Hacking The Machines

“Hackers breach dozens of voting machines brought to conference”

by Joe Uchill, July 29, 2017

The Hill

“LAS VEGAS – One of the nation's largest cybersecurity conferences is inviting attendees to get hands-on experience hacking a slew of voting machines, demonstrating to researchers how easy the process can be.

‘It took me only a few minutes to see how to hack it,’ said security consultant Thomas Richards, glancing at a Premier Election Solutions machine currently in use in Georgia.

The DEF CON cybersecurity conference is held annually in Las Vegas. This year, for the first time, the conference is hosting a ‘Voting Machine Village,’ where attendees can try to hack a number of systems and help catch vulnerabilities.

The conference acquired 30 machines for hackers to toy with. Every voting machine in the village was hacked.”

“Defcon hackers find it's very easy to break voting machines”
“Voting is at the foundation of every democracy. Hackers find it's on shaky ground thanks to shoddy technology.”

by Alfred Ng, July 30, 2017

CNET

“The village is expected to return to Defcon for the next three years, right up until Trump's potential re-election campaign. The hackers at Defcon hope by 2020, their exploits will lead to changes in voting booth technology.

‘Hacking it is good because it's able to inform politicians and people in Congress about what they should do with voting machines,’ Hwang said. ‘If no one ever hacked them, we might be still using things like this.’”

“It took DEF CON hackers minutes to pwn these US voting machines”
“We've got three years to shore up election security”

by Iain Thomson, July 29, 2017

The Register

“DEF CON After the debacle of the 2000 presidential election count, the US invested heavily in electronic voting systems — but not, it seems, the security to protect them.

This year at the DEF CON hacking conference in Las Vegas, 30 computer-powered ballot boxes used in American elections were set up in a simulated national White House race — and hackers got to work physically breaking the gear open to find out what was hidden inside.

In less than 90 minutes, the first cracks in the systems' defenses started appearing, revealing an embarrassing low level of security. Then one was hacked wirelessly.

‘Without question, our voting systems are weak and susceptible. Thanks to the contributions of the hacker community today, we've uncovered even more about exactly how,’ said Jake Braun, who sold DEF CON founder Jeff Moss on the idea earlier this year.”

“Defcon vote-hacking village shows that ‘secure’ voting machines can be broken in minutes”

by Cory Doctorow, July 30, 2017

BoingBoing.Net

“I was in the room for some of this, and attended some of the excellent accompanying talks. The case for auditing and improving the country's voting machine security has never been made plainer, or more urgent. This is important work.

One important note: voting machines increasingly use Digital Rights Management (DRM) to restrict software updates, which triggers Section 1201 of the 1998 Digital Millennium Copyright Act (DMCA), under which security researchers face potential criminal and civil penalties for revealing defects in products that are designed to control access to copyrighted works.”

“Hackers at DefCon conference exploit vulnerabilities in voting machines”

by Elizabeth Weise, July 30, 2017

USA Today

“LAS VEGAS – Hackers 5, voting machines 0.

It took less than a day for attendees at the DefCon hacking conference to find and exploit vulnerabilities in five different voting machine types.

The first ones were discovered within an hour and 30 minutes. And none of these vulnerabilities has ever been found before, they'll [sic] all new,’ said Harri Hursti, co-coordinator of the event.

One group even managed to rick-roll a touch screen voting machine, getting it to run Rick Astley's song ‘Never Gonna Give You Up,’ from 1987.” ….

“Several groups took machines apart, others found ports meant for election officials and plugged computers and testing devices into them to see what the [sic] could gain access to. Wireless and networked hacks were also attempted.

But much of the work didn't involve hacking at all.

‘It just took us a couple of hours on Google to find passwords that let us unlock the administrative functions on this machine,’ said Pfeifer, whose group was working on a touch screen voting machine. ‘Now we're working on where we can go from there.’”

How to Rig an Election

by Victoria Collier, November 2012

Harper's

Victoria Collier has written about election fraud from before the Twentieth Century to the present day. The advent of electronic voting machines has made election fraud much easier.

Does the Romney Family Now Own Your e-Vote?

by Gerry Bello, Bob Fitrakis and Harvey Wasserman, October 19, 2012

The Free Press

Mitt, Anne, and Tagg Romney are heavily invested in Solamere, a private investment firm with major investments in H.I.G. Capital, which owns a controlling interest in Hart InterCivic. Hart InterCivic's machines will be used in parts of Ohio and Colorado (both swing states) and other states too in the November 6, 2012 election.

Romney Family Investment Ties To Voting Machine Company That Could Decide The Election Causing Concern

by Rick Ungar, October 20, 2012

Forbes

Concern over this web of Romney family ties to Hart InterCivic electronic voting machines has become great enough that even Forbes magazine published an article on this.

Rigged Elections for Romney?

by Michael Collins, October 22, 2012

OpEdNews

“A group of independent researchers caught a pattern of apparent vote flipping during the 2012 Republican primaries that consistently favored Mitt Romney. A form of election fraud, vote flipping occurs when votes are changed from one candidate to another or several others during electronic voting and vote tabulation.”

NSA Analyst Proves GOP Is Stealing Elections (Updated: Why is Mitt Romney so confident?)

by Denis G. Campbell and Charley James, October 25, 2012

Denis Campbell's UK Progressive

Retired National Security Agency (NSA) analyst Michael Duniho analyzed the Arizona 2012 Primary Election and found that the largest precincts had a large shift towards Mitt Romney relative to smaller precincts, not explainable by income level, population density, race, urban vs. rural, or party registration numbers. His results showed across-the-board systemic election fraud on a coordinated and massive scale. But the analysis indicated that this only happens in larger precincts because anomalies in small precincts can be more easily detected.

Bev Harris calls out names of some transnational corporations counting votes in the USA

by Bev Harris, BlackBoxVoting.org, current owners of some of these machines, July 20 and 25, 2012

On July 20, 2012, Bev Harris of Black Box Voting released a most remarkable press release about the current owners of some of the machines.

“What would Malaysian gambling corporations want with American elections . . .” It would be enormously unsafe to expect a limit to their desires, but to start with, “clearly, they want the state of Florida”.

Hacking the Machines

by Sheila Parks, April 27, 2012

Read Hacking the Machines by Sheila Parks. The corporations, the 1%, own all the electronic voting machines, and these can all be rigged.

WHAT A DIFFERENCE NEWS EDITING MAKES:

Read 2 original articles about electronic voting insecurity, and see how a mainstream media blog post referencing these 2 articles comes to a false conclusion that favors machine voting, and potentially misleads readers into believing that this conclusion comes from the original articles.

First, read an article from Phil Rogers of NBC Chicago.

January 7, 2011

Argonne National Laboratory security chief Roger Johnston concludes: "most voting machines have almost no security to reveal tampering", and who has demonstrated a variety of circumstances in which the machines can be hacked.

Then, read an earlier article by Researchers from Princeton (Andrew W. Appel, Maia Ginsburg, Brian W. Kernighan, Christopher D. Richards) and Lehigh University (Gang Tan), and independent voting integrity researcher Harri Hursti.

October 5, 2010

"The AVC Advantage contains a computer. If someone installs a different computer program for that computer to run, it can deliberately add up the votes wrong. It's easy to make a computer program that steals votes from one party's candidates, and gives them to another, while taking care to make the total number of votes come out right. It's easy to make this program take care to cheat only on election day when hundreds of ballots are cast, and not cheat when the machine is being tested for accuracy. This kind of fraudulent computer program can modify every electronic 'audit trail' in the computer."

Finally, read the Computerworld blog of Sharon Machlis.

January 7, 2011

Sharon Machlis references the above two articles, but then comes to the false conclusion: "A paper trail is necessary so if questions arise about an election results -- say, results significantly differ from scientifically valid exit polls, a standard used to check for fraud by election overseers in other nations -- there's a way to double-check results that can bypass potentially flawed software counts."

**** Sharon Machlis' conclusion is false because although electronic audit trails are indeed not good enough to detect fraud, this does not mean that a paper trail will make the audit trails good enough to detect fraud; the insecure machines can easily be hacked to produce a false paper trail to conceal their fraud. Due to the way this article is titled and written, it might lead a reader to believe that this conclusion came from the articles that it references (noted above), but this is not the case. Unfortunately, this is the article that most of the public is most likely to see; this demonstrates the need for diligence in reading the news, and the importance of alternatives to the mainstream (corporate-controlled) media. ****

The Mysterious Death of Bush's Cyber-Guru

Maxim Magazine

Wednesday 02/10/2010 by Simon Worrall

"while the rumors, innuendos, and allegations continue to swirl through the ether, evidence has recently emerged that suggests the Ohio vote may have been hacked, and that Connell was involved."

The original Maxim Magazine appears to have disappeared; a copy of a large part of the article is here>>

Computer Scientists Take Over Electronic Voting Machine

with New Programming Technique

San Diego, CA, August 10, 2009 -- Computer scientists demonstrated that criminals could hack an electronic voting machine and steal votes using a malicious programming approach that had not been invented when the voting machine was designed. The team of scientists from University of California, San Diego, the University of Michigan, and Princeton University employed “return-oriented programming” to force a Sequoia AVC Advantage electronic voting machine to turn against itself and steal votes.

The suspicious, disturbing death of election rigger Michael Connell

by Bob Fitrakis & Harvey Wasserman

The Free Press

December 20, 2008

Michael Connell, the crucial techno- lynch pin in the theft of the 2004 election, and much more, is dead at the age of 45. His unnatural, suspicious death raises serious questions about the corruption of the American electoral process that now may never be answered.

Why Al Franken should NOT be riding private planes

The Smirking Chimp

by Harvey Wasserman | December 24, 2008

by Bob Fitrakis & Harvey Wasserman

The tragic and suspicious death of Karl Rove's election thief in chief should send a clear message to Al Franken and other key liberals: don't be riding in any small private planes.

Evaluating the Security of Electronic Voting Systems

Are your votes really counted?

Testing the Security of Real-world Electronic Voting Systems

The Computer Security Group at UCSB

D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, and G. Vigna,

in Proceedings of the International Symposium on Software Testing and Analysis, Seattle, WA July 2008.

"Electronic voting systems have been introduced to improve the voting process. Since their inception, they have been controversial, because both the technologists and the general public realized that they were losing direct control over an important part of the voting process: counting the votes."

Read the original article.

View the associated videos

Part 1

Part 2

See the UCSB SecLab E-Voting Security page.

Read the related report Security Evaluation of the Sequoia Voting System, Public Report.

Read the related report EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing (334 page PDF download).

Information above reprinted with the permission of The Computer Security Group at UCSB.

Black Box Voting & Hursti Hacks

A series of voting machine red team tests, organized and produced by Black Box Voting, with Finnish security expert Harri Hursti (2005 & 2006).

Hursti I report -- Critical security flaws in the Diebold [precinct based] optical scan (2005):

The Hursti I report is the one that was shown in the HBO special "Hacking Democracy"

Hursti II report -- Critical security flaws in the Diebold TSx (2006):

Hursti II Supplement (2006):

Hacking Democracy

A must see Emmy nominated documentary by Simon Ardizzone, Russell Michaels and Robert Carrillo. It was produced by Sarah Teale and Sian Edwards, and aired on HBO yearly since 2006.

This cautionary documentary exposes the vulnerability of computers - which count approximately 80% of America's votes in county, state and federal elections - suggesting that if our votes aren't safe, then our democracy isn't safe either.

"HBO: Why do you think people have such a hard time grasping this subject?

Sarah Teale: I think people don't like to even contemplate how easy it is for people to access our election systems, and change the vote. I think it's a very scary concept for people. I mean, how did they do it? It's a technical puzzle. But the most basic thing is that, in fact, our election systems are now privately owned, and privately managed. And that basic fact does get people interested…."

Read the entire interview

Visit the HBO web page on this documentary

Visit the official Website and DVD

The DVD may be ordered from Docurama

Security Analysis of the Diebold AccuVote-TS Voting Machine

Ariel J. Feldman, J. Alex Halderman, and Edward W. Felten

Center for Information Technology Policy, Princeton University

September 13, 2006

"This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates…."

Video Feed