(Mis)Uses of Technology

by Mike Masnick


Filed Under:
e-voting, pac-man, security

Companies:
sequoia



E-Voting Machine Easily Reprogrammed To Play Pac-Man

from the wokka-the-vote dept

Tim Lee points us to Alex Halderman and Ariel Feldman's latest demonstration of the hackability of e-voting machines: they reprogrammed a Sequoia machine that was used in the 2008 elections to play Pac-Man:
The really important point is that they did this in three afternoons (and remember, these machines are often left totally unguarded, in the open at polling places for days before elections) without breaking any of the "tamper-resistant" seals that are supposed to alert anyone to any foul play. As Halderman noted:
We could have reprogrammed it to steal votes, but that's been done before, and Pac-Man is more fun!
So now my only question is whether or not they get a cease and desist from NAMCO.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 19 Aug 2010 @ 1:51pm

    Yet another reason it should be open source.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Aug 2010 @ 2:27pm

      Re:

      They probably MADE it open source.

      reply to this | link to this | view in chronology ]

      • identicon
        Jose_X, 19 Aug 2010 @ 3:43pm

        Re: Re:

        If so, then it's only a matter of time before proper peer review kicks in to close the security holes.

        reply to this | link to this | view in chronology ]

      • icon
        TtfnJohn (profile), 19 Aug 2010 @ 6:37pm

        Re: Re:

        There'd be no need or requirement for "cease and desist orders" of it was open source.

        Anyway, it would have been something on the order of a copy of Myst if it had been open source programmers working on open source software. Why waste your time on PacMan?

        reply to this | link to this | view in chronology ]

  • icon
    :Lobo Santo (profile), 19 Aug 2010 @ 2:02pm

    Hmmm...

    Which is more of a waste of time?
    A) Playing Pacman at a voting booth.
    B) Voting.

    reply to this | link to this | view in chronology ]

    • identicon
      Lawrence D'Oliveiro, 19 Aug 2010 @ 7:58pm

      Re: Hmmm...

      Depends on whether your voting system gives equal value to all votes (proportional representation) or gives disproportionate value to votes in constituencies where the winning candidates have the smallest majorities (first-past-the-post).

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2010 @ 2:07pm

    Namco C&D

    Funny, that was my first thought when I read the story.

    reply to this | link to this | view in chronology ]

  • icon
    Chuck Norris' Enemy (deceased) (profile), 19 Aug 2010 @ 2:21pm

    Cast

    I vote for Inky!

    reply to this | link to this | view in chronology ]

  • identicon
    Gareth, 19 Aug 2010 @ 2:35pm

    Pac-Man is one thing

    But the true test of any machine is whether or not it can run DOOM...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2010 @ 2:58pm

    In celebration of the 30th anniversary of the iconic arcade game, we reprogrammed the AVC Edge to run Pac-Man. It uses MAME to emulate the original hardware. (We own the electronics from a real Pac-Man machine.)

    Oh thank goodness, I would hate to think that a university is demonstrating the fraudulent brokenness of our election systems by using a pirated rom. My faith in the rightness of the universe is restored.


    This depresses me. These guys are doing work that is crucial to the integrity of our democracy, and they feel the need to profess to being on the up and up with the IP gulag. It's a small and petty thing, but it just broke my mind today.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2010 @ 3:10pm

    But does it run Linux?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2010 @ 3:20pm

    E-voting security system: The Philips Head screwdriver

    "The software can be replaced without breaking any of these seals, simply by removing screws and opening the case."

    Really? Can't we get someone with more than a 1st graders understanding of how to secure something to work on these things. I don't know whether to laugh or cry at how ridiculous this seems.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Aug 2010 @ 3:44pm

      Re: E-voting security system: The Philips Head screwdriver

      I had the same thought. Two more stickers and this baby is secure!

      reply to this | link to this | view in chronology ]

    • identicon
      Jose_X, 19 Aug 2010 @ 4:00pm

      Re: E-voting security system: The Philips Head screwdriver

      Pass the current article link to more people, so you will have company in your moment of need.

      It is amazing how closed government is (or how badly information is disseminated) that they can pull this off.

      Humans have a tendency to trust and as well to avoid digging into things very much at all when they feel they simply won't understand something well enough.

      Humans also have an inertia problem (sometimes manifested as wishful thinking) and a problem of "if I don't feel the sting immediately, I have not been hurt that much by it".

      I am going to consider writing some local relevant public official about this and asking what public steps they are taking with our current voting system to remove liability from their hands and place it into the public's hands. I suspect though that they will prefer that something be exploited silently by a few than for the house to come down ahead of elections as the product inevitably fails before public scrutiny.

      It's unfortunate that Florida and other states got such abuse for the "hanging chad" problem. This opened the door in many places to silent control of the majority vote. Florida now uses scanning machines, but these also require software. A practical receipt system (and/or other workable and statistically legitimate checks and balances protocol) needs to be implemented in **all** cases.

      [I am part of the dismal state of affairs as notice I accurate simply stated "I am going to consider". Sorry... and please pass the hanky.]

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 19 Aug 2010 @ 6:49pm

        Re: Re: E-voting security system: The Philips Head screwdriver

        "but these also require software."

        Maybe a hardware based solution, where the instructions are hard coded and so can't be changed. Or you know what. A software based solution where the hard drive has a physical mechanism of making it read only. You know, like how SD and 3 1/2 floppy drives have that tab that you can flip and it makes it physically read only. I wish hard drives and flash drives had something similar, but I think some patent exists on the idea and hence it's not implemented. But of course you need some read/write medium to store the votes onto.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 19 Aug 2010 @ 6:50pm

          Re: Re: Re: E-voting security system: The Philips Head screwdriver

          (so you have two separate mediums. One that is physically read only via some physical obstruction that prevents writing to the software, and another that is read/write that the votes are stored on but no software is stored on).

          reply to this | link to this | view in chronology ]

        • identicon
          Michael, 20 Aug 2010 @ 4:45am

          Re: Re: Re: E-voting security system: The Philips Head screwdriver

          Remember the 5 1/4 floppy disk? It had a read-only mechanism as well. If course, it was easily added or defeated using a hole punch or a piece of tape, but it was there!

          All of these methods are pretty easily defeated, so I do not think they would be more than security theater. Even a ROM chip can be flashed, and someone will find a way to do it inside the voting machine.

          What still amazes me is that people can gain access into the voting machines themselves. We can't put the CPU somewhere that a security guard can watch it and a cable to the touch-screen for the users in the booth? Can the CPU be in a safe of some sort? A screw protecting it? Really?

          reply to this | link to this | view in chronology ]

    • identicon
      Michael, 20 Aug 2010 @ 4:38am

      Re: E-voting security system: The Philips Head screwdriver

      Does this make producing screwdrivers a DMCA violation? Wasn't this part of their security and the screwdriver is circumventing it? I think MAC tools is the problem! Those pirates!

      Sorry, was that over the edge?

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Aug 2010 @ 3:45pm

    How much time did they have? Is that a silk screen at the top of the machine just above the screeen?

    reply to this | link to this | view in chronology ]

  • icon
    ajgajg1134 (profile), 19 Aug 2010 @ 5:00pm

    More young kids would come to vote if all the voting machines were like this. :D

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Hippy Hop, 19 Aug 2010 @ 7:39pm

    If that is not hard evidence on rigged election results, I don’t know what kind of evidence they want. And to think the company ho made these machines had defended the machines to the hilt, now what can they say? Better be back to manual elections.

    reply to this | link to this | view in chronology ]

  • identicon
    garmin, 21 Aug 2010 @ 7:13am

    vote miss pacman

    get her in the white house :D

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.