The most wtf part is using windows on a voting machine and the fact that windows trusts an UPS that connected via usb, I’m not sure how true it is but I’d kind of believe that, as usb is the best way to attack airgapped systems
Machine prints out paper ballot, properly inscribed with the selected vote so that there’s no “ooh, but there’s a smudge here that might mean a vote for X”. It could also print out a 3D barcode that contains metadata such as time, place, machine, checksums, etc
Human who voted can verify the correct box is selected etc.
Vote slip goes into second machine where it’s counted (or a box for later counts)
Paper vote slips are maintained for recount/validation purposes
I can’t speak for the whole US, but in Connecticut we use a Scantron sort of system where you fill in bubbles on paper and feed it into a machine. This leaves us with a paper ballot in addition to the machine’s totals. Using machines isn’t necessarily a bad thing, it makes the count a lot faster and it’s not like human counters couldn’t lie. If other states don’t have that paper backup though, they should.
The reason governments use windows is because Microsoft paid to have the various certifications done that are required by regulators. That’s why when they do use Linux they end up using something like RHEL (the support contracts factor in too)
A smart UPS needs to have access to some very low level functionality on the machine it’s connected to in order to safely power it off in the event of a power failure. So you’re talking about having at least some root / kernel level access there. It’s not crazy to imagine that a malicious driver update could slip in more.
As another poster commented, I’d like to see this actually simulated to be sure, but it’s not an idea that I’m willing to dismiss out of hand.
All they need is the ability to report battery percentage and send an ahci shutdown command to the OS. This is usually handled by an agent running on the machine, otherwise networked ups’s would be useless
Yes, but in theory a malicious driver could do more. How much more I’m not exactly certain of, but I’m not going to outright dismiss the idea. Like I said, I’d like to see someone prove it in a lab.
Wait. This article suggests that a UPS was an attack vector.
Really?
Sure, why not, any internet connected device is inherently unsafe.
The most wtf part is using windows on a voting machine and the fact that windows trusts an UPS that connected via usb, I’m not sure how true it is but I’d kind of believe that, as usb is the best way to attack airgapped systems
The most WTF part is that you all use voting machines. In Canadian federal elections every vote is counted by hand, end of story.
💯 we should all be very wary of voting machines. If it’s not fully open source and cryptographically verifiable, it’s not secure.
Same in the UK
IMO there’s nothing wrong with both.
I can’t speak for the whole US, but in Connecticut we use a Scantron sort of system where you fill in bubbles on paper and feed it into a machine. This leaves us with a paper ballot in addition to the machine’s totals. Using machines isn’t necessarily a bad thing, it makes the count a lot faster and it’s not like human counters couldn’t lie. If other states don’t have that paper backup though, they should.
We use the same thing for civic and provincial elections in Canada, but for federal it’s strictly hand count only.
The reason governments use windows is because Microsoft paid to have the various certifications done that are required by regulators. That’s why when they do use Linux they end up using something like RHEL (the support contracts factor in too)
The voting village at defcon is a nightmare, a dream or a joke depending on your perspective
That’s actually extremely plausible.
A smart UPS needs to have access to some very low level functionality on the machine it’s connected to in order to safely power it off in the event of a power failure. So you’re talking about having at least some root / kernel level access there. It’s not crazy to imagine that a malicious driver update could slip in more.
As another poster commented, I’d like to see this actually simulated to be sure, but it’s not an idea that I’m willing to dismiss out of hand.
All they need is the ability to report battery percentage and send an ahci shutdown command to the OS. This is usually handled by an agent running on the machine, otherwise networked ups’s would be useless
Yes, but in theory a malicious driver could do more. How much more I’m not exactly certain of, but I’m not going to outright dismiss the idea. Like I said, I’d like to see someone prove it in a lab.