330 likes | 608 Views
Cell Phones and Voting System Integrity. Natalie Podrazik natalie2@umbc.edu. Overview. Introduction Cell Phones Background Potential Attack tools Recording Abilities Wireless connections Traceability Relevance to Voting Systems. WINvote System Overview How it works
E N D
Cell Phones and Voting System Integrity Natalie Podrazik natalie2@umbc.edu
Overview • Introduction • Cell Phones • Background • Potential Attack tools • Recording Abilities • Wireless connections • Traceability • Relevance to Voting Systems • WINvote System • Overview • How it works • Vulnerabilities and Attacks • Evaluation of WINvote’s preparedness for cell phone attacks • Recommendations • Conclusions Natalie Podrazik – natalie2@umbc.edu
Introduction • Why this project was started • Why this project is relevant • Why it is novel • UMBC CSEE; CS 491V/691V • Program Investigator: Natalie Podrazik Natalie Podrazik – natalie2@umbc.edu
Became extremely popular in late 90’s 203 million + Americans own them today More customizable Smaller in size Growth towards greater computing capacity and personal feel Integration of PDA and cell phones Leads to functionality of PC’s Cell Phones: At a Glance Natalie Podrazik – natalie2@umbc.edu
Take digital photographs • Record sound • Record Video • Photo messaging • Run PC-oriented applications (iTunes) • Access wireless devices • Bluetooth • 802.11 • Programmable What can a cell phone do? • Carry on conversation over phone line (GSM...) • Voicemail • Address book • Speed dial • Call history • Calculator • Games • Alarm clock • Text messaging Natalie Podrazik – natalie2@umbc.edu
Why Recording Devices are Problematic • Invasion of privacy • Easier means of vote influence • Taking home TMI • Disabled citizens’ voting • Member registration • Easy recreation of interfaces with model Natalie Podrazik – natalie2@umbc.edu
Why Wireless Devices are Problematic • Systems use Bluetooth or Wi-Fi • Disruptions • Ballot loading to DRE’s • Sending of data to remote printers • Gathering of voter registration data • Pertinent election day updates • Tabulation of votes • More... iPAQ H6315Pocket PC T-Mobile M/DA Natalie Podrazik – natalie2@umbc.edu
A Unique Territory • Cell phones as potential attackers in critical systems • Electronic voting systems: • Inaccuracy • Unpredictability • Holes in security • Cost of attacks; identification of attacker Natalie Podrazik – natalie2@umbc.edu
Case Study: WINvote • DRE, PPV • Wireless Internet • Chosen for easy setup • Checkered history • Binds County, MI: Failures • Arlington, VA: Praises • 2006 Elections: VA VA Natalie Podrazik – natalie2@umbc.edu
Master downloads ballot via Wi-Fi Master distributes ballot to other stations Displays Serial #s on Master screen Open Unit Report Setup of equipment Boot up all machines Display of machine data Choose Master On Election Day: Setting Up BALLOT LOCATION Natalie Podrazik – natalie2@umbc.edu
Election official inserts BALLOT card EO leaves; voter votes Votes recorded in: Hard drive USB Memory stick On Election Day: Voting BALLOT Natalie Podrazik – natalie2@umbc.edu
EO enters smart card on one chosen Master EO confirms “Close Poll Location” Other machines “wake up” Master receives vote tallies from other machines in precinct Serial #s of each machine displayed until “Stop Searching” EO can “Export Location Data” “Unit Close” report prints on each machine On Election Day: Counting Votes LOCATION Natalie Podrazik – natalie2@umbc.edu
Recording Devices Exploit WINvote Flaws • Vote bribery/intimidation • Capturing of exact interface • GUI ballots • Disabled voters’ ballots • Bootup procedures • Shutdown procedures • Inability to determine when recording is going on Natalie Podrazik – natalie2@umbc.edu
System Integrity Attacks • Background: • Types of DoS Attacks to Wireless • Deauthentication • MAC layer duration stalling • Strength • Cost • Technologies to fret about • Bluetooth • 802.11 (Wi-Fi) Natalie Podrazik – natalie2@umbc.edu
Range of sensitive material Machine Details Registration Paperwork Precinct Environment Voting Procedures Challenge of Detection Identifying Attackers WINvote’s Vulnerabilities I Recording Election Data Natalie Podrazik – natalie2@umbc.edu
Record Castingof Votes P/ND/$ Record ScreenTouch History I/D/$$ Record VotesCast by DRE I/D/$$ RecordVoter Voting P/ND/$ EmbeddedSoftwareI/D/$$ Hidden,Traditional P/ND/$$ Cell Phone P/ND/$ RecordingHardware I/D/$$$ $ = Relatively Cheap$$ = Moderately Priced$$$ = Very Expensive P = Possible I = Impossible D = DetectableND = Not Detectable Evaluation of Attack I Recording Election Data Natalie Podrazik – natalie2@umbc.edu
Feasibility Cost? Resources? Time? Risk? Traceability Likelihood Impact Machine Polling Place Precinct Election Evaluation of Attack I Recording Election Data Cheap and possible attackwith minor to majorconsequences Natalie Podrazik – natalie2@umbc.edu
Denial Of Service Attack Repeated deauthentications MAC Duration field delay Redundancies for vote counts Wireless submission Paper trail USB Memory stick Broader impact of attack WINvote’s Vulnerabilities II Disrupting the Tallying of Votes Natalie Podrazik – natalie2@umbc.edu
BlockTabulationP/ND/$$I Remove PollworkersI/D/$ DestroyMachinesI/D/$$ Ruin Wi-FiConnectionP/ND/$$ Ruin USBP/D/$ SwapI/D/$$ StealI/D/$ RuinPaper TrailP/D/$ SpecialEquipmentP/ND/$$ Break/DamageI/D/$ Break/DamageP/D/$ Swap I/ND/$ StealI/D/$ LaptopP/ND/$$ JammerP/D/$$ Break/DamageP/D/$ Cell PhoneP/ND/$$ Evaluation of Attack II Disrupting the Tallying of Votes Natalie Podrazik – natalie2@umbc.edu
Evaluation of Attack II Disrupting the Tallying of Votes • Feasibility • Cost? • Resources? • Time? • Risk? • Traceability • Likelihood • Impact • Machine • Polling Place • Precinct • Election Requires some work and mayhave minor consequences.Redundancies in vote recordingprotect accuracy of election. Natalie Podrazik – natalie2@umbc.edu
How it works Tells WINvote machines to connect at receipt of a “magic packet” Spoofing of magic packet Repercussions of a “harmless attack” zzzzzz WINvote’s Vulnerabilities III Wake-On-LAN (WoL) Natalie Podrazik – natalie2@umbc.edu
Disturb WoL P/ND/$$ Send PrematureWoL Request P/ND/$$ DestroyMachines I/D/$ Insert SmartCard EarlyI/D/$ SpoofWoL RequestP/ND/$$ Cell PhoneP/ND/$$ ComputerP/ND/$$ Evaluation of Attack III Wake-On-LAN (WoL) Natalie Podrazik – natalie2@umbc.edu
Feasibility Cost? Resources? Time? Risk? Traceability Likelihood Impact Machine Polling Place Precinct Election Evaluation of Attack III Wake-On-LAN (WoL) Requires some work and maynot affect overall electionresults, but it severely affectsvoter confidence in the system. Natalie Podrazik – natalie2@umbc.edu
WINvote’s Vulnerabilities IV Ballot Loading • Denial-Of-Service Attacks • Deauthentication • MAC Duration field delay • Redundancies • Broader impact of attack Official Ballot Natalie Podrazik – natalie2@umbc.edu
Block Ballot LoadingP/ND/$ DestroyMachinesI/D/$$ Remove PollworkersI/D/$ Disable Smart CardsP/D/$ Prevent Wi-Fi via DoSP/ND/$ SwapI/ND/$$ Cell PhoneP/ND/$ Ruin CardsP/D/$$ LaptopP/ND/$$ StealP/D/$ Evaluation of Attack IV Ballot Loading Natalie Podrazik – natalie2@umbc.edu
Feasibility Cost? Resources? Time? Risk? Traceability Likelihood Impact Machine Polling Place Precinct Election Evaluation of Attack IV Ballot Loading A likely attack with a majoreffect on election day with very few resources Natalie Podrazik – natalie2@umbc.edu
WINvote’s Preparedness • Preventative measures • Prohibiting cell phones • Limiting duration field • Requiring additional packet ID • Recognizing attack • Identifying Attackers Natalie Podrazik – natalie2@umbc.edu
What We Can Learn from WINvote • Process redundancy • Encryption of vote data • Encryption methods • Use of Wireless Internet • Wake-On-LAN • Danger of portable devices Natalie Podrazik – natalie2@umbc.edu
Summary • Cell phones pack a lot of punch • WINvote as a case study • Privacy • System disruption • Probability and ease of attack • Reevaluate today’s attacker Natalie Podrazik – natalie2@umbc.edu
Works Cited I • "802.11 at the Polls". Wi-Fi Planet. Date of Access: 04 May 2006: http://www.wi-fiplanet.com/news/article.php/2211761 • "Advanced Voting Solutions Homepage". Advanced Voting Solutions. Date ofAccess: 04 May 2006: http://217.160.190.12/jlo775/ • "Advanced Voting Solutions: WINvote Results". Acessible Voting Systems Vendor Fair Survey Results. Date of Access: 04 May 2006: http://www.sos.state.or.us/elections/HAVA/vendorfair/survey_results/avswin_results.html • "A Report on the Feasibility of Internet Voting", California Secretary ofState Bill Jones and California Internet Voting Task Force. Created June 2000. Date of Access: 04 May 2006: http://www.ss.ca.gov/executive/ivote/final_report.htm • "A Vote for the Future". Gpvernment Technology. Date of Access: 04 May2006: http://www.govtech.net/magazine/story.php?id=61857&issue=8:2003 • "AVS.doc". Oregon Secretary of State Help America Vote Act (HAVA) Page. Date of Access: 04 May 2006: www.sos.state.or.us/elections/HAVA/vendorfair/survey_results/AVS.doc Natalie Podrazik – natalie2@umbc.edu
Works Cited II • "AVS Election Article: Advanced Voting Solutions Debuts Successfully inThree States". The Advocate Online. Date of Access: 04 May 2006: http://www.sims.berkeley.edu/~ping/diebold/lists/announce.w3archive/200211/msg00013.html • Bellardo, John, and Stefan Savage. "802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions" in the Proceedings of the USENIX Security Symposium, August 2003. • "Digital Voting Fears are Grounded in Facts". VoteTrust USA. Date ofAccess: 04 May 2006: http://www.votetrustusa.org/index.php?option=com_content&task=view&id=419&Itemid=86 • "Election Day Guide". Arlington County, Virginia Electoral Board and VoterRegistration. Date of Access: 04 May 2006: http://www.arlingtonva.us/departments/VoterRegistration/eo/images/EdayGuide.pdf • "Electronic Voting Bibliography". Personal Website: Anne-Marie Oostveen.Date of Access: 04 May 2006: http://www.social-informatics.net/evoting • "FAQ's: Voting Machine Replacement - Frequently Asked Questions". FairfaxCounty, Viringia Official Website. Date of Access: 04 May 2006: http://www.fairfaxcounty.gov/eb/FAQ_votingmachine_repl.pdf Natalie Podrazik – natalie2@umbc.edu
Works Cited III • "HP iPAQ Pocket PC Information Center System Specifications". Pocket PC Central. Date of Access: 18 April 2006: http://pocketpccentral.net/ipaq6300.htm • "Mobile Device Reviews". BrightHand. Date of Access: 18 April 2006:http://www.brighthand.com • "Number of Precincts and Registered Voters by Congressional District -February 1, 2006". Virginia State Board of Elections . Date of Access: 04 May 2006: http://www.sbe.virginia.gov/cms/Statistics_Polling_Places/Registration_Statistics/2006/Congressional/Counties_Cities_within_Congressional_Districts_-_February_1,_2006.html • "Products: Architectural Elements: Voice Output Voting Machine". Abledata. Date of Access: 04 May 2006: http://www.abledata.com/abledata.cfm?pageid=19327&top=15499&trail=22,10445 • "State & County QuickFacts: Virginia County Selection Map". US CensusBureau. Date of Access: 04 May 2006: http://quickfacts.census.gov/qfd/maps/virginia_map.html • "Tech Glitches Slow Vote Count". The Washington Times. Date of Access: 04May 2006: http://www.washingtontimes.com/metro/20031123-111644-2120r.htm • "The Electoral Board and General Registrar". Fairfax County, VirginiaOfficial Website. Date of Access: 04 May 2006: http://www.fairfaxcounty.gov/eb/homepage.htm Natalie Podrazik – natalie2@umbc.edu
Works Cited IV • United States Federal Election Commission. Agenda Document 01-62 from 13December 2001. Volume 1, Section 5: Telecommunications. • "UT-STARCOM F1000G System Specifications". UTstarcom. Date of Access: 18 April 2006: http://www.utstar.com/Solutions/Handsets/WiFi/ • "Va. Official: E-voting Security Not Easily Breached". The Citizens Voice.Date of Access: 04 May 2006: http://www.zwire.com/site/news.cfm?newsid=13976846&BRD=2259&PAG=461&dept_id=455154 • "Voting System Certification Status". Pennsylvania Department of State.Date of Access: 04 May 2006: http://www.hava.state.pa.us/hava/lib/hava/votingsystemexamination/vs_certification_status.pdf • "What is Wake On Lan?". Depicus Software. Date of Access: 04 May 2006: http://www.depicus.com/wake-on-lan/what-is-wake-on-lan.aspx • "Wi-Fi". Wikipedia. Last updated: 18 April 2006. Date of Access: 18April 2006: http://en.wikipedia.org/wiki/Wi-Fi • "Wireless Use in Presidential Primary Draws Positive Reviews". SpectrumResellers. Date of Access: 04 May 2006: http://spectrumresellers.com/publications/page207-725565.asp Natalie Podrazik – natalie2@umbc.edu