Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Voting System Test Hack Elects Futurama's Bender To School Board

Soulskill posted more than 2 years ago | from the bite-my-shiny-metal-ballot dept.

Government 210

mr crypto writes with this quote from El Reg: "In 2010 the Washington DC election board announced it had set up an e-voting system for absentee ballots and was planning to use it in an election. However, to test the system, it invited the security community and members of the public to try and hack it three weeks before the election. 'It was too good an opportunity to pass up,' explained Professor Alex Halderman from the University of Michigan. 'How often do you get the chance to hack a government network without the possibility of going to jail?' With the help of two graduate students, Halderman started to examine the software. Despite it being a relatively clean Ruby on Rails build, they spotted a shell injection vulnerability within a few hours. They figured out a way of writing output to the images directory (PDF) on the compromised server, and of encrypting traffic so that the front-end intrusion detection system couldn't spot them. The team also managed to guess the login details for the terminal server used by the voting system. ... The team altered all the ballots on the system to vote for none of the nominated candidates. They then wrote in names of fictional IT systems as candidates, including Skynet and (Halderman's personal favorite) Bender for head of the DC school board."

cancel ×

210 comments

Sorry! There are no comments related to the filter you selected.

At least (5, Insightful)

stillpixel (1575443) | more than 2 years ago | (#39221217)

the election board had the common sense to ask for this publicly and not cross their fingers and hope no one did this when they used it for real. More gov't entities should open up to testing like this.

Re:At least (3, Insightful)

ackthpt (218170) | more than 2 years ago | (#39221411)

the election board had the common sense to ask for this publicly and not cross their fingers and hope no one did this when they used it for real.

More gov't entities should open up to testing like this.

Sure, but if you run Diebold and favor one party over another (justsayin') you don't want some hacker finding your backdoor, do you?

Re:At least (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39221609)

Off course, with paper, you can simply walk in after the fact with boxes full of votes for you guy or gal ( Washington gov and Minnesota Sen, right?)

Re:At least (1)

Anonymous Coward | more than 2 years ago | (#39222121)

not if there are observers around from multiple/all (or independent) parties, observing the boxes and count until the result/count is finalized...

Re:At least (5, Informative)

Anonymous Coward | more than 2 years ago | (#39222547)

The protocol for a proper paper ballot vote is not vulnerable in that way. It goes like this:

On the morning of the election day, observers of all parties and interested citizens witness the sealing of empty ballot boxes. The ballot boxes don't leave the room, and enough observers to prevent collusion must be present at all times.

The election is carried out with observers of all parties watching to confirm that only people eligible to vote put one ballot each into the ballot box.

At the end of the day, the ballots are counted under the eyes of observers of all parties. The result is signed by all observers, each observer makes a note of the result and the signed result is posted locally. The result is relayed upward, where all local results are posted again together with the aggregate result.

This protocol ensures that no single entity can change a number without other interested parties having the opportunity to notice the manipulation.

This protocol is simple enough that no expertise is necessary to memorize it, understand why it works, and verify that it is followed correctly. It is the only protocol with these important properties.

Re:At least (2)

stillpixel (1575443) | more than 2 years ago | (#39221617)

Yep true, so we use the phrase on Gov't that they like to throw at us. "If you have nothing to hide, then you'll have no problem with us taking a look." (paraphrased)

Re:At least (1)

JAlexoi (1085785) | more than 2 years ago | (#39221425)

Most are weasels that are afraid that they will be exposed for their lack of knowledge. So don't pray for it, though it should be like that by law.

Re:At least (0)

Rockoon (1252108) | more than 2 years ago | (#39221711)

They wanted publicity because they knew it would fail. They made sure of that by using default passwords and other shit. This is theater at its finest.

Re:At least (3, Insightful)

kbob88 (951258) | more than 2 years ago | (#39221777)

I agree. Asking the community to test the system out does show remarkable common sense and good intentions, which seems to be lacking in e-voting community.

Unfortunately, they did not have the common sense (or perhaps judgement) to hire a technical team that knew what they were doing when comes to security. Which is not good in any project, but seems like a huge lapse of judgement in an e-voting project.

They also appear not to have hired an independent security review group to scan the code and review the implementation, or if they did hire one, they hired one that was no good.

Re:At least (2)

Ihmhi (1206036) | more than 2 years ago | (#39222331)

With a challenge like this, the security community does the security testing for free.

Re:At least (0, Troll)

stating_the_obvious (1340413) | more than 2 years ago | (#39221845)

You assume that gov't entities would prefer bullet proof systems... How could Bush43 have won the elections in Ohio if SmarTech didn't have the man in the middle exploit set up to rig the results?

/tin_foil_hat
/humor

Why... (5, Funny)

Daniel_is_Legnd (1447519) | more than 2 years ago | (#39221239)

Why not Zoidberg?

Re:Why... (1)

somarilnos (2532726) | more than 2 years ago | (#39221271)

Someone wrote him in as "Slick". Although that's not his name.

Re:Why... (2)

Reverand Dave (1959652) | more than 2 years ago | (#39221277)

Because Bender will teach those filthy bastards who's lovable!

Re:Why... (1)

ByOhTek (1181381) | more than 2 years ago | (#39221305)

They then wrote in names of fictional IT systems as candidates, [...]

Note the presence of IT and and lack of cthuloid, crustacean or anthropomorphicasied-crustacean, or whatever the hell hie is...

Re:Why... (-1, Flamebait)

pinfall (2430412) | more than 2 years ago | (#39221377)

All voting systems [votingsystems.com] need human monitors. Just ask Andrew Brietfart.

Re:Why... (0)

Anonymous Coward | more than 2 years ago | (#39221565)

how is that even remotely related to the GP?

Re:Why... (1)

alphatel (1450715) | more than 2 years ago | (#39222377)

All voting systems [votingsystems.com] need human monitors. Just ask Andrew Brietfart.

I think the fellow you refer to has passed.

Re:Why... (2)

squidflakes (905524) | more than 2 years ago | (#39221475)

You still have Zoooooiiidberg. You ALL still have Zoidberg!

Re:Why... (3, Funny)

ackthpt (218170) | more than 2 years ago | (#39221507)

Why not Zoidberg?

I'm surprised it wasn't Putin.

Re:Why... (1)

pinfall (2430412) | more than 2 years ago | (#39221555)

Why not Zoidberg?

I'm surprised it wasn't Putin.

In Russia, Zoidberg votes Putin 140%

Re:Why... (1)

ByOhTek (1181381) | more than 2 years ago | (#39221579)

In Soviet Russia, your vote changes hackers!

Re:Why... (1)

hardburlyboogerman (161244) | more than 2 years ago | (#39222117)

Hell,I would have went old school->HAL 9000

Re:Why... (5, Funny)

Alter_3d (948458) | more than 2 years ago | (#39221623)

Why not Zoidberg?

I'm surprised it was not Hypnotoad

I'm Scruffy, the janitor (1)

Nidi62 (1525137) | more than 2 years ago | (#39222059)

Everyone always ignores poor Scruffy :(

Bender (1, Informative)

rwise2112 (648849) | more than 2 years ago | (#39221245)

Bite my shiny metal ass!

Re:Bender (0)

Anonymous Coward | more than 2 years ago | (#39221997)

Ooh, moderated as redundant! Now I need to meta-moderate THAT to funny...

Bite my shiny metal ass! (4, Funny)

bunratty (545641) | more than 2 years ago | (#39221247)

If elected I promise to KILL ALL HUMANS! Hey, you said there'd be hookers at this convention.

Re:Bite my shiny metal ass! (0)

Erbo (384) | more than 2 years ago | (#39221749)

Now, did they list his full, legal name, "Bender Bending Rodriguez," on the ballot?

Re:Bite my shiny metal ass! (4, Funny)

Patch86 (1465427) | more than 2 years ago | (#39222021)

Have you ever tried simply turning off the TV, sitting down with your children, and hitting them?

Re:Bite my shiny metal ass! (3, Funny)

Anonymous Coward | more than 2 years ago | (#39222411)

Fine, I'll go rig my own elections! With blackjack, and hookers! In fact, forget about the election.

"managed to guess the login details" (5, Informative)

chemicaldave (1776600) | more than 2 years ago | (#39221257)

If you read the article, they didn't even have to guess really. The default root password for the HTTP admin interface was left intact. They then downloaded the etc/passwd file and cracked it in only 3.5 hours because, surprise surprise, the secondary administrator password was piss poor "cisco123"

Seriously. Who hired these clowns?

Re:"managed to guess the login details" (4, Funny)

Desler (1608317) | more than 2 years ago | (#39221309)

This was a system created by Rubyists. They don't understand security because that's a "low-level detail" they can't be arsed to learn.

Re:"managed to guess the login details" (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39221445)

Indeed.

Ruby does a lot of things, but encouraging security isn’t one of them. Building a properly secured application means thinking about security right from the beginning and working it in at the core levels. Upper level code shouldn't even be _able_ to do something insecure without some kind of token from the minimalist security layers at the base. A language designed to "handle that shit for you" leads to a lot of "oh, didn't think about that" type issues.

See also: diaspora

Re:"managed to guess the login details" (1)

X0563511 (793323) | more than 2 years ago | (#39221497)

Well to be fair, the web developers and sysadmins owning the services the web developers use should be different people. They tend to have different skillsets.

Re:"managed to guess the login details" (1)

quietwalker (969769) | more than 2 years ago | (#39222189)

Completely unrelated to the subject, our dev team has recently replaced portions of our product with a ruby implementation that has caused no end of problems. These folks that have managed to up our bug count by a factor of 3 and increase our feature-completion time by a factor of about 2. This has been going on for 8 months, and I'm simply ill-equipped to discuss this since I've not worked on the ruby code, or really picked it up myself yet. I'm convinced this isn't really a problem with ruby itself, but more due to the amateur way in which their code is architected, which makes maintenance difficult.

You sound like you've got some experience and opinions on the subject that might be valuable; would you be willing to discuss this via email? I'm at pdughi@gmail.com (slashdot is still showing 'email not shown publicly' despite my user settings ....)

Re:"managed to guess the login details" (1)

Rijnzael (1294596) | more than 2 years ago | (#39221391)

Presumably you mean they cracked /etc/shadow. Still, piss poor is a good assessment for their attempts at securing this process. At least they opened it up for public testing though.

Re:"managed to guess the login details" (4, Informative)

jeffmeden (135043) | more than 2 years ago | (#39221471)

If you read the article, they didn't even have to guess really. The default root password for the HTTP admin interface was left intact. They then downloaded the etc/passwd file and cracked it in only 3.5 hours because, surprise surprise, the secondary administrator password was piss poor "cisco123"

Seriously. Who hired these clowns?

It gets even better. The guys attacking it decided to put in a *modicum* of security since there basically was none AT ALL... I can only hope that they actually wanted a really really really soft honeypot for this whole test, and that it wasn't just the E-voting system that they were testing. If it was, god help us all.

We realized that one of
the default logins to the terminal server (user: admin, password: admin) would
likely be guessed by the attacker in a short period of time, and therefore decided
to protect the device from further compromise that might interfere with the
voting system test. We used iptables to block the offending IP addresses and
changed the admin password to something much more difficult to guess. We later
blocked similar attacks from IP addresses in New Jersey, India, and China.

Re:"managed to guess the login details" (1)

OldGunner (2576825) | more than 2 years ago | (#39221637)

This just in, Putin bought the unmodified code from them for use in the next election. Now he can announce his victory before the votes are even cast!

Re:"managed to guess the login details" (1)

Uteck (127534) | more than 2 years ago | (#39221713)

They were the lowest bidder, so people got what they paid for. If you want a secure e-voting system then be prepared to dish out a lot of cash to security experts to test and lock it down, then test and lock down again.

Bender would be great for head of the school board (3, Funny)

jizziknight (976750) | more than 2 years ago | (#39221281)

"Have you ever tried simply turning off the TV, sitting down with your children, and hitting them?"

Re:Bender would be great for head of the school bo (1)

Anonymous Coward | more than 2 years ago | (#39221645)

Why is this modded Insightful instead of Funny?

Re:Bender would be great for head of the school bo (5, Funny)

an unsound mind (1419599) | more than 2 years ago | (#39222441)

Because "Insightful" is Secret Slashdot Code for "Funny, but enough so it deserves karma". And "Funny" is Secret Slashdot Code for "So painfully unfunny it induces groaning."

Or possibly Groening. Not precisely clear on that.

Re:Bender would be great for head of the school bo (-1)

Anonymous Coward | more than 2 years ago | (#39222495)

It's a quote from Futurama you dumb fucking idiot. The quote symbols were the give-away. You might have even put the string into Google.

The world is absolutely full of dumb mouth-breathing fags these days.

Re:Bender would be great for head of the school bo (1)

gewalker (57809) | more than 2 years ago | (#39221731)

Bender doing this should not be a surprise, after all he already messed up the presidential election of 2000 by going back in time and getting Bush elected instead of Gore Act VI [theinfosphere.org] , he was probably did this as a lark at the same time. Given Bender's innate robotics skills, there is no doubt he could have done this.

Ruby on Fails? LOL (4, Funny)

Anonymous Coward | more than 2 years ago | (#39221289)

Ruby on Rails

And there's your problem. Only an idiot would try to run something that needs high security on Ruby on Fails. Rubyists couldn't write secure code if their life depended on it. Next time hire real programmers not hipsters who spend all day sipping lattes and admiring each other's new pair of skinny jeans.

Re:Ruby on Fails? LOL (-1, Redundant)

t27duck (2310746) | more than 2 years ago | (#39221317)

Mod parent up!

Re:Ruby on Fails? LOL (4, Funny)

Anonymous Coward | more than 2 years ago | (#39221353)

Ruby on Rails

And there's your problem. Only an idiot would try to run something that needs high security on Ruby on Fails. Rubyists couldn't write secure code if their life depended on it. Next time hire real programmers not hipsters who spend all day sipping lattes and admiring each other's new pair of skinny jeans.

Somewhere, in some coffee shop, some guy with a bowl cut and a faint mustache is commenting to his friend that he just got hired back to do another contract for the DC BOE and this time they want him to spend 4 hours on it instead of 2.

Re:Ruby on Fails? LOL (1)

Anonymous Coward | more than 2 years ago | (#39221543)

Totally agree.

I can see some (arguable) uses for ruby.. but writing anything that required a high level of security isn't one of them. Not just the language itself not being geared for it, but as you said, the people who use it tend not to have the mindset for it. Diaspora was a great demonstration of this. Security was kind of sprinkled on top vs properly integrated at all layers and many holes were the result of poorly-understood behaviour or inappropriate use of the language features they were using. Always exceptions, but this is consistent with most ruby code I've seen.

Re:Ruby on Fails? LOL (5, Insightful)

kbob88 (951258) | more than 2 years ago | (#39221651)

Nice troll. Actually, it's kind of a lame troll. I suppose, as is normal on /., you didn't read the report from Prof Halderman.

The initial problem was a string interpolation vulnerability in a modified Ruby library that executes a shell command to encrypt PDF ballots. That's a pretty basic mistake that has nothing really to do with Ruby or Rails. If you interpolate into a string (or concatenate data into a string) without sanitizing the data, and then execute it, you're asking for trouble, no matter whether it's Rails or Java or C. This is also pretty basic security stuff, and there are tons of guidelines and tutorials in the Rails community for avoiding this kind of mistake. There are also plenty of code vulnerability scanners that would pick this up. It's amazing that the DC team didn't use one of these to check their code.

But they had plenty of other problems such as easy-to-guess passwords and a lousy IDS configuration.

So the real problem was with the people who developed and implemented the system, not with the tools. I've seen plenty of similar mistakes in systems developed using all sorts of technologies. The developers clearly didn't have a very solid background in security. That's OK actually, as long as you have someone on the project who does and who can check their designs and implementation. Sounds like they didn't have anyone well versed in security, which seems a bit odd for an e-voting project. I'm certainly no expert on security, but I am RoR coder, and even I know not to make these mistakes.

But I suppose it's fun to bash the Rails programmers because they are in really high demand and able to command very high billing rates :-) I'll take the bashing along with the money and the ease of programming!

Re:Ruby on Fails? LOL (3, Funny)

Anonymous Coward | more than 2 years ago | (#39221779)

But I suppose it's fun to bash the Rails programmers because they are in really high demand and able to command very high billing rates :-)

Yeah and we all believe you. No, really, we do. I'm sure the other unemployed Rubyists at Starbucks with you are congratulating you on this great post.

Re:Ruby on Fails? LOL (1, Insightful)

Shados (741919) | more than 2 years ago | (#39221827)

I really hate Ruby, but its hard to ignore that there's a ton of Ruby shops hiring in the big north american metro areas and that they have more contracts than they can deal with right now. Ruby is pretty hot these days.

Re:Ruby on Fails? LOL (1)

kbob88 (951258) | more than 2 years ago | (#39221905)

Yeah, and I believe you. That's why I can't find any experience RoR developers to hire. Our recruiters can't find anyone either. They're all busy.

Re:Ruby on Fails? LOL (3, Informative)

dgatwood (11270) | more than 2 years ago | (#39221817)

The initial problem was a string interpolation vulnerability in a modified Ruby library that executes a shell command to encrypt PDF ballots. That's a pretty basic mistake that has nothing really to do with Ruby or Rails. If you interpolate into a string (or concatenate data into a string) without sanitizing the data, and then execute it, you're asking for trouble, no matter whether it's Rails or Java or C.

Not really. In C, you'd have gotten called an idiot within a few seconds if you used system() or popen(). Properly written C code using fork() and exec() does not require you to sanitize the string in any way.

Re:Ruby on Fails? LOL (2)

kbob88 (951258) | more than 2 years ago | (#39222029)

I think "properly written" is the key phrase there, which applies to any technology implementation.

Ideally, they would have used the gpg libraries or gpgme and called it directly from the Ruby code. But that's harder, so they chose the easy way and got burned.

Re:Ruby on Fails? LOL (4, Informative)

icebraining (1313345) | more than 2 years ago | (#39222137)

A simple search reveals that Ruby has fork() and exec() too. The problem is the "properly written" part.

Re:Ruby on Fails? LOL (2)

Zedrick (764028) | more than 2 years ago | (#39222179)

Ruby (and RoR) is not hip anymore. This is 2012, not 2008. The hipsters have moved on to whatever, and those who remains are generally not worse than other coders.

Bender? (0)

Anonymous Coward | more than 2 years ago | (#39221321)

Why not Zoidberg?

Election System (4, Funny)

necro81 (917438) | more than 2 years ago | (#39221367)

Ya, well, I'm gonna go build my own election system. With blackjack! And hookers!

In fact, forget the election system.

Re:Election System, but if you don't have a system (0)

Anonymous Coward | more than 2 years ago | (#39221547)

what will you do with the leftover blackjack and hookers?

Re:Election System (1)

Anonymous Coward | more than 2 years ago | (#39221841)

Ya, well, I'm gonna go build my own election system. With blackjack! And hookers!
In fact, forget the election system.

and the blackjack.

huh? (0)

Anonymous Coward | more than 2 years ago | (#39221369)

They guessed the login details of the terminal server? Epic fail. Root.Domain == pwnd. If the admin was hacked so easily with the default pwd then nothing to see here.

why evoting machines (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39221383)

Every single technology profession I have EVER communicated with, does not think electronic voting machines are a good idea. If EVERYONE is in agreement this is a BAD idea, why the FUCK are we still making these things?

Re:why evoting machines (1)

Desler (1608317) | more than 2 years ago | (#39221417)

Because an unemployed hipster with 10 years of Ruby experience needed work?

Re:why evoting machines (5, Insightful)

GmExtremacy (2579091) | more than 2 years ago | (#39221437)

If EVERYONE is in agreement this is a BAD idea, why the FUCK are we still making these things?

Because what is popular is not always correct.

Re:why evoting machines (5, Funny)

jeffmeden (135043) | more than 2 years ago | (#39221487)

Every single technology profession I have EVER communicated with, does not think electronic voting machines are a good idea. If EVERYONE is in agreement this is a BAD idea, why the FUCK are we still making these things?

That's just it, we took a vote on that and as it turns out about 190% of respondents said that they were in favor of electronic voting...

Re:why evoting machines (2)

Attila Dimedici (1036002) | more than 2 years ago | (#39221523)

Because it will be easier to hide voter fraud with electronic voting machines.

Re:why evoting machines (1)

Hentes (2461350) | more than 2 years ago | (#39221581)

Because the goal is not to build a secure system.

Re:why evoting machines (5, Insightful)

Tackhead (54550) | more than 2 years ago | (#39221693)

Every single technology profession I have EVER communicated with, does not think electronic voting machines are a good idea. If EVERYONE is in agreement this is a BAD idea, why the FUCK are we still making these things?

Because neither politicians nor voters understand the concept of experimental error.

And because in 2000, a Presidential election's electoral vote count was close enough that the entire contest depended upon the poopular vote count of a single state, which was itself close enough to fall within the experimental error of the measuring apparatus. (Hanging chads, ballots with improperly marked "X"s, scantron errors, etc.)

After that, of course, the usual political process took care of itself, to wit:

Ignorant public: "Something must be done to eliminate all experimental error!"
Ignorant politicians: "Computers are something!"
Frustrated techies: "Just because the computer always reports an unambiguous tally, doesn't mean that the tally reflects the will of the voters..."

They were, of course, drowned out by a chorus of...

Contractors and Lobbyists: "Hey, you politicians look like you want a whole lot of voting machines, and we happen to know some people who can build them... for a price."

Most people (with the exception of politicians and rabid hyperpartisans, and in 2000, they were the minority of the electorate), whether they voted Jackass or Elephant, were willing to accept that it was possible that their candidate lost.

But nobody - and I mean nobody - wanted to accept the possibility that there was insufficient data to discern the actual will of Florida's voters because the margin of victory was within the expected error of a voting process.

The recorded vote count in Florida was 2,912,790 to 2,912,253. Even ignoring the experimental error associated with the voting process, a traffic accident on a highway leading to/from a Democratic- or Republican-leaning neighborhood (or a bad rainstorm, or any number of a thousand random occurrences) could have changed the outcome by making enough people stay home, delay voters' arrival at the polling stations after closing time, etc., to have changed the outcome. No matter what technology you use, 269 votes out of almost six million isn't signal, it's noise.

Until election commissions understand this... (4, Insightful)

halexists (2587109) | more than 2 years ago | (#39221877)

It's not news that electronic systems can be insecure. Those selecting such systems are certainly lobbied to believe that, whatever system they choose, "this time it will be different... this one IS secure."

The truth is all voting systems -- manually or electronically administered -- are insecure. The feature that traditionally manual voting systems have is that the scale of voting fraud exacted is correlated with the scale of corrupt election officials overseeing the process. To increase fraud you either need a) more conspirators or b) higher-level conspirators in the body that oversees the process. That is a feature that is worth keeping in any new version of voting system.

This article is just another example of a voting system that has given up the feature. Not all electronic voting systems forsake this feature, but those that keep it are at most electronic-assisted voting systems that retain distributed verification at multiple stages of the counting process. That's because voting is most secure when it's a distributed activity, not a centralized one. With thousands of tiny precincts collecting pockets of votes, any one could tamper with results -- but many would have to tamper to have a big impact. Election commissioners, keep this feature!

Three time-honored non-tech security measures (2)

QuincyDurant (943157) | more than 2 years ago | (#39222071)

"Every single technology profession I have EVER communicated with, does not think electronic voting machines are a good idea." Three cheers, too, for superstitious luddites (see below). Here are my top three solutions to computer fraud and f**kups:

1. Wanted posters and long prison sentences. Rob a mail truck, do time. Why should this not work for email and other electronic fraud? Robbing an election is a more serious a threat to democracy than robbing the mails, which is bad enough.

2. Human signatures and carbon paper (or one-write NCR paper). When a live person signs a check, an invoice, a purchase order or a ballot, he or she thinks twice about the consequences. Anything can be faked, but carbon paper scores high on lie-detector tests.

3. Letterpress-imprinted sequential numbering. Paper forms, including ballots, with unique numbers and carbons copies, are a solid control for electronic databases.Ancient Letterpress lead-type numbering devices--stamp, crunch, print, and advance the counter-- are older and less screwable-with than computerized typesetting or laser-printing.

I use all of these systems in my own business because where my money is concerned, I do not entirely trust any computer system. I've seen an entire business of 100+ employees saved by one persnicketly accounting clerk who kept paper copies of all the invoices and payments. She had been ordered not to--don't be so old-fashioned, dear--but ignored the controller's blind faith in his new, shiny, $200K fail-safe automated system. No hacker except Murphy and his law was involved. She was neither thanked nor rewarded for rescuing her employer from catastrophic folly.

Murphy's corollary: no good deed goes unpunished.

Re:why evoting machines (1)

Anonymous Coward | more than 2 years ago | (#39222257)

the American public's (media's) urge for instant gratification - the poll stations closed 1 second ago - Why don't we have the result? We want it NOW!

Futurama rocks! (1)

CosaNostra Pizza Inc (1299163) | more than 2 years ago | (#39221449)

Personally, i would have voted for Hubert Farnsworth.

Re:Futurama rocks! (2)

geekoid (135745) | more than 2 years ago | (#39221539)

wha...?

Re:Futurama rocks! (1)

Jason Levine (196982) | more than 2 years ago | (#39221967)

I'd reply, but I am already in my pajamas. *dozes off*

I'm Bender baby! (1)

squidflakes (905524) | more than 2 years ago | (#39221459)

I'm sure Bender doesn't endorse the cool crime of election fraud. He just needs a big government network to get down with maximum efficiency.

Need more than just a hack (4, Insightful)

Todd Knarr (15451) | more than 2 years ago | (#39221461)

What I want to see is a real compromise of one of these systems that can be held up as a true scare story:

1. The compromise is undetected. At the time the results are reported, the election officials are unaware that the system has been compromised and none of the systems in place for detecting a compromise has indicated any trouble. According to all evidence in the audit trail the results are undeniably correct and true.

2. There was no indication of tampering at the time of voting. As votes were being cast there was no indication of tampering with the ballots or any other visible indication that the results weren't being correctly recorded and reported.

3. The results reported are undeniably wrong. Eg., the test voting was done in a controlled manner where everyone knew what the correct results should be and that everyone saw that everyone else had voted the way they were supposed to, so if the system functioned correctly it's known exactly how many votes should be cast for which candidate.

4. The reported results are undeniably wrong. Eg., according to the reported results 100% of the votes cast were for a candidate who should've received zero votes.

Re:Need more than just a hack (1)

Anonymous Coward | more than 2 years ago | (#39221657)

Actually, making it so that 100% of votes go to a single person, while a good demonstration, is not all that scary.
The trick would be to make it so that every third or fourth vote goes to the person you want. Unless your candidate is universally hated so that no one would be voting for them, an extra third or quarter of the votes should be enough to push them up above everyone else, without being so obvious. In a controlled environment that should be enough to be really scary, since you wouldn't know it was tampered with unless you knew what the results were supposed to be at the end.

Now, in a live election it would be better if someone got 100% of the votes.
Say, no matter who someone votes for in the November election, Charlie Sheen get's the vote on a write in. That would make the point.

You'll never see that (0)

Anonymous Coward | more than 2 years ago | (#39221745)

What I want to see is a real compromise of one of these systems that can be held up as a true scare story:

1. The compromise is undetected. At the time the results are reported, the election officials are unaware that the system has been compromised and none of the systems in place for detecting a compromise has indicated any trouble. According to all evidence in the audit trail the results are undeniably correct and true.

2. There was no indication of tampering at the time of voting. As votes were being cast there was no indication of tampering with the ballots or any other visible indication that the results weren't being correctly recorded and reported.

3. The results reported are undeniably wrong. Eg., the test voting was done in a controlled manner where everyone knew what the correct results should be and that everyone saw that everyone else had voted the way they were supposed to, so if the system functioned correctly it's known exactly how many votes should be cast for which candidate.

4. The reported results are undeniably wrong. Eg., according to the reported results 100% of the votes cast were for a candidate who should've received zero votes.

That's a pretty ridiculous prank to pull just for the lulz.

Tampering with an actual election is a pretty serious crime, so whoever does it is not going to want to get caught. Only an idiot would want to commit a federal crime just to throw, say, the state of Virginia's 2012 presidential vote to a 100% landslide for some cartoon robot. If you're going to do it, you might as well do it to give your pet candidate a definite but believable majority.

Re:You'll never see that (1)

Anonymous Coward | more than 2 years ago | (#39221861)

That's a pretty ridiculous prank to pull just for the lulz.

It's not for "lulz". It's to demonstrate, without possibility of denial, the incredibly serious point that e-voting is a bad idea that can never be safely implemented.

Re:Need more than just a hack (0)

Anonymous Coward | more than 2 years ago | (#39221991)

I think you are thinking too much.

Once the server receives a vote it should print it off then the two are compared for tampering. Fixes the issue easily. Also let people know they could vote twice, but would be forced to vote in person at a latter date if that occurred.

Re:Need more than just a hack (0)

Anonymous Coward | more than 2 years ago | (#39222033)

And the result would be??

That's right. The expected candidate would probably win by a few percentage points, as they should, and the only shock would be to the original tamperer. And then whom would they tell?

Re:Need more than just a hack (0)

Anonymous Coward | more than 2 years ago | (#39222079)

That's why you make every vote go for your candidate with n% probability or their opponent with (100-n)% probability. Just make n > 50.

Re:Need more than just a hack (1)

OFnow (1098151) | more than 2 years ago | (#39222181)

5. The bad guys who wanted to control the outcome had no way to know the result was verifiable so their compromise was either a waste of time or worse (for them).

There. Fixed that for you.

Re:Need more than just a hack (0)

Anonymous Coward | more than 2 years ago | (#39222275)

We already had this in the 2000 and 2004 elections -- didn't you see what Diebold did?

Re:Need more than just a hack (1)

scharkalvin (72228) | more than 2 years ago | (#39222313)

Hey #1 or #2 is EXACTLY how Bush got re-elected!

okay, let's get behind this (2)

a_fuzzyduck (979684) | more than 2 years ago | (#39221519)

I will only recognise Bender as the sole head of the DC School Board

umm (1)

geekoid (135745) | more than 2 years ago | (#39221529)

He is a bending unit, not a 'head of the DC school board' unit...guh.~

Re:umm (1)

0racle (667029) | more than 2 years ago | (#39221675)

Well don't blame me, I voted for Kodos.

Open Season for Crackers (1)

walkerp1 (523460) | more than 2 years ago | (#39221571)

I can't be the only one thinking that this was an excellent opportunity to crack the system with impunity and not report the findings. That leaves you one simple ? from Profit!!!

Bender for POTUS in 2012! (0)

Anonymous Coward | more than 2 years ago | (#39221605)

Now that's a candidate I could get behind... hackers consider this a call to arms.

Can they do this for us? (0, Offtopic)

Ronin Developer (67677) | more than 2 years ago | (#39221687)

Right now, the citizens in Central Bucks are outraged by the recent actions of their school board which is resulting in middle schools students getting longer core classes and must choose between liberal arts and PEN (the gifted program) or taking all the other "fun" electives. And, for you ./ types, they cut out the computer applications class (rather than making them more advanced) at the cost of 8 addition teacher jobs.

When the parents protested at the School Board meeting, over 700 people came and 50 spoke. At the end, the CBSD President (elected...unfortunately), basically said "FU" to the parents and dismissed us with a wave of his hand. The Superintendent (who, I don't care for) has even said that there is no reason to change - the existing system IS working well and kids are getting excellent scores. When asked by a parent WHAT the problem is or WHY they are doing this...the crowd was met with silence. Originally, they said one reason was to give more time to prep for the standardized tests. Interestingly, they are back-peddling on that statement.

Fortunately, the PA Dept of Education is now investigating. But, will it be fast enough? BTW, most of the SB members were elected on the republican ticket (as is most of Central Bucks, PA). Cutting costs, I can deal with. Taking us back to the 19th Century? Ah...that would be a 'No'.

So, I say...I would, frankly, welcome and support our Futurama Overlords right now.

Original Story
http://www.phillyburbs.com/my_town/doylestown/cb-parents-students-we-deserve-better/article_aeaf6fe3-6eba-519c-82a2-e2dfebb1208f.html

Update
http://www.phillyburbs.com/news/local/the_intelligencer_news/opinion/changes-coming-at-cb-middle-schools-but-for-the-better/article_328fffdc-b240-5903-8526-85e5d567def3.html

Finally (0)

Anonymous Coward | more than 2 years ago | (#39221753)

Someone competent has won the School Board election.

hasn't this already been discussed (0)

Anonymous Coward | more than 2 years ago | (#39221805)

in episode #79, "Bender Goes Olde School"?

Page 10 (0)

Anonymous Coward | more than 2 years ago | (#39221843)

Best part of this is on page 10 of the report, where people from Iran, China and India all attempted to hack the system.

This is not good (1)

MacGyver2210 (1053110) | more than 2 years ago | (#39221865)

Sad-sack programs like this being compromised fuel the other companies who may be equally as susceptible to attack to press on as if they are somehow better or more secure.

"Sure they hacked that system the government set up, but that was some bloggers scripting in Ruby/Rails in a dark room. They didn't even change the default passwords! We're REAL programmers, writing in a lower-level language with security experience! We can't POSSIBLY do it wrong!"

If you want to actually test an election system, try having a fake Diebold election and see if it can be rigged. Use an ACTUAL e-voting vendor, not some scripts you cooked up to have a hack-off, with the default passwords and everything else right where the attackers expect to find them.

Obligatory (1)

ToiletBomber (2269914) | more than 2 years ago | (#39222119)

Bite my educationally shiny ass!

VOTED DOWN (-1)

Anonymous Coward | more than 2 years ago | (#39222141)

like a raise for school teachers!

Every. Single. Time. (1)

Xupa (1313669) | more than 2 years ago | (#39222255)

Any voting system that can be hacked should be hacked. We need to see fictional characters elected to every office in the land until people figure out the results for real people have been cooked all along.

Not a bad thing at all (1)

roc97007 (608802) | more than 2 years ago | (#39222487)

Bender couldn't possibly do any worse.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?