Tempting Fate: Pittsburgh Election Officials Insist Their E-Voting Machines Can't Be Hacked
from the fire-everyone dept
Let's face facts: if you have an electronic voting machine it can be hacked. Anyone who claims any piece of technology or computer equipment is "unhackable" is a fool and should not be in a position to determine the security of such equipment. Electronic voting machines have a very long tradition of having absolutely horrible security and being easily hacked. It's why it's so important that people understand just how vulnerable these things are, not just because they can be hacked, but the poor security practices around them will lead many people to distrust the results of any election, even if all the votes were actually counted.You know what doesn't help? Having election officials declare their e-voting machines unhackable. And yet that's exactly what officials in Pennsylvania's Allegheny County (think: Pittsburgh) have done.
Starting in the next few weeks and running past Election Day, the machines will undergo tests to ensure they are recording votes properly, that they have not been hacked and that they cannot be tampered with, said Mark Wolosik, longtime manager of the Allegheny County Elections Division. Each test is designed to check a potential breach in the system.That doesn't make me feel more confident. It makes me question the competence of those officials. Any such hardware can be hacked. Saying it can't means that you're just not understanding the threats you face, and that's more problematic. There are things that people can do to minimize the risks, and hopefully that's what's happening here, but giving a flat out "there is no way" statement is ridiculous on its face and is almost screaming out to have that statement mocked when the equipment is actually hacked.
“The voting public can feel confident,” Wolosik said. “Everything is tested extensively before the election, after election and on Election Day.”
Election officials in Allegheny and Westmoreland counties said they are confident their electronic voting systems are immune from hackers or malware that could alter election results.
“In my experience, there is no way to compromise these election systems,” said Dave Ridilla, head of Westmoreland County's computer information department.
The machines being used do not appear to have open source software that people can examine, and they don't have a paper backup, so if votes are tampered with there's really no clear way to know for sure. That's especially problematic. Yes, people may have done a good job securing the machines, but saying they can't be hacked is not just wrong, but it calls into question the competence of the people securing the machines.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: allegheny county, e-voting, electronic voting, pittsburgh, security
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
How do we know
How do we know that the ones doing the testing aren't the very ones we need to protect against?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Maybe the Russian Hackers Will See This As A Challenge
[ link to this | view in chronology ]
Absolutely Confident!
[ link to this | view in chronology ]
Re: Absolutely Confident!
Even in the face of actual hacking, you can be assured the results we produce will be the desired result.
[ link to this | view in chronology ]
Re: Absolutely Confident!
It is true that the Big Mac was "created" by an owner-operator of the McDonalds franchise for Pittsburgh, PA and gets a royalty from EVERY Big Mac sold.
https://en.wikipedia.org/wiki/Big_Mac
[ link to this | view in chronology ]
Experience Matters
The key to this is the first 3 words. It's like a sewer worker commenting on string theory (the physics kind, not the plumbing kind).
[ link to this | view in chronology ]
!00% confidence in their never being hacked
It feels like they are more worried about becoming another 2000 Florida than hackers from another country choosing a president illegally. Which I would not be surprised is how they really are thinking about this now that I think about it.
Personally i'm more worried about voter intimidation as a serious and immediate widespread threat to the election. Will hacking happen? I am confident it will. But those hopefully will be limited in scope and result in special elections to verify results.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Prove it
[ link to this | view in chronology ]
Re: Prove it
It has already been done. Search other YouTubes for Stephen Spoonamore and others.
[ link to this | view in chronology ]
Election Results Just In
[ link to this | view in chronology ]
.... and a million voices cry out ....
-- Every Black-Hat in the World
[ link to this | view in chronology ]
Re: .... and a million voices cry out ....
[ link to this | view in chronology ]
Re: .... and a million voices cry out ....
[ link to this | view in chronology ]
Then they went to the mall for dinner and torrented Big Bang Theory by VPN'ing the Apple Store's free wifi from the froyo joint next door. 133t!
[ link to this | view in chronology ]
said Mark Wolosik, the Donald Trump of the tech world.
[ link to this | view in chronology ]
Post election headline
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Call of the hackers
[ link to this | view in chronology ]
Probably more about expectation management than anything else.
This is probably part of the same propaganda campaign. They intend to commit a fraud, so they are planning ahead to debunk anyone who brings attention to that fraud.
Good long term planning really.
[ link to this | view in chronology ]
Tempting Fate
[ link to this | view in chronology ]
[ link to this | view in chronology ]
"If I don't see it, it never happened."
If it's impossible to tell whether or not the votes have been tampered with, it's also impossible to tell whether or not the machine has been hacked, because there won't be any evidence of a hack.
As such you could say they're technically true, in that it's impossible(or extremely unlikely) to have any evidence of hacking, and without evidence clearly it never happened.
[ link to this | view in chronology ]
More secure elsewhere
[ link to this | view in chronology ]
Who is running their election board?
[ link to this | view in chronology ]
The fun starts
[ link to this | view in chronology ]
It's all in the planning....
Step 2 - Hack easily hackable election machines and have stooge elected (whoever paid the most)
Step 3 - Steal election...
Step 4 - Profit...
[ link to this | view in chronology ]
I can't speak for Penn. or other states...
Remember, these machines are plugged into the power socket on the wall and that is it. They are not networked to anything and have no wifi capabilities.
The only way to hack them is to mess with them physically. The dude that did that "scary" study apparently just got a machine and messed with it in his living room. Which means he has no idea what type of counter measures are used to detect hardware tampering.
Also, WHEN would you do this?!
Does he think these just chill unsecured in an unlocked room or something???
The only time you'd have access to the machines (if you weren't a poll worker and, to be clear, no worker is ever left unattended with anything) would be on election day (and at least one "expert" thinks you could tamper with them on election day).
Bull-fucking-shit.
Again, I don't know about elsewhere but here? Here the e-voting machines sit out in the open, in the middle of a room filled with 4-8 poll workers (at least one of whom will have the sole task of chilling around the machines until we switch jobs) and god knows how many voters. Plus state and county observers popping up randomly throughout the day.
Good luck doing anything out of the ordinary without getting caught.
[ link to this | view in chronology ]
Re: I can't speak for Penn. or other states...
[ link to this | view in chronology ]
Re: I can't speak for Penn. or other states...
Exactly how many expert hacking methods did you review? How did you vet the "expertise" of those doing the demos? What credentials and professional accreditations do you hold that certify your competence to judge?
Lets reflect on the EASIEST hack - design the machines pre-hacked. VW did exactly this with their emissions controls, i.e., work one way most of the time, but under special circumstances work entirely another way. Nobody has to "break in" to make the machines cheat, since the machines already know how and when to do so. All we have to do to get away with that approach is restrict reviews of the software.
I would be very suspicious of Mark Wolosik and Dave Ridilla - ignorant boobs, paid stooges, or evil hackers are the only categories into which I can see them fitting. Same holds for you, altho' I find the latter categories most unlikely in your case.
[ link to this | view in chronology ]
Re: I can't speak for Penn. or other states...
All it would take is an accomplice that distracts everyone long enough for you to plug in a thumb drive that can execute code automatically. Sure you need to research the target a bit first but that can be arranged before election day.
There is always some port somewhere that a developer left so that they could reprogram/update the system.
[ link to this | view in chronology ]
And it runs on DOS!
Both MSDOS and W* are so hackable as to not having any protection at all. Paper trail audits could at least warn about a problem, or attempt to back out the hack.
But, you would have to acknowledge that it is a possibility first. That isn't going to happen.
[ link to this | view in chronology ]
I think it's much cheaper then these COMPUTERS which is what they are that sit around most of the time and rot away and become outdated in no time anyway. It's way to costly and not Reliable and that's before even getting to hacking.
I'm not sure why anyone would still want a eVoting machine at this point. It makes zero sense unless you have plans for fraud with them.
[ link to this | view in chronology ]
Say make president obama the winner.
[ link to this | view in chronology ]
Saying that it, or anything for that matter, is unhackable is just throwing out a challenge and many people will try and do it and most likely they will succeed.
[ link to this | view in chronology ]
Haven't seen this linked yet
Very simply put why this is a bad idea - (Yes it is the Tom Scott/Computerphile one)
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What are they going to say?
"Hey, we know we spent millions of your tax dollars on new voting machines not that long ago, but it turns out they're completely insecure and frankly, there's no point in you even voting because some guy in Russia or some rando wearing a Guy Fawkes mask is going to make sure their candidate wins."
If you're an election official, the last thing you want to convey is anything but confidence in the election, the voting machines or the system as a whole. Once people stop trusting the validity of the elections, your democracy (and cushy government job) comes crumbling down on your head.
[ link to this | view in chronology ]
Needs an update, North Korea just cracked the machines and made them so that no matter which candidates are named on the forms, it'll be Kim Jong-un who gets elected.
[ link to this | view in chronology ]