Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Evidence Mounts that the Vote Was Hacked
From: Valdis.Kletnieks () vt edu
Date: Fri, 12 Nov 2004 15:02:26 -0500

On Fri, 12 Nov 2004 11:53:59 CST, Paul Schmehl said:
--On Thursday, November 11, 2004 02:22:18 PM -0500 Valdis.Kletnieks () vt edu 

At least some of the machines used had active wireless on them

Do you know this for a fact?  Can you identify the states/locations where 
this was implemented?

Well.. OK. You have me here.  *THIS* particular model cited below was only on
*display* in our county (apparently, we've bought them, but not in time to
deploy them county-wide - the polling place I personally voted at had 1 of
these in demo mode, and 2 old lever-mechanical machines doing the real work).
However, I'd be most surprised if *none* were actually deployed in this
election in any precincts nationwide....

Quote from a co-worker on a local mailing list:

While not exactly on topic, I'm going to share a quick check of the new
voting machined displayed in Montgomery County Precincts today.

WinVOTE, mode W003246 relies on 802.11b to communicate with other
machines in the polling location (no I didn't war drive to test the
security, but I'm tempted to.  Certain legal things keep me away from

There is a printer for each machine, and it is integrated in the unit.

The Open Poll and Close Poll instructions are simple, yet revealing in
what the machine does, or doesn't do


(End quote)

So I have to conclude that if the manufacturer's documentation on how to
fire the system up *SAYS* it hunts on a wireless network, that if *any* of
these were used in the election, that people were voting on machines that
had wireless on them.

Also, go back and look at the scandal that Diebold got into when they posted
partial results before the polls closed, courtesy of a wireless uplink in
the machines - *THAT* was one of the things they were trying to suppress in
their "copyright of memos" legal battle a ways back.  Were *all* of that model
either pulled from service or had the wireless disabled?

So there you go - at least 2 examples of voting machines that had wireless
on them.

What does physical access to the polling booth gain a "hacker"?  They would 
need physical access to the tabulator that counts the individual votes, 
would they not?

If you can jigger the thing that inputs the votes, you don't need access
to the tabulator, because then you're feeding the tabulator bad things to count.

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]