Contest To Hack Brazilian Voting Machines 101
An anonymous reader writes "Brazilian elections went electronic many years ago, with very fast results but a few complaints from losers, of course. Next month, 10 teams that accepted the challenge will have access to hardware and software (Google translation; original in Portuguese) for the amount of time they requested (from one hour to four days). Some will try to break the vote's secrecy and some will try to throw in malicious code to change the entered votes without leaving traces."
Re: (Score:2)
winners will be executed
Re: (Score:2, Insightful)
winners will be executed
We are in Brazil not in the USA.
Re: (Score:2, Funny)
USA doesn't kill people...
Right, first declare them enemy combatants.
Or at the very least, afterwards...
Little bit more info... (Score:3, Informative)
for those who do not RTFA.
The teams can bring any software or equipment they want to try and break the machines' security.
And there is even a bounty of a little more than USD$2000,00 paid by the government to the team that gets closer to the goal.
Re: (Score:1)
And there is even a bounty of a little more than USD$2000,00 paid by the government to the team that gets closer to the goal.
$800 is barely a little
Re: (Score:2)
Oops, there was a 5 missing. I was supposed to have typed 2500.
This is what one gets for not paying attention to preview...
Re: (Score:2)
I'd bring a hammer.
Hack the judges (Score:5, Insightful)
Re: (Score:1)
The simplest way to win this is to hack the judging process so that your team is voted the winner
T, FTFY.
Re: (Score:2, Insightful)
Re: (Score:1)
And I knew your point. I was just joking. If you didn't like the joke, just say you didn't.
By the way, I don't like it, either ;)
Re: (Score:1)
OK. I kind of got the joke, that you'd hack the voting machines the judges use, rather than the machines you were given. And your username is cute. Maybe there's someone named tarred_gzip (which would be an odd thing to do).
Re: (Score:1)
I tar up everything on my system, you insensitive clod.
It may not have the best compression ratio but damn is it fast to decompress.
Re: (Score:2)
Re: (Score:3, Insightful)
A brazilian? (Score:2, Funny)
Re:A brazilian? (Score:5, Funny)
A senior aide goes up to President Bush. "Sir," he begins, "we just heard that two Brazilian men were killed in an attack in Iraq."
Bush is visibly shaken, he hangs his head and covers his mouth with his palm. After a few moments, he asks in a solemn tone, "How many is a Brazilian, again?"
Really quite an accomplishment (Score:1, Insightful)
Seriously one of the ten teams who figured they could hack a 'brazilian' voting machines in 'one hour', kudos.
why is electronic voting so hard? (Score:3, Interesting)
transport the results out of the voting location with the votes and hashs seperately and count then use the hash to verify that the count wasn't tampered with in transit etc.
Re: (Score:3, Insightful)
If it was that foolproof, it would be difficult for the people in power to tamper with it if they ever wanted to.
Re:why is electronic voting so hard? (Score:4, Insightful)
The simplist explanation is that corruption is the problem not the technical aspects of these voting machines. These errors wouldn't be tolerated with ATM machines because the public seems to care a lot more if their bank account is fraked with but not so much their vote for some reason... That's the only real way to clean up the corruption; get the public to put real pressure on the entities involved in the voting process.
Re: (Score:3, Insightful)
These errors wouldn't be tolerated with ATM machines because the public seems to care a lot more if their bank account is fraked with but not so much their vote for some reason...
[Citation Needed]
Are you thinking of the same ATMs that I am?
Many ATMs are Windows running on commodity hardware.
I've seen a few whose entire functionality is a java applet sitting on the desktop.
I can't dispute your assertion that "the public seems to care,"
but I will dispute your claim that "these errors wouldn't be tolerated".
I dispute the claim because we don't know.
ATM mfgs & banks don't report to anyone.
There are no statistics to prove or disprove the security of ATMs.
There are no standards for co
Re: (Score:3, Insightful)
Most of the problems with ATMs that I've heard of involve hacking into the system, and utilising social engineering attacks. Electronic voting machines have had problems that go far beyong those:
*social engineering attacks
*weak physical security to the point of being able to access the machines' innards with a hotel key
*federally illegal code used on sequoia voting machines leaked to the public
*errors in tabulating votes sometimes in the thousands
There are more but I think I've already made my point. The
Re:why is electronic voting so hard? (Score:4, Insightful)
what boggle my mind that slot machines are constructed to be more secure and more easily auditable(to make sure the settings conform to regulations) than voting machines.
Re: (Score:2)
These errors wouldn't be tolerated with ATM machines because the public seems to care a lot more if their bank account is fraked with but not so much their vote for some reason...
[Citation Needed]
Are you thinking of the same ATMs that I am? Many ATMs are Windows running on commodity hardware. I've seen a few whose entire functionality is a java applet sitting on the desktop.
I can't dispute your assertion that "the public seems to care," but I will dispute your claim that "these errors wouldn't be tolerated". I dispute the claim because we don't know. ATM mfgs & banks don't report to anyone.
There are no statistics to prove or disprove the security of ATMs.
I don't know how it works in other countries, but if you consider the Banco do Brasil [bb.com.br], the biggest bank in Latin America:
The ATMs currently run a custom (in-house-compiled) version of OS/2.
The bank is switching to a custom version of Linux (the userland code, naturally, is developed by themselves aswell).
About the banking system, in Brazil all the financial transactions from all banks are reported to the Banco Central do Brasil [bcb.gov.br] (Central Bank of Brazil) and the data is cross-checked.
Re: (Score:3, Insightful)
These errors wouldn't be tolerated with ATM machines because the public seems to care a lot more if their bank account is fraked with but not so much their vote for some reason...
When an ATM machine makes a mistake they very quickly see the result of it on their bank statement. So yes, they then get upset.
When a voting machine makes a mistake, someone still gets elected with no one the wiser (unless the error was huge like more votes than voters). So since nobody knows the machines made a mistake (or were hacked) nobody cares or is upset.
Re: (Score:2)
ATMs aren't secret ballots. You know what money comes out, and you see your bank statement afterwards. With any electronic device, you have no idea what happens to your vote. Even a small alteration in the chip or a couple of characters in the code could change everything, and no-one would know about it.
Paper ballots placed into clear boxes is the simplest and best way.
Re: (Score:1)
Re: (Score:1)
That sounds like something Diebold/Sequoia would say. "Trust me. I know what I'm doing!"
Re: (Score:1)
Re: (Score:3, Insightful)
Verifiability. And that is almost impossible if you don't provide a printout. All the solutions that provide a printout could succeed though, for example Bingo voting [bingovoting.de] or Punchscan [punchscan.org].
So far companies such as Diebold sell "we know this is 100% secure, trust us" and that seems to be what sufficed for the people choosing a product. Cost, loss of democracy and provable security haven't been a criterion it seems.
Re: (Score:1)
This timespan is the most critical, because manipulation can be done without leaving traces. And this is where you would have to trust a black box more than a piece of paper. Tough call.
Re: (Score:2)
Assuming that the appropriate security is in place. If this isn't the case then putting them in place is likely to be a far better idea compared with buying lots of expensive machines.
Re: (Score:2)
Re: (Score:2)
Without a printout you can never verify if the system counted you correctly. Read up on the links I gave on how this still keeps your vote secret.
Re: (Score:2)
What you mean with 'you have no verifiability with paper ballots' ?
Just count them. If the results are the same as the machine's then you have verified that the machine works correctly , and that the paper ballots are counted correctly. ,and the machines.
Sure , it can still be manipulated , but than they would have to manipulate both the counting
So , it's still a good additional check.
Why is electronic voting so "popular"? (Score:4, Insightful)
Actually the puzzling thing to me is why is electronic voting so "popular". Why do the people in charge keep promoting it?
Most electronic voting systems are bad at a very important requirement:
Convincing the loser (and enough of his supporters) that he lost.
The system doesn't just have to work correctly, it has to be accepted as working correctly (enough).
With various fancy cryptography and systems it is possible to have an electronic system that is anonymous, verifiable and reasonably secure (see: http://www.youtube.com/watch?v=ZDnShu5V99s [youtube.com] for ideas on how this could be done), but as far as I can tell, they're not going for such systems.
So why not just stick with paper ballots in a process where almost everything is done in the open? That way the eventual loser's representatives, 3rd party observers, various other people can observe every count of each vote. It's simple enough to understand. While postal votes can still be used to rig stuff, most electronic voting systems are also vulnerable to that same problem.
That paper based system may take a bit more time, but it scales reasonably well - the more voters there are, the more volunteers there should be for counting. I'm assuming that it's not a case where too many of the citizens either can't count or are too lazy to do so.
Re: (Score:3, Insightful)
Actually the puzzling thing to me is why is electronic voting so "popular". Why do the people in charge keep promoting it?
Here are the problems that e-voting solves:
Handicap accessibility
ballot complexity
hanging chads/questionable pencil marks
Electronic voting in its current form resolves these problems.
Unfortunately, in its current form, it introduces serious problems in verifying the vote.
Re: (Score:2)
Electronic voting only solves the first of those problems. For the other two it turns detectable failures into (probably fewer) undetectable failures.
Re: (Score:1, Interesting)
I have a solution for all those problems. If you can't operate a ballot, punch out a chad, or understand a touch screen, FUCK OFF. I don't want to know what you voted for, because you are an incompetent moron. The best argument against democracy is a 5 minute conversation with the average voter.
The bottom line is simple. Creating a perfect electronic voting system is TRIVIAL. The only reason it hasn't been done is because it doesn't benefit any of the people who could make it happen. In a worl
Re: (Score:2)
Handicap is a generic term covering many things. If someone has difficulty getting to the polling station (because they are in a wheelchair, agrophobic, etc.) what they may find there isn't really the issue. Someone who cannot use their hands may well find a touchscreen just as unusable as pencil and paper. The simple alternative is for the handicapped voter to appoint someone (they trust) to either help them or at as their proxy/attorney
Re: (Score:2)
Re: (Score:3, Informative)
Actually the puzzling thing to me is why is electronic voting so "popular". Why do the people in charge keep promoting it?
Seriously?
Can't speak to Brazil specifically, but the "popularity" of electronic voting, or more correctly, the push to use electronic voting systems to deal with the problems of manual methods, can be summed in two words: hanging chad [wikipedia.org].
Those two words, in turn, gave rise to another infamous two words: Bush v. Gore [wikipedia.org].
The aftermath, described here [wikipedia.org], included the passage of the Help America V [wikipedia.org]
Re: (Score:3, Insightful)
Thing is that the "hanging chad" issue is related to a mechanical, quite possibly in parts electronic, system anyway. Using Hollerith cards as ballot papers can only be described as a "hack" in the first place. If anything the underlaying problem is too much (inappropriate) technolog
Re: (Score:2)
the push to use electronic voting systems to deal with the problems of manual methods, can be summed in two words: hanging chad.
I can't stand this false dilemma. I rather prefer a certain optical scanner method. There are several pairs of triangles, one pair for each candidate. You take a black, permanent marker (not a No. 2 pencil, mind you) and connect the pair of triangles next to the candidate you want. It doesn't get simpler. The optical scanner provides a real-time tally, and the votes are trivially recounted.
Now, granted, there will always be people who screw it up. If you figured out how to solve PEBKAC, let me know
But I can't verify the system... so it's useless (Score:3, Insightful)
Re:But I can't verify the system... so it's useles (Score:3, Insightful)
Exactly. I have a PhD in computer science and a lot of experience debugging other peoples' code. If you gave me the source code to an electronic voting system, I could not be more than 50% sure that I had found all of the potential ways of exploiting it. Even if I do manage to convince myself that it is bug free, which might be possible if it were developed using formal methods, then I still have no way of verifying that the software that I audited is the software I am using to vote. More than 99% of th
Re: (Score:1)
Re: (Score:3, Insightful)
Most likely it's simply an issue of "follow the money".
So whyion not just stick with paper ballots in a process where almost everything is done in the open? That way the eventual loser's representatives, 3rd party observers, various other people can observe every count of each vote. It's simple enough to understand. While postal votes can still be used to rig stuff, most electronic
Re: (Score:2)
One thing to also remember is that changing the mechanics of the polling process does nothing to address [...] gerrymandering
In case anyone doubts gerrymandering still happens: http://www.govtrack.us/congress/findyourreps.xpd?state=IL&district=17 [govtrack.us] and http://www.govtrack.us/congress/findyourreps.xpd?state=IL&district=4 [govtrack.us].
Re: (Score:2)
I work in the election system here in Brasil (ok, "Brazil"). It happens that Im a computer science student, but they take anyone "at random" and make them work that day or I would have to pay a fine. OTOH, I could, theoricly , take 2 days off. (ha! we live in capitalism. Of course I work as if I never had this 2 days off)
If your employer doesn't give you the days off, he's violating a Federal Law:
Art. 98 Law 9.504/1997.
Re: (Score:2)
> In fact, my father was once offered a bribe, but refused , as (--)pendatic as he is. With electronic voting, ,the results come by the end of the election day and while it can happen, fraud is harder.
But where's your proof that fraud is harder? All I see is they have to bribe fewer people.
So far a number of Brazilians keep claiming that fraud is harder, but provide no proof at all. Just because reports of fraud are down does not mean fraud is harder or rarer - it could mean that fraud is harder to detec
Re: (Score:1)
Just add a paper trail to the electronic system.
Once the results are disclosed the sore losers can count the vote themselves (just don't leave them alone in the room with the print-outs)
Re: (Score:1)
A huge problems with the flat log file is that it breaks the secrecy. If you know the order of the voters you can easily figure out who voted what.
A better solution could be to print or select a ballot paper and have it sent into a ballot box after visual verification by the voter.
Re: (Score:3, Insightful)
write a simple app that writes the vote to a flat text file,
Thus writing the votes sequentially. If you independently record the order in which people vote (audio recorder in your pocket), then you can pretty easily know how each of them voted. See, you've failed at preserving voter privacy already. Preserving it requires randomizing the order of the votes in some way, which is not very practical with a flat text file.
pretends to then read the recorded result back to the voter for them to confirm,
Fixed that for you. What's written in the file does not have to match what's recorded in the file and the voter will never be able to prove anything.
Possible false sense of security (Score:2, Insightful)
What if the machines "pass" this contest?
A real attack would likely involve more than a few days of effort, and might well have access to inside information not available to the red teams in the contest.
If nobody breaks in, that will prove very little about the security of the machines.
Re: (Score:1)
Re: (Score:1, Insightful)
Shush. Making the system appear secure is the point of the contest. Not finding a flaw does not mean there is no flaw, or we would all ship flawless systems. The purpose of hacking contests is therefore marketing and marketing alone.
Re: (Score:2)
Lets do it here, too. (Score:4, Insightful)
I like this idea. Voting systems corporations claim their solution is accurate and secure, let them put their money where their mouth is and let people try and crack it. If their machine's security depends on nobody being allowed to even try then it's all theater.
Re: (Score:3, Insightful)
And you couldn't say that there is a much more worthy target for both white and grey hats. From crashing computer networks, hacking goes on to secure the logical foundation of democracy; voting.
With some luck they will devestate the voting machines and companies, and create public uproar in the process. Civilization progresses when people care.
Re: (Score:2, Insightful)
I like this idea. Voting systems corporations claim their solution is accurate and secure, let them put their money where their mouth is and let people try and crack it.
All it will prove is that these machines are hard to hack for outsiders. But the number one threat is that of insiders; mainly the government in place (who has most to lose in an election) and corrupt programmers at the company making the voting computers.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Hacking by outsiders is a concern, of course, but the real worry is hacking by insiders. It is incredibly hard if not impossible to devise a system of electronic voting that can be verified. More importantly, any random Joe Blow needs to be able to verify the res
Re: (Score:1)
Re: (Score:2)
Why we generally trust the electronic voting (Score:4, Insightful)
- You OUGHT to vote if you are a Brazilian citizen between 18 and 70, and is not illiterate. You get in a lot of trouble if you don't.
- You don't register for avery election; you have a "voting ID" valid for every public election.
- You have to vote in a specific designated place (noted in your "voting ID"), generally the closest voting section from the address you provided when getting your "voting ID". If you are away, you have to justify the absence (preferably on a mail office, at the election day)
- Election happens in one day, throughout the country (there may be 2-phase elections, for example for mayor, governor or president, when in the 1st phase the winner does not get more than 50% of the votes - oh, yes, we DIRECTLY vote for president - every citizen's vote has the same "weight").
- Although the voting machine is electronic, when you get to the voting section there are PAPER books with all voters for that section listed, and your ID is checked against that. You sign the book and get a "receipt" detached from it (you have to prove you voted, as it is a legal obligation).
Soo, the electoral authority "knows" how many votes should appear in the results. Generally we do not have Disney characters, dead people, etc. voting, nor people voting in several electoral sections.
As far as I can remember, results have matched the pre-election polls (from multiple sources) quite well. Generally people know in advance what the result will be from each city or even city area, and that can be seen in real time as the electronic counting unfolds at election night (yes, we generally get most results in the night of the election day). I can't recall results being seriously contested by the losing parties (we have MANY parties).
Results are manipulated by "social engineering": Sending buses/boats to collect people from remote locations for voting in "exchange" for voting, trading dental treatment promises, money, death threats, etc. Illegal too, but easier and more difficult to trace than manipulating after the votes were cast.
I trust that there are so many crooks in politics in my country that if a party found a way to manipulate the results after elections, there would be so many me-too-or-else-I'll-tell that it would spread like a wildfire and the results would be awkward enough to be laughable. It is a self-regulating system. If a hacker found a way to manipulate the results, he would not stop at selling the method to one single candidate. I believe the same applies for other voting methods (except the ones which allow Mickey Mouse to register, of course) - it is not the system itself that prevents fraud, but the fact that fraud works both ways, and that the result is not a complete surprise.
In recent international elections you can see in the news that if the results do not match what the population though it would be, it is noticed at once, and people get to the streets (sometimes there wasn't even a fraud, it's just that some people won't accept the losing). It hasn't happened here so far, so we still trust the way it's been done.
Re: (Score:1)
- You OUGHT to vote if you are a Brazilian citizen between 18 and 70, and is not illiterate. You get in a lot of trouble if you don't.
No You don't. You have to pay about R$4 (USD 2) per election you miss, with a maximum of three elections. So you would have to pay about R$12 if you never go to vote, but need your voter id normalized (in case you decide to vote or get a public job). That is it. The only inconvenience is that you have to go to the voting registry place to do this, and it usually only opens in business hours.
Re: (Score:2)
"in case you decide to vote or get a public job"
that's not the whole trouble,
1 - you cannot even apply for a public job selection exam
2 - you do not receive your salary for the 2nd month after the election if you have a public or somehow government-related job
3 - if you represent your own business, you cannot participate in government bids
4 - you cannot renew or get a passport or ID document
5 - you cannot renew your registration to go on studying for free on public schools
6 - you cannot get loans from finan
Hacking an election: easier than it sounds (Score:3, Interesting)
A lot of people seem to believe that hacking an election that uses electronic voting machines is so hard it's the stuff of science fiction.
However some time ago I came across an article [ieee.org] describing how an unknown group hacked the Vodafone-Panafon cell-phone system. To me this hack conclusively proves that these groups have the technical and financial resources necessary to steal an electronic voting election.
Consider:
I'm a brazilian and i work at elections. (Score:2)
They have a way to corrupt elections (Score:1)
Re: (Score:1)