Scoop Blogwatch: Hacking Your Vote
http://blog.wekeroad.com/blog/hacking-your-vote/
If you were hired to create some software to count votes in an election, how would you do it? What considerations would you have and how would you implement them. What would be your security considerations?
Think for a moment before reading on, and we'll compare your thoughts with what's actually out there. The results may surprise you.
Disclaimer: This is my personal blog and my opinions are my own and not necessarily that of my employer.
No, This Is
Not All About Touch Screens
There has been some major upset in the last few years about
touch-screen voting systems and how easy they are to
hack - but I don't want you to focus on that, for now. The
interesting thing is when you bring up "voting software"
most people think these systems are what you're talking
about.
In this case I'm more interested in how you would implement vote-counting software - the thing used to count the votes when cards are passed through a reader and tallied. Take 10 minutes or so and specifically think about:
- Voting audit trails
- Counting accuracy
- Security
- Tampering prevention
You keep on musing while we take a break to describe the election process and how votes are counted today...
How Your Vote Is Counted
Every
county has the jurisdiction to implement an election as it
sees fit, under the guidelines of the Federal Elections
Commission (FEC). This means that every county in the US can
buy and use "certified" systems from companies such as
Diebold, ES&S, and Sequoia.
One of the biggest sellers out there (the state of Maryland paid $50 Million US for this one) is the Diebold's Accu-vote. It consists of a battery of optical readers (one for each polling place) and memory cards for storing election results. It also comes with a license for GEMS, their vote-tallying and reporting software; one license per county for use by the Supervisor of Elections.
On the day that you vote, your ballot gets put into an officious looking black box with the other ballots. At the end of the day your ballot is pushed through one of these readers, and your vote is stored on one of these memory cards:
Once all of the ballots from a polling place are collected and read, a tape is printed by the optical reader that has the results on it, including a full count of the ballots read in. The election workers from that polling place sign the ticket and off it goes to the Department of Elections.
The next step in the voting chain is that the Election Supervisor (or one their appointees) takes the memory cards from each polling place and methodically plugs them into a computer running GEMS, the vote-counting software. GEMS reads the information from the cards and once all the cards are read, a final report is printed out and the Supervisor certifies the results and the election.
Seems simple enough right? Have an idea how you might implement this system?
The Diebold
System
In 2003, Bev Harris (the then-housewife and
now-founder of BlackBoxVoting.org) wanted to know more about
the election software that was being used in her home town
near Seattle, WA. She got on the internet and ran Google
search after Google search until suddenly...
... when I found that Diebold Election Systems had been storing 40,000 of its files on an open web site, an obscure site, never revealed to public interest groups, but generally known among election industry insiders, and available to any hacker with a laptop, I looked at the files. Having a so-called security-conscious voting machine manufacturer store sensitive files on an unprotected public web site, allowing anonymous access, was bad enough, but when I saw what was in the files my hair turned gray. Really. It did.
The contents of these files amounted to a virtual handbook for vote-tampering: They contained diagrams of remote communications setups, passwords, encryption keys, source code, user manuals, testing protocols, and simulators, as well as files loaded with votes and voting machine software
Turns out that Diebold kept their CVS system up on a public FTP site, with no security. Oops.
She downloaded every file she could find, which included requirements, diagrams, code, and binary files. Of particular interest to her was GEMS - the software that tallies the votes for the county.
Go to the full story