[ale] OT: man in the middle on diebold machines

Michael H. Warfield mhw at WittsEnd.com
Wed Sep 28 21:04:14 EDT 2011


On Wed, 2011-09-28 at 20:20 -0400, Bob Toxen wrote: 
> On Wed, Sep 28, 2011 at 04:59:51PM -0400, Michael H. Warfield wrote:
> > On Wed, 2011-09-28 at 15:38 -0400, Cameron Kilgore wrote: 
> > > I still wonder the need to complicate and put at risk the reliability
> > > of our one measure of democracy. Paper ballots seem more reliable and
> > > less prone to a politician's whim.
> 
> > On that, we may have to agree to disagree.
> Yes, we will.  Paper ballots as currently done in most of the honest
> world is VERY hard to cause deliberate widespread fraud and the
> accidental error rate is very low.

Actually, the error and fraud rate are higher than most people recognize
or are willing to admit.  Even paper ballots can be vastly improved upon
but are not.

One very good example is the "bingo marker" system (a highly low tech
paper based system) that was actively discussed several years ago which
is now called the "Punchscan Voting System".  This is an example of an
E2E (end to end) system in which the voter has some measure of
end-to-end validation of their vote and confidence that their vote was
counted (two things sadly missing in all the present day systems) while
maintaining confidentiality and integrity of the voting system.

http://www.cs.uwaterloo.ca/~aessex/assets/vcmp/punchscanVocomp.pdf

This was originally proposed by David Chaum, a senior level
cryptographer and researcher way above my pay grade, way back in 2005
and later implemented and documented in 2007 in practice.  It has a LOT
to say for it in terms of advantages over current systems, both
electronic and dead-trees.

While very good and a very significant improvement over the present
systems, there are still ways to subvert even this...

http://people.seas.harvard.edu/~talm/papers/KRMC10-attackvote.pdf

So there are some ways to subvert and attack even this system.  This
sort of research tells us as much about the strength of a system as it
does it's weaknesses and it's still an improvement over current systems.

These are very rich and dynamic fields of research in my fields...
There is still a lot of controversy over anomalies in electoral results
over the last several years and not all of it can be attributed to
electronic tampering (although plenty of it can).  Going back to paper
and pencil will not solve those problems.  It merely shifts the attack
methodologies and the old methodologies are well thought out and well
practiced already.

I simply don't have your level of confidence in paper ballots.

Regards,
Mike

> The "hanging chads" were an error rate of about 0.5% and much of that
> was due to elderly too infirm or to senile to properly use them.  The
> former (infirm) were allowed to have assistants.  I'm not sure the
> senile are legally allowed to vote and if so probably vote more or less
> randomly (no disrespect is meant).
> 
> > On one hand, there have certainly been sufficient examples of "hanging
> > chads" and misplaced bags of ballots and ballot count mismatches to
> > argue that paper ballots are neither reliable nor less prone to a
> > politician's will.
> I'll take the 0.5% hanging chad error rate over the potential 100% error
> rate of the insecure DRE machines.
> 
> > OTOH, there have been proposals for voting protocols down through the
> > years which can insure authenticity and authorization while preserving
> > anonymity while still providing end to end verification and auditing
> > confirmation.  I've seen some such proposed at security conferences such
> > as NDSS, Usenix Security Symposium, and RSA over the last decade or so.
> > We know how to do it right.
> Until then there is paper.
> 
> > The problem is that these protocols are "open" and, as such, can not be
> > held for ransom by companies wanting to leverage the maximum number of
> > tax dollars out of pockets for their proprietary solutions and they are
> > too good for those people who don't want something that good...
> Yup.  Bush wanted DRE for the money his buddies made not for committing
> fraud (IMO AFAIK).
> 
> > We can agree that the current field of voting machines are an abysmal
> > and embarrassing lot of junk that should have been rejected out of hand
> > by anyone with any respect for the institution.  Trouble is, that's not
> > those with the vested interests.
> Yup.  Junk 'em and bring back trustworthy, reliable, and cheap paper!
> 
> > Regards,
> > Mike
> Bob
> 
> > > --Cameron <http://ghostfreeman.net>
> > > 
> > > 
> > > On Wed, Sep 28, 2011 at 3:34 PM, Geoffrey Myers <lists at serioustechnology.com
> > > > wrote:
> > > 
> > > > Anyone else catch this?
> > > >
> > > >
> > > > http://hardware.slashdot.org/story/11/09/28/0241201/man-in-the-middle-remote-attack-on-diebold-voting-machines
> > > >
> > > > --
> > > > Later, Geoffrey
> > > > Sent from my iPhone
> > -- 
> > Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
> >    /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
> >    NIC whois: MHW9          | An optimist believes we live in the best of all
> >  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
> 
> Bob Toxen
> bob at verysecurelinux.com               [Please use for email to me]
> http://www.verysecurelinux.com        [Network&Linux security consulting]
> http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
> Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
> Quality spam and virus filters.
> 
> "One disk to rule them all, One disk to find them. One disk to bring
> them all and in the darkness grind them. In the Land of Redmond where
> the shadows lie...and the Eye is everwatching"
> -- The Silicon Valley Tarot Henrique Holschuh with ... Bob
> 

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110928/6e4a63f3/attachment.bin 


More information about the Ale mailing list