Voting machine software hackable
published: Thu, 24-Jul-2003 | updated: Sun, 23-Jul-2006
There was an article in the New York Times today about a report written by researchers who'd been poring over source code for an electronic voting machine. (Read the report here.)
The consensus was that the software had so many loopholes and was so poorly written from a security standpoint that determined attackers could fairly easily hack a voting terminal. The kinds of loopholes available to determined attackers were:
- use home-programmed smart cards to stuff votes (the terminal is smart card driven)
- easily perform a denial-of-service attack (i.e., stop people from voting)
- possibly intercept the "ballot paper" (i.e., the screen with the ballot on it) and replace it with their own (the ballot paper not being signed)
- vote counters that were supposed to be secure, weren't
- with a colluding election official and a slow polling station you could even work out at the end of the day how people had voted
One of the conclusions of the researchers was that, lo and behold, voting machine software is just as buggy, badly designed and written as most commercial software written by ho-hum developers. Despite the fact that voting terminal software is used to uphold democracy. If we don't believe ballot results, where next for democracy?
The New York Times managed to get a quote from someone at the company that made the terminals. He said, and I quote
"We're constantly improving it so the technology we have 10 years from now will be better than what we have today,"
This either means "Your vote means nothing for the next ten years, because there's so many opportunities for vote stuffing" or "we'll release the next version in ten years' time."
The strange thing to outsiders is perhaps that the voting terminal has to be approved by regulators before it can be deployed. So, there's someone looking after the public viewpoint. That should make it all right, yes?
Well, I used to work in an industry dominated by regulations, approval processes, and regulators: the gaming and casino industry, The regulators used to get new versions of slot machines and casino systems and, er, test them for approval. Well, in fact what happens is that the regulators immediately send it all off to an independent testing laboratory, who do the work. Of course, for casino system software, no one is going to read all the code; in fact all they do is check that certain inputs provide certain outputs. Bang, it's approved. $5,000, please (or whatever the amount for the approval process is).
So I'm not surprised that voting machines can fail (sorry, I meant succeed) in the same manner. What scares me is what happens in the equally regulated aircraft and medical software industries. Brrr.