from Hacker News

Cylance Discloses Voting Machine Vulnerability

by rsobers on 11/6/16, 3:31 AM with 120 comments

  • by Shank on 11/6/16, 4:21 AM

    I worked as an election judge in the 2012 general election in Arapahoe County, Colorado. We had these exact machines. What isn't pictured is the physical security performed with them.

    Typically, tamper seals that are identifiable as broken are placed on all access doors (including the power switch, data load slots, etc), access panels, and openings on the device. All seals were verified in tact before and after the election, and no voter was ever permitted in the back of the access panel where the firmware update would take place.

    Before the machine starts, it gives a "zero" report which is verified independently by poll watchers, and confirms candidate choices are in place as needed. When the polls are closed, we seal everything again before the machines are sent back for reporting (at which point the seals are checked and verified prior to dumping results).

    If this was really a damaging hack, the protective counter & live counters would show different numbers than what the machine read, but that didn't happen. It very clearly was tampered with, which means these physical measures would counteract any unwanted firmware updates during an election. It's preposterous to think that election judges aren't actively verifying seals during election day and making sure nobody is tampering with them.

  • by peterarmstrong on 11/6/16, 5:54 AM

    Dear America,

    This all sounds complicated and insecure.

    Why can you not just do paper voting with simple ballots, like in Canada?

    Yes, you have 10x the people, but just get 10x the human counters and scrutineers. Counting is parallelizable.

    We run elections and get accurate, verifiable results in the same day.

    Ours aren't as nasty as yours are, and we still have better anti-fraud than you do, since every paper ballot can be counted, as many times as needed. And since the thing which is counted is the same physical thing which can be audited, we can always verify the results if anything goes wrong.

    You've had some problems with your ballots 16 years ago, and we're not sure why you haven't fixed this by now. After all, you've gotten people to the moon and robots to Mars--surely you'd want a fair, verifiable presidential election? (Especially when one of the two candidates is, frankly, terrifying to all your friends around the world.)

    Love, Canada

  • by alexandercrohde on 11/6/16, 4:35 AM

    I think it's high time we start taking these concerns seriously. If state actors can accomplish stuxnet, then hacking a voting system seems well within the realm of technical possibility.

    Fortunately, there are pretty simple policies we can enact to prevent fraud and give faith in elections (both in America, as well as other countries). If you care, I'd perhaps start at https://www.verifiedvoting.org/

  • by mpweiher on 11/6/16, 5:35 AM

    I really don't see what problem these machines are solving, except for "as an operative, I would like additional vectors to manipulate the election".

    In Germany, we get

    (a) a paper ballot

    (b) a pen

    Works perfectly. And quickly.

  • by noir-york on 11/6/16, 8:32 AM

    Democracy must not only be done, but also seen to be done. Trust in that most essential of democratic processes - vote counting - must be absolute.

    Approaching vote counting as a mere technical problem that can be solved with enough technical safeguards misses the point. You cannot just ask a democracy to beta test vote counting and fix the bugs post-election - that will kill trust in the process.

    Politics is polarised enough as is and you will find demagogues who will latch on to anything to reduce the legitimacy of an election.

    It shouldn't even be up for discussion that trust and legitimacy are the most important goals in vote counting. Stick to paper voting and only introduce e-voting in parallel and not as the authoritative and final vote counting solution.

  • by sfifs on 11/6/16, 6:57 AM

    I wonder why countries don't use India's simple and scalable electronic voting systems. The latest ones have voter verified paper audit trails. They even have pooling systems to prevent counts from any single voting booth become known to prevent voter intimidation.

    https://en.m.wikipedia.org/wiki/Electronic_voting_in_India

  • by jakeogh on 11/6/16, 5:47 AM

    Why Electronic Voting is a BAD Idea - Computerphile: https://www.youtube.com/watch?v=w3_0x6oaDmI

  • by godelski on 11/6/16, 4:33 AM

    Really what it seems is that we need more audits on machines. If democracy is to be a pivotal part of our election process we need to release the source code of these machines to ensure that we find and solve problems.

  • by seanwilson on 11/6/16, 4:37 AM

    Is there any way you can prevent hacks like this that require physical access? I guess cryptographically signing the updates, adding tamper proof seals and requiring multiple people to approve updates would help. The general mantra however is that once a hacker has physical access to your machine all bets are off.

    Also, what happens if there's a random hardware/software glitch where incrementing one vote actually increments 10 votes? Is this checked for? How much reliance is there on the software and hardware being error free?

  • by imode on 11/6/16, 6:43 AM

    lovely! more paranoia about the upcoming competition for a single political position.

    as if I needed more of a reason to say "wow, this is rigged", now I see this!

    I can't imagine how well this will go. november is a cake walk. january is where the fun starts.

  • by based2 on 11/6/16, 6:46 AM

  • by top_post on 11/6/16, 4:33 AM

    "The decision to announce the research findings was intended to encourage increased sales and revenue for Q4 2016."