Electronic voting machines have had a less then stellar record regarding their security Back in 2006 Diebold voting machines had an easily accessible memory card slot in the front that people could install viruses from. In 2008 it was demonstrated that Sequoia voting machines could easily have the front panel removed and the firmware chipped swapped out with an illegitimate one. Well a recent exploit developed by the Vulnerability Assessment Team at Argonne National Laboratory have demonstrated the ability to hack the machine to change votes with out leaving any trace behind for only $26.
What the researchers did is they used a man-in-the-middle style of attack by creating a small circuit board that carry’s the code which can manipulate the input of the device. They then unplugged the connection between the touch screen and the rest of the hardware and plugged the chip in between the two. That way when the touchscreen sends the data on what button was pressed the circuit board could reinterpret it as something else when it gets stored to the device. They then went on to demonstrate that they could easily affect the paper print out of the machine too, which Diebold added to prevent hacking the readouts. So with out opening the machine up and looking for the chip itself there would be no way to detect what was happening. As a little extra they added a RF device that could communicate with the chip allowing them to remotely control whats happening up to a mile away.
While this attack does require access to the internals of the machine that’s a relatively easy problem to overcome. Most voting stations are kept in low security areas like churches and schools. So access wouldn’t be the most difficult thing to gain.
You’d think that after the first couple of times its been shown that voting machines are easily hackable we would have given up on them. Unfortunately that isn’t case so were either going to have to make their security foolproof or go to a different system.