Voting Machines Are Still Absurdly Vulnerable to Attacks

analytics anywhere

While Russian interference operations in the 2016 US presidential elections focused on misinformation and targeted hacking, officials have scrambled ever since to shore up the nation’s vulnerable election infrastructure. New research, though, shows they haven’t done nearly enough, particularly when it comes to voting machines.

The report details vulnerabilities in seven models of voting machines and vote counters, found during the DefCon security conference’s Voting Village event. All of the models are in active use around the US, and the vulnerabilities—from weak password protections to elaborate avenues for remote access—number in the dozens. The findings also connect to larger efforts to safeguard US elections, including initiatives to expand oversight of voting machine vendors and efforts to fund state and local election security upgrades.

“We didn’t discover a lot of new vulnerabilities,” says Matt Blaze, a computer science professor at the University of Pennsylvania and one of the organizers of the Voting Village, who has been analyzing voting machine security for more than 10 years. “What we discovered was vulnerabilities that we know about are easy to find, easy to reengineer, and have not been fixed over the course of more than a decade of knowing about them. And to me that is both the unsurprising and terribly disturbing lesson that came out of the Voting Village.”

Many of the weaknesses Voting Village participants found were frustratingly basic, underscoring the need for a reckoning with manufacturers. One device, the “ExpressPoll-5000,” has root password of “password.” The administrator password is “pasta.”

Like many of the vulnerabilities detailed in the report, that knowledge could only be used in an attack if perpetrators had physical access to the machines. And even the remotely exploitable bugs would be difficult—though certainly not impossible—to leverage in practice. Additionally, election security researchers emphasize that the efforts of countries like Russia are more likely to focus on disinformation and weaponized leaks than on actively changing votes. Those turn out to be more efficient ways to rattle a democracy.

But nation states actors aren’t the only people who might be tempted to hack the vote. And a detailed accounting of just how bad voting machine security also underpins a number of broader election security discussions. Namely, state and local election officials need funding to replace outdated equipment and employ specialized IT staff that can update and maintain devices. Voting machines also need stronger security to protect against criminal activities. And election officials need failsafes for voting machines in general, so that a glitch or technical failure doesn’t derail an election in itself.

“For those of us who have followed the state of our nation’s election infrastructure, none of this is new information,” Representatives Robert Brady of Pennsylvania, and Bennie Thompson of Mississippi, co-chairs of the Congressional Task Force on Election Security, said in a statement on Thursday. “We have known for years that our nation’s voting systems are vulnerable.”

Analyzing voting machines for flaws raises another important controversy about the role of vendors in improving device security. Many of the machines participants analyzed during the Voting Village run software written in the early 2000s, or even the 1990s. Some vulnerabilities detailed in the report were disclosed years ago and still haven’t been resolved. In particular, one ballot counter made by Election Systems & Software, the Model 650, has a flaw in its update architecture first documented in 2007 that persists. Voting Village participants also found a network vulnerability in the same device—which 26 states and the District of Columbia all currently use. ES&S stopped manufacturing the Model 650 in 2008, and notes that “the base-level security protections on the M650 are not as advanced as the security protections that exist on the voting machines ES&S manufactures today.” The company still sells the decade-old device, though.

“At its core, a voting machine is a computer which can be compromised by skilled hackers who have full access and unlimited time,” the company said in a statement. “While there’s no evidence that any vote in a US election has ever been compromised by a cybersecurity breach, ES&S agrees the cybersecurity of the nation’s voting systems can and should be improved.”

Congress has worked recently to investigate voting machine vendor accountability, but progress has been slow. In July, for example, only one of the three top vendors sent a representative to a Senate Rules Committee election security hearing, prompting an outcry from lawmakers.

“This report underscores that when you’re using technology there can be a variety of problems, and with something as important as election results you want to get it right,” says David Becker, executive director of the Center for Election Innovation and Research. “The question I hear from the states and counties, though, is just ‘how are we going to pay for it?’ They would love to have skilled IT staff, they would love to hold trainings for their workers, they would love to replace their old equipment. But you can’t just wave a magic wand and do that, you need significant funding.”

Elections officials have made significant progress on improving election infrastructure defenses and establishing channels for information-sharing, but as the midterm elections loom, replacing vulnerable voting machines—and finding the funding to do it—remain troublingly unfinished business.

Source: Wired


Turing Phone: The hacker-resistant smartphone with stretchable storage

As the Turing Phone nears its launch the device’s makers reveal their plans to push forward smartphone capabilities and battery life.


The Turing Phone can wirelessly transfer a DVD-quality movie in just over half a minute and has secure messaging that would take years to crack.

But the most impressive features of this sleek and sturdy phone are just around the corner says Turing Robotics Industries CEO Syl Chao.

The first of these additions will land next year, when Turing Phones will be upgraded from the Android 5.1 operating system (OS) to the Turing OS. In theory, this new OS will make it more difficult for the phone to run out of storage space.

Instead of just saving files onto their own device, users will be able to store content on Turing Phones belonging to other customers – with each handset sharing a portion of their storage. Chao calls this approach ‘wind computing’.

“Wind computing is essentially breaking the files into thousands of pieces, so you have copies everywhere.”

When files are distributed between phones in this way, the data will be tagged so it remains accessible to the owner and no-one else. This tagging system will also clearly link data to its owner – which Chao said should address issues of liability for what is stored on each device.

“Since data will be stored with a trustworthy tag which belongs to the user who issues the key it doesn’t matter where the data is stored, the user may retrieve it when desired. There’s always a way to check where the keys are, much like the blockchain technology behind Bitcoin.”

Underpinning this distributed storage is the security provided by Turing Robotics Industries (TRI), which started out as a company researching decentralised cryptographic keys. In the five years since TRI was established, the firm developed the Identity Based Authentication Infrastructure that will provide the foundation for the system.

Plenty of cloud services today already offer virtually unlimited storage to anyone with internet connectivity but Chao claims that wind storage bypasses some of these services’ limitations.

“Don’t you just hate that there’s only one centralized service, Dropbox or iCloud, that you have to sign up to a different services and if you lose your password you can’t retrieve your files. With wind computing you don’t have that problem anymore.”

Looking further into the future, the company is investigating the possibility of splitting computer processing jobs between devices.

Turing Phone owners will also be offered separate cloud-based storage, as part of a suite of free services that also includes email, SMS, IM and VOIP calls.

The other upgrade that Chao has planned is to the phone’s battery. Chao says the company is looking at a number of different energy storage technologies, including fuel cell, that could greatly boost the device’s running time.

“Right now our battery can last about seven hours under heavy use and on standby for a day. But that new one can last more than a week.”

Although Chao hinted the new battery could be ready for the launch of the first Turing Phone in December, he was unable to say for sure when they would switch to this new power source. It’s also worth bearing in mind that no other mainstream smartphone manufacturer has managed to make a battery with this sort of capacity and that other attempts to use fuel cells to power smartphones have been shown to have major drawbacks.

Rock solid

The Turing Phone made headlines for its security when it was announced earlier this year and for good reason.

The encryption that protects the phone’s communications relies on a private key that is kept within the device’s hardware.

“Secure communications, in terms of key distribution and key exchange, happens offline, end-to-end. There’s no need for a third party server to manage the keys, it makes the communications a lot more bullet proof,” said Chao

Even though Android is an OS known for being targeted by a large volume of malware, the communications encrypted by the private key are highly resistant to being breached, said Chao.

“A hacker could root the device but they can’t get the private key out. It’s kept completely separate in the hardware,” he said, adding that while no device was 100 percent secure – extracting that private key would take a lot of time and effort.

“We’ve hired a very skilled hacker to try to hack the key. Although he failed in the end it would take literally over three years.”

Once the phone is updated to the full Turing OS – planned within six months of launch – it will be far more secure while still retaining compatibility with Android applications, according to Chao.

Safeguarding privacy doesn’t sell phones though, in Chao’s view, which is why he sees the USP of the phone as being its clean design.

The phone has a frame made of “liquidmorphium” – an amorphous alloy of zirconium, copper, aluminum, nickel and silver that’s supposedly stronger than steel, but cheaper and more efficient to produce than titanium. It lends the handset a robust feel while retaining the look of polished Chrome. Chao is so confident of its durability he even encourages testers to try their hardest to bend the device.

Meanwhile the phone’s rear is made out of a polycarbonate, patterned with crisp geometric shapes or with a scaled texture depending on the model.

Even though the phone ships with an Android OS under the hood, the phone will run the custom Turing Phone interface on top.

The Turing Æmæth UI shares the minimalist stylings of the case – being split into tiled menus that show apps, messages and system notifications. The UI should let users peep at updates from inside apps without opening them, as well as tapping them to launch. Chao plans for the UI to be customisable in the final version, with users able to shrink elements to suit them. The phone should also launch with its own social network, with user updates displayed on the home page.

While there is much that is premium about the phone, its technical specs aren’t at the cutting edge, with an 801 Qualcomm Snapdragon chipset – the same used by the HTC One in 2014 – and a 1920×1080 resolution screen. This hardware will be bumped up to a Snapdragon 820 and at least a 2K screen when the next version of the Turing Phone is released in 2016, he said.

There are other caveats: while the WiGig data standard will allow the phone to share 3.2GB of data in no more than 25 seconds, the feature will only be available via a case provided with the Dark Wyvern special edition, priced from $779. You’ll also need this case if you want a headphone socket – otherwise you can use a Bluetooth-enabled set – and USB port.

But while the Turing Phone may be more expensive than some similarly specced competitors, Chao believes the overall package is worth it.

“It’s like, there are average cars out there but there are also people who want to drive an Aston Martin, Lamborghini or Ferrari. We’re in the elite sector of phones.”

The Turing Phone is available to preorder for $610 – $870 depending on storage.


  • CPU: MSM8974AC (Snapdragon 801) Quad Krait 2.5GHz
  • Memory Type: EMMC + LPDDR3 RAM
  • RAM/ Storage: 3GB / (16GB) (64GB) (128GB)
  • LTE Band (FDD, TDD, TDS): B1(2100), B2(1900), B3(1800), B4(2100/AWS), B5(850), B7(2600) B8(900), B17(700bc)/B20(800DD), B34, B38(TDD2600), B39, B40(TDD2300), B41(TDD2500)
  • Screen: 5.5″ FHD 1920 x 1080 / Gorilla Glass III
  • Camera: Front 8MP FF / Rear 13MP AF (dual flashlight)
  • Wireless connectivity: 802.11ac Dual bands / GPS / BT4.0 (BLE) / NXP NFC
  • Sensors: Gravity, Motion, Gyro, Proximity, Light, E-Compass, Temp/humidity
  • Fingerprint reader: Left side
  • Security: Turing Imitation Key (TIK) TF Card
  • Battery: 3,000 mAh Lithium-ion polymer
  • Charging Port: Wallaby (magnetic charger)
  • Frame: Liquidmorphium
  • Material: High-tech Ceramic / Aluminium / ABS
  • OS: Android 5.1 / Turing UI Crypto Key Decentralized AIBE (Anonymous Identity Based Encryption) with TIK
  • RFID: Unique Identification X-RFID


Google makes full-disk encryption and secure boot mandatory for some Android 6.0 devices

Google’s plan to encrypt user data on Android devices by default will get a new push with Android 6.0, also known as Marshmallow.


The company requires Android devices capable of decent cryptographic performance to have full-disk encryption enabled in order to be declared compatible with the latest version of the mobile OS.

Google’s first attempt to make default full-disk encryption mandatory for phone manufacturers was with Android 5.0 (Lollipop), but it had to abandon that plan because of performance issues on some devices.

This put Android at a privacy disadvantage with iOS, which already encrypts user data out of the box in a way that not even Apple, or government agencies for that matter, can recover it.

With the release of Android 6.0, the Android Compatibility Definition Document (CDD), which sets guidelines for manufacturers, has also been updated. The document now lists full-disk encryption as a requirement instead of a recommendation.

If a device does not declare itself as a low-memory device — with about 512MB of RAM — and supports a secure lock screen, it must also support full-disk encryption of both the application data and shared storage partitions, the document says.

Furthermore, if the device has an Advanced Encryption Standard (AES) cryptographic operation performance above 50MB/s, the full-disk encryption feature must be enabled by default during the initial set-up.

The document also specifies other encryption implementation details, like the use of 128-bit or greater AES keys, not writing the encryption key to the storage area at any time, encrypting the encryption key with another key derived from the lock screen password after applying an algorithm like PBKDF2 or scrypt to it, and never transmitting the encryption key off the device, even when the key is encrypted.

The move is likely to draw criticism from law enforcement officials in the U.S. who have argued over the past year that the increasing use of encryption on devices and online communications affects their ability to investigate crimes.

In addition to encryption, Google also mandates verified boot for devices with AES performance over 50MB/s. This is a feature that verifies the integrity and authenticity of the software loaded at different stages during the device boot sequence and protects against boot-level attacks that could undermine the encryption.

Your Fingerprint Could Be Stolen Remotely If Your Android Phone Has A Scanner

At the Black Hat conference on Wednesday, researchers revealed that fingerprint sensors on Android phones are vulnerable to hackers.

Wiping your fingerprints won’t do you any good in this day and age. During the Black Hat conference on Wednesday, security researchers presented findings that reveal hackers can remotely obtain fingerprints from Android devices that use biometric sensors.

At the moment, FireEye scientists Tao Wei and Yulong Zhang say the threat is specific to Android smartphones that use a fingerprint sensor, which limits the number of vulnerable devices. Though companies like Samsung, Huawei, and HTC currently produce Android devices with those sensors, Apple still has a significant hold on the market. Its Touch ID sensor has proven to be more secure because it encrypts data gleaned from the scanner.

“Even if the attacker can directly read the sensor, without obtaining the crypto key, [the attacker] still cannot get the fingerprint image,” Zhang told ZDNet.

Android users, however, are not so lucky: The researchers detected four methods of attack, the most disconcerting of which could remotely hack the sensor and steal any fingerprint that it encounters. Called the “fingerprint sensor spying attack,” it would allow a hacker to continuously use fingerprint data however they please. Wei and Zhang tested the hack on the HTC One Max and Samsung’s Galaxy S5 phones.

By 2019, industry watchers predict that more than half of smartphones will have fingerprint sensors—which means phone makers must improve their device security.

[via ZDNet]