Hack the Vote

Lately, technology-related news sites have been swamped with information on the fallibility of electronic voting machines. Diebold, whose president promised to do everything in his power to "deliver" Ohio's electoral college votes to Bush Jr. in the 2004 presidental election, is capable of making ATMs that are considered some of the most secure on the market but also built a voting machine that can be compromised in less than one minute by an unobserved attacker, to the point of actually executing uploaded code.

It is clear that, even if electronic voting is capable of doing the job that we need done in this country, that is not how it is being used. When a company that makes some of the most secure terminals in the world makes what should be a much more important device to all of us (after all, any currency not directly backed by precious metals is a legal fiction, and thus a creation of law) and cannot or does not make that device secure, it is necessary to ask what is going on. Of course, no one in the current power structure has an interest in doing so, because all of them know well that the system is utterly corrupt.

Unfortunately, the general public is utterly unversed in the issues surrounding electronic voting. It's impossible to have a useful discussion about voting with someone who doesn't even understand, for example, that the reason we have a secret ballot system is to prevent people from selling votes, and that any paper trail system for verifying votes has to take this need into account. Because it's not possible to even have a conversation with someone without bringing them up to speed, and most people don't seem to want to learn about anything farther from them than the tips of their fingers and toes, the situation is getting worse instead of better. Clearly, some clarion call is required to wake up the sleeping populace.

While this may or may not be that call, Jon "Hannibal" Stokes over at Ars Technica has written a guide to the vulnerabilities in electronic voting called How to steal an election by hacking the vote. It discusses the various types of electronic voting systems in use in the US today, and goes on to share a sampling of the various ways in which the systems can be compromised. In particular, it goes out of its way to mention the Diebold AccuVote TS, and holds it up as an example of what not to do when designing a voting machine - if, of course, your goal is to provide accuracy and security. It makes several rather sophomoric "mistakes"; For example, there is a known way to turn a "voter" smartcard into a "supervisor" smartcard using off the shelf hardware. You need to enter a PIN to use the supervisor card, but this was hardcoded to 1111 until software updates of 2003, it still defaults to 1111, and must be changed on a per-machine basis. The system uses a key lock to protect access to the PCMCIA card that the software is stored on, but that key is an exceptionally common one as the same lock is used by furniture manufacturers and many others - and it's easy to pick, too.

This particular lack of security means that it's possible to carry out all kinds of nefarious schemes. Stokes shares with us some tidbits from a study carried out at Princeton University where a vote-stealing trojan was designed that will actually load itself into the machine and virally infect any PCMCIA card inserted into the machine - meaning that one infected system can potentially infect many others, especially if it is the first system in a series of machines having their software updated. Because there is an utter lack of physical security in the system, there is no software security, either.

Besides that, because all of these systems are proprietary (in fact there was a very long process that had to be gone through before anyone could even get access to audit Diebold's source code) there's little or no way to know if they've been tampered with before they even leave the factory. As the article points out, Apple computer recently shipped "a few thousand" iPods with a windows virus on them. Meanwhile, we know that Diebold's data security might best be described as "piss-poor", simply because there have been so many leaks of their source code. In fact (as the article itself points out) Diebold's network was hacked in 2003 and thousands of company emails were disseminated widely across the internet, bringing Diebold scads of publicity. Unfortunately for them, it was all negative; fortunately for them, the average voter is apathetic as all get-out.

The article goes on to talk about compromising the system at other points; when the votes are collected from the machines, for example, or at the central server which tabulates the votes, both of which are also fragile and insecure systems. As the article says, there is only one way to prevent something like this from happening: provide an audit trail. Of course, that only helps if your audit is permitted to continue unlike the illegally terminated recount in 2000. It's simple enough to provide; for example, you can record the votes on a paper tape in the machine; the machine shows you how you voted on the paper tape, then scrolls it past so the next voter cannot see it. This tape is then preserved for verification purposes. This is just one possible method.

And of course, the ultimate method: hand voting and counting. Most of the burden of gathering the vote is handled by volunteers today; it is highly likely that if people felt that their vote was actually worth something, there would be more people interested in participating at all levels. Perhaps the answer is just to do away with the machines. While computers do exist to help us do stupid things faster, and repetitively adding one to one of a small set of numbers can pretty definitively be termed stupid, it's also one of the most important things that we can do for ourselves, our country, and ultimately not only our own future, but the future of the entire world. Don't we owe it to ourselves and to the whole nation to do it right?

Add new comment