
No instructional here but consider the following scenarios.
A smart card resembles a credit card in size and shape, but inside it is completely different. First of all, it has an inside -- a normal credit card is a simple piece of plastic. The inside of a smart card usually contains an embedded microprocessor. The microprocessor is under a gold contact pad on one side of the card. Think of the microprocessor as replacing the usual magnetic stripe on a credit card or debit card.
Magnetic stripe technology remains in wide use in the United States except for voter smart cards that do not use the mag stripes. The stripe is really
not the best place to store sensitive information. A smart card
carries the intelligence.
The microprocessor on the smart card is usually there for security but it can carry any payload it is designed for.
The host computer and card reader actually "talk" to the
microprocessor. The microprocessor enforces access to the data on the
card. If the host computer read and wrote the smart card's random
access memory, it would be no different than a diskette or thumbdrive.
Smarts cards may have up to 8 KB of RAM, 346 kilobytes of ROM,
256 kilobytes of programmable ROM, and a 16-bit microprocessor. The
smart card uses a serial interface and receives its power from external
sources like a card reader. The processor uses a limited instruction
set but can be configured to do any application.
The demonstration that Ed Felton and company from Princeton University demonstrate that given access to a machine which thousands of electoral volunteers do during the election season that it is trivial to hack the code in a machine.
The fact is if you have the intent, time, motive and skill... one can hack anything.
Reverse engineering is trivial if you are an accomplished software engineer. Check this out: http://www.acm.uiuc.edu/sigmil/RevEng/
and http://en.wikipedia.org/wiki/Reverse-engineer.
If you can hack the machine and are able to introduce a polymorphic and self-deleting virus such as the one demonstrated by the Princeton team, you can also hack it to allow the voting machine to "accept" specially configured smart cards to do whatever you want the darn machine to do. It could have special executables. It could force buffer overflows a favorite fault injection technique. Bottom line is you can do a lot with a 256K capable microprocessor.
By the way, most of the voting machine companies would never be able to detect specially constructed viruses because there is no such thing as virus protection for the operating systems that these machines use. If Windows XP could be hacked by some Bulgarian teenager, what would the possibilities be for a desperate politician or political party? Perhaps even a construction company that would benefit from a multi-billion dollar bond measure?
This would give new meaning to technical hacking and social engineering... imagine hacking a country, state or bond measure.
If the voting machine companies want to prove me wrong, then they should open their source code for public inspection.
I dare the voting machine companies to expose their software to prove they are secure.
BTW, here's a list of tools that can be useful for reverse engineering code.
http://kastanie.informatik.tu-cottbus.de/crocodile.htm dead link! http://www.gedanken.demon.co.uk/cxref/ http://www.iro.umontreal.ca/labs/gelo/datrix/ http://www.tzi.de/~davinci/ http://www.cse.unsw.edu.au/~drt/ http://www.mks.com/upspring.shtml http://esche.fzi.de/PROSTextern/software/goose/index.html http://www.research.att.com/sw/tools/graphviz/ http://www-pr.informatik.uni-tuebingen.de/Forschung/GraVis/welcome.html http://www.headwaysoft.com/ http://www.datarescue.com/idabase/ http://www.imagix.com http://case.ispras.ru/insight/index.html http://sdt.cern.ch/Insure/ http://introspector.sf.net http://infotectonica.com/juliet/ http://www.klocwork.com/ http://sdt.cern.ch/Logiscope/ http://swag.uwaterloo.ca/pbs/ http://stout.levtech.com/ http://www.refactorit.com/ http://www.rigi.csc.uvic.ca/ http://shrimp.cs.uvic.ca/ http://www.windriver.com/products/html/sniff.html http://n.ethz.ch/student/adammo/ProBrowser.htm http://www.alajava.com/aubjex/products.htm http://intland.com/html/__source_explorer.html http://www.sourcedyn.com/ http://sources.redhat.com/sourcenav/ http://oimanager.de/sn.htm (Internet Extensions) http://www.iro.umontreal.ca/labs/gelo/spool/ http://www.aonix.com/content/products/stp/stp.html http://www.lexientcorp.com http://www.cc.gatech.edu/aristotle/Tools/tarantula/ http://www.thesmallworlds.com/ http://www.site.uottawa.ca/~tcl/kbre/ http://www.togethersoft.com http://www.scitools.com/ucpp.html http://www.csr.uvic.ca/chisel/collab/reports/VIBRO/Report.html http://www.powersoftware.com/vz/ http://www.research.att.com/areas/stat/xgobi/ |
Comments