Following up on an earlier post:
California’s Secretary of State, Debra Bowden, has posted the results of the first audit of e-voting machines used in California. The summary document is here. Sequoia, Diebold, and Hart machines all fared rather miserably. If you’re not in California, and you’re interested in knowing if your ballot is being tallied by one of these three models, you can check out this spreadsheet at Electionline to see what your state uses (credit to the Wired blog linked below for that url).
The red team analyzing the Sequoia system identified several issues. They fall into several classes:
1. Physical Security. The testers were able to gain access to the internals of the systems by, for example, unscrewing screws to bypass locks. The screws were not protected by seals. Similarly, plastic covers that were protected by seals could be pried open enough to insert tools that could manipulate the protected buttons without damaging the seals or leaving any evidence that the security of the system had been compromised.
2. Overwriting Firmware. The testers discovered numerous ways to overwrite the firmware of the Sequoia Edge system, using (for example) malformed font files and doctored update cartridges. The general approach was to write a program into memory and use that to write the corrupt firmware onto disk. At the next reboot, the boot loader loaded the malicious firmware. At this point, the attackers controlled the machine, and could manipulate the results of the election. No source code access was required or used for this attack, and a feature of the proprietary operating system on the Edge made the attack easier than if a commercial operating system had been used.
3. Overwriting the Boot Loader. Just as the testers could overwrite firmware on the disk, they could overwrite the boot loader and replace it with a malicious boot loader. This program could then corrupt anything it loaded, including previously uncorrupted firmware.
4. Detecting Election Mode. The firmware can determine whether the system is in test mode (LAT) or not. This means malicious firmware can respond correctly to the pre-election testing and incorrectly to the voters on Election Day.
5. Election Management System. The testers were able to bypass the Sequoia WinEDS client controlling access to the election database, and access the database directly. They were able to execute system commands on the host computer with access only to the database. Further, the testers were able to exploit the use of the autorun feature to insert a malicious program onto the system running the Sequoia WinEDS client; this program would be able to detect the insertion of an election cartridge and configure it to launch the above attacks when inserted into an Edge.
6. Presence of an Interpreter. A shell-like scripting language interpreted by the Edge includes commands that set the protective counter, the machine’s serial number, modify the firmware, and modify the audit trail.
7. Forging materials. Both the update cartridges and voter cards could be forged. The report presents several scenarios in which these weaknesses could be exploited to effect the correct recording, reporting, and tallying of votes.
The team investigating the Diebold system identified several issues. They fall into several classes:
1. Election Management System. The testers were able to penetrate the GEMS server system by exploiting vulnerabilities in the Windows operating system as delivered and installed by Diebold. Once this access was obtained, they were able to bypass the GEMS server to access the data directly. Further, the testers were able to take security-related actions that the GEMS server did not record in its audit logs. Finally, with this level of access, the testers were able to manipulate several components networked to the GEMS server, including loading wireless drivers onto the GEMS server that could then be used to access a wireless device plugged surreptitiously into the back of the GEMS server.
2. Physical Security. The testers were able to bypass the physical controls on the AccuVote Optical Scanner using ordinary objects. The attack caused the AV-OS unit to close the polls, meaning the machine could not tally ballots at the precinct or inform voters whether they had “over-voted” their ballot. Similarly, the testers were able to compromise the AccuVote TSx completely by bypassing the locks and other aspects of physical security using ordinary objects. They found an attack that will disable the printer used to produce the VVPAT in such a way that no reminders to check the printed record will be issued to voters.
3. AccuVote TSx. The testers found numerous ways to overwrite the firmware in the AccuVote TSx. These attacks could change vote totals, among other results. The testers were able to escalate privileges from those of a voter to those of a poll worker or central count administrator. This enabled them to reset an election, issue unauthorized voter cards, and close polls. No knowledge of the security keys was needed.
4. Security Keys for Cryptography. The testers discovered that a well-known static security key was used by default.
The report presents several scenarios in which these weaknesses could be exploited to affect the correct recording, reporting, and tallying of votes.
The team investigating the Hart system identified several issues. They fall into several classes:
1. Election Management System. The testers did not test the Windows systems on which the Hart election management software was installed because Hart does not configure the operating system or provide a default configuration. Hart software security settings provide a restricted, Hart-defined environment that the testers bypassed, allowing them to run the Hart software in a standard Windows environment. They also found an undisclosed account on the Hart software that an attacker who penetrated the host operating system could exploit to gain unauthorized access to the Hart election management database.
2. eScan. The testers were able to overwrite the eScan firmware. The team also accessed menus that should have been locked with passwords. Other attacks allowed the team to alter vote totals; these attacks used ordinary objects. The team, in cooperation with the source code review team, was able to issue administrative commands to the eScan.
3. JBC. The team developed a surreptitious device that caused the JBC to authorize access codes without poll worker intervention. The team verified that the mobile ballot box (MBB) card can be altered during an election. The team also found that post-election safeguards to prevent the altered data on a tampered MBB card from being counted can be easily bypassed.
4. eSlate. The testers were able to remotely capture the audio from a voting session on an eSlate with audio enabled, thereby providing an attack that violates voter privacy. The team was also able to force an eSlate to produce multiple barcodes after printing “BALLOT ACCEPTED” on the VVPAT records. This could cause a county that used bar code readers to read the VVPAT to produce erroneous vote totals.
he report presents several scenarios in which these weaknesses could be exploited to affect the correct recording, reporting, and tallying of votes.
The report stresses that the researchers were under severe time pressure to complete their initial review quickly, and as a result, they are confident that a large number of additional exploits exist for all three systems. There are other blog posts covering more details here, here, and here.