Skip to Content

AOL Tech

voting posts

Hang your head, Sequoia e-voting machine; you've been hacked again

Hang your head, Sequoia e-voting machine, you've been hacked again
Oh, Princeton University, won't you leave the poor electronic voting machines alone? Haven't they suffered enough without you forming teams with researchers from the University of California, San Diego and the University of Michigan to spread their private moments even further asunder? That group of brainiacs came together to devise a new, even easier hack that allows someone with no special access to take complete control of a Sequoia AVC Advantage voting machine -- an example of which the team purchased legally at a government auction. The machine does not allow modifications to its ROM (because it has an O in the middle), but the team was able to use a technique called return-oriented programming to modify how the machine executes existing code, taking the bits they want and, ultimately, devising a way to re-program its behavior by simply inserting a cartridge into a slot -- presumably after blowing on it for good luck. The hack only works until the machine is powered off, but the attack even foils that, intercepting the switch signal and making the system only appear to power down. Today's top tip for electronic voting polling stations: unplug your boxes overnight.

[Via Digg]

Electronic voting outlawed in Ireland, Michael Flatley DVDs okay for now

Electronic voting outlawed in Ireland, Michael Flatley DVDs okay for now
Yes, it's another international blow for electronic voting. We've seen the things proven to be insecure, illegal, and, most recently, unconstitutional. Now the Emerald Isle is taking a similar step, scrapping an e-voting network that has cost €51 million to develop (about $66 million) in favor of good 'ol paper ballots. With that crisis averted Irish politicians can get back to what they do best: blaming each other for wasting €51 million in taxpayer money.

[Via Techdirt]

German court finds 2005 e-voting was unconstitutional, uncool


Oh, e-voting machines... ever since they arrived on the scene to challenge old timey lever-laden beasts of yore (not to mention pencils and paper, if you remember what those are), there have been numberless examples of their hackability, their unreliable software, and the general mayhem caused by not having a paper trail in elections. It's been a fun ride, but one that's causing a ruckus in Germany... almost four years after the fact, anyway. That's right, the country's highest court has ruled that the 2005 General Election was, in fact, unconstitutional, after the use of e-voting machines was challenged by a father and son team. The ruling states that while the voting was unconstitutional (read: illegal) because the software used on the machines is unreliable, they have not proven that any mistakes were made, nor do they rule out the possibility of using such machines in the future, when stuff will be cooler and work better.

Estonia to allow citizens to vote via cellphone by 2011

Brutal honesty here: on election day this past November, the entire Engadget staff (well, those of us with US passports) collectively agreed that casting our vote via SMS or some other incredibly simple method would be infinitely more awesome than trudging out in the streets and waiting in hour-long lines. Clearly, some higher-ups in Estonia are on board with that concept, as its Parliament has approved a law that will likely make it the first nation on Planet Earth to give citizens the right to vote by phone in something that matters (American Idol notwithstanding). 'Course, those who choose to take advantage must first obtain a free authorization chip for their handset, which sort of kills the whole "not having to leave your house" aspect of all this. Ah well, at least we're moving in the right direction.

Diebold's e-voting machines violate GPL, good taste


Diebold just can't seem to keep its nose clean these days. The nation's largest manufacturer of ATMs admitted not too long ago what everybody already knew: that their e-voting machines were totally bunk. Apparently in the course of that investigation it emerged that the company also thought it would be a laugh to load the open source Ghostscript Postscript interpreter software into those faulty machines without releasing its changes or paying the proprietary usage license fee -- leading Aritex, its developer, to file a lawsuit. It doesn't really instill confidence any further to hear that our nation's terrible electronic voting machines are running on stolen software, guys -- and to be honest, we're kinda starting to wish you'd get out of the ATM business, too.

Princeton publishes how-to guide for hacking Sequoia e-voting machines

Princeton publishes how-to guide for hacking Sequoia e-voting machines
If you're American, it's nearly time to do your civic duty and pick the lesser of two evils for the greater good... and then to wonder if that vote actually got counted. With Diebold admitting its own machines are utterly insecure, competitor Sequoia is now under the microscope and, after a little quality time with the company's machines, Princeton researchers have filed a 158 page report on the ease of replacing their ROMs and winning yourself an election. Okay, we know what you're thinking: "Hacking hardware isn't exactly easy when the computer is in a locked box." Amazingly, it is. A researcher was able to bypass the physical security mechanisms in 13 seconds, despite never having picked a lock before. Now you're thinking: "But you'd need to do that on hundreds of them!" Not so; once infected that malicious code can spread itself to others, and, with no paper trail and an easily bypassed internal audit system, you're well on your way to whatever dark corner of Washington, D.C. you care to occupy!

[Via Ars Technica]

Diebold comes clean, admits that its e-voting machines are faulty

For years, Diebold has embarrassed itself by claiming that obvious faults were actually not faults at all, and during the past decade or so, it mastered the act of pointing the finger. Now that it has ironically renamed itself Premier Election Solutions, it's finally coming clean. According to spokesman Chris Riggall, a "critical programming error that can cause votes to be dropped while being electronically transferred from memory cards to a central tallying point" has been part of the software for ten years. The flaw is on both optical scan and touchscreen machines, and while Mr. Riggall asserts that the logic error probably didn't ruin any elections (speaking of logic error...), the outfit's president has confessed to being "distressed" about the ordeal. More like "distressed" about the increasingly bleak future of his company.

[Via Techdirt]

Unloved e-voting machines cluttering warehouses, losing value fast

Just as the world's landfills could soon see an influx of unwanted televisions, many American warehouses are packed with e-voting machines that once held promise for a better way to vote. Instead, they turned into a multi-year fiasco, with hackers figuring out how to do everything save for their income taxes on 'em and states reverting back to less vulnerable methods. Now, many states are scrambling for ways to recoup costs, even for outlets that will take them in for recycling. Oddly, Ohio cannot ditch the systems it purchased until a couple of related lawsuits get dealt with. The result? Buckeyes will probably still be using e-voting machines come November.

[Via Slashdot, image courtesy of BradBlog]

Would you elect the president via text message? 61 percent say 'Y'


According to a recent, sensational survey from Samsung Mobile, 61 percent of lazy, distracted, and impossibly ignorant cellphone users over the age 18 say they would be comfortable casting their vote for President of the United States via a text message. Meanwhile, the totally serious and meaningful survey found that eight in ten (or 80 percent) of teens under the legal voting age would use their mobile devices to cast a ballot in the election. Additionally, Samsung Mobile discovered that 90 percent of cellphone users would like an ice cream cone, while another 87 percent would like an ice cream cone only after eating a quarter-pounder with cheese. Soon Samsung Mobile hopes to determine what percentage, if any, of the people surveyed know who is running for the office of president.

Former Polish prime minister opposes online voting, says Internet users are all watching porn


Sure, electronic voting has had its fair share of troubles, but there's no denying that it's the wave of the future -- and we're always intrigued by plans like the one being floated in Poland right now that would allow citizens to vote online from their homes, since that seems like a great way to increase participation. Of course, some people are just never going to get it, and it looks like former Polish prime minister Jaroslaw Kaczynski is the latest Luddite curmudgeon to risk your ire, saying that he's not exactly thrilled with the idea of a "young person sitting in front of a computer, watching video clips and pornography while sipping a bottle of beer and voting when he feels like it." Kaczynski went on to say that as a whole, Internet users are "the easiest group to manipulate, to suggest who to vote for" -- which probably means that in addition to not using a cell phone or having a bank account (true!), he's never actually been on the Internet either. Tell you what, Minister: you come in here and successfully manipulate a Mac vs. PC flamewar, maybe we'll talk. Deal?

Engadget up for three Bloggies!

Wow, what can we say, we're totally honored. Your humble source for all things tech and gadgety has officially been nominated for three Bloggies this year -- Best Computers or Technology Weblog, Best Group Weblog, and Best-Designed Weblog (go design team!) -- the most nominations that we've ever received in this annual competition. Unlike the Weblog Awards, which allow you to vote once every 24 hours, the Bloggies have a strict one-vote-per-person rule, and actively discourage cheating by incorporating captchas and verification emails into the procedure. You have until 10:00PM Eastern on Thursday, January 31st to cast your ballot, but doing so earlier will help us all avoid these annoying reminder posts. Also, please remember: winners never cheat, and cheaters never win!

Colorado voting machines don't make the grade

In a terrifically unsurprising blow to electronic voting fans everywhere, Colorado's Secretary of State has declared the machines unreliable -- and apparently in need of a software patch. While not as harsh as some rulings on the systems, Secretary Mike Coffman decertified three out of four machines which had been tested. Why the bad grade? Apparently the machines failed on accuracy and security, two sort-of-crucial components to dependable voting solutions, and two components which have been lacking in many systems. Coffman believes Colorado's findings could have a larger impact, stating, "What we have found is that the federal certification process is inadequate." Clearly another blow for the Diebolds (er, we mean Premier Election Solutions) of the world, but hopefully a sign that we can expect tough love for suspect voting machines.

Ohio report recommends scrapping electronic voting

Like California and Florida before it, habitual swing state Ohio has just issued a report slamming its three providers of electronic voting equipment -- including, of course, renamed Diebold -- and recommending that the 50 counties which use them scrap the machines in favor of a paper-trail-leaving optical scanning method. The report, commissioned by Secretary of State Jennifer Brunner, details the ways in which white hat hackers were able to infiltrate the systems, easily picking locks, using portable devices to manipulate vote counts, and even introducing "malignant software" into boards of election servers. Brunner's plan calls for the entire state's voting infrastructure to be overhauled by next year's presidential elections, a move likely to be lauded by touchscreen voting's many critics, but coming "about eight years too late, jerks -- thanks a lot," according to usually-even-tempered former candidate Al Gore.

ES&S e-voting machine fails epically at withstanding hackers

We're going out on a limb here and assuming that precisely no one is surprised, but yes, another e-voting machine has proven totally incapable of resisting even the most unsophisticated of hacks. Not long after California Secretary of State Debra Bowen okayed the use of systems that failed prior security audits provided they make a few last minute attempts to appear invulnerable, a security penetration team revealed that an ES&S test system was no better than the rest. Reportedly, Red Team researchers were able to circumvent physical blocks with little effort, and they were even able to access internal files by making a quick and dirty change to the BIOS and booting it up with an external memory device. Needless to say, this deceased horse has been bludgeoned quite enough, but if you're interested in seeing a dozen pages of epic failure, the read link has got you covered. [Warning: PDF read link]

[Via ArsTechnica, image courtesy of USA Today]

Engadget nominated in the 2007 Weblog Awards, voting still open

Yeah, we know you've been hearing a lot about the 2007 Weblog Awards in the last couple of days as your source(s) for news across a variety of topics have likely been shamelessly whoring for votes in a bid for a little recognition. Well, as you may have learned, our little site has been honored by being nominated to run against a number of other fine publications for the title of Best Technology Blog. Much love to everyone who's voted for us (and continues to do so) up to once daily per IP address until November 8th. Oh, and let the best blog win. And we mean the best blog.

Zune HD ExposedHTC Hero: Android Evolved
Follow us on TwitterEngadget Video



AOL News

Joystiq

Download Squad

TUAW

Daily Finance

Asylum

Autoblog

Switched.com

FanHouse

Autoblog Green