nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Default admin password, weak Wi-Fi, open USB ports ... no wonder these electronic voting boxes are now BANNED

Silver badge

What an odd country, this USA.

Imagine, voting machines that're open to everybody to tamper with, but gaming video cards and their drivers are locked down tighter than Fort Knox.

http://m.theregister.co.uk/2015/04/15/nvidia_gtx_900_linux_driver_roadbloack/

Apparently, if it won't make a buck, who gives a fuck about security?

31
0

Re: What an odd country, this USA.

Hey, it got McAuliffe elected didn't it? Time to close the barn door.

Many of us were wondering how that carpetbagger won. Now we know.

0
0
Anonymous Coward

Bottom line

The public ends up out of pocket, but the wankers that built this crap walk away with theirs stuffed full of cash.

17
0

Re: Bottom line

It's not the vendor's fault so much as the totally careless, incompetent IT people--and the tightwad public officials who refused to modernize the systems. Pathetic. When the systems were still within their normal useful life, they were probably acceptable. But not maintained and updated. What a joke.

1
14
Anonymous Coward

Re: Bottom line

"It's not the vendor's fault

From the evidence, it is likely not to be due simply to negligence. The blackboxvoting.org site has a pretty good repository dating back to 2004 of communications and test results that clearly brings vendors' actions into question.

12
0
Bronze badge

Re: Bottom line

Open USB ports and default admin passwords were never acceptable. WEP encryption, I might be generous and give you that one.

8
0

Re: Bottom line

"... walk away with theirs stuffed full of cash"

and votes for sale.

3
0
Anonymous Coward

Re: Bottom line

No, they were NEVER secure, never verifiable, and always tamperable. Add in that the personnel working the elections are largely a mix of retirees, some of whom only use a computer this semi-annual time, and high school students who are press-ganged as a requirement to their civics class, and it is a recipe for fiddling the results without anyone the wiser. The company that makes the computer equipment in my state is a well-known right-wing supporter, and even with changing demographics in the county, solidly rightist it has remained.

5
1

Re: WEP encryption, I might be generous and give you that one.

Nope, not even that one. Systems were only in use for 10 years. WEP was proven unfixably broken before that. Even if Comcast and Verizon are still using it as the default configuration when they sell a punter a connection.

0
0
Silver badge
Unhappy

"...lack basic security measures against physical and electronic incursions."

That's a feature, not a bug.

Really, the name WINvote says it all.

19
1
Silver badge

It may very well be a feature as ballot box stuffing is a time-honored tradition in many places in the States. Some have a large graveyard vote. Others, votes get changed. Votes get bought. In many ways, the computer age makes it easier.

13
0
Silver badge

Re: "...lack basic security measures against physical and electronic incursions."

It takes hard work and dedication to make something that is functionally so simple so shite. The enemy of security is complexity, and yet is packed with unnecessary features. Why does it need a full-fat operating system, wifi and USB anyway.

5
0
Silver badge
Meh

Re: "...lack basic security measures against physical and electronic incursions."

Why does it need a full-fat operating system.....

Windows XP Embedded 2002

Hardly full fat.

0
1
Silver badge

Re: "...lack basic security measures against physical and electronic incursions."

The VITA report says that they could get a remote desktop using RDP, also access the devices via default network shares, and that they use Microsoft Access for storing polling data. That sounds like a lot more than just enough operating system.

5
0
Anonymous Coward

WINvote

Most commercial Linux distributions from that time have had far more holes than XP embedded...The issue isn't the choice of OS.

0
5
FAIL

First Line Says:

'Authorities in Virginia have moved to decommission a long-serving electronic voting system after discovering gaping security holes.'

If I read the article correctly they didn't 'discover' them, they just didn't observe basic security.

Government and IT? We'd be better off with parchment and scribes.

12
0
Linux

Re: First Line Says:

It's actually outsourcing and IT. Because it's the way management can take no responsibility and wash their hands of crappy systems because they have no clue of what they're doing.

7
2

Re: First Line Says:

That's just what the election scammers want you to think. Which is better: A well designed and maintained electronic system, or "parchment and scribes?" So, get the electronic systems thrown out and go back to manual systems even more easily corrupted and untrackable.

2
16
Yag

Re: First Line Says:

Manual systems? corrupted and untrackable?

As a regular citizen, I can get up early on election day and go to the voting station, check the urn before anyone vote (it's made of glass for this purpose), count the votes, stay for the ballot count and watch the process (I often even helps with it), then check the consistency of the obtained numbers with the official number reported on the web a few hours later for this station.

As any concerned joe can do the same for any voting station, I can not figure out where the "untrackable" part is.

A closed source blackbox electronic voting station, on the other hand...

7
0
Silver badge
Facepalm

Any interesting voting trend changes since the machines were put into use? What kind of changes? Oh I don't know, near unanimous votes to triple the salary of the county IT guy every few years maybe.

5
1
Silver badge

What's amazing is not that there are security holes. What is amazing is that it took this long to catch.

Why was this system even implemented in the first place? I can understand (though not approve of) a system that becomes less secure due to bugs that are later identified but don't get patched because that would be something that was secure (so far as that element goes) when initially deployed.

These systems were never secure.

The state should ask for compensation from this company. If they don't then that must mean that they (the state) did not make it mandatory that the systems adhere to even basic security guidelines.

Which really wouldn't be all that surprising, I suppose.

13
1
Silver badge
Childcatcher

Who's to Blame?

The state should ask for compensation from this company. If they don't then that must mean that they (the state) did not make it mandatory that the systems adhere to even basic security guidelines.

And a direct corollary: voters should demand accountability for this. by voting. At the ballot box... oh. Well, at least by writing lots of letters to politicians and press. And since I happen to live in the Commonwealth, that means I need to send some of those out myself.

To expand a bit on dan1980's points, even assuming that the state required the company supplying the ballot boxes to comply to security best practices, they did not bother to check that the requirement had been met. Either way, our government shares at least some of the blame for this and is ultimately responsible for the situation.

3
0

Re: Who's to Blame?

The fault is in ourselves: The requirements for a "public procurement" with bid specifications, low price providers, low bidders and all that crap almost guarantee a complete joke of a system. A horse designed by committee. Some vendor companies exist only because they are "good 'ole boys" with procurement people.

0
2
Silver badge

"What's amazing is not that there are security holes. What is amazing is that it took this long to catch."

Even more amazing to me is that we don't see as many stories about fraudulent voting/counting as we do about faulty/poor/crappy voting machine. When did we last see a story on El Reg reporting on hackers breaking into a voting machine or system and changing the outcome? That sounds like just the sort of challenge your average script kiddie would do "for the lulz".

1
0

Re: Why was this system even implemented in the first place?

Al Gore and the hanging chads fiasco.

Following that the US government came as close to forcing every state to use electronic voting machines as it could. For my money, ballots with the two black markers where you have to scribble the thick black line and then run them through an optical scanner are the optimal combination of speed and tracking possible. Completely handwritten ballots would be more secure, but kill processing time.

0
0

Drat!

Back to rigging elections the old-fashioned way, I guess.

9
0
Silver badge

The position of the constitutional court of Germany is worthy of note

Essentially they say that even _if_ those machines would be "secure", they still couldn't be used as it's not about them being secure, but about the layperson being able to check for election fraud by themselves.

A simple pen an paper system may be easy to compromise, however it's trivial to check. You look into the ballot box before they seal it, it needs to be empty. You count how many people came to vote and how many ballots are in the box when they open it again. Then you make sure those ballots are properly counted and nobody adds or removes any ballots. Since the ballots will be stored in a sealed box afterwards, you can always recount them.

Any sort of system that involves mechanics, electronics or mathematics is much harder to understand. A voting system has to even work in the "paranoid" situation where everybody is against you. You cannot ask a mathematician to proof it's correctness to you, you cannot ask a team of forensic engineers to disassemble and check your voting computer.

18
1

Re: The position of the constitutional court of Germany is worthy of note

The problem is, with millions or tens of millions of people voting, hand jobs are just not practical. If credit card companies, banks, the IRS and SSA can have secure systems, voting should be able to be automated. Only corrupt, paranoid, or stupid people would disagree.

0
19
Silver badge

Re: The position of the constitutional court of Germany is worthy of note

That's the way it used to be.. three election officials: 1 "neutral" and 1 from each party plus county/state employees. It was rife with fraud. The average person couldn't check for fraud by themselves as the counts were done usually in a back room.

The current method involves checking the counters before the voting starts. Checking the counters periodically during the day to make sure the total votes equal the number of voters through the door, and then again after the polls close.

Is it a good system? I'm not sure any system is "good". Other manufacturers of voting systems have lost their shirts when the equipment was tossed out. Diebold comes to mind. They may be still in it but they have had a ton of problems. Equipment not being secure, reboot buttons open to abuse, multiple votes being able to be cast by one voter.

But, still using XP boxes, pporly managed devices and methods are just plain stupid.

3
0

Re: The position of the constitutional court of Germany is worthy of note

Ah, the old if you don't agree with me you must be in this really bad group tactic.

People have opinions that may differ from yours, that doesn't necessarily make them corrupt, paranoid or stupid.

8
1
Silver badge

Re: The position of the constitutional court of Germany is worthy of note

"The problem is, with millions or tens of millions of people voting, hand jobs are just not practical."

Uhm.... Germany has roughly as many voters as the US. I never had to wait for more than 10 minutes to vote, the voting booth close at 18:00, and the official results are announced before 20:00. Typically enough polling places have been counted by 18:30 to give a really good prediction.

Financial institutions represent a completely different problem than voting. With voting you need privacy particularly against the people running the election. With financial institutions you don't have that. Within the organisation there are lots of audit logs. Therefore you cannot move money from one account to another one without there being a "paper" trail. That wouldn't be acceptable with voting. If you don't understand why, look at how elections in the GDR worked.

11
1
Silver badge
Black Helicopters

Re: The position of the constitutional court of Germany is worthy of note

Check for fraud ? ROFL!

Ok, a mayor in my area got caught for fraud, but she still won the election as she had <150 more votes than the other (after over 300 fraudulent votes had been subtracted). Note that in France you have just a couple of days to go through all registered votes - the opposition found numerous votes that had been made which sported the same signature, however, that was not enough.

http://www.lexpress.fr/actualite/politique/elections/municipales-a-aix-en-provence-la-methode-joissains_1294303.html (excuse my French)

You can cheat in France and get away with it.

[Sound of choppers]Shit, needa go. where's the anonymous checkbox ? too late ...

1
0
Bronze badge

Re: The position of the constitutional court of Germany is worthy of note

You don't have millions of people at an individual voting district, you have maybe 5000 people.

2
0
Anonymous Coward

Re: The position of the constitutional court of Germany is worthy of note

Note that in France you have just a couple of days to go through all registered votes - the opposition found numerous votes that had been made which sported the same signature, however, that was not enough.

From the link you provided the election was declared void once, due to allegedly false allegations made by one party, re-run, challenged on the basis of a few hundred falsified proxy votes, and finally (after two years!) the courts announced a close-run decision. That's hardly a "couple of days". Now the winner is being accused of nepotism. No wonder there's an increasing attitude of "don't vote, it just encourages them".

It all looks like standard political mudslinging, with some ballot-box stuffing thrown in for good measure, finally resolved by the legal system. Not really related to pros and cons of electronic voting, though.

3
0
Bronze badge

Re: The position of the constitutional court of Germany is worthy of note

"Uhm.... Germany has roughly as many voters as the US."

Really?

Awesome. I'll give you a dollar for each German vote at the last election, and then you can give me a dollar for each American vote at the last election.

Last I checked Germany had a total population of about 86 million. Let's call it 90 million, and pretend everyone is of voting age :)

USA has a voting age population of roughly 230 million, of which about 129 million voted in the 2012 election.

Germany (and the Netherlands where I live) also has a much more detailed record of who lives where, and thus their voting eligibility, and everyone has an ID card. These things might make it a tad easier to run things like fair elections.

3
0
Silver badge

Re: The position of the constitutional court of Germany is worthy of note

"voting should be able to be automated. Only corrupt, paranoid, or stupid people would disagree"

Perhaps you could explain this to the large number of corrupt, paranoid, and stupid experts who have studied voting systems in great detail and pretty well universally agree that due to a number of problems a reliable, secure electronic voting system cannot at the moment be made.

5
1
Yag

Re : You don't have millions of people at an individual voting district, you have maybe 5000 people.

In France, each of those district is divided in several voting stations. The local station only have 500 registered voters, and you can expect half of them turning in on the good days.

250 votes takes roughly 1h to process for a 4 people team.

3
0

Re: The position of the constitutional court of Germany is worthy of note

"explain this to the large number of corrupt, paranoid, and stupid experts who have studied voting systems" Please prove this.

0
3

Re: The current method involves checking

In theory the current system works that way.

Having served as a poll observer in a couple of elections, I can assure you theory has about as much familiarity with reality as a whorehouse has with chastity. Most polling places can't even get enough polling judges to staff voting places properly. You almost never find a poll observer from both major political parties let alone the other ones. At the location where I served, the polling judge put in a 20 hour day because he had to start at 5:00 in the morning picking up the voting machines and getting them set up for the 7:00 opening. Polling ended at 7:00 pm After he disassembled all the equipment and made his in place checks, he then had to deliver the equipment to the tabulation office, then he had to stay until they finished tabulating the votes. Nominally he gets a break for lunch and dinner, but there was no alternate there so he ate while in the polling location.

If I lived somewhere competitive instead of the People's Republic of MD where it doesn't really matter, I'd be appalled. And that's before you get to the lax voter ID/registration laws.

0
0

Re: That wouldn't be acceptable with voting.

Actually, the audit trails in elections are every bit as critical as they are in the financial industry. The catch is, you have to anonymize the actual vote count. For each ballot cast there needs to be a signed receipt in the ballot box, and a signature in the official rolls. The ballot IDs in the attached bag need to match the ballot ID for the machine.* And there has to be a signed audit trail for moving the equipment from the voting authority to the polling place and back.

*Or at least there did when we used optical ballots before the new fraud boxes were deployed. Now you get a smart card that gets repurposed after you vote and ALL of the records are just 1s and 0s in the memory of the ballot box. Oh and yes, the last time I was in the ballot box I heard someone at another booth complaining the booth was changing her votes. I wasn't even a registered poll watcher, so I didn't interfere.

0
0

Re: The position of the constitutional court of Germany is worthy of note

In theory in the US it is supposed to be 2000 people per polling district. In practice it varies greatly and the granularity causes as many problems as it solves.

There is some sense in which a national holiday would be logical. It would at least remove the obstacle of having to take a day off from work to assist at the polls. Not that I think all that many people would show up mind you. That's why it is a very, very limited sense.

0
0

Re: The position of the constitutional court of Germany is worthy of note

An ID card?

POLL TAX!! POLL TAX!!

You're prejudiced against BLACK people.

You just don't want poor people being represented!

And What do you have against Undocumented Workers anyway!

You hood wearing KKK troll.

Sorry, I have no basis on which to accuse you of any of those things, but if you suggest that here in the States, what I wrote is mild compared to the hate mail you'll get.

1
0

"As the name would suggest, the WINVote systems were based on Microsoft's OS"

I thought it was named for its ability to win the vote for whichever party gave the supplier the most "campaign contributions" at election time.

"A horse designed by committee."

Actually the camel is supremely well designed for the environment it operates in.

1
0
Silver badge

Only a win for the public if they don't make the same mistake again

I have a feeling they'll approve some new electronic voting machine that will be similarly insecure, after the vendor has funneled millions into the state congress/governor's campaign coffers. No different than a company getting their speed cameras in, or getting their books in schools, it is all about bribing the right public officials.

While voting machines you control the outcome of sound like a better idea at first glance, you risk life in prison if you're caught. Legalized bribes in the form of campaign contributions not only don't risk jail, but you get invited to a lot of parties and the result is the same either way.

3
0

This post has been deleted by its author

Ah and there is the ultimate question...

I'll tell you why those units used Wi-Fi ...

Because when they were devised "Wi-Fi" was a new, cool, exciting technology and had to be on everything - in much the same way today, everything, no matter how pointless is being done on a tablet everywhere, even though it's often ridiculously expensive, or functionality draining... it's the "in thing".

...which is the very reason my old boss tried to force me - back when 11 meg was the best you got, to fit wireless cards to all the sales team's desktops, then install a buffalo airstation. All despite them all already having cabled network connections in place and working.

There wasn't a single good reason - we didn't need desktops to be "portable", we didn't need the near 10x reduction in raw speed (ignoring the other limitations of multiple devices on one AP), we didn't need to spend all that money which at the time was a fair bit, but it had to be done because the boss had heard that Wi-Fi was the latest and greatest thing.

6
0
Anonymous Coward

Does it really matter who wins?

Be it Jack Johnson or John Jackson? They are all the same, they disagree on policy but do the same when they get elected anyway and never reverse anything they criticised when not in office.

Paper voting isn't really secure from what I can see, you have a room full of many people counting votes who don't know what each other have submitted so technically you could just change it at the end when tallying up and nobody would be any the wiser.

I'm enjoying the election in the UK at the moment just for the sheer level of bullshit being spewed and propaganda.

Long live democracy if it ever existed...

4
0

marketting

They picked a clever name if their aim was to sell the machines to corrupt policiticains

"buy, winvote"

2
0
TRT
Silver badge

I'm glad they came straight out and said it.

No point beating about the Bush.

1
0

That design is a travesty

As an electronics engineer, I wouldn't design it anything like that. Chiefly, I would not allow any communications (wifi, LAN, internet, bluetooth) with the box while voting is going on. Each box is preloaded with the registration list - a list of social security numbers pertinent to the locale - and a vote consists of

a) self identification via SS number

b) the vote itself

When voting is complete, voting data is extracted via a USB port using encrypted protocols.

That's not 100% tamper-proof, but it's pretty good.

There is no need for a complex OS. The functions described can all be done with an extremely primitive microprocessor and some flash memory.

And on a political note, dissatisfaction with all of the candidates should be available for a vote via a choice labelled "None of the above". This carries more punch than simply not voting. It means you took the trouble to point out that all the candidates are shite.

3
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing