The team of scientists from University of California, San Diego, the University of Michigan, and Princeton University employed “return-oriented programming” to force a Sequoia AVC Advantage electronic voting machine to turn against itself and steal votes.
“Voting machines must remain secure throughout their entire service lifetime, and this study demonstrates how a relatively new programming technique can be used to take control of a voting machine that was designed to resist takeover, but that did not anticipate this new kind of malicious programming,” said Hovav Shacham, a professor of computer science at UC San Diego’s Jacobs School of Engineering and an author on the new study presented on August 10, 2009 at the 2009 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections (EVT/WOTE 2009), the premier academic forum for voting security research.
The computer scientists had no access to the machine’s source code—or any other proprietary information—when designing the demonstration attack. By using just the information that would be available to anyone who bought or stole a voting machine, the researchers addressed a common criticism made against voting security researchers: that they enjoy unrealistic access to the systems they study.
“Based on our understanding of security and computer technology, it looks like paper-based elections are the way to go. Probably the best approach would involve fast optical scanners reading paper ballots. These kinds of paper-based systems are amenable to statistical audits, which is something the election security research community is shifting to,” said Shacham.
“If you are using electronic voting machines, you need to have a separate paper record at the very least.”
The computer scientists showed that an attacker would need just a few minutes of access to the machine the night before the election in order to take it over and steal votes the following day. The attacker introduces the demonstration attack into the machine through a cartridge with maliciously constructed contents that is inserted into an unused port in the machine. The attacker navigates the machine’s menus to trigger the vulnerability the researchers found. Now, the malicious software controls the machine. The attacker can, at this point, remove the cartridge, turn the machine’s power switch to the “off” position, and leave. Everything appears normal, but the attacker’s software is silently at work.
“We overwrote the computer’s memory and state so it does what we want it to do, but if you shut off the machine and reboot from ROM, the exploit is gone and the machine returns to its original behavior,” explained Checkoway,the scientist.
2009 Electronic Voting Technology Workshop is a two day workshop being held in Montreal .It bring together researchers from a variety of disciplines, ranging from computer science and human-computer interaction experts through political scientists, legal experts, election administrators, and voting equipment vendors.
IF the EC still feels it has got a pure machine with it, it should apply for nobel prize.
EXPERTS, COMPUTER SCIENTISTS ALL OVER THE WORLD AGREE THAT PAPER IN SOME FORM IS ABSOLUTELY NECESSARY FOR ANY CREDIBLE VOTING PROCESS. ALSO MOST OPINE LEAST USE OF COMPUTERS IN THE PROCESS. THERE IS NO WAY AN ABSOLUTE 100% PERFECT MACHINE CAN BE FOUND IS THEIR ARGUMENT. IF THE EC OF INDIA THINKS THEY ARE A GENIUS, BETTER THAN THE REST, THEY SHOULD COME FORWARD AND EARN ONE MORE NOBEL FOR INDIA.
OPTICAL SCAN IS SUGGESTED AS THE BEST AND SWIFT METHOD, AS OF NOW. BUT THEN HOW WILL YOU HAVE 'SCIENTIFIC' VOTING IN INDIA?
IF INDIA CLAIMS IT HAS GOT A MACHINE, WHICH THE WHOLE WORLD SAYS CAN NEVER BE MADE, WE SHOULD BE PROUD AND ARRANGE TO AWARD NOBEL PRIZE TO THE ECIL SCIENTISTS AND IMAGINE THE REVENUE WE WILL GET WHEN ALL NATIONS WILL BUY OUR MACHINES. I THINK THE EC SHOULD PRESENT IT'S PAPER TO THE NOBEL COMMITTEE.
THE LAST JOKE I HEARD FROM EC WAS IT GAVE A WEEK TIME FOR ANYONE TO PROVE IT AS GUILTY AND IN THE END OF THE WEEK PROCLAIMED ITSELF AS NOT GUILTY. IMAGINE IF KASAB GIVES INDIA A WEEK FROM NOW TO PROVE HIM GUILTY, FAILING WHICH HE SHOULD GET A IST CLASS TICKET TO ISLAMABAD, HOW MANY TAKERS ARE THERE IN INDIA?
You do not mention the EVM which Hovav Shacham used for his demo. Is it similar to the one developed by EC? Do the same vunerabilities exist in the Indian EVM which were detected by Hovav Shacham?
ReplyDeleteThe EC has been harping on this arguement only that it is networked like abroad etc. Well if it is such a wonder machine which can never be corrupted and hack free, why is the world not looking at this great option?
ReplyDeleteWell the scientific fix is obviously not without connivance of outside powers and why will they use what they know can be fixed
If this is such a great EVM why is India not advertising it and selling it?
Let some party sponsar Hovav and bring him here and then watch the fun...
The countries which have shown interest on Indian EVM's are Nepal, Bhutan, Srilanka, S.Africa, Namibia,Bangladesh, Nigeria and Malaysia- almost all would want results to proceed in a predetermioned fashion?
ReplyDeleteHow come the west is not interested?
Cost of machine = 9800Rs/unit
Dr Anupam Saraph (CIO of Pune, India, and an adviser to the UN and the Asian Development Society) and Professor Madhav Nalapat (Director of the Department of Manipal University, India, as well as a UNESCO Peace Chair holder, http://en.wikipedia.org/wiki/Nalapat) accidentally discovered files on an official Indian government website that seemed to have voting result numbers long before votes were actually cast.
ReplyDeleteOn May 6th, while looking for routine, publicly available, candidate data during the election, a detailed Excel file of votes polled results for every candidate in India was found on the official website of the Election Commission of India (http://eci.nic.in/candidateinfo/frmcandidate.aspx). That was 9 days before the final votes were cast on May 15. And, even so, the Election Commission was not supposed to have access to votes cast data until May 16, when official counting was to be done.
On May 7 and 11, the Excel file was downloaded again from the Election Commission site. The numbers of votes cast for some candidates changed in each version of the file. In the version of the file downloaded on the last day before the official counting, May 15th, the votes cast results column was blank.
The downloaded files can be found here (the votes cast numbers are in Column N “votespolled”): http://government.wikia.com/wiki/Tracking_the_elections
the Election Commission closed its site from May 23 to 25. It was back up on the 25th but, until the 29th, you couldn’t download the file anymore. You can now, but the votes cast data for each candidate is gone (you can just see who won) even though now, two weeks after the election, is when that data should be available.
ReplyDelete[continuation of previous comment]
return-oriented programming works only on x86 and similar platforms.They bought 5 machines but could hack only one.The EVM's get corrupted when you try to program over it.Secondly they have simulated and nowhere they show a realtime proof.Where is the proof that they actually hacked it.
ReplyDeleteThe answer for this i am sure only Shacham can give. But the essence of the feel, is these machines cannot be perceived as genuine and there is a possibility of hacking [ 1/5 is enough for scientific polling]
ReplyDeleteThere should be some mechanism for cross check, recount, verification and the wait time for count has to be reduced.
evm and hon. navin chawla will ensure congress victory in every future election in india till rahul becomes pm
ReplyDeleteWake up guys, its only the lament of the loser. When the same loser wins the election next time, you find him say the EVMs are the greatest find on this earth.
ReplyDeleteEven after 60 years of freedom and democracy few politicians find it hard to digest 'The People's Mandate'.
i think evm's are not tamper proof.I mean it can be hackedd right?????????????????????????????????????????????????
ReplyDeleteold sstem of voting is more safe right? i mean secret ballot system
ReplyDelete