[LINK] US voting machines - problems already

Kim Holburn kim at holburn.net
Wed Nov 1 16:52:16 AEDT 2006 

It's very important.  I just found this from the slashdot article:
http://www.iht.com/articles/ap/2006/10/30/europe/ 
EU_GEN_Netherlands_Voting_Machines.php
It's amazing that the Dutch can up and ban the machines just before  
elections.  The US seems to be incapable of it.  Perhaps because the  
US elections seem to be run at a much more local level.

On 2006/Nov/01, at 4:14 PM, Howard Lowndes wrote:

> But even eavesdropping is useful because you can get an idea of  
> just how much you are going to have to later tweak a counting  
> machine that you have access to somewhere in order to achieve your  
> required result.

Well not to mention the basic privacy issues.

> Kim Holburn wrote:
>> Yeah by vulnerable I meant CRTs are more vulnerable to  
>> eavesdropping.  CRTs are vulnerable to soft tempest as well as  
>> tempest/van eck.  Soft tempest is much simpler and may even be  
>> done with a video camera.  CRTs produce considerably more EM  
>> radiation than LCDs.  LCDs are still vulnerable to EM (van eck  
>> style) eavesdropping.  I don't believe van eck would allow you to  
>> do anything more that eavesdrop.
>> http://citeseer.ist.psu.edu/kuhn02optical.html
>> http://citeseer.ist.psu.edu/kuhn04electromagnetic.html
>> While I would think this is important in a country that has secret  
>> ballots.   I'm surprised that AFAIK this has not been talked about  
>> by the anti-e-voting people in the US.
>> When I look at the register article really carefully it does seem  
>> to be about eavesdropping but it's not spelled out very clearly.
>> On 2006/Nov/01, at 11:14 AM, brd at iimetro.com.au wrote:
>>> I doubt that anyone could hack into a system through a CRT. They  
>>> could eavesdrop
>>> but it's an output device and so it's like trying to change a  
>>> word document by
>>> writing on the computer screen - notwithstanding jokes about  
>>> [pick a group you
>>> want to insult] word processing operators and whiteout.
>>>
>>> Quoting Kim Holburn <kim at holburn.net>:
>>>
>>>> That'd be?:
>>>> http://www.theregister.co.uk/2006/10/31/ 
>>>> dutch_votingmachines_inadequate/
>>>>
>>>> It doesn't mention tempest though.  It appears to be some kind  
>>>> of  active hacking through wireless.  These days CRT screens are  
>>>> much  more vulnerable to van eck and optical tempest.  LCD  
>>>> screens can  probably be shielded fairly simply.
>>>>
>>>>
>>>> On 2006/Nov/01, at 10:14 AM, Martin Barry wrote:
>>>>
>>>>> $quoted_author = "Howard Lowndes" ;
>>>>>>
>>>>>> There's also a story, I think at The Register, that the Dutch  
>>>>>> have
>>>>>> banned them because the screen radiation can be read at a  
>>>>>> distance.
>>>>>> Think TV detector vans in the UK and the Tempest standard.  I   
>>>>>> think the
>>>>>> radiation is called super heterodyne radiation.
>>>>>
>>>>> http://en.wikipedia.org/wiki/Van_Eck_phreaking
>>>>>
>>>>> "...is the process of eavesdropping on the contents of a CRT or  
>>>>> LCD  display
>>>>> by detecting its electromagnetic emissions."
>>>>>
>>>>> cheers
>>>>> marty
>>>>>
>>>>> --Tanuki:        What is the collective term for more-than-one  
>>>>> ninja?
>>>>> Matt S Trout:    Not right, but "a silence of ninjas" appeals  
>>>>> to me  somehow.
>>>>> Tanuki:        Or maybe a "stealth" of Ninjas?
>>>>> Mike Andrews:    I believe that the correct answer is: A        
>>>>> of ninjas.
>>>>> Tanuki:        I sense deep wrongness here: is it not Zen- 
>>>>> axiomatic that
>>>>>         any Ninja who announces himself as such is _not_ a Ninja?
>>>>> Joe Block:    So the perfect disguise would be for the ninja to  
>>>>> walk  around
>>>>>         in a ninja suit, trying not to hide, then?
>>>>> Tanuki:        Ah, the old argument that sometimes the best way  
>>>>> to truly  hide
>>>>>         something is to put it where it will be obvious.
>>>>>         From now on this will be known as "Security by Blatancy"
>>>>>
>>>>> alt.sysadmin.recovery usenet thread - start at <LOd8IKA8msYBFw  
>>>>> $v at demon.co.uk>
>>>>
>>>> Awesome.

--
Kim Holburn
IT Network & Security Consultant
Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.
Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
datefmt.htm

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the Link mailing list