practical avc-edge compactflash modifications can amuse nerds
DESCRIPTION
Practical AVC-Edge CompactFlash Modifications can Amuse Nerds. J. Alex Halderman University of Michigan. Ariel J. Feldman Princeton University. Nerds!. Diebold AccuVote-TS. . EVT 2007. “Security Analysis of the Diebold AccuVote-TS Voting Machine“ A. Feldman, J. A. Halderman, and E. Felten. - PowerPoint PPT PresentationTRANSCRIPT
Practical AVC-Edge CompactFlash Modifications
can Amuse Nerds
J. Alex HaldermanUniversity of Michigan
Ariel J. FeldmanPrinceton University
Nerds!
“Security Analysis of the Diebold AccuVote-TS Voting Machine“A. Feldman, J. A. Halderman, and E. Felten EVT 2007
Diebold AccuVote-TS
Sequoia AVC Advantage
“Can DREs Provide Long-Lasting Security? ....”Checkoway, Feldman, Kantor, Halderman, Felten, and Shacham EVT 2009 Steve
Checkoway
HovavShacham
‘’The NJ Voting-machine Lawsuit and the AVC Advantage ...’’ Appel, Ginsburg, Hursti, Kernighan, Richards, Tan, and Venetis EVT 2009
Sequoia AVC Advantage
Andre
wAp
pel
Nedap ES3B
Rop
Gonggrijp
“Studying the Nedap/Groenendaal ES3B Voting Computer: A Computer Security Perspective.” Gonggrijp and Hengeveld. EVT 2007
“Security Analysis of India’s Electronic Voting Machines”Wolchok, Wustrow, Halderman, Prasad, K., S., Y., and Gonggrijp CCS 2010
Indian EVM Hari
Prasad
JoeHall
JeremyEpstein
The Sequoia AVC-Edge
2008: Used in 161 jurisdiction with 8.9 million registered voters
TTBR 2007
“The testers were able to gain access to the internals of the system, by, for example, unscrewing screws to bypass locks. The screws were not protected by seals.”
— TTBR red team report on the AVC Edge
Let’s reprogram it!
Let’s put Linux on it!
Booting “Damn Small Linux”
Booting “Damn Small Linux”
Problem:Watchdog timer
OK. What else can it do?
“Studying the Nedap/Groenendaal ES3B Voting Computer: A Computer Security Perspective.” Gonggrijp and Hengeveld. EVT 2007
Based on these initial experiments, we now present
the future of DREs…
FeaturesPortable
Battery powered1 or 2 players
Unlimited quarters
FreeDOS + MAME
Original 1980 Pac-Man(Celebrate the 30th anniversary)
ChallengesNo math coprocessor, no logical block addressing.
Writing a config.sys file(remember himem.sys?)
Security RisksSomeone could hack in
and reprogram it to count votes fairly
ConclusionDRE voting machines will
soon be widely decommissioned.
Their future lies in emulating classic games
to amuse nerds.
Practical AVC-Edge CompactFlash Modifications
can Amuse Nerds
J. Alex HaldermanUniversity of Michigan
Ariel J. FeldmanPrinceton University