The C programming language
Communications of the ACM - Bioinformatics
An authentication and Ballot layout attack against an optical scan voting terminal
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Hack-a-Vote: Security Issues with Electronic Voting Systems
IEEE Security and Privacy
Taking total control of voting systems: firmware manipulations on an optical scan voting terminal
Proceedings of the 2009 ACM symposium on Applied Computing
Determining the causes of AccuVote optical scan voting terminal memory card failures
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Hi-index | 0.00 |
This work focuses on the AccuVote Optical Scan voting terminal (AV-OS) that is widely used in US elections. We present a new attack that can be delivered without opening the system enclosure, and without changing a single bit of the system's firmware. The attack is launched by inserting a maliciously programmed AV-OS memory card into the terminal. The card contains binary code that exploits careless runtime memory management in the system's firmware to transfer control to alternate routines stored in the memory card. Once the control is taken by the injected code, the voting system is forced to operate according to the wishes of the attacker. In particular, given that the attack results in the execution of the arbitrary code, an attacker can completely take over AV-OS operation and compromise the results of an election. It is also noteworthy that once a memory card is compromised it can be duplicated using the native function of the voting terminal. In some past elections it was observed that up to 6% of all memory cards were involved in card duplication. There exists a non-trivial possibility that the infection on one memory card can propagate virally to other cards in a given election. This development was performed without access to the source code of the AV-OS system and without access to any internal vendor documentation. We note that this work is performed solely with the purpose of security analysis of AV-OS.