ATMs Aren't So Secure Either
from the transparency dept
Back in March, I responded to the common argument that since automatic teller machines are widely used and seem to be secure, secure electronic voting must be doable as well. I pointed out a couple of problems with this argument, but I took as a given that ATM machines are in fact, secure. But Matt Blaze recently discovered that ATMs aren’t that secure either. When Blaze tried to withdraw cash from a Philadelphia cash machine, he encountered a bunch of problems. The information on the screen was screwed up, the machine gave him $10 more than he’d requested, and the machine failed to give him his receipt. Even more worrisome, when he went into the bank to suggest that they check out the machine and see what might have been wrong with it, the assistant manager actually argued with him, assuring him that the machine was working just fine and Blaze must be imagining things. Incredibly, when he tried to show her a screenshot he had taken with his cell phone, she cut him off by pointing out that photography isn’t allowed in the bank.
Obviously, part of the problem here is a bank employee who has a bad attitude. But it also illustrates a couple of additional problems with the “ATMs work so why can’t e-voting?” argument. First, people have a habit of trusting machines more than people. When elections are conducted with pencil and paper, everyone understands that some of the human beings might have hidden agendas and need to be watched closely. In contrast, people tend to assume that machines are completely objective and unbiased, and so they’re less likely to notice problems with machines even when (as in the case of this bank manager) the evidence is staring them in the face. Second, if it turns out that the ATM screwed up, Blaze will at some point get a statement from his bank telling him how much money the bank thinks he withdrew, and he can object if it differs from what he actually got. There isn’t (and due to voter privacy concerns, can’t be) a similar process for e-voting. If a paperless voting machine screws up, there’s no way to double-check the results after the fact.
Filed Under: atms, reliability, security, verification
Comments on “ATMs Aren't So Secure Either”
ATMs secure?! They’re just computers running Windows. Need I say more? Didn’t think so.
ATMs Secure?
Most of the ATMs that I use still run OS/2.
Re: ATMs Secure?
> Most of the ATMs that I use still run OS/2.
You say that as though it is a bad thing…
I feel compelled to point out OS/2 has true protected memory, is stable as a rock, and is not a common target of script kiddies and the scripters that script for them, to name just a few points in its favor.
Re: ATMs Secure?
Yeap, and are TELNET’d into your bank, not ssh. All i need now is ethereal…
Re: Re: ATMs Secure?
True, but not a problem with OS/2 per se. We agree?
Hey Now
I used to work on Lottery machines, they ran Windows 98 in the background… I’m not kidding! Let the comments fly on that one.
Anyone notice the new BofA Diebold machines?
Bank of America just outfitted all of the branches that I know of here on the west coast with brand new ATM’s. The only distinct advantage I can see with these machines is that they now scan personal checks as you put it in the machine.
Other than that, these new machines are much slower than the older versions.
Anyways, I just thought it was ironic that you mention voting machine security and ATMs in this article now that diebold is neck deep in the ATM machine business.
Fact of the matter...
if everybody believes it can, will, and should be done. It is only a matter of time before it happens.
Besides, for humans, the first (and most difficult) half of accomplishing anything is knowing it can be done.
Therefore, electronic voting can only be viewed as an inevitability.
Re: Fact of the matter...
I strongly believe that e-voting can be secure. There are two main factors holding secure e-voting back: transparency and cost.
If we were to invest into “democracy” just a teeny-tiny fraction of the money put into things like “security”, then cost wouldn’t be an issue.
Now it is a matter of having a transparent process for development and implementation of the machines. This is one project that might, just might, be better taken on by the public sector for the “Greater Public Good”, if no private organization is willing to work in the open.
This is about security?
The main thing that reading Mr. Blaze’s post made me think is that people who use machines that are obviously at least a little broken shouldn’t be surprised when the machine breaks even more when they continue to use it.
It’s not security, “it’s are you smart enough to know when to walk away?”
ATMs secure?
What about an open source voting solution? Make both the hardware and software public and let a world full of hackers and conspiracy theorists try to break it. It might or might not pan out, but if it does the result would be far better than vendor proprietary solutions.
Now we just need a complementary business model…
re: I got ripped off by ATM/bank
I had receipts that showed odd amounts being withdrawn from my account via the ATM machine. The bank manager refused to do anything about it and said that I had obviously found a way to make odd amount withdrawals. I lost hundreds of dollars, got slapped with overdraft fees, and couldn’t get the bank to own up to a crooked employee (the story broke later). I had receipts it did nothing for me. The bank said I had to prove I hadn’t made those withdrawals. Go figure. Banks are just as crooked as the thief was!
Not a Prob - Ya right
Bank: the machine was working just fine and Blaze must be imagining things
one month later ……
Bank: and if you do not return the stolen ten dollars we will be forced to contact the DA, oh and you owe us interest.
ATMs don’t make mistakes people do. I worked on them for 7 years,
the cassettes that are put into them have ID tabs in the back. So if a 10.00 cassette gets charged with 20 dollar bills the machine does it job perfectly, it’s just the person the loaded the cassette that made the mistake. There is a electronically journal that will tell the bank who got the extra cash and the will ask for it back
Re: Re:
ATMs do in fact make mistakes. Sometimes they don’t print out receipts, sometimes when you try to type in the amount you want, it says more or less than what you typed, et ceterah. You can’t say that because you worked on x number of machines for 7 years, that all ATMs everywhere work perfectly forever. That’s just silly.
Maybe if voting machines were programed using open source software, there would be ample opportunity for techies – or anyone for that matter- to have a gander at the code before elections. That way, machines would be less likely to output several thousand random votes for a specific candidate.
Way to lose customers
I’m looking for a new bank right now. Reading about how the PNC Bank Manager handled this situation has made me cross them off my list of possibilities.
And @12 – are you saying that ATM’s are bug-free?
=>12
All mistakes a machine makes is human errors. In design,programing or maintains.
Secure my a**
There is a walk-in ATM near my house and I can hear the tones generated, PIN included, on my police scanner. Just need someone with a good ear and hit them as they walk out. It also picks up every cordless phone in the neighborhood. Now that’s entertainment!
Re: Secure my a**
What do you mean by hear the tones on your police scanner? Like the beeps it makes when you push a button? Or you can intercept the PIN, or what are you saying?
Preventing errors
I always count the money in front of the camera. That way there is no dispute how much you got. And, yes, they do make mistakes, because I once got $160 after requesting $60. Before the bank opened, they already withdrew the extra $100 from my account.
I have not used an ATM since they started charging to use it, ummm lets see now … that was 1980 I believe.
I refuse to use the damn things and from the looks of it, I am justified in this conviction.
Oh – one more thing – get off my lawn !
Re: Re:
As long as you use your own banks ATM there are no fees!
If the ATM gives you more than you asked for, or it says you have more in your account than you do, tell the manager. If he insists that there’s no problem, have him sign a statement to that effect. When they discover the error and want the money back, take the statement to your lawyer and tell him that the manager assured you that there was no problem.
> There isn’t (and due to voter privacy concerns, can’t be) a similar process for e-voting.
Sure there is. The voting machine can print a receipt that doesn’t identify you, but identifies the vote (machine sn + transaction #). Publish the tallies for each machine after the election on a web site so voters can check against their receipt.
Re: Re:
This doesn’t work because one of the goals of a voting system is a secret ballot: that is, that voters can’t prove to a third party how they voted. Otherwise there are risks of vote-buying and other forms of coercion.
RE: #24
I can hear the tones, just like dialing a phone number. I can hear distinct tones when the PIN is entered. If I somehow got the card of that person I would know the PIN. I suppose it could be intercepted. My scanner is an older model so it wasn’t subject to the government restrictions put on the newer models.
i think we should have govt issued devices that hook up to wireless networks that would make an ssh 256 bit encrypted connection to a govt ip to do voting. It could run some variant of unix with a little gui on top. And set up wireless networks around voting places. Yeah some one could and probably would try and figure out how to hack it, but thats the nature of the beast. It’s all part of the progress, besides wouldn’t you rather some hacker looking out for your best interests instead of some corrupt politician stuffing boxes? I mean if we had a system that said that only one SS# could vote once, wouldn’t we have the same system we have right now? It would only be digital, therefore easer to track and verify data. Unlike now where dead people constantly vote in major elections and it doesn’t get found out till years after. But i guess really my main complaint is with the system in its self, it doesn’t really matter what system of voting we use, our votes don’t count anyway. We should probably get rid of these delegates make them get “real” jobs then use that money to make my idea 😛