Hacking the vote

Perhaps you are familiar with the voting machines that you will be soon using. Maybe you have heard they might have flaws. If you follow the news, maybe you have even heard the ridiculous specifics. That data is stored in an unprotected Microsoft Access database that can be changed without a trace, that the machines can be opened with hotel minibar keys, and that Diebold has distributed uncertified software at the last minute on electronic voting machines.

Jon Stokes over at Ars has written a great piece on just how screwed up the current electronic voting situation is; How to steal an election by hacking the vote.

What if I told you that it would take only one person—one highly motivated, but only moderately skilled bad apple, with either authorized or unauthorized access to the right company’s internal computer network—to steal a statewide election? You might think I was crazy, or alarmist, or just talking about something that’s only a remote, highly theoretical possibility. You also probably would think I was being really over-the-top if I told you that, without sweeping and very costly changes to the American electoral process, this scenario is almost certain to play out at some point in the future in some county or state in America, and that after it happens not only will we not have a clue as to what has taken place, but if we do get suspicious there will be no way to prove anything. You certainly wouldn’t want to believe me, and I don’t blame you…In all this time, I’ve yet to find a good way to convey to the non-technical public how well and truly screwed up we presently are, six years after the Florida recount. So now it’s time to hit the panic button: In this article, I’m going to show you how to steal an election.

Now, I won’t be giving you the kind of “push this, pull here” instructions for cracking specific machines that you can find scattered all over the Internet, in alarmingly lengthy PDF reports that detail vulnerability after vulnerability and exploit after exploit. (See the bibliography at the end of this article for that kind of information.) And I certainly won’t be linking to any of the leaked Diebold source code, which is available in various corners of the online world. What I’ll show you instead is a road map to the brave new world of electronic election manipulation, with just enough nuts-and-bolts detail to help you understand why things work the way they do.

Along the way, I’ll also show you just how many different hands touch these electronic voting machines before and after a vote is cast, and I’ll lay out just how vulnerable a DRE-based elections system is to what e-voting researchers have dubbed “wholesale fraud,” i.e., the ability of an individual or a very small group to steal an entire election by making subtle changes in the right places.

Even if you aren’t technically inclined, the article is a good introduction on just how insecure our current situation is.

Bonus link: Quebec bans electronic voting
Bonus bonus link: Foxtrot’s very scary Halloween costume.