GoodStorm ~ The Art Of Good

Yobie Benjamin's Personal Musing On Goodness, Politics, Fair Elections and All Things Music and Technology Related

« More eVoting Documents: Redacted Reports From Leading Electronic Voting Researchers | Main | Hacking and Breaking Microsoft's DRM: Viodentia Releases Fix For Microsoft's DRM Patch! FairUse4WM rel 1.3 Download Link Here »

September 26, 2006

The Real Hack On Voting Systems... Hacking The Voter Smart Card To Hack The Vote

Digg!

No instructional here but consider the following scenarios.

What Is a smart card?

A smart card resembles a credit card in size and shape, but inside it is completely different. First of all, it has an inside -- a normal credit card is a simple piece of plastic.

The inside of a smart card usually contains an embedded microprocessor. The microprocessor is under a gold contact pad on one side of the card. Think of the microprocessor as replacing the usual magnetic stripe on a credit card or debit card.

Magnetic stripe technology remains in wide use in the United States except for voter smart cards that do not use the mag stripes. The stripe is really not the best place to store sensitive information.

A smart card carries the intelligence.

The microprocessor on the smart card is usually there for security but it can carry any payload it is designed for. The host computer and card reader actually "talk" to the microprocessor. The microprocessor enforces access to the data on the card. If the host computer read and wrote the smart card's random access memory, it would be no different than a diskette or thumbdrive.

Smarts cards may have up to 8 KB of RAM, 346 kilobytes of ROM, 256 kilobytes of programmable ROM, and a 16-bit microprocessor. The smart card uses a serial interface and receives its power from external sources like a card reader. The processor uses a limited instruction set but can be configured to do any application.

I learned how to program when computers had 256K of memory and we wrote pretty complex spreadsheets on the IBM personal PC platform.

The demonstration that Ed Felton and company from Princeton University demonstrate that given access to a machine which thousands of electoral volunteers do during the election season that it is trivial to hack the code in a machine. 

The fact is if you have the intent, time, motive and skill... one can hack anything. 

Reverse engineering is trivial if you are an accomplished software engineer.  Check this out: http://www.acm.uiuc.edu/sigmil/RevEng/
and http://en.wikipedia.org/wiki/Reverse-engineer.

If you can hack the machine and are able to introduce a polymorphic and self-deleting virus such as the one demonstrated by the Princeton team, you can also hack it to allow the voting machine to "accept" specially configured smart cards to do whatever you want the darn machine to do.  It could have special executables.  It could force buffer overflows a favorite fault injection technique.  Bottom line is you can do a lot with a 256K capable microprocessor.

By the way, most of the voting machine companies would never be able to detect specially constructed viruses because there is no such thing as virus protection for the operating systems that these machines use.  If Windows XP could be hacked by some Bulgarian teenager, what would the possibilities be for a desperate politician or political party?  Perhaps even a construction company that would benefit from a multi-billion dollar bond measure?

This would give new meaning to technical hacking and social engineering... imagine hacking a country, state or bond measure. 

If the voting machine companies want to prove me wrong, then they should open their source code for public inspection.

I dare the voting machine companies to expose their software to prove they are secure.

BTW, here's a list of tools that can be useful for reverse engineering code.

  • Crocodile
    http://kastanie.informatik.tu-cottbus.de/crocodile.htm
    dead link!

  • CXREF - a C language cross referencing and documenting tool. It produces documentation (in LaTeX, HTML, RTF or SGML) including cross-references from C program source code. From Andrew M. Bishop.
    http://www.gedanken.demon.co.uk/cxref/

  • Datrix - software source code assessments with the goal of evaluating the maintainability and the evolability of software products.
    http://www.iro.umontreal.ca/labs/gelo/datrix/

  • daVinci - a X-Window visualization tool for drawing directed graphs.
    http://www.tzi.de/~davinci/

  • Design Recovery Tool
    http://www.cse.unsw.edu.au/~drt/

  • DISCOVER - a commercial a software development and maintenance environment Carnegie Mellon University, 1996 http://www.setech.com then bought by MKS (formerly Upspring Software) and integrated into CodeRover. Supports Impact Analysis, Integrity Checker... Commercial, Integration into VisualStudio, JBuilder, Emacs.
    http://www.mks.com/upspring.shtml

  • GEN++ - an application-generator to support development of analysis tools for the C++ language. From UC Davis and Bell Labs. http://www.cs.ucdavis.edu/~devanbu/genp/
  • GOOSE - a tool set for analysing the design of object-oriented software systems (FAMOOS project).
    http://esche.fzi.de/PROSTextern/software/goose/index.html

  • GraphViz - a graph visualization
    http://www.research.att.com/sw/tools/graphviz/

  • GraVis
    http://www-pr.informatik.uni-tuebingen.de/Forschung/GraVis/welcome.html

  • Headway - a commercial source code visualization and comprehension tool for Java and C++ developers.
    http://www.headwaysoft.com/

  • IDA - (interactive disassembler) reverse engineering  at low level.
    http://www.datarescue.com/idabase/

  • Imagix - a 3D query and visualization tool.
    http://www.imagix.com

  • inSight tool suite - Nortel.
    http://case.ispras.ru/insight/index.html

  • Insure+ - a source level run-time debugger for C and C++.
    http://sdt.cern.ch/Insure/

  • Introspector - A long term project to extract MetaData from FreeSoftwareTools like the Gcc,Perl,Bash. From James Michael DuPont

    http://introspector.sf.net

  • Juliet - an IDE extension for NetBeans, Forte, JBuilder, JDeveloper.
    http://infotectonica.com/juliet/

  • Klocwork Suite - a commercial suite of RE products targeted at C, C++, and Java.
    http://www.klocwork.com/

  • Logiscope - a source code analyser and test coverage tool for C/C++/Fortran. Telelogic.
    http://sdt.cern.ch/Logiscope/

  • PBS Portable Bookshelf
    http://swag.uwaterloo.ca/pbs/

  • PL/I Analyzer (REFINE) - an interactive workbench used to analyze and reengineer legacy PL/I systems. Phoenix Software Technologists.
    http://stout.levtech.com/

  • Refactorit - an IDE extension with metrics and refactorings engine and integration for Forte.
    http://www.refactorit.com/

  • Rigi
    http://www.rigi.csc.uvic.ca/

  • SHriMP
    http://shrimp.cs.uvic.ca/

  • SNiFF+ - supports reverse engineering, configuration management, workspaces and build management and provides a set of browsers and parsers. Commercial.
    http://www.windriver.com/products/html/sniff.html

  • Source Browser. C Code Browser, non-commercial, Adam Moravanszky.
    http://n.ethz.ch/student/adammo/ProBrowser.htm

  • SOURCE CODE BROWSER - commercial product by Alajava.
    http://www.alajava.com/aubjex/products.htm

  • Source Explorer - commercial tool for source code browsing and re-engineering.
    http://intland.com/html/__source_explorer.html

  • Source Insight - a commercial project oriented program editor with built-in analysis for C/C++, and Java programs.
    http://www.sourcedyn.com/

  • Source Navigator
    http://sources.redhat.com/sourcenav/
    http://oimanager.de/sn.htm (Internet Extensions)

  • SPOOL - Spreading Desirable Properties into the Design of Object-Oriented, Large-Scale Software Systems.
    http://www.iro.umontreal.ca/labs/gelo/spool/

  • StP - an UML Editor by Software through Pictures.
    http://www.aonix.com/content/products/stp/stp.html

  • Surveyor - A tool for source code analysis, visualization, and documentation in most popular languages, OS's, and IDE's.
    http://www.lexientcorp.com

  • Tarantula - Finding software faults by visualizing test results - very specific views on metrics.
    http://www.cc.gatech.edu/aristotle/Tools/tarantula/

  • The Small Worlds - is a commercial application for analyzing and visualizing large-scale software, developed by the Information Laboratory.
    http://www.thesmallworlds.com/

  • TkSee - Knowledge-Based Reverse Engineering of Legacy Telecommunications Software.
    http://www.site.uottawa.ca/~tcl/kbre/

  • Together ControlCenter - commercial round-trip engineering tool for Java.
    http://www.togethersoft.com

  • Understand C / FORTRAN - an interactive development environment (IDE) tool providing reverse engineering, automatic documentation, metrics and cross referencing of C / FORTRAN source code. http://www.scitools.com/uf.html
    http://www.scitools.com/ucpp.html

  • VIBRO (VIsualisation BROker Framework) - Visualisation Research Group, participated in SORTIE project. GXL. University of Durham, UK.
    http://www.csr.uvic.ca/chisel/collab/reports/VIBRO/Report.html

  • Visualize it - a graphical source code visualization tool for Java.
    http://www.powersoftware.com/vz/

  • XGVis -  A system for multidimensional scaling and graph layout in any dimension
    http://www.research.att.com/areas/stat/xgobi/


  • September 26, 2006 in Computers and Software | Permalink

    Tags: cheating, diebold, es&s, hack voting machines, hart intercivic, political hacking, princeton hack, reverse engineering, reverse engineering tools, sequioa, smart cards

    Comments

    The comments to this entry are closed.

    About

    My Photo

    GoodStorm Sail Around The Bay

    • Andy Yobie Wayne
      GoodStorm takes an afternoon off with the Board Of Directors to sail San Francisco Bay.

    Recent Posts

    • St. Vincent
    • Hard Work Pays Off - Instant Karma Makes # 15 On Billboard
    • Get the Instant Karma Mixtape
    • Amnesty International GoodStorm MixTape Music Players
    • Music meets politics in Darfur campaign - CNET News.com
    • Lunch With A Hero... Rigoberta Menchú
    • Initial Views On GoodStorm's MixTape
    • San Francisco Chronicle Podcast
    • In Memory Of Virginia Tech People
    • Crowdsourcing the Good

    Categories

    • Books
    • Computers and Software
    • Current Affairs
    • Dumb Antics
    • Great Service & Good Work
    • Music
    • Musings
    • Outsourcing
    • Politics
    • Shameless Self Promotion
    • The Art Of Good
    • Toys, Devices and More Toys
    • Web/Tech
    • Weblogs
    See More

    Categories

    • Books
    • Computers and Software
    • Current Affairs
    • Dumb Antics
    • Great Service & Good Work
    • Music
    • Musings
    • Outsourcing
    • Politics
    • Shameless Self Promotion
    • The Art Of Good
    • Toys, Devices and More Toys
    • Web/Tech
    • Weblogs

    Recent Comments

    • facial surgeon scottsdale on Diebold Source Code Stolen!!!
    • vidro automóvel on The Insecurity Of Outsourcing
    • asbury park auto glass on Lurkers & New Posters In Doom9 Seem To Be Trying To Bait FairUse4WM DRM Hacker | Also... DRM Could Lead To "Bricking" Devices
    • cheap sunglasses on Hacking and Breaking Microsoft's DRM: Viodentia Releases Fix For Microsoft's DRM Patch! FairUse4WM rel 1.3 Download Link Here
    • oahu helicopter tours on Hacking and Breaking Microsoft's DRM: Viodentia Releases Fix For Microsoft's DRM Patch! FairUse4WM rel 1.3 Download Link Here
    • Generic Viagra on Only non-DRM MP3 PlaysForSure
    • Generic Viagra on Videos I Did Once Upon A Time...
    • Chanel Handbags on No Victors, No Vanquished... No Winners... We All Move Closer To The Point Of No Return
    • Hotjobs on In Memory Of Virginia Tech People
    • Rental on In Memory Of Virginia Tech People

    July 2007

    Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30 31        

    Photo Albums

    • Andy Yobie Wayne
      GoodStorm Sail Around The Bay
    Blog powered by Typepad
    Member since 02/2006

    Sites, Things & People That Matter

    • SPIN Magazine
      Great on-line and off-line music magazine.
    • Bitch PhD
    • Bryght
      The best Drupal developers in the planet.
    • MusicBrainz
      MusicBrainz is a community music metadatabase that attempts to create a comprehensive music information site.
    • Linux On Your Ipod
    • Marc Sheff's Blog
    • German Shepherd Rescue of Northern California
    • Jerry McNerney
    • RockBox.Org
    • Chris Gregoire
    • Janet Napolitano