Head over to our T
Electronic Conundrums – One Key To Rule Them
Read more about: Democracy, Fianna Fail, Irish Politics, Scandal 
One Ring to rule them all, One Ring to find them,One Ring to bring them all and in the darkness bind them.
—J. R. R. Tolkien, The Lord of the Rings
In the case of Ireland’s electronic voting machines, it is more the case of one key to rule them all rather than one ring and this week a report by a group of Dutch hackers has produced damning evidence that the Irish electronic voting machines are in fact open to widespread and easy tampering. The scariest part of their research found that a single key, a C&K YL Series 4 Tumbler Camlock (type A126) could open all the Dutch voting machines.
This finding was just the start of an interesting list, which included:
- A software “maintenance mode,” with the password “GEHEIM,” which is Dutch for “SECRET,” which allowed for changing the votes on a module
- The radio signals emitted from the e-voting machine could be read from a distance of 25 meters and these signals allowed the hackers to determine how somebody had voted
- The details on how to produce a small circuit board with a battery and a microcontroller, which with physical access to the voting module from the machine could change the actual votes on the module
Given that the machines are based around a 68000 microprocessor—better know to some as the processor in Sega Mega Drive [circa 1990]) and offers a whopping 16 kBytes of RAM (Dell’s current bargain home PC system, the Dimension 3100c [€464] has 512MB of Ram—these technical specifications of the system show how obsolete it’s hardware is in the current era. The Van Eck-like phreaking, which the Dutch hackers used to allow the radio signals to be read and each vote to be seen as they were being cast is also worrying. This type of approach has been public knowledge since at least 1995, when it was offical declassified. There are many companies dealing specifically with providing TEMPEST protection against this type of phreaking/security attack.
These hardware vulnerabilities are alarming and when combined with the lack of transparency with regard to the actual software which is run on the machines, very disturbing. The fact that, in any intelligent democracy, these should be more than enough to prevent these machines from ever being used again is something which has evaded the current government. The software as previously noted does not contain a Voter Verified Audit Trail, which would keep a paper trail for each of the votes cast. The software has not been made available and subjected to external scrutiny or code review by professional and independent experts. The work by the Irish Citizens for Trustworthy Evoting (ICTE) and in particular the report (PDF) by Margaret McGaley have shown that the system is not adequate to the needs of the Irish electorate. Colm MacCarthaigh of the ICTE commented on the hacker’s report by saying “The machines use the same construction and components, and differ only in relatively minor aspects such as the presence of extra LEDs to assist voters with the Irish voting system“. He also noted that “The machines are so similar that the Dutch group has been using only the technical reference manuals and materials relevant to the Irish machines as a guide, as those are the only materials publicly available“.
The current status of electronic voting is now in the hands of the Department of Environment and a special cabinet committee. The Department of Environment is reviewing the report by the Dutch hackers and a spokesman has said that “if necessary, they would pass on their conclusions to the cabinet committee that is deciding what to do with the voting machines“. The cabinet committee consists of Michael McDowell, Dick Roche and Noel Dempsey, who are still reviewing the earlier independent commission report on electronic voting. That report found that the software used for the election management is “inadequate” and has recommended its complete replacement.
The current cost for electronic voting in Ireland is at least €53,264,335 and has continues to cost the state €700,000 per annum, when will this scandal end?
There’s the odd technical problem with what you’ve written:
Far from it. Having worked in embedded systems, I’d say it’s overspecified for what it’s trying to do. Also note that the 68k—or rather modern variants of it, such as the Philips 68070 and Motorola Freescale CPU32—is still widely used in systems like that even today because it’s actually quite a well-designed processor. The 68k is far from obsolete.
But seriously, anything more than that for the problem it was trying to solve would have been equivalent to swatting a fly with rocket launcher. God, no. If I was building a system like that in the morning, I’d base it around something like a ATtiny85 microcontroller.
A much better example of how to do a voting machine right is the system used in India: it’s inexpensive, simple, and has few potential points of failure. The only complaint I’d make about it is the lack of printed votes for verification if there’s any hint of fraud, but that’s more due to practical considerations than anything else.
A system designed properly with Ireland in mind would only be a little more complex than the Indian system, mainly to deal with the needs of STV rather than FPTP, as is used in India. The Dutch system, on the other hand, was just plain crap, just like the US Diebold machines.
Yes and no to your comment Keith.
I’d agree to it if I believed the system was a straight implementation of the PRSTV algorithm, unfortunately a voting machine needs to be robust, usable and accessible. The India system is quite neat from what I remember of the reports on it but still suffered like our machines from a fatal flaw. The flaw is that any machine needs to have universal accessibilty and that when a electronic only system is going to be used, the machines need to overcome this issue. No, I mean NO usability or accessibility tests were properly carried out on the new system in Ireland and until these become as important as a voter verified audit trail then we have a long way to go before we can use machines that don’t widen the existing digital divide.
Most embedded systems run somewhere about 5 – 6 years behind the current silicon edge for their hardware, so if one is going to get a system for a twenty to twenty five year span. So some serious consideration should be given to the maintence aspects from the eight year of use to the machine obsolence / phase out period. This is another point missed by the wonderful experts who selected our whizz bang bells and whistles evoting system.
First, I’d better point out that I’m not particularly enthusiastic about the idea of electronic voting.
I’m not entirely sure if I understand what you mean by this, Eoin. What precludes an electronic voting system from being a “straight implementation of the PRSTV algorithm”, and how does that relate to the system being robust, usable and accessible?
As far as STV goes, an electronic system would be able to give a more accurate picture of the results as it wouldn’t need to use some of the heuristics used in distributing transfers to speed up the counting process when people are doing the counting.
I’m not sure how this applies to the Indian system. They actually did carry out usability and accessibility studies: it was important because a good chunk of the population there are illiterate and where they are literate, they have big problems when it comes to localisation. They went the pencil route and had the system echo the old paper ballots as far as was possible and where the voter was blind and/or infirm, they did what they used to do in the days of paper ballots and allowed a trusted individual into the booth with the voter to help them.
The Dutch system’s definitely flawed in this regard, but I don’t think a flaw in one system is necessarily a flaw in all such systems.
Agreed, totally. A simple system is always better than a more complex one that does the same thing, but I can’t square that with “these technical specifications of the system show how obsolete it’s hardware is in the current era”.
It’s not so much that they’re not cutting edge, it’s more that the constraints are different in embedded systems when compared to consumer systems. The emphasis there is on things like low power consumption, cost, reliability, &c., rather than performance. One only needs to looks at architectures like the {http://en.wikipedia.org/wiki/ARM_architecture ARM} for a prominent example to the contrary. It’s always been cutting edge, and still is.