jump to navigation

Voting Machines vs. Hackers July 28, 2007

Posted by Michael in News.
trackback

Guess who wins.

State-sanctioned teams of computer hackers were able to break through the security of virtually every model of California’s voting machines and change results or take control of some of the systems’ electronic functions, according to a University of California study released Friday.The researchers “were able to bypass physical and software security in every machine they tested,” said Secretary of State Debra Bowen, who authorized the “top to bottom review” of every voting system certified by the state.

The results are not really so surprising, given that the test was designed to give the hackers extraordinary access to information about the machines, including the source code.

Neither Bowen nor the investigators were willing to say exactly how vulnerable California elections are to computer hackers, especially because the team of computer experts from the UC system had top-of-the-line security information plus more time and better access to the voting machines than would-be vote thieves likely would have.

“All information available to the secretary of state was made available to the testers,” including operating manuals, software and source codes usually kept secret by the voting machine companies, said Matt Bishop, UC Davis computer science professor who led the “red team” hacking effort, said in his summary of the results.

Indeed, most companies treat their source code like the Holy Grail, and it is subject to very stringent security.

Still, the test should serve to caution us that technologically superior voting machines will not necessarily provide a solution to the perennial problem of vote fraud.

Thanks to Retired Geezer.

Most vote machines lose test to hackers

Comments»

1. Tushar D - July 28, 2007

So, you give the thief the key, and are shocked that he opened the lock?
If someone is given all the relevant info, why, even getting the launch codes and launching America’s nuclear arsenal is possible.

2. Retired Geezer - July 28, 2007

I remember when Nevada went to the ‘paperless’, No-accountability Ballots.

That Sucks.

We still have punch cards in Idaho. We even know how to work them so there is no hanging chad problem.

Spudders Rule.

3. eddiebear - July 28, 2007

And yet the moonbats are still screaming abiut the 2004 Ohio results.

4. Wickedpinto - July 28, 2007

Iconneration of a voting system that consists of nothing more than a “yes” or “no,” is completely retarded. Yes, or FRIGGEN NO! If you can’t read the language of a nation, if you can’t recognize the name of a chose candidate, if you can’t follow the “yes or no” concept then you are way too stupid to vote.

The next gen of “electronic” voting machines ,these are actually small computers, you can have complicated, hackerproof “electronic” voting machines as long as you aren’t retarded enough to not know who you wanted to vote for in the first place. But these computers with the pretty screens, and the next gen will have the images, and the third gen will have images, that you can highlight and watch their campaign commercials in the friggen voting booth are absolutely retarded.

Yes, No. I don’t need computer assistance for that.

5. Wickedpinto - July 28, 2007

And geezer.

Niblets rules, spudders just a minion.

6. sandy burger - July 28, 2007

Well-written code should be unbreakable even if you can read the source code. Access to the source makes it easier, but security holes spotted in the source code can usually be reverse engineered without the source code, it just takes longer.

It’s not all that hard to write secure code. The trouble is, very few people know how, computer textbooks and classes don’t normally teach it, and management tends to substitute a bunch of meaningless processes for actual security know-how.

Security flaws are endemic in the software world. It’s a pet peeve of mine.

7. S. Weasel - July 28, 2007

I don’t get the point of computerized voting, anyhow. It’s not like we’re making complex, subtle calculations in the voting booth. We’re choosing A, B, sometimes and occasionally none of the above. Everything we do is more than adequately covered on a piece of paper.

8. BrewFan - July 28, 2007

Weasel is correct. Computerized voting is a solution in search of a problem. Here in Wisconsin the system is corrupt because there is no meaningful verification of who votes and how often they vote not in the actual tallying of the votes.

9. Wickedpinto - July 28, 2007

I was right FIRST!

🙂

10. BrewFan - July 28, 2007

Sandy,

More attention is being paid to security in the software world. The ultimate problem however is the ‘social engineering’ factor and there will never be an answer for that. I can design and program the most secure application known to man but if you (not you you, the everyman you) write the administrator password on a sticky note and paste it on your monitor, well, you get my point.

11. Wickedpinto - July 28, 2007

I think purple avenger had a diagram demonstrating something like that brew.

The code can be safe, but can the coder, or the admin?

12. cranky - July 28, 2007

Everything we do is more than adequately covered on a piece of paper.

The paper system worked before and it will work again. With dumb voters, well, you can’t fix stupid.

13. BrewFan - July 28, 2007

WP,

There are programs that can map and chart the ‘attack surface’; all the various ways an application can be compromised. You can code against all those threats but in the end there is always the human factor.

14. Lyndon Baines Johnson - July 29, 2007

Ahm tellin y’all, the good people of Duval county knew it was their votin responsibility to cast their votes in alphabetical order. Whay they’s been doin it that way since Christ was a corporal!

15. Retired Geezer - July 29, 2007

Here’s an Update


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: