Story 1PAA1 America’s electronic voting machines are scarily easy targets

America’s electronic voting machines are scarily easy targets

by
in security on (#1PAA1)
story imageMost people remember the vote-counting debacle of the 2000 election, the dangling chads that resulted in the Supreme Court breaking a Bush-Gore deadlock. What people may not remember is the resulting Help America Vote Act (HAVA), passed in 2002, which among other objectives worked to phase out the use of the punchcard voting systems that had caused millions of ballots to be tossed.

In many cases, those dated machines were replaced with electronic voting systems. The intentions were pure. The consequences were a technological train wreck. The list of those problems is what you'd expect from any computer or, more specifically, any computer that's a decade or older. Most of these machines are running Windows XP, for which Microsoft hasn't released a security patch since April 2014. Though there's no evidence of direct voting machine interference to date, researchers have demonstrated that many of them are susceptible to malware or, equally if not more alarming, a well-timed denial of service attack.

"When people think that people think about doing something major to impact our election results at the voting machine, they think they'd try to switch results," says Brennan Center's Lawrence Norden, referring to potential software tampering. "But you can do a lot less than that and do a lot of damage" If you have machines not working, or working slowly, that could create lots of problems too, preventing people from voting at all."

The extent of vulnerability isn't just hypothetical; late last summer, Virginia decertified thousands of insecure WinVote machines. As one security researcher described it, "anyone within a half mile could have modified every vote, undetected" without "any technical expertise." The WinVote systems are an extreme case, but not an isolated one.
Reply 5 comments

Pfft (Score: 0)

by Anonymous Coward on 2016-08-03 10:12 (#1PBCW)

You should see the Australian evoting system. No. Wait. You can't. Not even the government can see that.

Re: Pfft (Score: 0)

by Anonymous Coward on 2016-08-04 11:18 (#1PF59)

For people who aren't up with the play, could you explain that a little?

Re: Pfft (Score: 0)

by Anonymous Coward on 2016-08-07 07:27 (#1PR42)

Or not. You know. Whatever suits.

Interesting interview (Score: 1)

by reziac@pipedot.org on 2016-08-03 13:49 (#1PC1C)

https://www.youtube.com/watch?v=3j8k79x7ylY

in which Roger Stone points out that voting fraud and electronic voting are a one-to-one correspondence. I don't know if this is true, but seems to me it's a lot easier to twiddle ones and zeros than it is to insert or delete stacks of physical ballots.

XP can still get updates (Score: 1)

by evilviper@pipedot.org on 2016-08-04 00:42 (#1PDXW)

Most of these machines are running Windows XP, for which Microsoft hasn't released a security patch since April 2014.
For those who aren't aware, a simple registry change to any XP system will enable updates for an additional 5 years:

* http://www.zdnet.com/article/registry-hack-enables-continued-updates-for-windows-xp/