Princeton Professor Finds No Hardware Security In E-Voting Machine

A professor says there was nothing in the five Sequoia AVC Advantage machines that would stop him from reaching the read-only memory chips that hold the program instructions for counting votes.

By Antone Gonsalves
InformationWeek

Feb 16, 2007 03:56 PM

A Princeton University computer science professor who bought several Sequoia electronic voting machines off the Internet claims he found no hardware security to prevent someone from accessing the technology that controls the vote counting.

Andrew Appel said Friday there was nothing in the five Sequoia AVC Advantage machines he bought for $82 that would stop him from reaching the read-only memory (ROM) chips that hold the program instructions for counting votes. The chips were not soldered to the circuit boards, and could be easily removed with a screwdriver and replaced with other chips.

Therefore, a person who had access to a machine chip could reverse engineer the program instructions and then write his own instructions on a ROM chip available from any computer equipment retailer, according to Appel. If that person had access to a machine in a voting station, he could easily open the computer, pop out the original chip from its socket, and press in the new one.

Sequoia, which says it has managed thousands of electronic elections for 14 years in 16 states, said the professor's analysis was bogus because the machines bought off the Internet are not in a voting station, where election officials implement their own security measures to prevent machine tampering.

http://www.informationweek.com/news/showArticle.jhtml?articleID=197006847

Will this get the coverage it needs? PFSHAW!

different question: What will YOU do to spread the word?

I'm not trying to put anything on you. I'm just urging you to NOT yield to the despair you may feel--despair that is deliberately inflicted on you by the war profiteering corporate news monopolies, that says to you: You can do nothing. WE hold all the power. WE say what is news and what isn't, and you can't do a damn thing about it.

See what I mean?

Word of mouth, and the internet, worked, on the war. (From 56% opposed to the war before it started, to 74% today!) It's working on election fraud. (A poll last year showed that 92% of Americans want transparent vote counting that they can see and understand; and, in the recent Congressional elections, there was a dramatic increase in the amount of Absentee Ballot voting--obviously ordinary voters, in big numbers, trying to find a way around the rigged electronics; there are numerous state/local fights going on around the country on this issue.) It's working on many issues. Word IS getting out.

So, don't despair. Instead, find one of these other avenues of communication and use it. Do your part. Actually, you're doing that right now. DU is a way of getting the word out. Make it a positive word, a smart strategic word--not just a cry of despair. We all feel twinges of that despair, from time to time. DON'T GIVE IN TO IT. It really is a mind-game that is being played on the great progressive American majority, to make us FEEL like a minority, even though polls overwhelmingly indicate otherwise.

who has known many, many other IT professionals, I have NEVER heard one single one say that electronic voting is safe. They all say it is very EASY to hack into, even a HS geek can do it. One little "bug" in the code will do it.

I'll never trust them.

and easy for everyone to understand.

That it's a complicated mess--indeed, a disaster--reminds me of the Bushites' mode in Iraq, and in everything they do: chaos.

Make things so confusing, people give up--then they are free to steal us all blind.

I understand that in the Phillipines they vote in a completley transparent way. You go into the voting place and they ask you who you are. Then they ask if anyone knows who you are to back that up to prevent fraud. Then they ask you who you want to vote for. You say it right out loud who you are voting for. Seems transparent to me.

Raebrek.

and hopefully the "only" one, who believes in fantasy

Mr. Brit Williams
Professor Emeritus
Kennesaw State University
2776 Arldowne Drive
Tucker, GA 39984

http://rules.senate.gov/hearings/2007/0207Williams.pdf

If the hacking is so easy and untraceable, why hasn't an activist done it and made Mickey Mouse the winning candidate?

9 billion votes, that will draw attention to the election theft machines. :)

All these arguments and debates can be discounted.

Make it plain and clear to the people by such an absurd vote total.

And claim that it ends the debate ....

Cmon .....

Just because I havent stolen your wallet (yet) doesnt mean your wallet will never be stolen .....

Your argument is incredibly weak ......

Activists against the current state of nontransparent, insecure and non-verifiable e-voting are not criminals, they are fighting lawfully for our democracy against the criminal activity that could and may well have been perpetrated by insiders. To suggest otherwise is unconscionable, not even something to joke about.

Insiders hack the machines, not voters or activists.

Places with crooked election officials have crooked elections. The machines simply automate the process of crooked elections.

An election official who believes in honest elections is not going to delibrately compromise the machines. A crooked election official will do everything they can to make fake election results look real.

The most likely form of fraud does not involve some hacker showing up to vote on election day.

that it is practically untraceable...

yep.

Fix it.

who is known to have been advocating e-voting machines since the late 90's right here:

It is ok to have these machines delivered to poll workers homes - days and weeks in advance of election day, because they submit to an oath!

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=203x467831

Using a hand held device and either transmitting the code via the air or plugging into the machine and changing the code?

As for relying on the security measures implemented by election officials prevent machine tampering. What does their security measures entail? Does it include security to prevent tampering even without physical access to these machines?

How to steal an election by hacking the vote Read more about the methods -- 7 pages and download the pdf file for permanent access.

Election security experts break down voting fraud types into two main categories, based on how many bad apples it takes to swing an election: retail fraud and wholesale fraud. Retail fraud is the kind of election fraud that's most familiar to us, because it has been around for the longest time. In general, retail fraud involves multiple bad apples at the precinct level, carrying out any number of bad acts involving multiple voters and voting machines. Some examples of retail fraud are ballot stuffing, restricting polling place access by means of intimidation, vandalizing individual machines to make them unusable, counterfeiting ballots, and so on.

Wholesale fraud is relatively new, and it involves a single bad apple who can affect an election's outcome at the precinct, county, and state levels. (Actually, by this definition, wholesale fraud is as old as the poll tax. But let's stick to wholesale fraud involving electronic voting machines for now.) So with wholesale fraud, one bad apple can affect different barrels of various sizes, depending where in the election process she's placed.

The table below breaks down the newer types of fraud that electronic voting machines have made available to election thieves:
Wholesale and retail fraud
Wholesale
Detectable
• Altering the vote tabulation process
• Altering the record of tabulated results
Undetectable
• Altering the vote tabulation process
• Altering the vote recording process
• Altering the record of votes

Retail
Detectable
• Multiple voting
• Deleting votes
• Disabling a machine
• Invalidating all the votes on a machine
Undetectable
• Altering the vote recording process
• Altering the record of votes

//snip//

The scariest part of Table 2's list of e-voting fraud types is the box where the "Undetectable" row and the "Wholesale" column intersect. Undetectable wholesale fraud is the ultimate apocalyptic scenario for security analysts, and for democracy—it's the briefcase nuke in downtown Manhattan, or the human-transmissible bird flu strain in the international terminal of LAX.

Send your elected officials our free PDF guide to hacking the vote

Shortly after we published our newest feature on electronic election fraud, "How to Steal an Election by Hacking the Vote," we received a flood of requests that we release a free copy of the article's PDF, which is typically only available to Premier Subscribers. Quite a few readers also suggested that the PDF should be emailed to elected officials, especially congresspersons and Secretaries of State, as a kind of wake-up call for how insecure our elections are.

So, you asked for it, and here it is: How to Steal an Election by Hacking the Vote, in a portable, easily readable/printable PDF format. Please note: the article is copyrighted, so there are some ground rules. We are granting individuals a right to distribute the document for non-commercial purposes, so feel free to send it to anyone you want. If you wish to host it on your website, you may do so provided that you also a) link to this news post, and b) also link to the original copy online, here. This way, we can easily announce changes, updates, sequels, etc., in a central location.

You should also consider sending along a copy, be it email, snail mail, or fax, to your Secretary of State, your state Representative, and your state Senator. If more good people in government can be made to understand how vulnerable our democracy is, then we have some hope of turning the move to electronic election systems from a threat into a benefit for America.

How To Steal an Election With a Diebold Machine

Some Princeton researchers made a demonstration video of how it's possible to steal an election with a Diebold voting machine in under a minute. Anyone with physical access to the machine can put in malicious software to steal votes—such as election workers who have unsupervised access to the machines before elections. All they have to do is open up the machine with a key (or pick the lock), remove the old memory card, stick in your own memory card, boot the machine, and it automatically installs any software that was on the memory card.

At the end of the demonstration election, the poll machine prints out the incorrect "stolen election" result. The internal memory card also stores in the incorrect result. Every piece of evidence of how the election actually went reflects the "wrong" result. And, after the election is over, the vote stealing software can delete itself. There's no evidence left that the vote has been conducted incorrectly.

There's even a flaw in Diebold machines that allow a virus to spread from machine to machine, infecting a memory card and using it to spread to other machines.

http://itpolicy.princeton.edu/voting

Diebold:
Normal security procedures were ignored. Numbered security tape, 18 enclosure screws and numbered security tags were destroyed or missing so that the researchers could get inside the unit.

Refuted:
This is incorrect. Far from ignoring Diebold’s “normal security procedures”, we made them a main focus of our study.

The tape and seals are discussed in our paper (e.g., in Section 5.2), where we explain why they are not impediments to the attacks we describe. The main attack does not require removal of any screws. Contrary to Diebold’s implication here, our paper accounts for these measures and explains why they do not prevent the attacks we describe. Indeed, Diebold does not claim that these measures would prevent any of our attacks.

like sending the machines home with the repuke "voting official" for safekeeping.

person or group about voting machine security. She is no fan of electronic voting machines. She needs some expert advice on the issues. Who do you suggest?