How to Steal an Election by Hacking the Vote - repo.zenk-securit...
How to Steal an Election by Hacking the Vote - repo.zenk-securit...
How to Steal an Election by Hacking the Vote - repo.zenk-securit...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
http://arstechnica.com/articles/culture/evoting.ars<br />
Briefly, a "knock attack" is where <strong>the</strong> Troj<strong>an</strong> doesn't wake up <strong>an</strong>d do its business<br />
until it receives a signal of some sort from <strong>the</strong> attacker. For networked machines,<br />
this could be something as simple as a sc<strong>an</strong> on a certain port r<strong>an</strong>ge. For nonnetworked<br />
<strong>to</strong>uchscreen machines, Avi Rubin has suggested that <strong>an</strong> attacker could<br />
<strong>to</strong>uch <strong>the</strong> screen in certain place, or make a sequence of specific <strong>to</strong>uches (e.g. <strong>to</strong>p<br />
left, <strong>to</strong>p right, <strong>to</strong>p left). Or, <strong>an</strong> attacker could send a signal <strong>to</strong> <strong>the</strong> Accu<strong>Vote</strong>'s built-in<br />
IrDA port with a h<strong>an</strong>dheld remote (if <strong>the</strong>re's <strong>an</strong> IR sensor actually installed <strong>an</strong>d<br />
accessible). There are a number of possibilities here, but you get <strong>the</strong> idea.<br />
Realistically, <strong>the</strong> L&A is just one of a series of tests that should take place at every<br />
step of <strong>the</strong> voting machine procurement, deployment, <strong>an</strong>d election process. The<br />
machines should be audited independently <strong>an</strong>d tested <strong>by</strong> <strong>the</strong> government before<br />
<strong>the</strong>y're purchased <strong>by</strong> <strong>the</strong> state or county; <strong>the</strong>y should be tested on delivery; <strong>the</strong>y<br />
should be tested prior <strong>to</strong> polling; <strong>an</strong>d a r<strong>an</strong>dom sample should be tested during<br />
polling.<br />
Fundamentally, however, it doesn't matter how thoroughly you test a paperless DRE<br />
before, during, or after <strong>an</strong> election. A determined cracker c<strong>an</strong> always find a way <strong>to</strong><br />
compromise <strong>the</strong> system in <strong>an</strong> undetectable way. The only real protection against<br />
wholesale election fraud is genuine auditability, <strong>an</strong>d that's a feature that paperless<br />
DREs lack <strong>by</strong> design.<br />
So far in this article, I've covered two of <strong>the</strong> three bullet points that I listed for<br />
undetectable wholesale fraud methods: altering <strong>the</strong> vote recording process, <strong>an</strong>d<br />
altering <strong>the</strong> record of votes. Now let's look at <strong>the</strong> remaining fraud method: altering<br />
<strong>the</strong> tabulation process.<br />
(Mis)counting <strong>the</strong> vote<br />
You might have a hard time imagining that a comp<strong>an</strong>y like Diebold could ever be<br />
compromised from within or without <strong>by</strong> someone who would w<strong>an</strong>d <strong>to</strong> steal <strong>an</strong><br />
election <strong>by</strong> embedding a Troj<strong>an</strong> in <strong>the</strong> Accu<strong>Vote</strong>'s software stack. Or, alternately, you<br />
might have faith that <strong>the</strong> testing <strong>an</strong>d voting machine certification process in your<br />
state is thorough enough <strong>to</strong> catch even <strong>the</strong> most cleverly hidden Troj<strong>an</strong>. Even so,<br />
you still shouldn't be complacent about DREs, because <strong>the</strong>re are o<strong>the</strong>r moments in<br />
<strong>the</strong> life-cycle of <strong>an</strong> electronic vote where that vote c<strong>an</strong> be altered.<br />
Figure 7 shows <strong>the</strong> process <strong>by</strong> which votes are collected <strong>an</strong>d tabulated.<br />
Copyright © 1998-2006 Ars Technica, LLC<br />
14