On September 13, researchers at Princeton University’s Center for Information Technology Policy (CITP) released a study detailing their successful attempt to hack a Diebold AccuVote-TS, one of the most widely used voting machines in the United States. The researchers, Ariel J. Feldman, J. Alex Halderman, and Edward W. Felten, also posted a demonstration video of their hack.
The CITP is not the first group to demonstrate the vulnerability of Diebold’s machines. BlackBoxVoting.org, Open Voting Foundation, and Johns Hopkins computer science professor Avi Rubin have all published accounts of security compromises in Diebold products. BlackBoxVoting.org wrote about their successful guerrilla project to swap out a Diebold voting machine’s memory card using $12 worth of tools in four minutes (the Princeton team says it can execute its hack in one minute).
But the previous reports simply highlighted potential holes in the Diebold machines’ security. The CITP study shows exactly how entire voting systems could be not just rendered inoperable, but deliberately hacked to rig an election. In fact, the CITP group developed a simple software virus to do just that, along with a method of deploying it.
The group’s study had three main findings. First, the CITP group discovered that not only could it install malicious code on the voting machine, but also that the code could easily be configured to “disappear” once its work was done, leaving no trace of tampering; the electronic and paper records produced by the voting machine would agree–and both be wrong.
Second, they found that physically hacking into the machine and its memory card was easy, as BlackBoxVoting.org had also discovered. The Diebold AccuVote and similar machines rely on a removable memory card for storing vote counts and uploading new system software. The CITP team was able to remove the card, replace it with one of their own, and reboot the machine, causing it to automatically install the software they had placed on the memory card–the software that could fix election results.
The CITP’s third finding was that its virus code could spread. The CITP showed that an infected machine could infect its original memory card, once the card was returned to the machine. Furthermore, the infected memory card, inserted into another voting machine, would infect that machine and then its memory card, and so on. In normal election procedures, memory cards are taken out of all voting machines and placed into one machine, which acts as an “accumulator” for tallying the total votes in a precinct. “By planting a virus far enough in advance, [a hacker] can ensure that a significant number of machines can steal votes on election day” even if the criminal had access to only one voting machine, says the narrator of the demonstration video.
“It’s like the old days, when viruses were spread on floppy disks,” says Princeton’s Felten.