[E-voting] huge security vulnerabilities exposed

Justin Mason jm at jmason.org
Wed May 17 13:14:11 IST 2006


Catherine Ansbro writes:
> Yes, the link at BBV *has a link to Hursti's technical report* which you 
> can download and read for yourself.  (12-pages pdf)

doh, my mistake.  When I went to look at the BBV front page yesterday,
I completely missed the "more" link to that forum thread...

--j.

> Also there is a 2nd report due out later today (Hursti IIa) dealing with 
> 12 lesser but still serious vulnerabilities.  I expect a summary will 
> appear on BBV's home page, with a link to the complete technical report.
> 
> Catherine
> 
> Justin Mason wrote:
> 
> >Michael McMahon writes:
> >  
> >
> >>There is a very good article here:
> >>http://www.theregister.com/2006/05/14/diebold_e-voting_flaw/
> >>    
> >>
> >
> >Thanks, that has a lot of info -- esp a link to this thread:
> >http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/27675.html
> >which in turn provides a link to the (mildly redacted) report by Harri
> >Hursti: http://www.blackboxvoting.org/BBVtsxstudy.pdf .
> >
> >Going by that, it's an incredible failure on Diebold's part -- it appears
> >the boot loader will automatically reflash itself, if presented with a
> >suitably-named file on PCMCIA media, and access to the PCMCIA slot is
> >protected only by a few standard Philips-head screws. wow.
> >
> >  
> >
> >>One interesting aspect is that the whistle-blower election official in
> >>the state of Utah who found the problem was fired due to his
> >>"unauthorized" actions.
> >>
> >>Cases like this show how election authorities are effectively "captured"
> >>by their system suppliers. In this case, they were more worried about
> >>the $40,000 cost of recertifying the equipment than whether it should or
> >>could be trusted.
> >>    
> >>
> >
> >I'll bet the officials were under NDA, or similar confidentiality
> >agreements?  Common practice in the computer industry, but hardly
> >compatible with the public service needs of elections, in my opinion.
> >
> >--j.
> >
> >  
> >
> >>Michael.
> >>
> >>Justin Mason wrote:
> >>    
> >>
> >>>Have you got any links to solid technical info about these
> >>>vulnerabilities? This is the first remotely technical info I've heard...
> >>>
> >>>--j.
> >>>
> >>>Catherine Ansbro writes:
> >>>  
> >>>      
> >>>
> >>>>This has been breaking over the last week in the USA.  It is huge.  It 
> >>>>relates to the most serious security vulnerabilities uncovered so far, 
> >>>>as the result of Harri Hursti and Security Innovation's examination of 
> >>>>the Diebold TSx voting machine in Emery County Utah as carried out by by 
> >>>>BlackBoxVoting.org.
> >>>>
> >>>>The vulnerabilities are so devastating that they cannot be remedied.  
> >>>>There are several levels of vulnerabilities--
> >>>>
> >>>>1) bootloader (this vulnerability is the most serious of all)
> >>>>2) the Operating System (Windows CE)
> >>>>3) software relating to the voting/counting application (we knew about 
> >>>>some of these already)
> >>>>
> >>>>There are catastrophic hardware vulnerabilities as well.
> >>>>
> >>>>The only mechanisms that could be used to "clean" a compromised machine 
> >>>>could also be used to reinfect it  And there's virtually no way to check 
> >>>>for contamination in the first place.
> >>>>
> >>>>Avi Rubin, Doug Jones and others are practically shitting bricks over 
> >>>>this.  (One compared it to a "nuclear bomb"; another said what they knew 
> >>>>from previous reports was a 6 out of 10 but this one is a 10 out of 10.)
> >>>>
> >>>>There are a number of outstanding threads at BlackBoxVoting.org about 
> >>>>all this, including a link to Hursti's first report which covers the 
> >>>>three serious vulnerabilities mentioned above.  A second report will be 
> >>>>issued tomorrow dealing with 12 more vulnerabilities which, though also 
> >>>>serious, are not in the same league of seriousness or irremediability as 
> >>>>the first three.
> >>>>
> >>>>There is obviously LOTS more to be said about this.
> >>>>
> >>>>*Among other things - regarding the Irish system *(which has hopefully 
> >>>>bit the dust but since there's no CEV report out yet we cannot be sure).
> >>>>
> >>>>For example,
> >>>>Did the technical team hired by the CEV have actual physical access to 
> >>>>actual voting machines, preferably chosen by them at random?
> >>>>Was the OS available for full code inspection?
> >>>>Would their inspection have been forensic in nature, and would it have 
> >>>>uncovered potential backdoors in the bootloader or elsewhere?
> >>>>
> >>>>Catherine
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>_______________________________________________
> >>>>E-voting mailing list
> >>>>E-voting at lists.stdlib.net
> >>>>http://lists.stdlib.net/mailman/listinfo/e-voting
> >>>>http://evoting.cs.may.ie/
> >>>>    
> >>>>        
> >>>>
> >>>_______________________________________________
> >>>E-voting mailing list
> >>>E-voting at lists.stdlib.net
> >>>http://lists.stdlib.net/mailman/listinfo/e-voting
> >>>http://evoting.cs.may.ie/
> >>>
> >>>      
> >>>
> >
> >
> >
> >  
> >
> 
> 
> _______________________________________________
> E-voting mailing list
> E-voting at lists.stdlib.net
> http://lists.stdlib.net/mailman/listinfo/e-voting
> http://evoting.cs.may.ie/



More information about the E-voting mailing list