunity to enjoy all this. But once you are done complaining, whining, and griping about Our Flag, Our Pledge, Our Christian beliefs, or Our Way of Life, I highly encourage you take advantage of one other great Australian freedom,
    ‘ THE RIGHT TO LEAVE’.’
    ‘ If you aren’t happy here then LEAVE. We didn’t force you to come here. You asked to be here. So accept the country YOU accepted.’ (or in the case of illegals, if it’s so bad, go back to your own country and get things right with your own government. Don’t break our laws. Don’t use us.)
    Maybe if we circulate this amongst ourselves, American citizens will find the backbone to start speaking and voicing the same truths.
    If you agree please SEND THIS ON!!!!

    America must amend the 14 Amendment, so this stops millions of illegal alien women from coming here solely to give birth and get hard fought USA services. Our citizenship shouldn’t be so cheap. Our kids and families shouldn’t come second or third for illegal aliens and the kids they won’t stop having. So up for grabs that it’s come to this shameful state.
    Overpopulation alert. 12 million illegal aliens plus average 5 kids per woman. Sure we love kids. We don’t advocate being cruel to illegal aliens, but the point people is we’ve had it. America can’t afford to put our people second and forth while accomodating foreign criminals living with fake socials who break into our country and want more, more, more. Duh.

  3. Go America!

    Keep your trust in democracy. Get out there and vote! You vote counts! Really, it does!

  4. cookseytalbott says

    I am not suprised at this result. I got the code when they initially displaied lax security and inspected it closely.

    I am not suprised that the machines are open to front end attacks as they use the GRAI (generally regarded as insecure) Microsoft tool chain.

    The code trusted everyone. It did not verify the componants loaded by the machine at start up nor did it vet any of the systemic DLL libs that it loaded at runtime.

    Ergo my eval was that it was extremely succeptable to back end attacks and based on the security (much touted in todays papers) the physical security that is supposed to protect this totally uinlocked gate was compromised at all points in the last election.

    I note the widely documented breech in the San Diego race which was hotly contested.

    I vote to DECERTIFY ALL THE DRE GEAR.

    If it was open source, with real internal security and a journaling database for vote aggregation I might feel better, but without recognized CS security experts on the job any attampt would only lead to failure.

    PAPER!

  5. For what it’s worth, here is a response to the report from Sequoia Voting Systems:

    http://www.sequoiavote.com/article.php?id=86

    and here from Hart Intercivic:

    http://www.hartintercivic.com/files/California_SOS_Top-To-Bottom_Review_of_Electronic_Voting_Systems.pdf

    I could not find one from Diebold.

  6. Shad Price says

    They would be foolish to use these machines. It’s painfully evident that Electronic Voting in it’s current state is not ready for prime time.

  7. Spudz, even in simple “put a cross on a paper ballot” elections there are some details that have impact on security and auditability of elections. Counting the votes at the polling station (allowing the public to observe the count) removes the possibility to manipulate (or replace) ballots during transport from polling station to counting station.
    Tampering with the voting registers is another way of influencing elections that works with both electronic and paper voting… In the Netherlands all eligible citizens automatically get their paper “invitation to vote” and the branch that sends out the cards has to guess what the people will vote. Every US election I hear stories of inappropriate deletions of people from the voting register. I can not estimate the cumulative of those deletions, due to non-linearities in the US election system.

  8. To throw off a paper-ballot vote that had a margin of 1000 votes between winner and loser requires tampering with at least 500 ballots (switching votes) and more likely 1000 (stuffing the ballot box or defacing existing ballots).

    To throw off an electronic vote that had a margin of 1000 votes between winner and loser requires one single act of tampering: push one button, substitute one bogus memory card, or whatever.

    The threat model for electronic voting is hugely different. Instead of being based on a large volume of fraudulent transactions it’s based on just one, and so preventing one single bogus interaction is the security model, rather than keeping the noise introduced into the system down to a dull roar. Preventing large numbers of fraudulent actions is important; preventing isolated ones largely isn’t, save safeguarding a whole box of ballots coming from a Dem-leaning area from being disappeared or something. Paper ballot elections are typically safe if you keep the level of noise (accidentally screwed up plus outright fraudulent votes) below the magnitude of the gap between winner and loser. If the noise level is known or suspected to be big enough they then have a recount or other audits.

    Electronic systems also tend to be woefully inadequate when it comes to auditing, as it just so happens.

  9. They submit reports ON VOTING TECHNOLOGY to a frigging state censor to redact stuff, before it is made public?

    What is this, the freaking Soviet Union?

  10. OK. so I’m not very familiar with all the details about electronic voting machines, but I’ll ask anyway.

    Has anyone ever taken the requirements for electronic voting machines and used them with equal rigor to evaluate the old ways of voting? Those would be things like pulling levers, making Xs on pieces of paper, and so forth.

    If so, what are the results? Are the newfangled, electronic machines more accurate, reliable and secure, or are the old ways better?

  11. “The document review teams and source code review teams submitted their reports on schedule. Their reports will be posted as soon as the Secretary of State ensures the reports do not inadvertently disclose security-sensitive information.”

    http://www.sos.ca.gov/elections/elections_vsr.htm