from the a-few-votes-here,-a-few-votes-there... dept.
DEF CON After the debacle of the 2000 presidential election count, the US invested heavily in electronic voting systems – but not, it seems, the security to protect them.
This year at the DEF CON hacking conference in Las Vegas, 30 computer-powered ballot boxes used in American elections were set up in a simulated national White House race – and hackers got to work physically breaking the gear open to find out what was hidden inside.
In less than 90 minutes, the first cracks in the systems' defenses started appearing, revealing an embarrassing low level of security. Then one was hacked wirelessly.
"Without question, our voting systems are weak and susceptible. Thanks to the contributions of the hacker community today, we've uncovered even more about exactly how," said Jake Braun, who sold DEF CON founder Jeff Moss on the idea earlier this year.
"The scary thing is we also know that our foreign adversaries – including Russia, North Korea, Iran – possess the capabilities to hack them too, in the process undermining principles of democracy and threatening our national security."
As long as mission-critical systems like cable TV are secure, civilization will be safe.
Related Stories
The project Protect Democracy is suing the state of South Carolina because its insecure, unreliable voting systems are effectively denying people the right to vote. The project has filed a 45-page lawsuit pointing out the inherent lack of security and inauditability of these systems and concludes that "by failing to provide S.C. voters with a system that can record their votes reliably," South Carolinians have been deprived of their constitutional right to vote. Late last year, Def Con 25's Voting Village reported on the ongoing, egregious, and fraudulent state of electronic voting in the US, a situation which has been getting steadily worse since at least 2000. The elephant in the room is that these machines are built from the ground up on Microsoft products, which is protected with a cult-like vigor standing in the way of rolling back to the only known secure method, hand counted paper ballots.
Bruce Schneier is an advisor to Protect Democracy
Earlier on SN:
Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States (2018)
Want to Hack a Voting Machine? Hack the Voting Machine Vendor First (2018)
Georgia Election Server Wiped after Lawsuit Filed (2017)
It Took DEF CON Hackers Minutes to Pwn These US Voting Machines (2017)
Russian Hackers [sic] Penetrated US Electoral Systems and Tried to Delete Voter Registration Data (2017)
5 Ways to Improve Voting Security in the U.S. (2016)
FBI Says Foreign Hackers Penetrated State Election Systems (2016)
and so on ...
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @08:03PM (6 children)
Like it's not trivially easy to steal cable, or these days to steal cable internet and then to pirate all the content.
Shame about the BREAD though. Where's my Basic Income?
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @08:14PM (2 children)
Don't try stealing from the grocery, Jean Valjean.
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @08:20PM (1 child)
But I steal bread to give to the food bank!
(Score: 0) by Anonymous Coward on Monday July 31 2017, @02:45AM
Screw that! Gimme free shit! Gimme free silver candlesticks so I can become a 1%er capitalist mogul!
(Score: 2, Funny) by Anonymous Coward on Sunday July 30 2017, @09:08PM (1 child)
The peasants have no bread? Let them eat cable.
(Score: 1, Funny) by Anonymous Coward on Sunday July 30 2017, @09:42PM
If only.
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @09:47PM
https://en.wikipedia.org/wiki/Freeganism [wikipedia.org]
http://nypost.com/2011/10/31/brooklyn-hipsters-go-dumpster-diving-for-dinner/ [nypost.com]
https://www.vice.com/sv/article/avaev5/i-ate-rubbish-for-a-week-to-understand-the-rise-and-fall-of-dumpster-diving [vice.com]
(Score: 2) by Justin Case on Sunday July 30 2017, @08:04PM (3 children)
There is no legitimate use case for "electronic voting systems".
Which leads one to wonder: what was the real reason for the rush to deploy?
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @09:02PM
Let's see ... a sweetheart deal for the manufacturer because of their political contributions ... and the need to announce the winner as soon as possible so they can claim victory over their vanquished opponents. Optics are critical in today's political climate.
(Score: 4, Insightful) by kaszz on Sunday July 30 2017, @11:17PM
The real reason is to legitimize voting fraud. Why else have known faulty machines as official vote counters?
Every security expert worth their title knows electronic voting for official office is a bad idea, so..
(Score: 2) by hendrikboom on Sunday July 30 2017, @11:18PM
The purpose of electronic voting machines is to automate election fraud.
(Score: 2) by SomeGuy on Sunday July 30 2017, @09:08PM (5 children)
When we the people of the United States of America are given a choice between voting for Evil Alien A or Evil Alien B, does it really matter?
"Don't blame me, I voted for Kodos!"
Meanwhile on Fox News "Turmmp! Russer! Trummpr! Russher! TRuuumph! Moar Russaar! Derrr"
(Score: 2) by kaszz on Sunday July 30 2017, @10:58PM (4 children)
Media presented it as a A/B choice. But that is not the reality:
Republican: Donald Trump
Democrat: Hillary Clinton
Libertarian: Gary Johnson
Green Party: Jill Stein
Independents: Evan McMullin
Constitution Party: Darrell Castle
Within the larger parties numerous candidates withdrew.
So there IS choice. But people don't get aware of it because media present it otherwise. And the constitution also worsen it by winner-takes-it-all rules. Whack media and the playing field becomes more even.
(Score: 0) by Anonymous Coward on Monday July 31 2017, @01:05AM
Clarification: winner-take-all is not in the US Constitution. The electoral college does encourage it, but the constitution does not even require voting (appointment by state government used to be common when thr US was young).
(Score: 0) by Anonymous Coward on Monday July 31 2017, @06:34AM
There were 31 candidates on ballots, and 206 qualified write-in candidates. [thegreenpapers.com]
(Score: 0) by Anonymous Coward on Monday July 31 2017, @03:31PM (1 child)
The trouble is that first past the post voting penalizes those that vote for the 'right' candidate by taking a vote from the 'better' candidate that won't push them past the 'worse' candidate. The so-called spoiler effect.
The answer is to offer something like instant run-off voting, but since that penalizes the two parties in power, how to you institute it?
(Score: 0) by Anonymous Coward on Monday July 31 2017, @03:58PM
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @09:32PM (4 children)
...if North Koreans are physically breaking open your voting machines.
(Score: 0) by Anonymous Coward on Sunday July 30 2017, @09:50PM
I'm more worried about the phony tech guy, the corrupt politician, or whatever likely method is used to falsify voting records.
(Score: 0) by Anonymous Coward on Monday July 31 2017, @01:20AM (2 children)
In upstate NY (far from NY City), I vote by pencil, blackening spots on a heavy paper ballot. The ballot is scanned by something that looks a bit like an old fax machine, and then saved should a recount be called for. Not sure how the scanned image is counted, anyone know?
I suppose the scanner software could be hacked? Seems unlikely, since representatives of all parties (at least GOP and Dem) are there to verify the operation of the machine before the polls open.
(Score: 5, Funny) by MostCynical on Monday July 31 2017, @02:24AM
"verify the operation of the machine before the polls open."
so, the machine shows one count for one vote for each candidate, or whatever 'test' the manufacturer proscribes.
How does it do, once there are several thousand votes? How does it go about 'checking' itself, part-way through, and at the end of, voting?
Think that 'pre-election test' was enough to prove anything? VW, Audi, Mercedes, etc. could all help you learn about getting machines to pass 'tests'...
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by fritsd on Monday July 31 2017, @04:32PM
FTFY :-)
(Score: 0) by Anonymous Coward on Monday July 31 2017, @11:33AM
But you only need "voting" in "democracies".
And I won't even mention the one party system where you get to pick your favorite color between red and blue...