Wednesday, August 01, 2007

California evoting machine audit shows vunerabilities

Bruce Schneier and Ed Felten have been considering the University of California reports on the review of California's evoting machines.


"This was a serious review, with real security researchers getting access to the source code. The report was issued last week, and the researchers were able to compromise all three machines -- by Diebold Election Systems, Hart Intercivic, and Sequoia Voting Systems -- multiple ways. (They said they could probably find more ways, if they had more time.)...

This is no surprise, really. The notion that electronic voting machines were somehow more secure every other computer system ever built was ridiculous from the start. And the claims by machine manufacturers that releasing their source code would hurt the security of the machine was -- like all these sorts of claims -- really an attempt to prevent embarrassment to the company.

Not everyone gets this, unfortunately. And not everyone involved in voting:
Letting the hackers have the source codes, operating manuals and unlimited access to the voting machines "is like giving a burglar the keys to your house,'' said Steve Weir, clerk-recorder of Contra Costa County and head of the state Association of Clerks and Election Officials.

No. It's like giving burglars the schematics, installation manuals, and unlimited access to your front door lock. If your lock is good, it will survive the burglar having that information. If your lock isn't good, the burglar will get in."


"So far only the red team (and accessibility) reports have been released, which makes one wonder what is in the remaining reports...

The bottom-line paragraph from the red team overview says this (section 6.4):
The red teams demonstrated that the security mechanisms provided for all systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results.
The red teams all reported having inadequate time to fully plumb the systems’ vulnerabilities (section 4.0):
The short time allocated to this study has several implications. The key one is that the results presented in this study should be seen as a “lower bound”; all team members felt that they lacked sufficient time to conduct a thorough examination, and consequently may have missed other serious vulnerabilities...
Despite the limited time, the teams found ways to breach the physical security of all three systems using only “ordinary objects” (presumably paper clips, coins, pencil erasers, and the like); they found ways to modify or overwrite the basic control software in all three voting machines; and they were able to penetrate the backend tabulator system and manipulate election records."

Update: I also should have said there was a parallel study going on in Florida. A study by Florida State University has reported that Florida's optical scan machines are still flawed despite efforts to fix them. Further information on the study available at

Update 2: The evoting machine vendors have attacked the California study, saying all it proves is that all computer systems are vulnerable.

No comments: