Electronic Voting Machines Hacked, Bender Bending Rodriguez Elected to School Board
Sure, widespread electronic voting would make the process of tallying and processing ballots exponentially easier, but can it ever really be secure? Maybe someday, but certainly not right now, as evidenced by a little experiment in Washington D.C. that ended with everyone’s favorite robo-sociopath Bender Bending Rodriguez being elected as the head of the Washington D.C. school board. Needless to say, there was a little bit of hacking involved.
Before we go any further, its worth noting that there was hacking involved partially because the Washington D.C. election board was asking for it. Literally. During the election in question, the election board actually invited all comers to try and break into the system as a test of its security. Among others, a team from University of Michigan took a crack at it, and cracked the system wide open.
In addition to asking for it literally, the election board was also “asking for it” from a security standpoint. During the course of the hack, the team, comprised of Professor Alex Halderman, and two graduate student sidekicks, found themselves having to break into the voting system’s terminal servers. Since the password and logon were both “admin,” it proved to be quite easy. They also found that hijacking the voting system’s surveillance cameras for their own purposes was equally trivial.
By exploiting a number of equally egregious security flaws, the team was able to get inside the system, block it off from other attackers, control the ballots, modify them to include SkyNet and Bender, and accomplish this all while remaining completely covert. As a victory dance of sorts, the team programmed the machines to play the University of Michigan fight song. Authorities remained unaware of the successful hack until a tester — who had just ruled the system “secure,” I might add — suggested they lose the music because it was annoying.
Whatever the benefits of electronic voting may be, they certainly aren’t worth the danger of fraud. These may not have been the most sophisticated systems available, but the D.C. election board still thought they were ready for a test despite the fact that no one had noticed, or changed, some very important credentials that were still set to their defaults. Electronic voting systems, as they stand, are probably still years, maybe even decades away from being passably secure either by fault of the systems themselves, or the boards that decide what constitutes “secure.” That’s why I’m going to go create my own electronic voting system, with blackjack. And hookers.
(via The Register)