Date: Fri, 5 Dec 2003 15:23:11 -0800 Mime-Version: 1.0 (Apple Message framework v553) Content-Type: text/plain; charset=US-ASCII; format=flowed Subject: Fwd: [E-S] [Fwd: Electronic Voting Device Information] From: Jason Schultz <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Content-Transfer-Encoding: 7bit Message-Id: <[EMAIL PROTECTED]>
Declan -- Thought you might enjoy this additional angle on e-voting security issues from one of our members.
[Forwarded with permission]
Begin forwarded message:
From: "George Geczy" <[EMAIL PROTECTED]> Date: Thu Dec 4, 2003 11:03:09 PM US/Pacific To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Electronic Voting Device Information Reply-To: <[EMAIL PROTECTED]>
TO: Ohio Secretary of State / Elections office CC: Electronic Frontier Foundation
I read the recent press release and backup documentation on the review of Electronic Voting devices, released by the Ohio Secretary of State. I would like to thank you for posting the full report online. It is through such public scrutiny that online voting can truly become reliable.
The Compuware report did, however, make a mistake in its view of certain security issues, and as I could not locate their email contact information maybe you could forward this to them for their future reviews. In their audit they declared the infrared interface used in systems such as the iVotronic to be secure as it is proprietary and "will not connect to a normal Windows, Linux or Mac machine". However, it is in fact very easy to reverse-engineer infrared communication. A device as simple as a "Palm Pilot" handheld computer can receive and transmit most custom infrared signals, and so the use of an infrared interface does NOT preclude hacking and unauthorized access through this method. In particular, if the data transmitted through the infrared port is not encrypted and properly keyed, it should be very simple to reverse-engineer the communications protocols between the PEB and the iVotronic. Given the Compuware report's comments on the lack of encryption and security in other elements of the system (such as writing to the memory card), it would seem that the iVotronic may be relying on a false sense of security in the use of an Infrared interface. The Compuware methodology heavily scrutinizes all other forms of interface to a voting unit (standard network connects and interface ports), but falls into this trap of not considering the infrared interface to be an at-risk port.
Given the other security risks identified in the Compuware report, hacking an iVotronic could be as simple as walking into the voting booth using a correctly programmed Palm Pilot (a not at all unusual device among citizens) and using it to simulate a supervisory PEB access device.
-- George Geczy.
- George Geczy, Partner, dg technical consulting - Co-Chair, Hamilton Chamber Science & Technology Committee - Email: [EMAIL PROTECTED] Phone/Fax 905.304.9383
----------------------------------------------------------------------- Jason M. Schultz (415) 436-9333 x 112 Staff Attorney [EMAIL PROTECTED] Electronic Frontier Foundation www.eff.org
_______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
