Brazilian Hacking Attempts Fail To Break Brazilian E-Voting, But Do Improve The Process

from the how-hard-was-that dept

We pointed out recently that Brazil was allowing groups of hackers and security experts to hack their e-voting machines, something that the e-voting industry has always resisted angrily. The e-voting companies have never been able to adequately explain why experts shouldn't be able to try to hack the machines, and all it did was lead to more distrust over the machines. However, the Brazil test has been concluded, and there's some good news: no one was able to crack the machines. However, with all the hack attacks, officials did learn a few things that are helping them to improve the overall process with the machines. It's really amazing that we still don't have something similar happening in the US.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Tor (profile), Nov 17th, 2009 @ 1:14am

    Security vs. obscurity

    Let me quote the introduction of Applied Cryptography by Bruce Schneier:
    "If I take a letter, lock it in a safe, hide the safe somewhere in New York, then tell you to read the letter, that's not security. Thats obscurity. On the other hand, if I take a letter and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the worlds best safecrackers can study the locking mechanism - and you still can't open the safe and read the letter - thats security."

    The E-voting industry clearly seems to favour obscurity over security. It's good to see some of their customers challenge that view.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 17th, 2009 @ 2:03am

    Let's try something new.

    Bt2YASUBITAhITAhLZ30gaatx5SIoeCBiIvy8MAtlObFzhnNZKGkJ3dCuU57iS0sE1A8Oi9iLI3u
    fSuQIsiS

    Sh ould be easy.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 17th, 2009 @ 2:34am

    Amazing!

    ZyLYTgNU4ioY1gxZRpt/swXLqdZBsnVR+6BH9spw0iBLI99sajGXtKWDaePTue3al+1+M2KpDOsR
    YRoohInpdc 6SFBg2scNvFx+t9yPm/0U/2rMSjcPY+cZQampV9ERz1deK5dERArh/8tXPAe7sJb63
    mSUo4EGlgN0iEpoG/vMofFOokZB9lnL1 7ELHt7WjybrAtpm2gFDh6xDkMHhncMv4Kv4nYbFh3WLW
    iv8aRyyyH5xqE7qC3JUB8O6HEf15Ui3cZC6Pa9ob6HkpwYEzOT6wNV /RtGGCXzImAdwgS7SC+IKm
    ID913Fy94KnB+GXhw1+oYuooOyqdcgPkO0lEyOERM2YGqRTwg0CeYujeZAI+wkwIcJc3C6G4w3x3
    ojxUwMIFo8Lx7rNANALSSuwrA3iKenLZZad19iNYMtMSf2QXwZY0z+37PS4cSdD7ttt1NQQ5zEei
    dZnRSoeiIimML3pF1NDz PHRAWSULIesAqyMbmQrnQQKO0i3iid28f5kmhEn3nbi1iKOUtB9kWROZ
    Ek+OJVSNyTHM426LrBY5dcA4/jeKL2U6leuaQXNlCS lMk56cVOOLS8/pqtYOzg6AlL98ni9uj0P0
    m0DxR/iz+1Ariz95XY+xg8PgQebwlD3MeIp6ctllp3VS8ZI2U6LrarBRGZ3jkTD2 fDCLtVbs//5x
    +gjqjeK106CdXzoYu/w5gJGsPofaZetfDklZ/9ZuTW9Dty26JApx/QH2eEYsIyB7UbJ3xa8Y6vrH
    R6LLkQCB QgjkRUuG+DUKYqDreeeCGiMWvxCH7Ch7ZV3QzStJ4DxKaUdk53BUdTfsnyc3jhLBwSai
    +lSTv/QOChWpqvE8l+km7GOMtFNYFk zu8lEfmtQydEYhh2Ok/TTXWyyRTXuMF4Vwp77VfrZEHHU7
    xOlJ75/R72wHOsz+DzhUmA63HNbgBqGs0gHQ0bCO3ZTFMx+O3WhE EVQzBhY=

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    MaGioZal, Nov 17th, 2009 @ 2:47am

    Brazilian E-Voting system

    Well, you should not consider my opinion “impartial” since I am Brazilian myself…

    …but anyway I think that the current Brazilian E-Voting system is one of the best in all world, miles and miles ahead of the clumsy, regionalized method of voting in the United States…

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Fagundes, Nov 17th, 2009 @ 5:23am

      Re: Brazilian E-Voting system

      You should not forget that Brazilian banking system compensates a check in 1 working day (very different from the Europe, which takes longs 4 day in the best cases), keeping in mind that Brazil is a wide country in geographic terms.

      That is why some countries in development are showing amazing things like this example about the e-voting.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 17th, 2009 @ 3:13am

    p5rcVnK0uac+CR1n+0ZlbXQSxFPuDWj59arQ8XyqrI/iaMxbRuz4sl09L7F6zBxMOXhsdJZVZXFy
    Kny5PGBCSC8JbY5Zbt/6uY 2jLaqUqueMsCpqFzUha9HkHeeo97u/wghNhGjII84Y5QT53klypMR2
    vrs7t0tvIYHbFnJPvBaPKNi/myBuMeX0m4/9oJ1qZlFS GAbNfLRXFpVXAiIV7Tuiy7q/g8gjWaIU
    WV3Os9PsZbBAG2fjv8PUADCTFUIuKCnSgts1rrmbXdRl+TnZ8uY4CFds6AHr

    Wh at do you think? Should I leave it at shaving cream?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 17th, 2009 @ 5:06am

    What company made these machines?
    I doubt it was diebold, sequoia or es&s

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anon, Nov 17th, 2009 @ 8:24am

    So how many is a Brazilian anyway?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 17th, 2009 @ 8:38am

    We need an end to end user verified voting system. Scholars and researchers with Ph.D's in cryptography have spent years working on them and now we have systems that are doable, or are at least a huge improvement over what we currently have (I vote on paper and have no way to verify or audit anything).

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    joão Rossi, Nov 17th, 2009 @ 9:47am

    Bogus

    The test was completely bogus, done by public employees designated by their bosses, using governments computers, having to tell govt what to do before hand, not being able to study the machines before hand!!!!!!!

    The Brazilian voting system SUCKS!!!!!!!!!!!

    And yes, it is made by DIE bold

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Nastybutler77 (profile), Nov 17th, 2009 @ 10:07am

    Coming soon to a commercial near you

    How long before Diebold starts touting these testing results to elections boards across the US? Not to mention useing them as a way to not have to submit to testing here. "Oh you don't need to try and crack our software; they already tried in Brazil."

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Hardik Upadhyay (profile), Nov 17th, 2009 @ 10:26pm

    Hacking has always helped to enhance security

    Hacking attempts are always required for the successful testing of any system.

    And it will be good if the attempt is made by someone outside the system.

    It is a mixed feeling but in the future much more robust system should be made so that the systems are not hacked frequently.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    vyvyan, Nov 18th, 2009 @ 2:47am

    maybe someone have figured out the way and is keeping mum to use it in next election. :P

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This