[ISN] Most vote machines lose test to hackers

From: InfoSec News (alerts@private)
Date: Sun Jul 29 2007 - 23:13:19 PDT


http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2007/07/28/VOTING.TMP

By John Wildermuth
Chronicle Staff Writer
July 28, 2007

State-sanctioned teams of computer hackers were able to break through 
the security of virtually every model of California's voting machines 
and change results or take control of some of the systems' electronic 
functions, according to a University of California study released 
Friday.

The researchers "were able to bypass physical and software security in 
every machine they tested,'' said Secretary of State Debra Bowen, who 
authorized the "top to bottom review" of every voting system certified 
by the state.

Neither Bowen nor the investigators were willing to say exactly how 
vulnerable California elections are to computer hackers, especially 
because the team of computer experts from the UC system had 
top-of-the-line security information plus more time and better access to 
the voting machines than would-be vote thieves likely would have.

"All information available to the secretary of state was made available 
to the testers,'' including operating manuals, software and source codes 
usually kept secret by the voting machine companies, said Matt Bishop, 
UC Davis computer science professor who led the "red team" hacking 
effort, said in his summary of the results.

The review included voting equipment from every company approved for use 
in the state, including Sequoia, whose systems are used in Alameda, Napa 
and Santa Clara counties; Hart InterCivic, used in San Mateo and Sonoma 
Counties; and Diebold, used in Marin County.

Election Systems and Software, which supplied equipment to San 
Francisco, Contra Costa, Solano and Los Angeles counties in last 
November's election, missed the deadline for submitting the equipment, 
Bowen said. While their equipment will be reviewed, Bowen warned that 
she has "the legal authority to impose any condition'' on its use.

Bowen said in a telephone news conference Friday that the report is only 
one piece of information she will use to decide which voting systems are 
secure enough to use in next February's presidential primary election.

If she is going to decertify any of the machines, she must do it by 
Friday, six months before the Feb. 5 vote.

A day-long hearing in Sacramento on Monday will give the UC 
investigators a chance to present their finding and allow the various 
voting machine companies to present a response. The hearing also will be 
open for comments from the public.

The study was designed to discover vulnerabilities in the technology of 
voting systems used in the state. It did not deal with any physical 
security measures that counties might take and "made no assumptions 
about constraints on the attackers,'' Bishop said.

"The testers did not evaluate the likelihood of any attack being 
feasible,'' he added.

Some county elections officials in the state were among the most 
critical of the study, saying they worry that they could be forced to 
junk millions of dollars in voting machines if Bowen decertifies them 
for the February election.

Letting the hackers have the source codes, operating manuals and 
unlimited access to the voting machines "is like giving a burglar the 
keys to your house,'' said Steve Weir, clerk-recorder of Contra Costa 
County and head of the state Association of Clerks and Election 
Officials.

The study also determined that many voting systems have flaws that make 
it difficult for blind voters and those with other disabilities to cast 
ballots.

During her election campaign last year, Bowen made it clear she had 
little confidence in the security of electronic voting machines and 
vowed to review their use in the state.

"Voting systems are tools of our democracy,'' she said Friday. "We want 
to ensure that the voting systems used in the state are secure, 
accurate, reliable and accessible to all. This (study result) is not a 
big deal to me. It's a big deal for everyone in the country.''

Vendors and other advocates of electronic voting machines have suggested 
that because of Bowen's well-publicized concerns, she has her thumb on 
the scale when it comes to reviewing the systems. But the secretary of 
state said she purposely avoided the scientists doing the study.

Bowen admitted that she's "enough of a geek" that she would have enjoyed 
working closely with the study, but "I've stayed out of the way ... It's 
not my review,'' she said. "I didn't want (the researchers) to be 
influenced by my questions.''

Weir said the UC study "is only a hologram of what could be done 
technically without considering the real-world mitigation,'' the locks, 
access cards and other physical security measures typically used.

The study found "absolutely no evidence of any malicious source code 
anywhere,'' he added. "They found nothing that could cast doubt on the 
results of elections.''

Bishop, however, said he was surprised by the weakness of the security 
measures, both physical and electronic, protecting the voting systems. 
His team of hackers found ways to get into the systems not only through 
the high-tech equipment in election headquarters but also through the 
machines in the polling places.

If the testers had had more time, they would have found more flaws, he 
added.

"The vendors appeared to have designed systems that were not high 
assurance (of security)," said Bishop, a recognized expert on computer 
security. "The security seems like it was added on.''

This article appeared on page A - 1 of the San Francisco Chronicle


5B
_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Sun Jul 29 2007 - 23:22:29 PDT