Hotel Minibar Key Opens Diebold Voting Machines 341
Billosaur writes, "As if Diebold doesn't have enough to worry about! On the Freedom To Tinker blog, Ed Felten, one of the co-authors of the recent report 'Security Analysis of the Diebold AccuVote-TS Voting Machine', reveals an even more bizarre finding related to the initial report. It turns out that you can gain access to an AccuVote-TS machine using a hotel minibar key. In fact, the key in question is a utilitarian type used to open office furniture, electronic equipment, jukeboxes, and the like. They might as well hand them out like candy."
Why would we expect anything else? (Score:5, Insightful)
I know I'm preaching to the Slashdot choir, and it's been said a thousand times before, but as long as we have closed voting processes, we're going to have people screwing up by doing things like having voting machines accessible with hotel minibar keys. We hate Microsoft for their closed-source software, yet we continue to accept this kind of idiocy.
Quick question: If we have viable alteratives, such as those presented by the Open Voting Consortium [openvotingconsortium.org], why do we continue to bother with these stupid Diebold machines? I know, dumb answer, because Diebold pays the people who decide lots and lots of money.
I would say write to your Congresscritters [vote-smart.org] and let them know that you want these screwed up pieces of junk out of our polling locations, but like I said, I know I'm preaching to the Slashdot choir, and you won't do it. >:-( But realistically, just know that until you do, we can look forward to many, many more articles about this kind of thing. Ooh, at least until we see the one that says, "Electronic voting machines hacked! Election results tainted!." Or even better, when we see nothing at all and Richard M. Stallman is mysteriously elected President in a write-in landslide.
sigh Oh well, it was worth a shot. Just give me my damn +5 and go back to reading about lasers on Intel's chips now.
Re: (Score:3, Insightful)
It's no surprise that enterprise and commercial vendors of all stripes will maintain closed and proprietary software.
What we need to require is a permanent, voter-verified, auditable paper trail, as I have discussed here [slashdot.org].
That's the easiest and simplest course of action, and is a goal we should all be working toward, rather than trying to unseat established enterprise equipment vendors.
---
Temporary
Re:Why would we expect anything else? (Score:5, Informative)
Dude, RTF Site [openvotingconsortium.org]:
Just for pointing that out, I want another damn +5!
Re:Why would we expect anything else? (Score:5, Funny)
Re:Why would we expect anything else? (Score:4, Funny)
GOOD!
I need a drink, now.
Re:Why would we expect anything else? (Score:5, Funny)
No, I'm not the President yet, but I did stay at a Holiday Inn Express last night!
Open Source vs Open Process (Score:5, Insightful)
Re: (Score:3, Insightful)
I don't think those two things are mutually exclusive. When a manufacturer sells enterprise equipment that helps subvert our constitution/constitutional rights we should work toward a voter-verifialbe paper trail, which at the same time should put those companies out of business. I'm talking about simple paper ballots, possibly not even s
Re: (Score:3, Insightful)
Your's truly,
The Factory Boss
Re: (Score:3, Funny)
Alright, explain one thing to me: how can a machine-generated paper ballot possibly be harder to count than a human-generated one? If you really wanted, you could have the electronic voting machine generate exactly the samn damn thing!
Re:Why would we expect anything else? (Score:4, Funny)
The more I think about this, the more this seems to be a nice solution. Get a bunch of geeks armed with minibar keys and flash cards. Once Mario and Yoshi are the leading candidates in 14 different states, the public will be sure to take voting security seriously.
Of course you will have to deal with a huge election fiasco along with finding enough people willing to commit election fraud.
Re:Why would we expect anything else? (Score:5, Interesting)
A more relevant question is: What are the penalties (criminal or civil) for using a key to open a voting machine during polling and doing nothing else.
You don't have to actively fsck things up to get the machine pulled. IMHO, merely opening the machine up would make for a good act of civil disobediance.
If the punishment is not something trivial, videotape yourself in the act and release it anonymously onto the internet the same day.
Even if the election officials do absolutely nothing, it'll show up on the evening and nightly news. That will be good or bad, depending on your perspective, but will definitely be noticed.
Re: (Score:3, Insightful)
Or, if that's even too heavy for your tastes, just get everyone you know to wear an office furniture key jewelry (on a necklace or lanyard, perhaps) on voting day. T'would make 'em nervous, no doubt.
Re: (Score:2, Insightful)
Re: (Score:2)
Re:Why would we expect anything else? (Score:5, Funny)
Wait a minute... Did you say lasers !?!
Re: (Score:2)
Ribbons [pomosideshow.com]Just email opensource at pomosideshow dot com.
Re: (Score:3, Interesting)
Keep fighting the good fight, brother.
Heres why : (Score:3, Insightful)
Things like Diebold are needed tools for fixing elections.
Republicans may not like it, but their candidates for the last 2 elections had the elections fixed.
Nomatter what you do, unless entire entourage of republican party
Re: (Score:2)
If people were to turn up at their voting station and sabotage or destroy the machines, en mass I imagine they would end up in jail for a long stretch? However if it was in my own country I would be tempted to do just that. If you appeal to your congressmen and women and they do nothing, and another joke of an election took place would people be prepared to stand up against it?
Re: (Score:2, Insightful)
Indeed. It's almost like the people who run elections have a vested interest in preventing anybody other than the Republicans or Democrats from controlling elections.
Shocking, that.
Re:Why would we expect anything else? (Score:5, Informative)
That's a documented fact, not random cynicism:
Voting machine vendors offer cruises, funding and jobs to election officials [nytimes.com].
Re: (Score:3, Informative)
I program software for county governments (though it's not election-related). Despite what Slashdot readers would like, solid design and strong security is far from the main concern of the people with whom the purchasing
Where can I buy one of these voting machines? (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
+5 Understatement.
What's needed now (Score:5, Insightful)
Finding out that computer systems can be tampered with and that some large-scale enterprise-class systems can have shoddy security, physical and otherwise, should come as no surprise to us, particularly in this community. On this particular issue, a generic security key is used because of key management issues and the fact that casual access is what's being prevented. Neither of which excuses this or any of the numerous other glaring shortcomings and flaws in this equipment. No one - citizen, politician, or party - benefits from universally shoddy security on electronic voting systems. No one.
Remember, too, that voting legislation, in large part in response to issues in the 2000 election, designed to ensure fair, uniform, and universal access to voting for all citizens by mandating electronic voting equipment, such as HAVA (2002) [fec.gov], were Democratic and bipartisan efforts.
The real issue is that Congress screwed up: they inherently, and erroneously, believed that since we trust so many critically important things to machines, certainly reliable electronic voting is possible, and indeed, we use automation, computers, and machines in almost every aspect of our lives to increase efficiency and reliability - why should voting be any different?
Except for one problem: when you're trying to administer a one-vote-per-person system that also maintains anonymity, and also disallows any external entity from discovering who voted for which candidates, when there is no permanent, voter-verified paper trail, the system as a whole cannot be trusted, since any level of security will always be able to be overridden. This has nothing to do with open source versus proprietary, or how shoddy physical security on e-voting systems is. A permanent, voter-verified paper trail solves all of these problems.
The only problem is that no legislation mandating electronic voting systems includes or speaks to any provisions requiring permanent paper receipt printing capability. All of the major e-voting vendors - Diebold, ES&S, and Sequoia - have this capability, but it's an add-on that requires retrofitting existing equipment, or in some cases, purchasing new equipment. And that takes money many counties and municipalities - particularly in the most hotly contested areas - don't have. (Hint: it's not just poor areas that have long lines [slashdot.org])
Our focus now should be on passing legislation that requires permanent voter-verified paper trail capability on all newly deployed e-voting systems, and allocates funds and creates a timeline for deployment on existing systems. Please, continue to raise this issue with both your county election officials and your elected representatives.
This issue is too important and too critical to the integrity of our election process to let rest.
---
Temporary disclaimer, since this seems to have been an issue for people reading my posts lately: I am not a Republican, did not vote for Bush in the last election, and have always voted for more non-Republican (usually Democratic) candidates since I have been voting.
Re: (Score:2)
NOT A RECEIPT! (Score:5, Insightful)
Do not use the word "receipt" in this context. A receipt is something that you take with you, as a personal record of a transaction. A receipt is worse than useless here... you don't WANT people to be able to show the party bosses that they voted the "right way".
What is needed is a "permanent paper ballot capability", where the ballots are retained at the voting place and serve as the primary official paper (ahem) trail.
Re: (Score:2)
Re: (Score:3, Insightful)
Who benefits from shoddy vote counting equipment (Score:3, Insightful)
Re: (Score:2)
Except for one problem: when you're trying to administer a one-vote-per-person system that also maintains anonymity, and also disallows any external entity from discovering who voted for which candidates, when there is no permanent, voter-verified paper trail, the system as a whole cannot be trusted, since any level of security will always be able to be overridden. This has nothing to do with open source versus proprietary, or how shoddy physical security on e-voting systems is. A permanent, voter-verified
About that HAVA... (Score:2)
I agree with most of your points, but HAVA was written just like all other bills get written these days, by the majority party in cooperation with the big business interests they represent. It was a snow job.
Oh yeah, and the primary lead legislator of HAVA is now on his way to jail.
Re: (Score:2)
Mechanical voting machines work just fine and are comparatively simple, easy to verify, and last a long, long time. The major complaint against them is that they require maintenance, and that the parts are no longer available. For the millions of dollars of development and equipment costs to program and manufacture electronic voting machines that will surely last only a few years before being declared obsolete, a new set of dies could be designed and stru
Re: (Score:2, Interesting)
In Applied Cryptography, Schneier describes a system that in theory would allow up to maintain a one vote per person system and only the voter hi
It's a selling point! (Score:3, Insightful)
And that's exactly what the politicians are looking for.
Moo (Score:4, Funny)
That's the problem right there. You should never religion and state, it always makes one cross.
super key? (Score:5, Funny)
Can't say I'm surprised... (Score:2, Insightful)
After all, these machines were never seriously designed with security in mind...they were designed to be easily compromised.
I think I'll take a hotel minibar key down to my local ATM to see if I can score some free money. If Diebold is honestly this incompetent, it'll be a snap. If, however, the voting machines are specifically designed to be compromised, I'll probably have a harder time of it.
Any bets on the outcome of my little experiment? Didn't think so.
Re:Can't say I'm surprised... (Score:5, Insightful)
That's bullshit, and you know it.
When these systems are vulnerable, it's just as easy for ANYONE to take advantage of that fact. Not one party or one political stripe.
As for ATM security:
Citibank ATM fiasco "worst ever" [boingboing.net]
ATM reprogrammed to give out 4 times more money [hamptonroads.com]
Diebold ATMs hit by Nachi worm [interesting-people.org]
Re: (Score:2)
Well, the first link has absolutely nothing to do with ATMs. The second two are along the lines of what has previously been reported. However this latest breach would be as if someone could walk up, use a $5 key to open the ATM, and walk out with all the money in the system. ATMs, even diebold's, are at least built with descent physical security, unlike these voting machines.
Re: (Score:3, Insightful)
An ATM costs at least $10,000, not counting the cash you stock it with. But I doubt anyone is willing to pay more than $1,000 for a voting machine. So it's natural that the voting machine will have cut-rate security.
Even assuming your first supposition is true, why does that mean worse security?
If the two machines were equally complex, I would agree with you, but I don't think they are. An ATM has some sort of moving parts, or at least some way to move the money around in the machine. It has a magnet
Re:Can't say I'm surprised... (Score:4, Interesting)
Really, do you think so? On the surface, that's a perfectly rational response, I mean, everyone has the same access to these machines, right? What's the point of deliberately making a system everyone can cheat at?
Perhaps not everyone does have the same access. Peerhaps certain voting machine companies favor one party or the other, and provide detailed instructions to their favored candidates. Perhaps something is going on further behind the scenes, giving certain favored groups privileged access to the counting machines themselves, making cheating at the machine level a moot point.
It just seems odd that a company with the skills to make ATM machines nearly impenetrable can't make a voting machine as secure. The track record of ATMs seems to rule out incompetance. Despite your scanty anecdotal evidence to the contrary, ATMs are on the whole very secure. Banks are notoriously picky about that sort of thing, and any company that could not make a secure ATM would find themselves out of the ATM market very quickly, and probably facing massive lawsuits.
What, then, is your explanation of why these machines are so insecure?
Re: (Score:2)
Your mistake is using the logic, "These machines have security issues; therefore, they must be designed that way." That's fallacious, not to mention not provable, as is the subsequent assertion that since they MUST be designing them as insecure, one side must be benefiting since there's no reason to do it unless one side benefits more. No doubt many people believe that along with you: that these systems are intentionally designed as such so that Republicans benefit - of course, that's not provab
Re: (Score:3, Informative)
That isn't the logic. The logic is: These machines have a hundred times more security issues than very similar devices made by the same company, security issues that the com
Re:Can't say I'm surprised... (Score:5, Interesting)
The phrase you are looking for is "Plausible Deniability". If you design a machine that can only be comprimised by a single party then you're clearly a crook. If it can be hacked by a pre-school class with plastic hammers then you can claim to be merely hopelessly incompetant.
Re: (Score:2)
For example, let's say you have an agency that collects taxes. The tax agency has inefficiencies in it. Let's say the agency has problems with cash
Re: (Score:3, Insightful)
Citibank ATM fiasco "worst ever" [boingboing.net]
ATM reprogrammed to give out 4 times more money [hamptonroads.com]
Diebold ATMs hit by Nachi worm [interesting-people.org]
the first two aren't diebold machines, as far as i can tell. and the third has nothing to do with picking a lock.
unless you can show me that a diebold ATM can be easily picked as well, i have to go by the assumption that diebold's voting machines are deliberately lacking in physical security, if they indeed build ATMs which can't be easily
Re: (Score:2)
I can only assume you are calling bullshit on something you think he meant to say or imply...
The Diebold machines are clearly NOT built to reliably record and tally votes.
Speculation about the intentions of the designers is interesting but ultimately only a sideshow.
The point is that the machines, as they exist today, compromise the election results. There are two very simple conclusions that follow from this. One, the mach
Better than Penny-Arcade (Score:3, Funny)
Unfortunatly...
Wonderful (Score:3, Interesting)
And why does Diebold design these machines in such a way that they *CAN* be hacked? I think that involving an Operating System and software in the design of such a machine is a critical error. As a computer engineer, I realize that overcomplicating things can lead to errors. DSP's can make hardware extremely cheap, but there are places where analog circuits are cheaper and more realiable! Why hasn't Diebold designed a hardwired electronic circuit or a mechanical system with failsafes such that the machine can't be hacked, and the wrong candidate will not be selected if the machine fails? There are so many places where their current design can and will go wrong. I believe that it's time for these loonies (or preferrably someone else who has more sense) to come up with a more rudimentary and failsafe design!
You would be amazed at what keys will open what (Score:3, Interesting)
Re:You would be amazed at what keys will open what (Score:5, Informative)
For a voting machine one would hope that they would have used more secure cylinders like the round 7-pin cylinders or maybe Medeco style. The voting machine locks should be at least as secure as unattended machines that hold money, like soda machines, slot machines, even pay phones. Those machines have secure locks with tough-to-duplicate keys. I guess protecting Pepsi is more important than our protecting electoral process.
John
Re: (Score:2)
Basically if anyone lost a key and the lock looked about the right size, I'd whip out my magic key and be in it in seconds.
If as you say there are only a few combinations for that key type it explains why I ha
Re: (Score:3, Informative)
Security is only as good as the weakest defense.
Re: (Score:2)
Re:You would be amazed at what keys will open what (Score:4, Funny)
The point of electronic voting again? (Score:2, Insightful)
I suppose, like upgrading to Microsoft Office 2003, and thus requiring better computing hardware, we did it for the economy.
Re: (Score:2, Informative)
The "point" was to actually fix some of the problem areas from the 2000 election, in addition to things like efficiency and automation. There were Democratic and bipartisan initiatives, like the Help America Vote Act (2002), that mandated electronic voting systems, but neglected to include a paper trail [slashdot.org].
The problem, though, that you bring up is an interesting one: even if all of the systems were totally open source and all had permanent voter-verified paper trails, [insert losers her
Re: (Score:3, Interesting)
Voter votes and gets a printout of his votes from machine A. He verifies that the votes are correct (if not, the printout gets shredded) and puts the printout into machine B (which signals to machine A that it got the printout). Note that machine A and machine B could be made by seperate vendors, and B also contains a paper trail in case a recount is needed.
If machine A and B don't agree, you recount the paper ballots. Gee, sounds quite a bit harder to subvert eh?
Re: (Score:3, Interesting)
There is a simple solution to this.
Assuming a paper trail, everything goes as normal, the polls close, and the machine spits out results -- Candidate X - nnnn votes. Candidate Y - mmmm votes, etc. These are passed up the line, however they are suppos
Re: (Score:2)
Nowhere in the Constitution does it say that we must know the results of an election before we go to sleep on election night.
Our democracy can handle waiting two weeks for accurate, verified election results.
Re: (Score:2)
And for our next generation voting consoles... (Score:3, Funny)
Who will lose their job for this? (Score:2, Interesting)
Drinks inside (Score:2)
Oh noes... (Score:2, Funny)
Re: (Score:2)
The lock is even less sophisticated than that. (Score:5, Informative)
further proof (Score:2)
"Look, I'm not so sure about these..."
"Hey, no problem. Take this unit back to your hotel with you, play around with it. And hey - drinks are on us."
Thirsty after a hard day oppressing the unwashed?. (Score:4, Funny)
Re: (Score:2)
This is not a problem for our Administration (Score:4, Funny)
You shouldn't be locking stuff in your desk anyway, what are you a terrorist?
As for minibar keys--it is the view of our administration that you shouldn't be drinking on business in the first place, it's not good for America! Do you really want to help the terrorists win???
We will ensure all minibars are re-keyed with special locks, the keys to which will be restricted to government employees only (Our administration has proven itself to be Above all Laws but God's, and God never said not to drink, so we therefore deserves access)
When minibar keys are outlawed, only outlaws will have minibar keys--then we know who to detain, harass or shoot (our call).
Re: (Score:2)
Bad Article Summary (Score:3, Insightful)
As if the American People didn't have enough to worry about. There, fixed that for ya.
How long are we going to tolerate this?
Re: (Score:2)
Hmmm (Score:2)
Terrorist conspiracy? (Score:3, Insightful)
* <tinfoil_hat=on>Of course the unnamed group could even be a major political party</tinfoil_hat>
So what happens... (Score:2)
More importantly, (Score:2)
If they're using one of those rotary keys that you see on vending machines and some bike locks, it's actually quite easy to pick them, with the right tool. More importantly, it's quite unobtrusive... it looks just like you're using a proper key.
thoughts ... (Score:2)
here [latke.net]
-aAn idea I've been working on... (Score:2, Interesting)
The machines print you an official receipt indicating your vote and tag it with a random number. At the end of the election, all the data (a large random number and vote table) could be posted (website and otherwise) so anyone who wanted could verify the tally and their vote.
To avoid the injection of a bunch of bogus votes, it would also be necessary to allow anyone who wanted to (specifically a representative from each party) to come out on voting night and
Re: (Score:2)
So, what makes you think that the vote indicated on the receipt is the same as the vote that's actually counted?
Re: (Score:2)
The coercer would presumbably ask for both reciepts, which had damn well match, or else.
Sweet (Score:2)
Fantastic! What a time saver these are! (Score:4, Funny)
I, for one, welcome our new......oh. Too late.
I'll say it again... (Score:2)
Cut and pasted for your viewing pleasure:
Bush must have shares in Diebold or something.
Diebold have been the butt-end of so many serious security failures its not funny any more. Its obvious they don't have a clue about security and aren't likely to get a clue anytime soon judging from their ongoing record.
Why are we still using this company's products? How many more times are the government going
Please....just give us partiy with Slot Machines (Score:5, Funny)
Either make voting machines as secure as slot machines, or let mini bar keys open up slot machines.
Either or. I'm not picky.
Where's Captain John Sheridan when you need him? (Score:2)
Hotels are shocked (Score:2)
Missing the point (Score:2)
How fucking awesome is it that my hacked Diebold voting machine key can now open the hotel minibar!
Why even have a key? (Score:4, Insightful)
I'm also not saying that you guys suck at democracy.
I am saying that you suck at capitalism.
Let's assume that you want to get at the card or whatever is behind the panel.
Why isn't this panel made out of glass that you have to shatter with a little hammer or teflon paper that you have to cut? That way, there's obvious proof of access. The vendor can repair the windows for the next election - it's a revenue stream for them. If the replacement costs $500 or so to install (due to all the fancy features like holograms, RFID, and seals, etc.) then fakes would be prohibitively difficult to get. It would be better physical security than a "Bic" lock.
I think Diebold was lazy, not conspiring. The rest of you were lazy by allowing these lazily built machines to run your election.
Maybe not a conspiracy? (Score:3, Funny)
Hmmmm... do the same hotel minibar keys work on Diebold ATMs?
Key number? (Score:3, Interesting)
Really though, this is nothing new. People always pull stupid shit like this with physical security. The local Union Bank branch I do work for (as a locksmith) has double locks on every teller drawer. One lock takes a key only the teller has and is different for each drawer, the other takes a key the manager has and fits all the drawers. Well, the "manager" key is another absurdly common key, the National "915". If they're expecting the manager lock to keep anyone out, they're sorely mistaken. I've told them, but they don't seem to care...
Die Harder (Score:3, Interesting)
Re:they make ATM machines for christsakes! (Score:4, Insightful)
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:2)
Filed Taxes: Successful
Press here to vote: *click*
HTTP Error 404 - this page cannot be found (sucker!)