Risks and vulnerabilities of Ohio voting systems, via EFF

[Declan McCullagh <declan () well com>]

---

Date: Fri, 5 Dec 2003 15:23:11 -0800
Mime-Version: 1.0 (Apple Message framework v553)
Content-Type: text/plain; charset=US-ASCII; format=flowed
Subject: Fwd: [E-S] [Fwd: Electronic Voting Device Information]
From: Jason Schultz <jason () eff org>
To: declan () well com
Content-Transfer-Encoding: 7bit
Message-Id: <FE504C18-2779-11D8-8824-000A959B27EE () eff org>

Declan -- Thought you might enjoy this additional angle on e-voting 
security issues from one of our members.
[Forwarded with permission]

Begin forwarded message:

> From: "George Geczy" <george () dgtechnical com>
> Date: Thu Dec 4, 2003  11:03:09 PM US/Pacific
> To: <election () sos state oh us>
> Cc: <donna () eff org>
> Subject: Electronic Voting Device Information
> Reply-To: <george () dgtechnical com>
>
>
> TO: Ohio Secretary of State / Elections office
> CC: Electronic Frontier Foundation
>
> I read the recent press release and backup documentation on the review of
> Electronic Voting devices, released by the Ohio Secretary of State.  I would
> like to thank you for posting the full report online.  It is through such
> public scrutiny that online voting can truly become reliable.
>
> The Compuware report did, however, make a mistake in its view of certain
> security issues, and as I could not locate their email contact information
> maybe you could forward this to them for their future reviews.  In their
> audit they declared the infrared interface used in systems such as the
> iVotronic to be secure as it is proprietary and "will not connect to a
> normal Windows, Linux or Mac machine".  However, it is in fact very easy to
> reverse-engineer infrared communication.  A device as simple as a "Palm
> Pilot" handheld computer can receive and transmit most custom infrared
> signals, and so the use of an infrared interface does NOT preclude hacking
> and unauthorized access through this method.  In particular, if the data
> transmitted through the infrared port is not encrypted and properly keyed,
> it should be very simple to reverse-engineer the communications protocols
> between the PEB and the iVotronic.  Given the Compuware report's comments on
> the lack of encryption and security in other elements of the system (such as
> writing to the memory card), it would seem that the iVotronic may be relying
> on a false sense of security in the use of an Infrared interface.  The
> Compuware methodology heavily scrutinizes all other forms of interface to a
> voting unit (standard network connects and interface ports), but falls into
> this trap of not considering the infrared interface to be an at-risk port.
>
> Given the other security risks identified in the Compuware report, hacking
> an iVotronic could be as simple as walking into the voting booth using a
> correctly programmed Palm Pilot (a not at all unusual device among citizens)
> and using it to simulate a supervisory PEB access device.
>
> -- George Geczy.
>
> - George Geczy, Partner, dg technical consulting
> - Co-Chair, Hamilton Chamber Science & Technology Committee
> - Email:  george () dgtechnical com  Phone/Fax 905.304.9383

-----------------------------------------------------------------------
Jason M. Schultz                        (415) 436-9333 x 112
Staff Attorney                          jason () eff org
Electronic Frontier Foundation  www.eff.org


_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)