Voting machine password hacks as easy as ABC

There is more proof than ever that our current system for “voting” is not sufficient to support our growing populace and growing demand for fairness.

The purpose of this blog it to curate voting news and pertinent information about our current state of voting technology, so that we may improve on it. I believe the flawed voting system is inhibiting the citizens choose the now so-called leaders, and that this 70 year old technology should be updated in order for humanities politics to evolve.

If we continue to use a knowingly flawed and archaic voting technology we will continue to get a flawed outcome, which is an actor that has not been fully chosen by the people.
The solution: We propose that a new type of voting technology be put in place. Such technology has been discussed the past 20 years, and may include a cryptography based system where citizens vote with a “vote coin” and all votes are public and audit-able at a public level by the computer savvy. This ensures a clear and transparent environment so that citizens can peer into the inner working of the voter process.

Check out article on how voting machines can be hacked: http://www.theguardian.com/us-news/2015/apr/15/virginia-hacking-voting-machines-security

Excerpt:

Touchscreen voting machines used in numerous elections between 2002 and 2014 used “abcde” and “admin” as passwords and could easily have been hacked from the parking lot outside the polling place, according to a state report.

The AVS WinVote machines, used in three presidential elections in Virginia, “would get an F-minus” in security, according to a computer scientist at tech research group SRI International who had pushed for a formal inquiry by the state of Virginia for close to a decade.

In a damning study published Tuesday, the Virginia Information Technology Agency and outside contractor Pro V&V found numerous flaws in the system, which had also been used in Mississippi and Pennsylvania.

Jeremy Epstein, of the Menlo Park, California, nonprofit SRI International, served on a Virginia state legislative commission investigating the voting machines in 2008. He has been trying to get them decertified ever since.

Anyone within a half mile could have modified every vote, undetected, Epstein said in a blog post. “I got to question a guy by the name of Brit Williams, who’d certified them, and I said, ‘How did you do a penetration test?’” Epstein told the Guardian, “and he said, ‘I don’t know how to do something like that’.”

Reached by phone, Williams, who has since retired, said he did not recall the incident and referred the Guardian to former colleagues at Kennesaw State University who have taken over the certification duties he used to perform for Virginia and other states.

“You could have broken into one of these with a very small amount of technical assistance,” Epstein said. “I could teach you how to do it over the phone. It might require an administrator password, but that’s okay, the password is ‘admin’.”

Bypassing the encrypted WEP wireless system also proved easy. The password turned out to be “ABCDE”, according to the state’s security assessment – and getting the password “would take a few minutes and after that you don’t need any tools at all”, said Epstein.”

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s