Accept certain inalienable truths: Prices will rise, politicians will philander... And US voting machines will be physically insecure
DEF CON dossier reveals: You are not as secure as you imagine
The United States' electronic ballot boxes are as vulnerable as ever to physical tampering by hackers. So says this year's DEF CON Voting Village Report, which summarizes the findings of infosec experts who picked apart the various vote-casting computer systems in use today by cities and counties around the country.
The report [PDF], penned by voting village coordinators Matt Blaze, Harri Hursti, Margaret Macalpole, Mary Hanley, Jeff Moss, Rachel Wehr, Kendall Spencer, and Christopher Ferris, notes that conference attendees had no problem cracking into the machines at first sight.
Specifically, the computers could be compromised or tampered with by those with physical access to the equipment, such as miscreants on election days or corrupt poll officials. The fear is that tallies could be altered in a way that can't be detected or thwarted.
You can easily secure America's e-voting systems tomorrow. Use paper – Bruce SchneierREAD MORE
"In many cases, the DEF CON participants tested equipment they had no prior knowledge of or experience with, and worked with any tools they could find – in a challenging setting with far fewer resources (and far less time) than a professional lab (or even the most casual attacker) would typically have," the report, emitted publicly on Thursday, notes.
"In most cases, vulnerabilities could be exploited under election conditions surreptitiously by means of exposed external interfaces in the machines accessible to voters or precinct poll workers (or to any other individual with brief physical access to the machines.)"
Basically, the organizers say, voting systems are just as vulnerable as they had been shown to be in past years. At this year's conference, the attendees once again met no or little resistance getting into the machines and manipulating everything from vote counts to the system firmware or BIOS.
In many cases it was found that the voting machines were little more than commodity PCs, and poorly secured at that. Things like default passwords, exposed ports and card slots, and accessible drives all made manipulating the voting machines a breeze.
One of the hacked machines at the Voting Village
In fact, the dossier states, voting machines are so vulnerable to tampering that the only effective remedy, for now, is to go low-tech and back them up with paper ballots and human audits that can be used to verify votes and detect when machines are tampered with.
"It is beyond the current and foreseeable state of the art to construct computerized (software and hardware based) voting devices that effectively resist known, practical forms of malicious tampering," the team concluded.
"However, this need not mean that elections must forever be vulnerable to compromise. Certain classes of voting equipment, including some (but not all) of the devices displayed at the Voting Village can still be used to conduct high-integrity elections – in spite of their vulnerabilities – by conducting statistically rigorous post-election audits." ®