[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: More reasons to avoid electronic voting!

To: <cvv-discuss@xxxxxxxxxxxxxxxxx>
Subject: RE: More reasons to avoid electronic voting!
From: "Some Guy" <someguy@xxxxxxxxxxxxx>
Date: Wed, 29 Mar 2006 04:57:08 -0700
Delivered-to: mailing list cvv-discuss@coloradovoter.net
Importance: Normal
In-reply-to: <LMEKKBDBOIGELJEIKJKEGEIEDNAA.delta@deltatech.com>
List-help: <mailto:cvv-discuss-help@coloradovoter.net>
List-post: <mailto:cvv-discuss@coloradovoter.net>
List-subscribe: <mailto:cvv-discuss-subscribe@coloradovoter.net>
List-unsubscribe: <mailto:cvv-discuss-unsubscribe@coloradovoter.net>
Mailing-list: contact cvv-discuss-help@coloradovoter.net; run by ezmlm
Reply-to: <someguy@xxxxxxxxxxxxx>

More like old hack. Back in 03 when some of us were invited to work on the
committee to advise which vendor to buy DRE from, few if any of the
committee went looking for systems that were under command and control via
wired or wireless. And believe me, we had vendors telling us that this was a
feature of their systems, and therefore being sold as a benefit. But we
weren't interested. It wasn't just the dozen members of that committee, but
pretty much the entire country. The reports in the press and on the net
lambasted vendors for even thinking about networking elections computers.
However, there were a few vendors that had centralized brain boxes for
collecting votes from nearby (polling place) DRE and then having the poll
judges dump the memory modules over the wire (modem) to the central office.
As this was just the transfer of data one-way, we were more amenable to that
scenario. But not everyone.
Modem communications is not one-way, even when doing an upload. Modems do
something called handshaking. The modems talk to each other, ostensibly to
correct bad data by demanding it be resent. In these handshakes there's a
lot more that can be transacted than just data.

In the mid eighties I worked for NBS (now NIST). For the kinds of functions
that ended up being embedded into modems only a few years later, we had to
write code to do. Making a modem change speeds (usually to a lower speed)
was something that we programmers had to figure out. I worked on machine
code for Z80 and 6502 processors to control i/o ports remotely. Few people
at the time had a clue what less than ten machine code programmers were
doing in Boulder, except a couple of modem makers who then took our public
domain work and incorporated it into their products. In their haste to get
to market, most of them took the framework of our hacked up model and used
it in their over-the-counter products. PC computers were just hitting the
streets and outboard modems were very expensive and very slow by today's
standards. Users were worried about speed and reliability, not security. In
fact no one seemed too concerned about security.
In short order, one of the engineers wrote a war dialer that inspected the
answering modem to find out if we could enter via the various back doors
that we knew to exist. We ran this from the Cyber and not a soul knew
because we hacked in. After we collected a list of vulnerable computers in
the Boulder and Gaithersburg area, we spent about week hacking into numerous
governmental computers using the Cyber at NOAA as a jump off point. We
waited to see if there were alarms, or if someone would notice. No one did.

One of the reasons that no one noted the hacking was that no one was really
looking. If a call came from another governmental system, or that the remote
caller even knew which number to call - all must be well. Security by
obscurity.
But even if anyone bothered to monitor the traffic between modems they
wouldn't have seen anything out of the ordinary, because they were looking
at only the data flow and not what the computers were doing with the data.
Furthermore, the telecommunications standard of RS-232 affords the ability
for two devices to speak duplex to each other. Very few people know that
even now. Standard RS-232 monitors (test equip) had no ability to monitor
RTS/CTS or x-on/x-off. So even if you suspected something fishy, you'd have
to build the test suite to look for the out-of-band signals.

Not only could I simply make a modem fall back to a slower speed, but I
could do much more complex stuff like mount off-line disks, open up other
modems and get them to dial out, etc. Essentially, our engineering team
could effectively have a complete command and control session going on with
the remote host while normal data transfers took place over the same line.
The only company that responded to our dog and pony show when we gave our
report was DEC. DEC had its arm twisted because Ball was their biggest
customer. Members of Ball Aerospace worked on the TieNet project and were
perfectly aware that a handful of hackers in Boulder had broken into nearly
every kind of computer manufactured via a dial up modem, using a KPro. The
DEC Rainbow was possibly the most secure PC computer built. At the time it
was probably the most secure computer on the market (including mainframes)
as far as telecommunications were concerned.

In my experience, private industry is far more concerned about system
security than the government. But they are only interested if it will reduce
their sales. They won't automatically include security features unless their
competition is doing so, or if their biggest customer makes the demand.
Generally, big commercial networks have piles of secure gateways, and
governmental computers do not. Hacking into governmental computers is a
breeze compared to hacking into a commercial network system. The government
either doesn't care, doesn't know, or can't afford to pay for security. A
lot of pressure needs to be applied to a computer maker to get them to
secure their systems. And as we can see from elections systems, it is just
not being done.

At one of the last hearings of the 03 committee someone here in this group
asked a rep from ES&S about data security. The ES&S guy said that they were
using CRC (Cyclical Redundancy Checks). I had the idea that he just didn't
know what he was talking about. He was asked (I think by Al) if they were
using CRC32, but just CRC was confirmed. When asked about encryption like
DES or PGP, he stated that it wasn't needed and was too slow.
Again - only a handful of us knew what this meant and the impact had to be
explained to others, who mostly didn't get it. One person who didn't get it
was Linda Salas, but she really wasn't trying to get it.

In 03, Diebold set up a system in the Houston room that needed a connection
to the internet for updates from their home office. That room had been
separated from the internet. In fact, the entire subnet was disconnected
from the rest of the county. It was suggested to them that they move their
computer out of the room to connect to another area and then move it back.
They balked. We even tried to come up with a cable long enough for them to
be able to run it down the hall. I got distracted by other work and never
figured out what they did until much later.
During the setup for tally I decided to check my email. Lo and behold I
could. I suddenly realized that my supposedly secure computer was connected
to the internet. I went to the patch bay and found that someone had
connected our hub back to the router. It wasn't one of our cables. I pulled
it and went to talk Tom Halicki about it. Tom didn't want to engage with the
Diebold people about how this patch cable showed up in a secure area of the
building, but I did. They were visibly upset that they could no longer
connect to the internet. We never found out who's patch cable it was and how
it got there. People who were thinking about computer security were thinking
about things that didn't matter. Whoever let the Diebold people into the
patch bay probably didn't even blink.

What's the point of all of this: It takes a lot of skill and savvy to hack
in from the outside with little to no knowledge of the internals of the
target of your hacking. Furthermore, if the buyers of such systems believe
the mumbo-jumbo that salesmen tell them is 'standard', they will just go
with it.
Finally, it takes little technical expertise to socially engineer your way
into a the infrastructure and stick wires in places where they don't belong.

Few clerks want to have elections computers on wide area networks, but if a
vendor says that it is required or that it operates following some standard,
they grin and bear it. There was no one then and quite possibly no one now
in the clerks office that knows what an out-of-band communication is; the
differences between CRC, DES, PGP or cave aged bleu cheese. The idea that a
14 year-old with a war dialer could take over their systems in science
fiction to them.

In short, computers should not be used in elections. It doesn't matter how
secure they are, because they are not.

Back to my original plan: why usurp the data when it is far easier to simply
destroy it? Someone 'accidentally' destroyed over 100K electronic ballots in
FL, where Jeb Bush is governor by default.
It hardly matters that GWB is term limited. When two million ballots
disappear in 08, he will continue to rule.

SG

-----Original Message-----
From: Delta [mailto:delta@xxxxxxxxxxxxx]
Sent: Wednesday, March 29, 2006 12:44 AM
To: Evan Daniel Ravitz; cvv-discuss@xxxxxxxxxxxxxxxxx
Subject: RE: More reasons to avoid electronic voting!

The concern over the first story is ridiculous.
go read about X-10.
Info tx along power lines is old technology. Been around for decades.
It will not open up computers to hacking anymore than they are exposed to it
on Broadband or DSL.
and, those machines under consideration around *here* have no internet
access capability anyway, regardless of how you intend to transmit it.

The second story is nothing new either.....
silicon Valley Geeks have been making back doors and spyware ever since
software was invented.
how are *they* stopped from putting trapdoors into software meant for
electronic voting???

Mountains out of molehills......

> -----Original Message-----
> From: Evan Daniel Ravitz [mailto:evan@xxxxxxxx]
> Sent: Tuesday, March 28, 2006 10:22 PM
> To: cvv-discuss@xxxxxxxxxxxxxxxxx
> Subject: More reasons to avoid electronic voting!
>
>
>
> Folks,
>
> Here are 2 more reasons electronic machines (except "dumb" ones like
> in the Swiss system) shouldn't be counting votes:
>
> Hi-speed internet via power lines means ANY computer could be
> connected to the outside world (and thus subject to outside control or
> hacking) even if no phone line, modem, wireless or network connection
> is evident:
>
> http://www.cbsnews.com/stories/2003/02/10/tech/main540094.shtml
>
> AND, computers could come brand-new (to Hart, for example) with
> spyware or "backdoors" built in:
>
> http://news.bbc.co.uk/2/hi/business/4849742.stm
>
> Evan
>
> "If you believe in things that you don't understand, then you suffer."
> -Stevie Wonder's "Superstition"
>
> "Nobody understands everything in commercial US electronic voting
> systems." -me
>
>
>


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.2/294 - Release Date: 03/27/2006

Follow-Ups:
- Excellent, Mr. Paul Tiger
  - From: Ralph Shnelvar

References:
- RE: More reasons to avoid electronic voting!
  - From: Delta

Prev by Date: Re: More reasons to avoid electronic voting!
Next by Date: RE: More reasons to avoid electronic voting!
Previous by thread: RE: More reasons to avoid electronic voting!
Next by thread: Excellent, Mr. Paul Tiger
Index(es):
- Date
- Thread