Brainsturbator

Let’s Steal The Election Ourselves This Time

+ expand info  //  view thread  //  9 responses  //  print article

This is a DIY guide to rigging an election.  We’ve had four consecutive national elections stolen in this country, and any talk about “reform” at this point is just being willfully stupid.  The system is corrupted and broken beyond repair.  However, I’m not worried about it.  See, I’ve got an idea.  To me, it’s most obvious solution: if stealing elections is easy enough for those chumps to do it, then let’s do it better than them.

As I researched this article, I’ve had a growing excitement for the past couple days: this is completely possible. The security exploits are simple, and the only real hurdle is the logistics of scale: how to get a national (or even just statewide) bloodless coup staged quickly and effectively.  It’s too late for 2006, but we should start planning a truly outstanding prank/revolutionary act for the next presidential election.  If all this sounds insane, read on anyway.

This is promising stuff.  Only 37 out of 50 US states rely on electronic voting machines, and 80% of the votes cast in the 2006 elections will be on electronic machines.  In fact, we’re not the first lunatics to undertake this mission:

Diebold Election Systems Inc. expressed alarm and state election officials contacted the FBI yesterday after a former legislator received an anonymous package containing what appears to be the computer code that ran Maryland’s polls in 2004.

Cheryl C. Kagan, a longtime critic of Maryland’s elections chief, says the fact that the computer disks were sent to her - along with an unsigned note criticizing the management of the state elections board - demonstrates that Maryland’s voting system faces grave security threats.

---from this hilarious story. That happened three days ago.  Although we admire the class act, we do wish the perpetrator had kept that card up their sleeve and done something...well, more on that later.

Onwards and Upwards

First of all, volunteer to work the polls on election day, it’s the simplest way to get close to the machines, and it’s a good thing to help out your community.  Or something.

Votes are tallied centrally by the Global Election Management System (GEMS), which is, conveniently enough, an extremely comprimised piece of software.  Take a look at this page of test notes courtesy of fellow Brainsturbator Jim Marsh.  You can also look at the step by step instructions that Bev Harris and Jim gave to Howard Dean.  (Sadly, Howard Dean learned this too late to save his campaign.)

For further red meat, we have a copy of the Princeton report:

Security Analysis of the Diebold Voting Machine

Princeton is also kind enough to provide us with a full video on how to install the code: here (scroll down) or here (youtube)

You can also check out a much lower-tech but more meaty how-to video HERE

It’s Not Safe Out There

The great thing about the information age is that I can get ahold of nearly anything and everything I would like to find out.  Hilariously, government reports about security vulnerabilities are a great resource to learn about security vulnerabilities in your government.  For instance, a report to Maryland State Gov provided this tasty morsel:

Cryptography: The AccuVote-TS system continues to employ DES for encrypting ballots on the flash memory PCMCIA cards. The default is to use the known key mentioned in the Hopkins Report. As described above, DIEBOLD has provided functionality to change these keys and this is a strong recommendation. For the encrypted link between a precinct and the local board of election, the system now uses AES, dynamic keys, and a standard SSL connection. Keys and passwords are no longer shared between users and procedures have been put into place to manage them
effectively.

And from an equally meaty Federal report:

The hardware consists of a touch-screen voting terminal with two locked bays. One bay houses a roll of paper tape that prints out the initial ("zero count") vote tally and, following the election, the final vote tally. A second bay houses the on/off power switch, two PCMCIA slots (one for the flashdisk card that holds the ballot definition and records the voters cast ballots and one for a modem), and a standard keyboard jack.  During an election these bays are locked. Maryland has ordered approximately 16,000 AccuVote-TS terminals each equipped with two locking bays and supplied with two keys accounting for 32,000 locks and keys. Surprisingly, each lock is identical and can be opened by any one of the 32,000 keys. Furthermore, team members were able to have duplicates made at local hardware stores. It is a reasonable scenario to assume that a working key is available to an attacker.

To make matters worse, using a commonly available lock pick set, one team member picked the lock in approximately 10 seconds. Individuals with no experience were able to pick the lock in approximately 1 minute. Arguably it would be very noticeable for a novice to pick the lock protecting the PCMCIA cards and keyboard interface during an election. However, someone with slightly more experience could do so from a standing position, or two individuals working together could possibly cause enough of a distraction that the lock could be picked while a judge’s back is turned. Access to the PCMCIA bay during an election could render the votes cast there unusable. Since certain precincts are considering loading their terminals the day before the election, one must consider this vulnerability as being accessible prior to the election. Among the attacks discovered and demonstrated were:

1. Attach a keyboard to the terminal and access functionality in the software that allows the attacker to view the entire directory tree on the machine’s internal memory and on the PCMCIA card. Three functions are then available to the attacker: “Save As”, “Finish Recording”, and “Open”. These functions are remnants of test code that allowed the developers/testers to record events that simulated voting. The function along with the functions allow an attacker to overwrite files in the internal memory and the PCMCIA card. Using this method an attacker can overwrite both the results file and the audit file on both the internal memory and the PCMCIA card. This would completely overwrite the results for that voting terminal. Moreover, the exploit elevates the attacker to Supervisor status - no smart card required.

The Obvious Question

“But how are we supposed to get organized enough to transmute isloated fraud into a nationwide electronic coup?”

Well, you’re staring at the answer right now.  Not Brainsturbator—I’m arrogant, but not psychotic.  I’m talking about The Internets.  The network already exists.  The tools already exist.  Let’s be serious here: if you wanted to organized a nationwide operation like this you could do it on fuckin’ MySpace within a few weeks. I’m not saying something that everyone in power doesn’t already know, all too well. This is precisely why conservative and fascist elements in the United States want to restrict and control the flow of information online. 

Make them scared.  Give them a reason to worry.  They’ve earned it.

The Bigger Picture Here

I’m not proposing that we rig these machines to get in the least offensive candidate.  If we’re gonna be breaking the law and designing a conspiracy, here, let’s go big.  Let’s start electing people who aren’t even f***ing running for office.

This is what we refer to as the First Paradox of Authority:

“The kind of people who you want to be authority figures are the kind of people who do not want authority over others.”

This is similar to the problem of Intelligent People Not Having Kids, we can’t have people burdened by mere ethics here.  The stakes are too high.  We need to put someone like Amory Lovins in the White House, someone like Maynard James Keenan, someone like Maya Angelou.  (And we need the craziest, best-armed militia in the country to back them up and dismantle existing organized crime syndicates like the DEA, ATF, IRS, CIA, etc, etc, etc.)

Seriously --- if I found out someone used this information to get a Democrat elected, it will be a dagger through my heart.  Go big.  As Hakim Bey instructed us bad kids: “Crime as art.  Art as crime.”

9 responses to "Let’s Steal The Election Ourselves This Time"

  • avatar

    Oct 23, 2006 at 8:28 AM
    Jake Garner
    says...

    This is simply a brilliant article, I never really thought that something as important as elections could be manipulated so easily, I want to hear more though!

  • avatar

    Oct 23, 2006 at 8:51 AM
    thirtyseven
    says...

    If I can get some good code going, or just pilfer someone else’s, I will definitely be doing a second post with the more detailed plan that’s laid out in my notebook.  I had a lot of fun doing this project.

  • avatar

    Oct 23, 2006 at 9:08 AM
    WILDSTARCHILD
    says...

    I’M LOVIN IT!(SOUNDS OF EVIL LAUGHTER)
    STEWART AND COLBERT 08’.
    OR HOW BOUT WILLIE NELSON FOR PRESIDENT,
    HE’D CERTAINLY GET US OFF OIL.

  • avatar

    Oct 23, 2006 at 12:16 PM
    thoth
    says...

    I dont trust them votingmachines… We gotta vote here in the Netherlands over a month time..  and i rather use a red pencil,..

    The votingmachines here are made by http://www.Nedap.nl. This “nice” commercial company is also doing:
    Agri-chips
    AVI (Automatic Vehicle Identification)
    Education-database
    Healthcare-database
    Libraries-control
    Power Supplies
    Retail Support
    Security Management
    Election Systems

    Its like BigBro is also to be trusted with the voting-equipment.. heh.. i dunno.. I think its all fake and we gettin screwed by bigtime! At least its a conflict of interests.... Shouldnt be allowed ..but yet....... aha.. indeed… its suspicious…
    Now we got a site who fights the votingmachines: Lotta commotion so now Tech.-University will check the machines.... hehe.. Guess I dont trust anything anymore and I even start to doubt the university which is financial dependent of goverment.........lol
    Peace out! G-luck with the action!

  • avatar

    Oct 23, 2006 at 2:16 PM
    unity
    says...

    Wow! Your insomnia is our gain. Hail Eris!

  • avatar

    Oct 23, 2006 at 3:05 PM
    Aeon
    says...

    I’ve been thinking the same thing since 2004. There will never be a free and unbiased election with Diebold at the wheel. Hack the fuck out of it then. However, even though I feel the Dems are are just Repubs lite, if you dont try to elect a Democrat youre just wasting effort anyway.

  • avatar

    Oct 23, 2006 at 3:51 PM
    nek4life
    says...

    You don’t even need to pick the locks, just order a key off ebay.  The keys used for theys machines are the same keys that are used for hotel mini bars and common office furniture.

    “Hotel Minibar” Keys Open Diebold Voting Machines

  • avatar

    Oct 23, 2006 at 7:09 PM
    thirtyseven
    says...

    Aeon, if you ever read this again---

    I would be fascinated to hear why electing a Democrat is a good thing.

  • avatar

    Jul 28, 2007 at 4:56 PM
    Alcoholic 007
    says...

    Aeon is an operative!!!
    BEWARE!

    More seriously, I agree with the original intent behind hacking a system and the goals of the hack, in general: Humor, revelation of issue, some one who does not want to lead being elected.

    If I didn’t stay the hell away from voting areas, I would think this to be an excellent little experiment.

    Goodluck!
    I won’t be watching the news.. heh.. no offense.. the news is f-ing warped!

Brainsturbator on Twitter

For more updates follow Brainsturbator.