Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Video Shows Easy Hacking of E-Voting Machines

timothy posted more than 6 years ago | from the stick-to-gambling-machines-kid dept.

Government 254

Mike writes "The Security Group at the University of California in Santa Barbara has released the video that shows the attacks carried out against the Sequoia voting system. The video shows an attack where a virus-like software spreads across the voting system. The coolest part of the video is the one that shows how the 'brainwashed' voting terminals can use different techniques to change the votes even when a paper audit trail is used. Pretty scary stuff. The video is absolute proof that these types of attacks are indeed feasible and not just a conspiracy theory. Also, the part that shows how the 'tamperproof' seals can be completely bypassed in seconds is very funny (and quite disturbing at the same time)."

cancel ×

254 comments

Sorry! There are no comments related to the filter you selected.

Quicktime? (0, Offtopic)

GreatBunzinni (642500) | more than 6 years ago | (#24932843)

Seriously? Quicktime? For god's sake, I would expect that an institution dedicated to higher education would understand the importance of using open standards.

Re:Quicktime? (2, Funny)

Anonymous Coward | more than 6 years ago | (#24932887)

no way. Those are Creative Types(tm). They use Macs.

Re:Quicktime? (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#24933113)

Modern Mac users remind me of the kids who shop at Hot Topic [hottopic.com] to be "different".

Wow, kids, you sure know how to stick it to the man. Just use protection while Steve Jobs sticks it to you because he has A.I.D.S.(tm) which, like Macs, Just Works(tm).

On another note, I never understood why any self-respecting-but-impressionable male would want to convey the essence of sleek, curvaceous sexual confusion as I've never seen a Mac-using male with a female(cross-dressing dosen't count)! Back in my day the rebels wore mohawks, trenchcoats, and flannels. Nowdays the rebels are just PUSSIES. There's been a recent wave of violence in Mexico against "Emo kids", as they're called, and rightly so.

Re:Quicktime? (0)

Anonymous Coward | more than 6 years ago | (#24933313)

Methinks the lady doth protest too much.

Re:Quicktime? (3, Insightful)

psergiu (67614) | more than 6 years ago | (#24932909)

Just be thankful it's not streaming RealVideo or WM11 :)

Re:Quicktime? (1)

Bill, Shooter of Bul (629286) | more than 6 years ago | (#24933647)

Why? At least real video can be read with the open source helix viewer. WM11 obviously doesn't work as well on macs as quicktime does on windows, so I guess for that reason its better. But their both proprietary.

Re:Quicktime? (2, Funny)

Anonymous Coward | more than 6 years ago | (#24932941)

Don't worry, it's slashdotted already.

Slashdot effect (1)

Bruiser80 (1179083) | more than 6 years ago | (#24932967)

don't have to worry about it any more - the site has been effectively slashdotted :-)

Re:Slashdot effect (1)

elwinc (663074) | more than 6 years ago | (#24933035)

Can someone who actually saw the video please mirror it on youtube or something, and post a link? The site is slashdotted. Thank you!

Hey, what's wrong with my spell checker? It doesn't know either youtube or slashdotted!?

Re:Slashdot effect (1)

Windows_NT (1353809) | more than 6 years ago | (#24933235)

The requested URL (%5C) was not found. If you feel like it, mail the url, and where ya came from to help@slashdot.org.

Re:Quicktime? (3, Informative)

jellomizer (103300) | more than 6 years ago | (#24933029)

Except for the fact the cheapest and easiest to use tools are on the Mac (iMovie) and save as quicktime. Why bother using open standards if you want to get your point across, if it will take you 2 weeks to get up and running, especially if you haven't done so before.

Re:Quicktime? (-1, Troll)

zappepcs (820751) | more than 6 years ago | (#24933283)

I'm guessing that you knew a priori how to drive a car before you were ever trusted to get behind a steering wheel? No? Seriously, it didn't take you weeks to prepare for that moment, did it? (I love car analogies)

More on point, the *point* of open standards is so that we can all write code and applications that work together so that lots of things can be as easy as you think a Mac is, and then every idiot, grandparent, and special olympian can get their point across. (If I left your particular group out and you feel insulted, you're an idiot!... there, feel better?)

Open standards create environments where all software can work well together. Your vote against it because you are unfamiliar with anything but Mac flavored cool aid brand applications is tantamount to you wearing a scarlet M on your forehead so we can all see you coming from a sufficient distance as to allow us time to avoid you.

As for easiest and cheapest? I have some doubts about your ability to count money. I hope that you don't work the register in any store that I patronize.

Re:Quicktime? (3, Insightful)

jellomizer (103300) | more than 6 years ago | (#24933779)

I wasn't debating the value of open standards. The point is the easiest available tools didn't use them. Open Standards are a good thing. But if the apps that use them are either opressivly expensive, or free and difficult to use they will not use them. They are trying to get a point across not start a broadcast company. As for easiest and cheapest it is quite simple. Many college students already have Mac, with iMovie. They got the Mac for other uses but it came with it so they will use it, being that the software tool is easier to use then most other video editing software so it took less time. Now if Apple incorporated iMovie to save as an open standard by default all the better. But surprise they are pushing their own standard (which has many open standards in it btw)

If you think a price at the register level you are taking a very basic view of economics. Time and Inventory have a cost as well. Even if you are doing free work at a college. Every hour you spend working on this project One less hour you have to study for a test, or to go out to a party, or a convenient section of your schedule open for a date. Taking an extra half a day trying to get an Open Standards complaint tool to work may not be worth it. Vs. Just using a widely use non standards complaint tool and get it done in a couple of hours leaving the rest of the day to do more interesting things.

Expensive and Cost don't always equal money.

Re:Quicktime? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24933893)

If this is a video pertaining to hacking why would you blame not releasing in another format on it being technically harder. They are hackers. I am sure they could find a way to do it pretty quickly. It's not like there aren't any conversion tools out there. I know people don't care but when someone is on a Windows machine that doesn't have quicktime, or a Linux machine they get marginalized. Sure if this was about an art expo or something I can understand but this is about hacking. One would expect a better choice in codec. Not being an open source pundit here, i'd settle for something that works across all 3 platforms, open or not (Would be nice to get REAL QT support).

And for the record WMV works decently under Linux, not the best but decently.

Re:Quicktime? (0, Flamebait)

Anonymous Coward | more than 6 years ago | (#24933121)

What do you want? Fucking Windows Media that can only be played on Windows? Bullshit RealMedia that nobody uses anymore?

Shitwipe "DivX" that requires a CODEC installation which trashes anything that's not a Windows OS?

I'll take plain, standard .mp4 files thank you.

Re:Quicktime? (1, Interesting)

DurendalMac (736637) | more than 6 years ago | (#24933137)

Why? If Quicktime gets the job done quickly and easily, why the hell does it matter? Why does everything have to be based on open standards, especially when it's something as simple as a web video? Quit your whining. What is important to you is NOT important to everyone else. Come to grips with that already.

God I hate FOSS fanboys. FOSS is all well and good, but don't expect everyone to use it exclusively. I've seen fanboys of all stripes, but nothing can match a FOSS zealot.

Re:Quicktime? (4, Informative)

Abreu (173023) | more than 6 years ago | (#24933311)

Open standards are important in this case for the simple reason that they ensure that the message will be seen by the largest audience possible.

Re:Quicktime? (4, Informative)

TheRaven64 (641858) | more than 6 years ago | (#24933331)

What do you mean by 'Quicktime'? The Quicktime .mov container format exported by recent versions of Quicktime is an open standard (part of MPEG-4 now). What's in this container depends on the user, but the defaults are MPEG-4 (often now AVC) for video and MPEG-4 AAC for audio. These are all open standards, although if you're in a part of the world with a broken legal system they might be patented.

Re:Quicktime? (0, Offtopic)

imsabbel (611519) | more than 6 years ago | (#24933837)

That doesnt change a bit about the fact that mov as a container sucks.
MP4 is hardly better, but at least you dont need to use quicktime for it.

And spare me the "alternatives", i never found them to work reliable.

Re:Quicktime? (1)

JCSoRocks (1142053) | more than 6 years ago | (#24933363)

blawr, I hate quicktime. Unless a video *has* to be ridiculously high quality why bother to host it yourself anyway? Just put it on youtube... then you don't have to pay for the bandwidth... or you know, get slashdotted. (Yes, I know she/he's at a university but her/his tuition is footing the bill).

Host on youtube? Surely you jest. (1)

markdowling (448297) | more than 6 years ago | (#24933751)

At least hosting yourself you have some control over any DMCA notices. Look at how the Scientologists have gone after critical youtube videos recently.

We have a system to protect against this (3, Funny)

Anonymous Coward | more than 6 years ago | (#24932845)

Even though l3wdd00d might get 100% of the votes in the Presidential election, the fact that he is only 16 will be disqualifying.

Re:We have a system to protect against this (-1)

Anonymous Coward | more than 6 years ago | (#24932959)

Nobody cares anymore. Barack Obama, for example, has questionable citizenship (there's strong circumstantial evidence he had Indonesian citizenship as a child) but being able to read a teleprompter is apparently more important.

Re:We have a system to protect against this (-1)

Anonymous Coward | more than 6 years ago | (#24933041)

I hadn't heard that ugly rumor before but it doesn't surprise me given all of the mis-information on the net.

However, it is a well documented fact that McCain is not a 'natural born citizen' and therefore not eligible to be president. Of course, the conservative controlled media is covering this up.

Citizenship of a wanna be president (0, Offtopic)

seededfury (699094) | more than 6 years ago | (#24933165)

Funny thing is, I looked this up and the very first link led me one of those "controlled media" websites. http://www.msnbc.msn.com/id/23415028/ [msn.com]

Re:Citizenship of a wanna be president (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#24933251)

MaCkain is aMEriKan after all no? US boy born in panama. HAHAHAHAHAH

Re:We have a system to protect against this (5, Informative)

Volante3192 (953645) | more than 6 years ago | (#24933349)

*sigh* And these ACs are part the people who help decide the fate of the nation? No wonder we're screwed...

Barack had dual citizenship with Kenya (NOT Indonesia) and the US until 21 years old when Kenyan law required him to abandon it. He was born in Hawaii which makes him a natural born citizen.

McCain was born on a naval base which is considered soverign US soil for the purposes of birth, and has been since the 1790s by an act of Congress. (It's true the wording isn't as clear as it could be, but it's clear what the intent is of the bill.)

Both candidates are US citizens and natural born. This is all a non issue, has been, will be. Go find some other misinformation to spread...

Re:We have a system to protect against this (2, Informative)

HungryHobo (1314109) | more than 6 years ago | (#24933803)

"The 1790 law remained in effect until the Naturalization Act of 1795 superseded it. The 1795 law removed mention of natural born citizen status"

Re:We have a system to protect against this (2, Insightful)

Jim Hall (2985) | more than 6 years ago | (#24933903)

McCain was born on a naval base which is considered soverign US soil for the purposes of birth, and has been since the 1790s by an act of Congress. (It's true the wording isn't as clear as it could be, but it's clear what the intent is of the bill.)

(This thread is decidedly OT from e-voting.)

As I understand it, the topic of "natural born" is untested, and is certainly not clear here. However, no one is likely to contest John McCain in his candidacy based on his birth, so this is probably moot.

The topic of "natural born" was a topic on the Legal Lad podcast [quickanddirtytips.com] back in March. The key points:

The Fourteenth Amendment provides that, "All persons born or naturalized in the United States, and subject to the jurisdiction thereof, are citizens of the United States and of the State wherein they reside." This gives rise to the notion that there are two kinds of citizens: born and naturalized. So, the question becomes, was John McCain effectively born in the U.S., or did some law make him a citizen, rendering him naturalized?

The reason this is important is that John McCain was born on U.S. military base Coco Solo in the Panama Canal Zone to U.S. parents. Does that make him a "natural born Citizen?"

First, it is important to note that John McCain is definitely a "Citizen" of the United States. [...]

Proponents of McCain's eligibility argue that McCain must be a natural born citizen because he was born a citizen by virtue of his parents being citizens and the birth occurring on a military base. [...] Opponents of McCain's eligibility would point to the dichotomy between being born a citizen, and being declared a citizen. If, under the language of the Fourteenth Amendment and Immigration and Naturalization Act of 1952, a person is "declared" to be a citizen, then the person was not a citizen at the moment of birth. The law "declared" him to be a citizen, and so the person was naturalized, not naturally born. [...] Last, current State Department policy reads: "Despite widespread popular belief, U.S. military installations abroad and U.S. diplomatic or consular facilities are not part of the United States within the meaning of the 14th Amendment. [...]

In the end, a group challenging McCain on this ground might face a backlash. McCain was a prisoner of war, and was born outside the physical boundaries of the U.S. only because the government ordered his parents there. He does not seem to be the problem that the original framers envisioned: a foreigner without current allegiance to the newly-founded United States. McCain, a longtime senator, does not seem to really fit this problem.

Re:We have a system to protect against this (0)

Anonymous Coward | more than 6 years ago | (#24933223)

there's strong circumstantial evidence he had Indonesian citizenship as a child

But was he born in the US? There's nothing in the Constitution that says you can't have dual citizenship (provided you retain your "natural born citizen" status) and it's quite clear that not being in the US is OK, provided that he has "been fourteen Years a Resident within the United States."

Early vote makes your vote count (better chance) (5, Interesting)

InsaneProcessor (869563) | more than 6 years ago | (#24932895)

That is why I always early vote. It is on paper where I vote and that stands a better chance of getting counted correctly.

Re:Early vote makes your vote count (better chance (2, Informative)

pxlmusic (1147117) | more than 6 years ago | (#24932911)

good call. i was reading about the early voting the other day -- i think i'll be doing that.

Re:Early vote makes your vote count (better chance (2)

Amouth (879122) | more than 6 years ago | (#24933079)

if it wasn't for the whole.. not wanting to tie the vote to the person.. i would suggest moveing the election schedual around and put the ballat as a page on IRS tax forms.. it has to be filled out to file them.

the IRS takes it's job seriously.. if you pay taxes you vote..

but then people seem to want each vote to count but also don't want any names attached to the votes..

Re:Early vote makes your vote count (better chance (5, Insightful)

pxlmusic (1147117) | more than 6 years ago | (#24933255)

because people also don't want to be profiled for their electoral choices.

for all we know, we already are. in general, it is my understanding that many political activists are already being watched.

furthermore, i'm all for revoking a lot of these churches' tax exempt status. like Carlin said, "If these churches are so interested in politics; let them pay the same price of admission as everyone else."

Re:Early vote makes your vote count (better chance (1, Flamebait)

somersault (912633) | more than 6 years ago | (#24933849)

it is my understanding that many political activists are already being watched

Isn't the technical term actually 'terrorists'? I'm not even sure whether I'm kidding anymore.

Re:Early vote makes your vote count (better chance (3, Insightful)

Abreu (173023) | more than 6 years ago | (#24933417)

In my opinion, for a modern democracy to work the vote must be mandatory, secret and universal.

This way, no one can pinpoint who voted for whom, thus avoiding temptations of vote buying (at least some of them).

Re:Early vote makes your vote count (better chance (1)

stmfreak (230369) | more than 6 years ago | (#24933857)

While I understand the need for secrecy due to corruption sending brute squads to people who voted for the wrong candidate... secrecy also conveniently allows for corruption of the vote since there is no way to audit a vote back to an individual who can say, "no, I didn't vote for that person." It also allows for multiple votes from a single participant since you cannot analyze votes and determine if the sources are unique or duplicated.

I believe this makes democracy a bit impossible in the long run.

Personally, I prefer voting to be public, open and auditable. If we get to the point that dictators are shooting people with the wrong opinion, it would be good to know... it might actually reinstate proper support for the second amendment.

Re:Early vote makes your vote count (better chance (5, Insightful)

R2.0 (532027) | more than 6 years ago | (#24933045)

"That is why I always early vote. It is on paper where I vote and that stands a better chance of getting counted correctly."

Don't be so smug. Early voting gives those who would deny your vote more time to tamper.

Let's say you mail in your ballot 2 weeks ahead of time. They are collected and sorted by precinct, and then held until election day to be opened.

Just sitting there.

And then someone drops some of the ballots from certain precincts in the shredder - you know, the ones that vote overwhelmingly for one party? Not enough to cause a lot of suspicion, but enough to make a difference in a tight race. Now, not only is your vote gone, you don't even know it - the tampering happened before election day. AND, even if it is discovered early enough, they won't know exactly WHO got screwed, so you won't get another shot.

E-voting makes it easy for small numbers of people to tamper on a large scale. That doesn't mean that good old fashioned vote rigging has disappeared. Spam hasn't eliminated junk mail, has it?

Re:Early vote makes your vote count (better chance (1)

pxlmusic (1147117) | more than 6 years ago | (#24933291)

this.

i like the idea of early voting, paper trails, etc., but you make a good point.

i live in a predominately republican state (georgia) and despite a little interference from the 23-percenters that would interfere to get mccain eleceted, they might vote the other way this time.

Re:Early vote makes your vote count (better chance (1)

tlhIngan (30335) | more than 6 years ago | (#24933845)

"That is why I always early vote. It is on paper where I vote and that stands a better chance of getting counted correctly."

Don't be so smug. Early voting gives those who would deny your vote more time to tamper.

Let's say you mail in your ballot 2 weeks ahead of time. They are collected and sorted by precinct, and then held until election day to be opened.

Just sitting there.

And then someone drops some of the ballots from certain precincts in the shredder - you know, the ones that vote overwhelmingly for one party? Not enough to cause a lot of suspicion, but enough to make a difference in a tight race. Now, not only is your vote gone, you don't even know it - the tampering happened before election day. AND, even if it is discovered early enough, they won't know exactly WHO got screwed, so you won't get another shot.

E-voting makes it easy for small numbers of people to tamper on a large scale. That doesn't mean that good old fashioned vote rigging has disappeared. Spam hasn't eliminated junk mail, has it?

I thought early votes were treated like absentee votes. I.e., they're not even counted at all. Once the vote is closed, and the vote tallys are computed, only if the amount of absentee and early votes exceed the lead do they bother counting those votes?

(After all, if there were 500 absentee/early votes, and the guy won by 1,000 votes, those absentee votes don't really count for much. The only thing they can be used for is determining if a recount is needed because the margin of the lead ends up lower than the possible counting error...).

Or are early votes counted, but not absentee ballots?

Re:Early vote makes your vote count (better chance (1)

R2.0 (532027) | more than 6 years ago | (#24933889)

I believe you are generally correct, but some jurisdictions have bought into early/mail voting in a big way. For instance, I believe Oregon (or was it Washington?) has pushed it so hard that 50% of the votes are by mail.

Re:Early vote makes your vote count (better chance (3, Insightful)

Hyppy (74366) | more than 6 years ago | (#24933059)

Even if your 1 vote is counted correctly, a compromised voting machine farm can render it negligible in terms of effect.

Re:Early vote makes your vote count (better chance (0)

Anonymous Coward | more than 6 years ago | (#24933085)

Wrong. It doesn't have a better chance to be counted unless the election is close enough that absentee ballots could theoretically change the results. That doesn't happen very often. Most of the time the ballots are stored unopened for several months until they are sent to the shredder.

Re:Early vote makes your vote count (better chance (5, Insightful)

anw (42556) | more than 6 years ago | (#24933685)

I find this comment slightly surreal, and honestly believe only an American could have written it.

Democracy is not a commodity that you can have even though your neighbour doesn't. It is more like peace, or sanitation : everyone has it or no-one has it.

To respond to a demonstration that your democratic system has a very serious problem by saying 'Hey, I reckon I got my vote counted' is, well, bizzare.

Theatre (4, Interesting)

adpsimpson (956630) | more than 6 years ago | (#24932969)

The interesting thing here is that I would expect one of two things. Either physical security should be taken seriously, in which case a 'tamperproof' seal should be just that (not hard to design) or an assumption be made (not unreasonably) that physical attack against the machines is unlikely and easily preventable.

A supposedly tamper-proof seal which can be circumvented shows either a cynical disregard for physical safety (ie "we know it's a threat, so we'll put in a seal to make people think we've taken it seriously") or another TSA-style "theatre" solution (ie "we don't think it's a threat, but we'll let people believe that it is, and that we've done something about it").

Both of these interpretations are disturbing. However Hanlon's Razor ("Never ascribe to malice that which is adequately explained by stupidity") may of course apply.

Re:Theatre (1)

InsaneProcessor (869563) | more than 6 years ago | (#24933083)

A company I used to work for would specially format media so that it could not be tampered with. The format itself would prevent a virus from entering the computer because of special windows driver and the format itself was done on special hardware (firmware or software alone could not provide the format). This ensures security. One would think that the USB drive would also be formatted special to prevent attacks. Some companies just fall short when maximizing security.

Everything is hackable (2, Interesting)

COMON$ (806135) | more than 6 years ago | (#24932975)

The real question is, is this more difficult to spoof than the current paper method? Anyone can fake a paper ballot, it is a small subset who can carry out these electronic attacks, although the consequences of this smaller subset's maliciousness could be worse.

Re:Everything is hackable (4, Insightful)

NotBornYesterday (1093817) | more than 6 years ago | (#24933057)

But faking large numbers of paper ballots at many sites is a large undertaking, and harder to hide without a big (read: hard to keep secret) conspiracy. Faking electronics ballots could be done by a smaller number of people, but on a larger and less detectable scale.

Re:Everything is hackable (3, Insightful)

SatanicPuppy (611928) | more than 6 years ago | (#24933071)

This exploit depends on the use of USB keys in the setup process, so it's more a matter of screwing with those keys. Judging by my experience, that would be pretty trivial. The running exploit could be recognized by a competent poll worker, but again, that's not all that likely.

The whole electronic voting thing is hugely flawed. They're building the machines on an extremely hackable (windows) base, rather than a custom firmware. The design does not take into account real security concerns.

While anyone can fake a paper ballot, it would be extremely difficult to fake enough ballots to make a difference. This is not the case with electronic voting. Paper is a much more secure system.

Re:Everything is hackable (1)

Windows_NT (1353809) | more than 6 years ago | (#24933325)

I agree. Paper should be the standard. If you have a sealed box, and everyone puts their ballots in that box, and then the ballots are counted in front of 20 people (civilian!) I bet the chance of being able to spork an election would be pretty slim.

Re:Everything is hackable (1)

SpiderClan (1195655) | more than 6 years ago | (#24933743)

The question then becomes:

How much more expensive is it to hire 20 civilians per voting district than it is to install those machines? Is anybody willing to pay for it? Are the people who would make that decision the same ones who would be most likely to have the ability to tamper with E-Voting machines?

I guess the question becomes three questions.

Re:Everything is hackable (5, Insightful)

TheRaven64 (641858) | more than 6 years ago | (#24933377)

The running exploit could be recognized by a competent poll worker

And this highlights the flaw in electronic voting. The more complex the polling system, the more skill required to ensure fairness. In a paper ballot, anyone can act as an overseer and be confident that the votes were not tampered with while they are watching. With an electronic system that drops to, what, 10%? 1%? 0.1%? And with such a small percentage capable of ensuring election fairness, do you really have a democracy anymore?

paper trail fails? (1)

sckeener (137243) | more than 6 years ago | (#24932979)

ok...I haven't watched the vids because I am at work, but how can a paper trail fail? I mean if I get a receipt that I am going to then put into a voting box, I should be able to check it to make sure I voted for the people I said I was going to vote for...if it is wrong, I should be able to change my vote and print another receipt.

Re:paper trail fails? (1)

caffeinemessiah (918089) | more than 6 years ago | (#24933025)

ok...I haven't watched the vids because I am at work, but how can a paper trail fail?

If there's nothing obviously wrong with the machines, it might never get looked at, especially in larger counties.

Re:paper trail fails? (4, Informative)

SatanicPuppy (611928) | more than 6 years ago | (#24933157)

It doesn't per se. It relies partly on the voter not checking the paper ballot. If they don't void it, it slips through normally. If they do check it, it fixes the ballot, and acts normal.

Otherwise it tries to convince the voter they're done without actually returning the smart card. When they walk away, it voids the ballot, and pops up the "fled voter" screen. The poll worker comes up, uses the admin "submit" toggle to submit the changed vote, and takes back the card. Most places I've been, the poll workers depend on you returning the card, so that wouldn't work.

To me the most compelling piece was how easily the system was compromised. Even if it only screws with a percentage of the votes, that could be huge.

Re:paper trail fails? (4, Interesting)

LWATCDR (28044) | more than 6 years ago | (#24933185)

Take a look at the problems in Palm Beach county again. They lost over 3000 votes.

I swear that they do this just to get attention. Oh and before anybody makes any remarks about Florida or the south let me clue you.
Very few people in Palm Beach county are from Florida or the south. It is New York south.
It looks like this is going to a close election. Which means that the looser will without a doubt claim that they didn't and that somebody lost votes or rigged a machine.
At this point I hope that it isn't close no matter who wins. Well since I am not fond of any of the candidates at this time.

Re:paper trail fails? (0)

Anonymous Coward | more than 6 years ago | (#24933423)

No, no, no! There will be no incorrect spelling of "loser". To hell with your signature!

Re:paper trail fails? (2, Insightful)

pushing-robot (1037830) | more than 6 years ago | (#24933449)

Tampered machines would most likely be set up in the other party's best districts: If the fraud isn't discovered, your party gains a lot of votes. If the fraud is discovered, the district's votes would be discarded or held in legal limbo.

Heads I win, tails you lose.

Slashdot links to a 100MB QuickTime movie... (3, Informative)

mamer-retrogamer (556651) | more than 6 years ago | (#24932995)

... hosted on an .edu server?

This can't end well.

I'm downloading now, will convert to mpeg4, and post a torrent to mininova (if the server doesn't melt before the download completes).

Re:Slashdot links to a 100MB QuickTime movie... (1)

TheRaven64 (641858) | more than 6 years ago | (#24933413)

Do .edu servers typically have low bandwidth? I have a .ac.uk machine which has a GigE connection in the back which is connected to a 34Gb/s upstream link. Bandwidth really isn't an issue for most educational establishments. And why would you convert it to MPEG-4? MPEG-4 has been the default format for Quicktime for several years (MPEG-4 AVC is now for video, I believe, and MPEG-4 AAC still is for audio), and the Quicktime container format is one of the official MPEG-4 standard containers.

Re:Slashdot links to a 100MB QuickTime movie... (3, Informative)

Anonymous Coward | more than 6 years ago | (#24933435)

... hosted on an .edu server?

This can't end well.

It seems to be on youtube:
http://www.youtube.com/watch?v=SWDEZqqqBHE (part I)
http://www.youtube.com/watch?v=moEsgdzZ19c (part II)

Re:Slashdot links to a 100MB QuickTime movie... (1, Interesting)

Anonymous Coward | more than 6 years ago | (#24933539)

MPEG-4 files are ISO Base Media files. ISO Base Media files are exactly the same as Apple QuickTime MOV files, notwithstanding MOV files might have superfluous but entirely innocuous atoms.

Apple also uses H.264 and AAC as default output formats, which means not only is the container file the same, so too are the codecs likely the same. I can't tell for sure, because it's Slashdotted.

Me thinks most of the people who can't playback the file are using Windows, where "MPEG-4" means whatever Microsoft says, and not what the specification says. MPEG-4 support in FOSS land is actually quite robust these days.

(I have paid copies of most of the 14496 series.)

Both links timeout (1)

Taibhsear (1286214) | more than 6 years ago | (#24933017)

Slashdotted already? Anyone have an alternate link?

Re:Both links timeout (1)

lowtek77 (896266) | more than 6 years ago | (#24933049)

You know there is some student; just like the rest of us, that is frantically wondering why cs.ucsb.edu will no longer load and wondering how he will complete his homework at the last second before class.

Re:Both links timeout (2, Funny)

cleatsupkeep (1132585) | more than 6 years ago | (#24933353)

You know there is some student; just like the rest of us, that is frantically wondering why cs.ucsb.edu will no longer load and wondering how he will complete his homework at the last second before class.

It's 8:30 in the morning on a CS server. Do you think any CS students are awake at 8:30 AM? I didn't even KNOW there was an 8:30 AM.

It shows the power of paper trails (3, Insightful)

Anonymous Coward | more than 6 years ago | (#24933073)

Nah, it shows you how good those paper voter verified paper trails are!

In scenario 2, the careful voter, the voter checks the screen, then checks the printout, then notices the printout is incorrect and gets the vote voided and recast.
But if he was a careful voter he'd raise a stink about how the screen was correct, and people would notice that the machines record the printout differently than the screen shows. There would be investigations, accusations and stuff. It would be videod.

Likewise the careless voter, the machine doesn't know is the voter is careful or careless, so it only takes a few careful voters to screw up the attack no matter how many careless voters there are, who don't double check the paper trail.

Scenario 3 & 4 are so obscure as to be worthless (requiring the voter vote but then leave and nobody noticing the machine doing stuff).

What this video really shows IS JUST HOW DAMN DIFFICULT IT IS TO FOOL THE PAPER AUDIT TRAIL.

Re:It shows the power of paper trails (1)

SatanicPuppy (611928) | more than 6 years ago | (#24933267)

They all depend on the voter being careless, and the poll workers being poorly trained. That's a pretty good bet...I wouldn't say it's not feasible, though I agree, it would be caught with a competent staff, and the paper trail was still accurate, assuming 3 & 4 didn't pass unnoticed.

Gore and Kerry Lost,. Get over it. (0, Troll)

all5n (1239664) | more than 6 years ago | (#24933091)

Seriously.

Its time to look to the future instead of dwelling in the past.

Re:Gore and Kerry Lost,. Get over it. (1)

hobbit (5915) | more than 6 years ago | (#24933359)

If you're content for the future of elections to be like the past, I suggest you just cut to the chase and move to a dictatorship.

Re:Gore and Kerry Lost,. Get over it. (-1, Flamebait)

toddhisattva (127032) | more than 6 years ago | (#24933433)

The Dummycrats were too stupid to use the punch card systems, and the Dummycrat Political Machine could not believe that its Florida Panhandle military vote suppression plan didn't work.

So they bitch and now we have easily hackable voting machines, exactly what the Dummycrat Political Machine ordered!

Every time a Dummycrat bitches about voting machines, remind them its their own damn stupid fault.

Solid proof eh... (1, Funny)

Bullfish (858648) | more than 6 years ago | (#24933127)

where were these guys two elections ago? The horses have long left the barn. The hacks in place now are likely protected by the DMCA.

Three elections ago for DMCA (1)

querist (97166) | more than 6 years ago | (#24933187)

It was three elections ago - the DMCA was Clinton's doing, not Bush's.

http://en.wikipedia.org/wiki/DMCA [wikipedia.org]

I find it somewhat amusing that the captcha in a thread about vote hacking is "certify".

Re:Solid proof eh... (1)

Steauengeglase (512315) | more than 6 years ago | (#24933237)

I was wondering the same thing. BTW, isn't circumventing the security on a voting machine constitute several federal felony offenses?

Re:Solid proof eh... (1)

JetScootr (319545) | more than 6 years ago | (#24933421)

They were trying to get the gov't to ensure the machines were secure. This story is the result of a long,long fight against the manufacturers of the crappy voting machines; all of the worst problems of "IP" have been demonstrated.

Brainwashed? (0)

Anonymous Coward | more than 6 years ago | (#24933139)

'brainwashed' voting terminals?
I already assumed the voting public was brainwashed to begin with.

The Uncounted (1)

Underfoot (1344699) | more than 6 years ago | (#24933183)

Haven't watched this, but was told about it:
http://www.uncountedthemovie.com/ [uncountedthemovie.com]

I am disillusioned enough with the voting system after the last two elections that I couldn't bring myself to watch it. The state of our "vote" only depresses me.

BTW - Is anyone really surprised by TFV? We knew about these vulnerabilities for years.

Coralized Download Link (4, Informative)

Crazy Man on Fire (153457) | more than 6 years ago | (#24933213)

Here's the goods:

Full 100mb version: http://www.cs.ucsb.edu.nyud.net/~seclab/projects/voting/ucsb_evoting_attack_dl.mov [nyud.net]
Compressed 10mb version: http://www.cs.ucsb.edu.nyud.net/~seclab/projects/voting/ucsb_evoting_attack_dl_small.3gp [nyud.net]

Posting to YouTube after download finishes...

It's already on youtube (5, Informative)

Anonymous Coward | more than 6 years ago | (#24933451)

Part I:
http://www.youtube.com/watch?v=SWDEZqqqBHE

Part II:
http://www.youtube.com/watch?v=moEsgdzZ19c

Re:It's already on youtube (3, Funny)

Crazy Man on Fire (153457) | more than 6 years ago | (#24933485)

I guess my karma whoring is done for now

Wootube link (2, Interesting)

neokushan (932374) | more than 6 years ago | (#24933307)

Uploaded the low-quality version to youtube, here's the link:

http://www.youtube.com/watch?v=SzYUkXG7Occ [youtube.com]

(Currently processing, it'll be done soon).

Re:Wootube link (1)

tijmentiming (813664) | more than 6 years ago | (#24933375)

it's unavailable at this moment...

Re:Wootube link (1)

neokushan (932374) | more than 6 years ago | (#24933427)

It's still processing. Don't blame me, blame google for being slow.

Re:Wootube link (0)

Anonymous Coward | more than 6 years ago | (#24933607)

I'm game for sex. Where are you?

Re:Wootube link (1)

JCSoRocks (1142053) | more than 6 years ago | (#24933493)

Both halves of the video are up now.

Re:Wootube link (0)

Anonymous Coward | more than 6 years ago | (#24933563)

"This video is unavailable. "

Re:Wootube link (1)

tyler.lee (1319843) | more than 6 years ago | (#24933595)

still unavailable...

takedown (1)

nsheppar (889445) | more than 6 years ago | (#24933415)

DMCA takedown in 5, 4, 3, 2, 1 ....

QUICKTIME? (-1, Troll)

snarfies (115214) | more than 6 years ago | (#24933441)

Are we supposed to take seriously what a "security group" says when they post a video in Quicktime? A closed format that is obnoxious to the point of being borderline malware, not to mention closed source? Why not a nice Xvid file, seriously? It would almost certainly be smaller to boot.

Re:QUICKTIME? (1)

Dog-Cow (21281) | more than 6 years ago | (#24933697)

Please kill yourself. And kill your parents as punishment for inflicting you on the rest of us.

End to End voting now (1)

linzeal (197905) | more than 6 years ago | (#24933507)

We need verifiable results, so why aren't we demanding End to End [wikipedia.org] voting systems from our governments?

This is all nice and good, but (1)

ubrgeek (679399) | more than 6 years ago | (#24933529)

(And granted I can't get to the article so it may discuss this) so what? This has been proven. There have been a dozen stories on this. What are they doing about sharing the information with policy makers? It's great that we read this and become angry. But we don't create the laws*. Are they trying to use the school's considerable clout to get in front of the state Legislature? Congress? If not, then it's a neat hack and that's it.

* And I don't want to hear, "Well we elect the people who do." I've written to my Congressperson each time one of these stories comes up and I get a form letter back. I have no clout. UCSB does.

Open Source (2, Interesting)

epistemiclife (1101021) | more than 6 years ago | (#24933531)

I think that any voting software should be open source. If we're to trust our votes to machines, then the software running them should be in an open box, not a black one. Perhaps then we wouldn't have to read about the security holes; we could find point them out ourselves.

software or government? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24933691)

Open sourcing voting machines makes sense, but... can't we take it one step further? Why not open source the whole government [metagovernment.org] ?

Re:Open Source (0)

Anonymous Coward | more than 6 years ago | (#24933739)

Here's one that lets the voter verify their vote after the election, using crypto: http://www.technologyreview.com/Infotech/21225/?a=f [technologyreview.com]

Solution (3, Insightful)

KGIII (973947) | more than 6 years ago | (#24933655)

Until they get this shit fixed, vote on paper. Even if it is an absentee ballot.

It's a shame (2, Informative)

S7urm (126547) | more than 6 years ago | (#24933763)

that we can't figure out a more relevant form of voting to appeal to a larger contingent of the American populace, maybe more people, more easily accessing voting methods, would allow for a more viable collaboration of opinion in regards to the election of our National officials. But I digress, the super delegate and the Electoral College make my point m00t.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?