"If an election was held using the AVS WinVote, and it wasn’t hacked, it was only because no one tried. The vulnerabilities were so severe, and so trivial to exploit, that anyone with even a modicum of training could have succeeded. They didn’t need to be in the polling place – within a few hundred feet (e.g., in the parking lot) is easy, and within a half mile with a rudimentary antenna built using a Pringles can. Further, there are no logs or other records that would indicate if such a thing ever happened, so if an election was hacked any time in the past, we will never know...
Take your laptop to a polling place, and sit outside in the parking lot.
Use a free sniffer to capture the traffic, and use that to figure out the WEP password (which VITA did for us).
Connect to the voting machine over WiFi.
If asked for a password, the administrator password is “admin” (VITA provided that).
Download the Microsoft Access database using Windows Explorer.
Use a free tool to extract the hardwired key (“shoup”), which VITA also did for us.
Use Microsoft Access to add, delete, or change any of the votes in the database.
Upload the modified copy of the Microsoft Access database back to the voting machine.
Wait for the election results to be published.
Note that none of the above steps, with the possible exception of figuring out the WEP password, require any technical expertise. In fact, they’re pretty much things that the average office worker does on a daily basis."
https://freedom-to-tinker.com/blog/jeremyepstein/decertifying-the-worst-voting-machine-in-the-us/
No comments:
Post a Comment