Hacking voting machines: Easier than ever imagined
/Millions of Americans are already waiting for hours outside of polling places to vote for the next president of the United States. All of that might not matter though, as some security pros say the entire election can be rigged all too easily.
In one example, it wouldn’t take much more than ten dollars’ worth of parts from any RadioShack store to steal and manipulate votes. It’s called a man-in-the-middle attack and the computer program that logs the results on electronic voting machines isn’t even compromised.
“It’s a classic attack on security devices,” Roger Johnston tells Popular Science. “You implant a microprocessor or some other electronic device into the voting machine, and that lets you control the voting and turn cheating on and off. We’re basically interfering with transmitting the voter’s intent.”
According to the magazine, anyone from a high-school student to an octogenarian could corrupt the voting process. Johnston is the head of the Vulnerability Assessment Team at Argonne National Laboratory and has done it himself, even on camera. It wouldn’t be hard for others, he says, and some fear that that could easily be the case on Election Day. And with many prediction polls estimating a close contest between President Barack Obama and Republican Party challenger Mitt Romney this year, it wouldn’t take much to render the entire contest corrupted.
On the website for Argonne, Johnston says Americans believe too often that election officials assume — incorrectly — that it takes a computer genius capable of a nation-state cyberassault or a frazzled, Hollywood-designed hacker to turn an electronic voting machine on its head. And while that route is once that can be taken too, it isn’t the only way to ruin an election.
Insider threats from election officials or anyone with access to a voting machine could easily alter contests, and monitors aren’t necessarily on the look-out for that kind of unauthorized access.
“And a lot of our election judges are little old ladies who are retired, and God bless them, they’re what makes the elections work, but they’re not necessarily a fabulous workforce for detecting subtle security attacks,” Johnston tells Popular Science. In the example of hijacking the computer transmission with a few bucks’ worth of electronics, it wouldn’t require much more than walking into a polling place and entering a booth with the right knowhow and intent, and most machines can be access without even requiring a two-dollar lockpick and a tiny tension bar. “No one signs for the machines when they show up. No one’s responsible for watching them. Seals on them aren’t much different from the anti-tamper packaging found on food and over-the-counter pharmaceuticals. Think about tampering with a food or drug product: You think that’s challenging?” he asks.
Johnston has recorded himself demonstrating how a logic analyzer, an Allen wrench and a screwdriver is all it takes to change votes to register for one candidate instead of another by using a man-in-the-middle attack. Although it hasn’t been verified yet, a video posted to YouTube early on November 6 from an account registered to “Centralpavote” shows what is reported to be a similar machine showing signs typical of exactly that kind of abuse —not in a test setting, though, but only hours before the polls close for real [VIDEO].
UPDATE: The machine in question was removed from the polling center in Pennsylvania where it was initially installed for use on Tuesday, NBC News confirms, after the video was recorded and uploaded to the Web.
This Election Day, the touchscreen Diebold Accuvote-TSX will be used by more than 26 million voters in 20 states, while the push-button Sequoia AVC machine will be deployed to four states for use by almost 9 million voters. Johnston says purchasing a $10 logic analyzer from RadioShack is easily enough to snoop and see who any voter intends on electing, and from there those digital transmissions can be hijacked and told to mean something else. For experts, though, there are even other ways to wreak havoc on the polls.
Johnston says the machines don’t transmit data with encryption, so anyone with a basic understanding of digital communications can figure out how a user votes if they’ve accessed the machine with one of those logic analyzers. Sequoia — the company responsible for making a good share of America’s electronic voting machines — do encrypt the results of each vote, though. Well, kind of.
Andrew W. Appel of Princeton, NY bought a few used AVC Advantage voting machine made by Sequoia off an online auction site for only $82 just a couple of years ago. Once they arrived, he accessed the machine’s innards and says it was easy to start to see how things worked.
“I was surprised at how simple it was for me to access the ROM memory chips containing the firmware that controls the vote-counting,” Appel writes on his personal website. Despite claims from Sequoia that the machine wasn’t easily hackable, Appel says, “The AVC Advantage can be easily manipulated to throw an election because the chips which control the vote-counting are not soldered on to the circuit board of the DRE. This means the vote-counting firmware can be removed and replace with fraudulent firmware.”
In another study carried out at The University of Iowa in 2003, Douglas W Jones from the school’s Department of Computer Science found that any voting machine purchased second-hand — like even those Diebold machines deployed across a good chunk of America — can also be hacked with ease.
“It appeared that the security keys for the encryption used by the I-mark software were hard-coded into the voting application,” he found when examining a Diebold Accuvote TS. “As things stood, their system relied on security through obscurity, so they must take measures to assure that their code remains obscure and that no copy of their code ever leaks out into public. I told them that the moment one of their machines goes to the landfill or is otherwise disposed of, someone might extract their encryption key and all of their security claims would become meaningless.”
According to Jones, even claims made by voting machine companies that their devices are secure are just that — mere accusations hard for the layperson to verify without first learning a few things about electronics, encryption or just how to disassemble the front panel from an electronic voting machine. Viruses can also be sent to machines, malwares can corrupt code and nothing sure by pristine, 100 percent out-of-the-box sterility can assure voters that they aren’t casting ballots on a tampered machine.
“We've all used ATMs, and most everyone (except my quasi-Luddite self) has something such as an iPod. Now, have you ever, anytime, anywhere, had one of these electronic devices switch data input on you?” asks Selwyn Duke of American Thinking in a recent article. “So how is it that in our high-tech universe of flawlessly functioning electronic gadgets, voting machines are the only ones prone to human-like ‘error’? If there's an explanation other than human meddling, again, I'd truly like to hear it.”
Given the post-election discussion on fraud, intimidation, chads and corrupted computerized tally machines that have come with seemingly every political contest in recent years, explanations — valid or not — are expected to be rampant following this week’s vote. If history is any indication, though, don’t expect these things to work themselves out before 2016.