SoylentNews is people
SoylentNews
The Virginia election commission, which is responsible for certifying whether machines are fit to be used in elections, has decertified the Advanced Voting Solutions WINVote and for many very good reasons. Amongst the many security flaws in this product are:
- Weak administrator passwords such as "admin" or "abcde"
- Use of an embedded version of Windows XP which hasn't been updated since 2004
- Use of WEP for Wifi encryption
- An absence of any firewall
Worse still, this machine has been used in actual elections and its lack of any logging or record-keeping means that we'll never know if its weaknesses were used to manipulate the outcome of an election. As a proof of concept, security researchers successfully demonstrated accessing the machine and manipulating the recorded vote counts.
This discussion has been archived.
No new comments can be posted.
WINVote Voting Machines Used in Virginia Elections are Shockingly Insecure
|
Log In/Create an Account
| Top
| 35 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
TOO BAD YOU CAN'T BUY a voodoo globe so that you could make the earth spin
real fast and freak everybody out.
-- Jack Handey, The New Mexican, 1988.
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @06:54PM
the election commision should be educated one way or another but i can imagine that even if they requested bids from multiple companies they would get these slaveware selling charlatans all professing how secure their machines were and since the commision's "computer person" couldn't tell the difference, they just went with the cheapest option. until Free Tech is taught to kids/in school, this culture of utter stupidity will continue. It's an actual matter of national security while the traitors in washington try to compromise the security of the whole nation's tech via backdoors and other treachery. all with the blessing of the moronic whores in congress.
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @07:36PM
The thing is even with 'free' you can *still* screw it up. Think about how many LG and Samsung TVs are out there. Now think about this. Many of them are 5-10 years old and have an equally old copy of linux running on them (for example my TV has not had an update in 4 years). What sort of security is in that?! Think how many routers out there that have 1-2 updates then are EOL. This is what 'normal' people buy.
http://www.devttys0.com/2015/04/what-the-ridiculous-fuck-d-link/ [devttys0.com]
The bases of many of routers is linux... I have been digging thru that particular blog because it has some pretty cool things on reverse engineering. I saw one a month or so ago on another blog of a dude who completely 100% rooted the bluray usb drive he had. As in he could run whatever code he wanted in the controllers and snoop the data right off the laser.
The thing is we are asking people who do not even know what a computer hack is to buy hardware that needs to be secure and updates to keep it that way. They do not even know the right vocabulary to ask for the right things. Much less actually make it happen. Then on top of that have a dedicated very smart guy on staff to reverse engineer it and certify it.
Like when I describe these things to my wife. She looks at me like I have a screw loose. I am not even using the same vocabulary as her when I talk to her about these sorts of things. We assume everyone is knowledgeable because we are. When the reality is we need to bring it to their level and they need to come up a bit to ours just so we can stress how bad these things are.
(Score: 2) by Nobuddy on Thursday April 16 2015, @09:19PM
I am pretty sure your TV, if cracked, will not change the outcome of an election.
you have to look at how much something should be secured when you want to compare them.
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @10:06PM
My point is people are thinking of these things like appliances. You buy it and its done. When that is not even remotely true. These are the same people who buy things like a TV and figure its good for 10-15 years.
Also personal security is just as important as some election. Most of the people that are elected are fairly corrupt anyway so it does not matter much which side of the coin you are voting for.