, 1.9MB]
Vulnerability Assessment Team (VAT)
Election Security
|
Network:  Roger Johnston on LinkedIn
|
The Vulnerability Assessment Team has demonstrated easy to execute, non-cyber attacks on two different kinds of electronic voting machines.
We believe that too often election officials assume (incorrectly) that: the bad guys have to attack the computer/microprocessor or cyber parts of the machine--which requires real smart people; that “certification” of machines is some kind of silver bullet against vote tampering; that adhesive label seals are good at detecting tampering and that they will be blatantly ripped open by an attacker and that they require almost no training to use; that you should get your security advice from manufacturers of voting machines, locks, and seals; that piling on lots of security features leads to good security; that “security by obscurity” (keeping secrets) is how you get good security; that a chain of custody is a piece of paper on which people scribble their initials or signatures; that hundreds of voting machines have to be compromised for the bad guys to succeed; that vote tamperers are only interested in getting their candidate to win the election; and that physical and cyber security are easy.
DOWNLOAD:
Suggestions
for better election security,
684KB | Last Updated: Oct. 21, 2011
Related Multimedia
Video #1: Potential Attacks on the Diebold TS Electronic Voting Machine — (Simple non-cyber, man-in-the-middle attacks.) by Argonne National Laboratory
Available versions of this video:
This video is available in 
Flash format, 
Quicktime format, or 
Windows Media format
Video #2: Remote Vote Tampering Attack on a Sequoia AVC Voting Machine by Argonne National Lab
Related Documents
For more information, see:
- R.G. Johnston, Suggestions
for better election security (2011)
684KB | Last Updated: Oct. 21, 2011 - R.G. Johnston, J.S. Warner, "Magical
Seals, Secure Voting Machines, and Other Fantasies", Invited Talk for the Election
Verification Network Meeting, Chicago, March 24-26, 2011
2.0MB | Last Updated: Oct. 12, 2011 - R.G. Johnston, "Choosing
Seals & on PSA Label Seals" (2006)
1.9MB | Last Updated: Oct. 12, 2011
In the Press
- Etan Trex and Matt Soniak, “How Secure are Electronic Voting Machines?”, Mental Floss 11 (1), January/February 2012, pg 50
- Controversy over voting rules and security -- A Blog entry on election security by CNN's Senior National Editor Dave Schechter citing -among other items- the recent media coverage the VAT received on this issue (Nov. 10, 2011)
- US Lab Says Electronic Voting Machines Easy to Hack -- Roger Johnston and Jon Warner interviewed by Voice of America - watch the video and/or read the transcript of the interview (Oct. 18, 2011)
- Roger Johnston interviewed at The Mike Malloy Show -- Roger Johnston radio interview by Mike Malloy - featured on The BRAD BLOG (Oct. 5, 2011)
- Brad on KPFK: Interview with Argonne Lab's Roger Johnston on His $26 Remote 'Man-in-the-Middle' Diebold E-Vote Hack -- Roger Johnston radio interview by Brad Friedman (Sep. 28, 2011)
- National Security Lab Hacks Diebold Touch-Screen Voting Machine by Remote Control With $26 in Computer Parts -- The BRAD BLOG (Sep. 27, 2011)
- Researchers Hack Voting Machine for $26 -- securitynewsdaily.com (Sep. 28, 2011)
- Electronic Voting Machines Highly Vulnerable to Man-in-the-Middle Remote Attacks -- Softpedia (Sep. 28, 2011)
- Argonne researchers 'hack' Diebold e-voting system -- by Jaikumar Vijayan, ComputerWorld (Sep. 28, 2011)
- It only takes $26 to hack a voting machine -- by Matt Liebowitz, Security on MSNBC.com (Sep. 28, 2011)
- Diebold e-voting hack allows remote tampering $11 microprocessor-in-middle attack is 'significant' -- by Dan Goodin, The Register (Sep. 28, 2011)
- Diebold
voting machines can be hacked by remote control -- Salon.com (Sep. 27, 2011)
Brad Friedman from Salon.com wrote an article about how the VAT demonstrated that an e-voting machine used by a third of all voters can be easily manipulated. - Argonne Lab's Head of Vulnerability Assessment Team Disses Election Security -- by Joan Brunwasser, The Register (Mar. 29, 2011)
- Roger Johnston on Security Vulnerabilities of Electronic Voting -- Verified Voting Blog (Oct. 15, 2010)
- Roger Johnston on Security Vulnerabilities of Electronic Voting (Video)-- Roger Johnston interviewed live on WTTW Public Television’s “Chicago Tonight” program about electronic voting machine security, (Oct. 11, 2010)
Last Modified: Mon, March 26, 2012 3:58 PM
