Boing Boing Staging

In 2009 a NJ judge banned hooking up voting machines to the internet, but that's exactly how ES&S's "airgapped" machines work

Connecting voting machines to the internet is a terrible idea: the machines are already notoriously insecure, and once they’re online, anyone, anywhere in the world becomes a potential attacker.


But voting machine vendors know that their customers want to be able to gather totals remotely, without having to physically move files around on USB sticks, or by shipping the machines to a central location, so ES&S equipped its DS200 voting machine with a cellular modem that uses Verizon’s packet-switched “Autonomous System” communicate with the canvassing computer that gathers its tally.


This is not secure. Verizon’s Autonomous System is a bunch of internet-connected computers that are supposed to be isolated by firewalls, but those firewalls and routing rules are no more secure than any other internet-connected systems: a computer that is connected to the internet is still connected to the internet, even if its upstream routers are programmed to limit which traffic can reach it.

Worse, though, is that these are cellular modems, which means that they’re vulnerable to fake cellular towers (AKA “cell site simulators” AKA “Stingrays” AKA “Dirtboxes”), so anyone who sets up shop near a polling place can intercept and tamper with vote totals, or potentially hack into the firmware of the machines.


Even easier than hacking through router bugs is just setting up an imposter cell-phone “tower” near the voting machine; one commonly used brand of these, used by many police departments, is called “Stingray.”

I’ve labelled the hacker as “MitM” for “man-in-the-middle.” He is well positioned to alter vote totals as they are uploaded. Of course, he will do better to put his Stingray near the county-central canvassing computer, so he can hack all the voting machines in the county, not just one near his Stingray:

So, in summary: phone calls are not unconnected to the Internet; the hacking of phone calls is easy (police departments with Stingray devices do it all the time); and even between the cell-towers (or land-line stations), your calls go over parts of the Internet. If your state laws, or a court with jurisdiction, say not to connect your voting machines to the Internet, then you probably shouldn’t use telephone modems either.


Are voting-machine modems truly divorced from the Internet? [Andrew Appel and Kyle Jamieson/Freedom to Tinker]

Exit mobile version