Jeremy Epstien, a senior computer scientist for SRI, recently published an article on Slate.com discussing the abysmal security features of a touch screen voting device used by "dozens of local governments" in Virginia. While these machines have now been decommissioned, the article represents one instance of what is most likely a very widespread problem - It's probably a lot easier to hack into many of the machines we use day to day than we think, or believe, it is. In this case, a report by the Virginia Information Technologies Agency ("VITA") revealed:
- "The encryption key for the wireless connection is “abcde,” and that key is unchangeable.
- The system hasn’t been patched since 2004.
- The administrator password seems to be hardwired to “admin.” Because the system has a weak set of controls, it would be easy for someone to guess and then enter in the password.
- The database is a very obsolete version of Microsoft Access and uses a very weak encryption key (“shoup”). There are no controls on changing the database. That means that someone could copy the voting database to a separate machine (which is easy to do given the weaknesses described above), edit the votes, and put it back. There are no controls to detect that the tampering occurred.
- The USB ports and other physical connections are only marginally physically protected from tampering. Furthermore, there are no protections once you plug something into one of these ports. What this means is that someone with even a few minutes unsupervised with one of the machines could doubtless replace the software, modify results, etc. This is by far the hardest of the attacks that VITA identified, so it’s almost irrelevant, given how severe the other problems are."
Again, this particular machine has now been decommissioned, but it's very hard to believe these types of issues don't exist elsewhere, making hacking critical functions (voting in this case), something that doesn't take a high degree of skill, or even planning. What would one need to do to hack the system described here? From the article:
- "Take your laptop to a polling place and sit outside in the parking lot.
- Use a free sniffer to capture the traffic, and use that to figure out the wireless connection password, which was “abcde.”
- Connect to the voting machine over Wi-Fi.
- If asked for a password, the administrator password is “admin.”
- Download the Microsoft Access database using Windows Explorer.
- Use a free tool to extract the hardwired key (“shoup”).
- Use Microsoft Access to add, delete, or change any of the votes in the database.
- Upload the modified copy of the Microsoft Access database back to the voting machine.
- Wait for the election results to be published."
It is important to consider protecting our systems and the technologies we use every day an take for granted at their most basic levels. It can seem like a daunting task to protect against some of the more sophisticated attacks that have recently made the news, but first we should look to our basic systems, and make sure none of our passwords are still "Admin".