“Hotel Minibar” Keys Open Diebold Voting Machines

[SUBMAN1]

“Hotel Minibar” Keys Open Diebold Voting Machines

Monday September 18, 2006 by Ed Felten

Like other computer scientists who have studied Diebold voting machines, we were surprised at the apparent carelessness of Diebold’s security design. It can be hard to convey this to nonexperts, because the examples are technical. To security practitioners, the use of a fixed, unchangeable encryption key and the blind acceptance of every software update offered on removable storage are rookie mistakes; but nonexperts have trouble appreciating this. Here is an example that anybody, expert or not, can appreciate:
The access panel door on a Diebold AccuVote-TS voting machine — the door that protects the memory card that stores the votes, and is the main barrier to the injection of a virus — can be opened with a standard key that is widely available on the Internet.

On Wednesday we did a live demo for our Princeton Computer Science colleagues of the vote-stealing software described in our paper and video. Afterward, Chris Tengi, a technical staff member, asked to look at the key that came with the voting machine. He noticed an alphanumeric code printed on the key, and remarked that he had a key at home with the same code on it. The next day he brought in his key and sure enough it opened the voting machine.

This seemed like a freakish coincidence — until we learned how common these keys are.

Chris’s key was left over from a previous job, maybe fifteen years ago. He said the key had opened either a file cabinet or the access panel on an old VAX computer. A little research revealed that the exact same key is used widely in office furniture, electronic equipment, jukeboxes, and hotel minibars. It’s a standard part, and like most standard parts it’s easily purchased on the Internet. We bought several keys from an office furniture key shop — they open the voting machine too. We ordered another key on eBay from a jukebox supply shop. The keys can be purchased from many online merchants.

Using such a standard key doesn’t provide much security, but it does allow Diebold to assert that their design uses a lock and key. Experts will recognize the same problem in Diebold’s use of encryption — they can say they use encryption, but they use it in a way that neutralizes its security benefits.

The bad guys don’t care whether you use encryption; they care whether they can read and modify your data. They don’t care whether your door has a lock on it; they care whether they can get it open. The checkbox approach to security works in press releases, but it doesn’t work in the field.

[Skybird]

Why complaining if it is a practical feature? Are you queer? Do you like things to be complicated all for nothing?

[SUBMAN1]

Quote:

Originally Posted by Skybird

Why complaining if it is a practical feature? Are you queer? Do you like things to be complicated all for nothing?

Huh?

Must be a Skybird joke. Too tired to figure it out.

-S

[TteFAboB]

SUBMAN, go find your other electronic voting thread, I posted a PDF there about the vulnerability of the Brazilian voting machine.

Well, a Mayor frauded his election and won!

http://limpabrasil.blogspot.com/2006...e-mentira.html

http://www.brunazo.eng.br/voto-e/textos/guarulhos04.pdf

I'll let you know if that report ever gets translated to English. I suspect the Referendum was frauded in some cities too, since it lost in every capital and every state, there must certainly be a fraud or two among the few cities where it won.

You simply can't beat the old paper ballot. It may take up to a week to count every vote in a Presidential election for instance, but it's far easier to keep fraud in check and uncovering it too.

To hell with electronic voting. The fact Hugo Chavez has not abandoned his electronic system should speak loudly enough against it.

[SUBMAN1]

Quote:

Originally Posted by TteFAboB

SUBMAN, go find your other electronic voting thread, I posted a PDF there about the vulnerability of the Brazilian voting machine.

Well, a Mayor frauded his election and won!

http://limpabrasil.blogspot.com/2006...e-mentira.html

http://www.brunazo.eng.br/voto-e/textos/guarulhos04.pdf

I'll let you know if that report ever gets translated to English. I suspect the Referendum was frauded in some cities too, since it lost in every capital and every state, there must certainly be a fraud or two among the few cities where it won.

You simply can't beat the old paper ballot. It may take up to a week to count every vote in a Presidential election for instance, but it's far easier to keep fraud in check and uncovering it too.

To hell with electronic voting. The fact Hugo Chavez has not abandoned his electronic system should speak loudly enough against it.

Doesn't surprise me

[TteFAboB]

Haha! I knew I had heard the name Diebold elsewhere.

Mr. SUBMAN, guess who's responsable for the electoral theft mentioned above? Guess whose machines were used? Whose software?

While the whole hacking thing proves how ridiculously fragile these things are, the gravest danger is not with what a voter can do to the machine while voting but what the election officials can do in the backstage.

In that case they've created "ghost machines", cloned, it's all in the PDF above though you can't understand a word of it.

The point is, this wouldn't have happened with paper ballots.

http://net.dcomercio.com.br/WebSearc...=1&q=(diebold)

Don't know if this link works. Anyway, the Brazilian company Procomp, founded in 1998, was bought by Diebold in 1999. Since then, Procomp got to supply the machines in every election since then except for 2002 when Unisys got the contract.

The Brazilian machines do not have a printer to recount each individual printed vote, the history of the political manouvers done to prevent such a printer from being used are in a link on SUBMAN's other electronic voting thread. Now, the Venezuelan system used to have a printer, however they're not using it on this year's election. Why not? Probably because it's the only way to recount votes and reduce fraud.