[E-voting] huge security vulnerabilities exposed
jm at jmason.org
Wed May 17 12:14:31 IST 2006
Michael McMahon writes:
> There is a very good article here:
Thanks, that has a lot of info -- esp a link to this thread:
which in turn provides a link to the (mildly redacted) report by Harri
Hursti: http://www.blackboxvoting.org/BBVtsxstudy.pdf .
Going by that, it's an incredible failure on Diebold's part -- it appears
the boot loader will automatically reflash itself, if presented with a
suitably-named file on PCMCIA media, and access to the PCMCIA slot is
protected only by a few standard Philips-head screws. wow.
> One interesting aspect is that the whistle-blower election official in
> the state of Utah who found the problem was fired due to his
> "unauthorized" actions.
> Cases like this show how election authorities are effectively "captured"
> by their system suppliers. In this case, they were more worried about
> the $40,000 cost of recertifying the equipment than whether it should or
> could be trusted.
I'll bet the officials were under NDA, or similar confidentiality
agreements? Common practice in the computer industry, but hardly
compatible with the public service needs of elections, in my opinion.
> Justin Mason wrote:
> > Have you got any links to solid technical info about these
> > vulnerabilities? This is the first remotely technical info I've heard...
> > --j.
> > Catherine Ansbro writes:
> >> This has been breaking over the last week in the USA. It is huge. It
> >> relates to the most serious security vulnerabilities uncovered so far,
> >> as the result of Harri Hursti and Security Innovation's examination of
> >> the Diebold TSx voting machine in Emery County Utah as carried out by by
> >> BlackBoxVoting.org.
> >> The vulnerabilities are so devastating that they cannot be remedied.
> >> There are several levels of vulnerabilities--
> >> 1) bootloader (this vulnerability is the most serious of all)
> >> 2) the Operating System (Windows CE)
> >> 3) software relating to the voting/counting application (we knew about
> >> some of these already)
> >> There are catastrophic hardware vulnerabilities as well.
> >> The only mechanisms that could be used to "clean" a compromised machine
> >> could also be used to reinfect it And there's virtually no way to check
> >> for contamination in the first place.
> >> Avi Rubin, Doug Jones and others are practically shitting bricks over
> >> this. (One compared it to a "nuclear bomb"; another said what they knew
> >> from previous reports was a 6 out of 10 but this one is a 10 out of 10.)
> >> There are a number of outstanding threads at BlackBoxVoting.org about
> >> all this, including a link to Hursti's first report which covers the
> >> three serious vulnerabilities mentioned above. A second report will be
> >> issued tomorrow dealing with 12 more vulnerabilities which, though also
> >> serious, are not in the same league of seriousness or irremediability as
> >> the first three.
> >> There is obviously LOTS more to be said about this.
> >> *Among other things - regarding the Irish system *(which has hopefully
> >> bit the dust but since there's no CEV report out yet we cannot be sure).
> >> For example,
> >> Did the technical team hired by the CEV have actual physical access to
> >> actual voting machines, preferably chosen by them at random?
> >> Was the OS available for full code inspection?
> >> Would their inspection have been forensic in nature, and would it have
> >> uncovered potential backdoors in the bootloader or elsewhere?
> >> Catherine
> >> _______________________________________________
> >> E-voting mailing list
> >> E-voting at lists.stdlib.net
> >> http://lists.stdlib.net/mailman/listinfo/e-voting
> >> http://evoting.cs.may.ie/
> > _______________________________________________
> > E-voting mailing list
> > E-voting at lists.stdlib.net
> > http://lists.stdlib.net/mailman/listinfo/e-voting
> > http://evoting.cs.may.ie/
More information about the E-voting