Misplaced Concern Over Diebold Hack Tests

from the you're-concerned-about-what-now? dept

On Friday we noted our general horror at the fact that Diebold representatives responded with inappropriate jokes about the fact that the company's voting machines were easily hacked to provide incorrect results. Given the company's history, however, it probably wasn't that surprising. What's even more horrifying, though, is the reaction of certain politicians to this news. While Florida Governor Jeb Bush has now said that the state needs to review how it certifies voting machines, this bit of very positive news comes with the odd response by Florida's acting Secretary of State. Instead of noting concern about the easily hacked machines, David Mann claimed his main concern was with the election official who let the hack test proceed. His "concern" seems to be that this test may have exposed information that shouldn't have gotten out. Apparently, he believes that security through obscurity is the best way to protect the integrity of our elections, rather than actually making sure our voting equipment is safe and accurate.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Jamie, 19 Dec 2005 @ 5:49am

    Security

    While I agree that "security through obscurity" is not a good way to secure your machine/program, it is always going to be the case that having more information about the workings of a machine will help the hacker in breaking into it. So I totally agree with David Mann not wanting the information to get out. Obviously the machines are not very secure and need to be examined for security. But that doesn't mean that everyone should be given the information on the workings of the machine. The machine should be secure even with the information, but the information may also make it easier to break into. So it should be kept secret.

    link to this | view in chronology ]

    • identicon
      Andrew Strasser, 19 Dec 2005 @ 6:06am

      Re: Security

      There is no misplaced concer when considering Democracy under an administration that starts with Repubulic and is run by a man accused himself of being hitler by one of the Fore-most clan member who has reformed ever.

      link to this | view in chronology ]

      • identicon
        Andrew Strasser, 19 Dec 2005 @ 6:13am

        Re: Security

        testing attention please.

        link to this | view in chronology ]

      • identicon
        dan, 19 Dec 2005 @ 6:35am

        Re: Security

        "There is no misplaced concer when considering Democracy under an administration that starts with Repubulic and is run by a man accused himself of being hitler by one of the Fore-most clan member who has reformed ever." What is misplaced is a whole mess of modifiers.

        link to this | view in chronology ]

        • identicon
          The Other Mike, 19 Dec 2005 @ 7:03am

          Re: Security

          What is misplaced is a whole mess of modifiers

          And the location of a political rant that nobody here cares one way or the other about.

          link to this | view in chronology ]

      • identicon
        Gordon, 19 Dec 2005 @ 10:26am

        Re: Security

        Typically, when submitting flame-bait, it is best to have spelling at a level which will allow readers to digest your posting.

        link to this | view in chronology ]

    • identicon
      Jeff, 19 Dec 2005 @ 7:43am

      Re: Security

      Wow, the extent to which some people don't understand the problem is breathtaking. The concern with electronic voting machines is not that that local script kiddie is going to break in and record 10,000,000 votes for Darth Vader, it's that the company that manufactures the machines, or the company responsible for maintaining them, could rig them to modify election results. This is a real and reasonable concern under any circumstances, made moreso by the blatently partisan leanings of the senior executives (not just the fmr ceo) of Diebold.
      Once you understand that, it is clear that exposing ANY opening through which these machines can be tampered with as widely as possible is of paramount importance. So long as we allow riggable machines (unlike the tried and true lever systems - errors, yes, wholesale rigging, no) to be used in our elections we are forsaking the democractic process.

      link to this | view in chronology ]

      • identicon
        Dan, 19 Dec 2005 @ 7:56am

        Re: Security

        I think what people don't understand is that there is an existing model for security evaluations that already covers all the problem areas. Casino gaming machines. Having worked in the industry it's pretty obvious that it *is* possible to build a hack-proof machine. It *is* possible (and desirable) to submit source code for evaluations by state authorities and/or companies that they hire. It *is* possible to put a dot matrix printer in the device that will give the voter a copy of their vote while keeping an audit copy in the machine.

        In the gaming machines I worked on all data was stored to triply redundant, battery backed up SRAM. They operate 24x7. Power failures, intetional resets, resets due to static shock or brownounts have no effect on them. During acceptance testing some states cycle power at random intervals while the game is in an "auto-play" mode. The test runs for several days. If the accounting is off by so much as a penny during that testing, it fails.

        When Diebold and other companies say that it can't be done they are either surprisingly ignorant or else they are lying through their teeth. It can be done, it has been done for well over a decade.

        Americans consider their money at least as important as their elections. Who would play the slots in Vegas if they thought they might be getting cheated electronically? Yet they're almost all computer driven now.

        link to this | view in chronology ]

        • identicon
          Jimmy, 19 Dec 2005 @ 8:03am

          Casino Security

          ... and I will see the code for these slot machines published on the internet when?

          link to this | view in chronology ]

          • identicon
            james, 19 Dec 2005 @ 8:10am

            Re: Casino Security

            Oh crap, accusing Bush of being Hitler is now a valid argument? No wonder the moonbats do it *constantly* No seriously, please give up the whole ballot conspiracy silliness. Read please.

            link to this | view in chronology ]

            • identicon
              James, 19 Dec 2005 @ 9:37am

              Re: Casino Security

              James, you probably know nothing about any of this. Your dumb link to the even dumber movie is reprehensible on a site like this. Asking why is very patriotic and very scientific. For some very real voting box hacks and data on this very serious subject please refer to http://www.blackboxvoting.org/ And another thing, you can leave your right wing apologetic nonesense at the door. It has been shown that the Democrats and Republicans have tampered with elections(but mostly Republicans in 2000, 2002 & 2004). Just doing a quick google came up with so much dirt that this conversation is loud and everywhere as it should be. http://www.apfn.net/messageboard/08-31-05/discussion.cgi.80.html

              link to this | view in chronology ]

          • identicon
            Dan, 19 Dec 2005 @ 11:16am

            Re: Casino Security

            Why would it be published on the internet?

            Putting source code in escrow and submitting copies of it to independent labs for review and testing is sufficient.

            Unless of course some open source worshippers start an "OpenVoting" software and hardware project. Then you can see it on the internet and find and fix bugs in it just like you can do with gcc. (that would be sarcasm at it's finest you're reading there)


            link to this | view in chronology ]

        • identicon
          thecaptain, 19 Dec 2005 @ 8:28am

          Re: Security

          When Diebold and other companies say that it can't be done they are either surprisingly ignorant or else they are lying through their teeth. It can be done, it has been done for well over a decade.

          What I find scary is that most of the people who comment on these rarel ask themselves WHY Diebold (or anyone else) is fighting/lying so hard against all this when we KNOW its possible.

          I cannot find ANY good and reasonable reason...but plenty of nefarious ones.

          Its easy to throw an election and be subtle about it when you control the counts.

          link to this | view in chronology ]

        • identicon
          nunya bidness, 19 Dec 2005 @ 8:52am

          Re: Security

          I saw a show on discovery channel that was about a guy who wrote software code to enable him to cheat the slot by playing coin combinations. The code was part of the validation testing software used on the machine and it modded the machine to enable the cheat, during the testing. An inside job makes a lot of things possible.

          link to this | view in chronology ]

          • identicon
            Dan, 19 Dec 2005 @ 9:27am

            Re: Security

            There have always been attempts to put 'gaffes' into the code. That's why they are reviewed by third parties.

            An inside job cannot cover up a manual recount if the user has a paper copy (on watermarked security paper of course) of their vote.

            that's also sort of comparing apples to oranges - rigging the outcome of one individual's "game" (vote) is not the same as rigging the outcome of everyone's game/vote - which is the danger in a voting machine.

            link to this | view in chronology ]

            • identicon
              nunya bidness, 19 Dec 2005 @ 9:48am

              Re: Security

              I was just talking about slots, this wasn't an attempt it was a success. I think this guy was the third party.

              link to this | view in chronology ]

              • identicon
                Dan, 19 Dec 2005 @ 11:29am

                Re: Security

                There's a big difference between being able to detect fraud and being able to prevent it from occuring. There's also a big difference between rigging the outcome of one vote/game and rigging the entire system.

                I think everyone must accept that fraud will occur. That is the assumption that casinos and lotteries make. So the effort should be on detecting it before it costs anything. I don't think it's a good idea to throw out the whole goal of fraud-proof voting because fraud will be attempted.

                There have been many gaffs put into gaming machines over the years, and many hardware bugs. I know of cases where hardware could be affected by using a cell phone or radio in close proximity to the machine. That was detected and fixed in very short order. In the old mechanical slot days there were people out there so dedicated to ripping off a single machine that they'd sit for hours playing a machine - with a drill bit held in their fingers, slowly making a hole in the side of the machine through which they could insert a wire to try and stop or manipulate the reels to a winning combination. There are even cleaning people who worked at casinos (they traded those jobs for full-time license plate stamping jobs) who discovered they could insert a thin vaccum cleaner extension into a ventilation slot and suck quarters out of the coin buckets. In the first case - who cares if they used some trick to "rig" their own vote? In the other cases the fraud was detected by the accounting system. The paper trail said x coins went in, the actual counts of coins said y coins went in.


                link to this | view in chronology ]

        • identicon
          DoxAvg, 19 Dec 2005 @ 9:34am

          Re: Security

          > It *is* possible to put a dot matrix printer in the device that will give the voter < br>> a copy of their vote while keeping an audit copy in the machine.

          Except that the voter should never be allowed to leave the premises with a copy of his receipt. This is to guard against "rubberhose" vote fixing - if I have nothing that shows which way I voted after leaving, I can tell my extortionist that I voted however he wanted. If it's even an option for me to keep my record, Guido from the Election Subcommitte can assume that no record is the same as voting wrong.

          link to this | view in chronology ]

          • identicon
            Dan, 19 Dec 2005 @ 11:39am

            Re: Security

            Even if the voter "shouldn't" leave (that seems like it should be up to the voter) - take the printed ticket and put it in a traditional ballot box in case someone challenges the electronic tally.

            Just like a lottery ticket, the paper bears a watermark that proves which roll of paper it came from. In lottery terminals each roll of paper has a unique id embedded in it. When someone claims a high tier win, the lottery confirms that the tranaction id printed on the ticket matches the one that was sent by the host computer. They then confirm that the identification embedded in the ticket paper itself matches the one that was installed in that machine.

            Even if someone had the technology to fake the watermark, it would require at least a three pronged attack in order to rig an election. They'd have to gain physical access to the device, they'd have to figure out how to fake out the communication protocol so that the host and they'd have to fake the ticket - as well as fudge the records of which roll of paper was installed.

            If they're that good that they could round up all thoe specialists required, keep them quiet and get away with it without anyone discovering it - then they deserve to win the election just based on organizational skills.


            link to this | view in chronology ]

            • identicon
              Dan, 19 Dec 2005 @ 11:54am

              Re: Security

              Hmmm. What about intentionally faking votes?

              That is - what each machine generated a number of fake votes that could be traced back to the machine that generated them.

              The central system then filters out the fake votes as they come in.

              If someone hacks the voting machines - they'll be as likely to alter the fake votes as the real ones - and that would be detected.

              link to this | view in chronology ]

    • identicon
      eric, 19 Dec 2005 @ 7:48am

      Re: Security

      Since when has this worked with microsoft?
      See the bit about Claude Shannon's information theory at http://en.wikipedia.org/wiki/Information_theory

      link to this | view in chronology ]

    • icon
      Bubba Nicholson (profile), 19 Dec 2005 @ 8:18am

      Re: Security

      Black boxes fail as ballot boxes, always. The ballot box must ever be transparent. This is obvious enough even for the obtuse David Manns and Jamies of this world. If Florida election officials were less concerned about getting the son of a JFK assassin elected US Senator and more worried about the danger of robbing their fellow Americans of their free voice, perhaps transparency might be more in evidence in Florida’s various election deception devices.

      link to this | view in chronology ]

  • identicon
    Jimmy, 19 Dec 2005 @ 8:00am

    Misplaced Attention

    Of all the types of security involved in the voting process the most important is quite likely physical security. The number of things that have to "wrong" to make this hack test a reality are staggering. Where are the election judges (not to mention the police officers) while the anarchist is playing with the machine(s)? What machine could be invented that would be tamper proof? None.

    Finally, the concern here expressed is also misplaced in that in any major election thousands of these machines are used. So one would have to modify perhaps dozens of machines to make any real difference or the vote counts in a precinct would outnumber the voters who live in the area.

    If you want a real case study in vote fraud come to Chicago. We offer PhD's on the subject.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Dec 2005 @ 8:02am

    No Subject Given

    I think it much more likely that the FL Secretary of State was expressing concern that this investigation might lead to the exposure of past electoral wrongdoing in which he was complicit?

    link to this | view in chronology ]

  • identicon
    Sefu, 19 Dec 2005 @ 10:42am

    Voting Fraud

    So what a test like this demonstrates is that there is the possibility for there to be voter fraud in area's that use these machines. Interesting that Florida is a focus for use of these machines and that is where most of the complaints were that voter fraud occured.

    link to this | view in chronology ]

  • identicon
    Jamie, 19 Dec 2005 @ 11:26am

    Security

    I never said that the machines shouldn't be reviewed. I said "it is always going to be the case that having more information about the workings of a machine will help the hacker in breaking into it." The first thing that any hacker does when he wants to break into a particular machine or system, is find out all the information he can about how it works. There are many details about how the system works that do not need to be public knowledge. This is not to say that the information shouldn't be available to trusted parties. But before that information is given out, some type of verification process should be done on the person who will be recieving that information.
    The Diebold machines have some serious problems! One of which is that the makers do not want to allow others(the trusted parties refered to above) to look at the source code of the machines. But that doesn't mean that they should publish that info on the net. The info/source code needs to remain protected and confidential.
    Someone above mentioned the casino machines as examples of hackproof machines. Well, that isn't really true. They have been hacked/broken in the past. A large part of the security of the casino machines is that the info on how they work is not published. It is kept secret and only looked at by trusted parties. In the case of the casino machines, though the info isn't published, the state officials and experts are allowed to review the code and machinery. That should be the model to follow in the case of the Diebold machines.

    link to this | view in chronology ]

    • identicon
      Dan, 19 Dec 2005 @ 11:52am

      Re: Security

      Actually the gaming machine info is fairly widely distributed. For example, player tracking systems. Those are card readers that allow individual users to insert their id card and let the house track their playing, which in turn is used to award "comps" - free hats, free rooms at the casino, free meals, whatever keeps the players coming back to their property. Those tracking devices are made by third parties. They are "add on" hardware that connect to the machines and monitor the coin in/coin out.

      Same thing with communication protocols. Those protocols are well documented because no casino wants to be held hostage to a single game supplier. Any machines they buy must be able to talk to their accounting system, regardless of manufacturer. Each manufacturer gets a protocol manual from whoever supplies the central control system and their implementation has to conform to that.

      So at least those two aspects are well known - the documentation may only be released under NDA but there are hundreds if not thousands of engineers who have access to that documentation.

      Actually - I that might be a better approach. Instead of a single vendor making the machines and control system, why not have third parties manufacture the machines - that way they have a financial/business incentive to make sure they're hack-proof. If you can buy the machines from five companies but one of them is known to have been hacked, they'll find them harder to sell.

      link to this | view in chronology ]

    • identicon
      matcat, 20 Dec 2005 @ 11:02am

      Re: Security

      Well, Diebold also has shown that they are incapable of protecting their source, as (if you read the history of BBV.org) much of their internal data was available on a publicly accessible site.

      Additionally, the point of the exploit is that it could be pre-programmed before the voting site is ever set by company insiders, and be undetectable.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.