“Actually, it’s well within the capabilities of much less well-funded and sophisticated attackers.”Īndrew Appel, left, and Ed Felten, right. “It’s well within the capabilities of a country as sophisticated as Russia.” He pauses for a moment, as if to consider this. “Look, we could see 15 years ago that this would be perfectly possible,” Appel tells me, speaking in subdued, clipped tones. Homeland Security Secretary Jeh Johnson recently conceded the “longer-term investments we need to make in the cybersecurity of our election process.” A statement by 31 security luminaries at the Aspen Institute issued a public statement: “Our electoral process could be a target for reckless foreign governments and terrorist groups.” Declared Wired: “America’s Electronic Voting Machines Are Scarily Easy Targets.”įor the Princeton group, it’s precisely the alarm it has been trying to sound for most of the new millennium.
“These machines, they barely work in a friendly environment.” “Once you bring nation states’ cyber activity into the game?” He snorts with pity.
“This isn’t a crazy hypothetical anymore,” says Dan Wallach, one of the Felten-Appel alums and now a computer science professor at Rice. Dick novel into a deadly serious threat, outlined in detail by a raft of government security officials. This week, the notion has been transformed from an implausible plotline in a Phil ip K. The DNC hack, in a way, has compelled the public to ask the precise question the Princeton group hoped they’d have asked earlier, back when they were turning voting machines into arcade games: If motivated programmers could pull a stunt like this, couldn't they tinker with the results in November through the machines we use to vote? The revelation this month that a cyberattack on the DNC is the handiwork of Russian state security personnel has set off alarm bells across the country: Some officials have suggested that 2016 could see more serious efforts to interfere directly with the American election. students grew into a singular conviction: It was only a matter of time, they feared, before a national election-an irresistible target-would invite an attempt at a coordinated cyberattack. Eventually, the work of the professors and Ph.D. There, they relentlessly hacked one voting machine after another, transforming the center into a kind of Hall of Fame for tech mediocrity: reprogramming one popular machine to play Pac-Man infecting popular models with self-duplicating malware discovering keys to voting machine locks that could be ordered on eBay. For the ensuing 15 years, Appel and his colleagues have deployed every manner of stunt to convince the public that the system is pervasively unsecure and vulnerable.īeginning in the late '90s, Appel and his colleague, Ed Felten, a pioneer in computer engineering now serving in the White House Office of Science and Technology Policy, marsha led their Princeton students together at the Center for Information Technology Policy (where Felten is still director). Electronic voting machines-particularly a design called Direct Recording Electronic, or DRE’s-took off in 2002, in the wake of Bush v. To mark the achievement, his student snapped a photo of Appel-oblong features, messy black locks and a salt-and-pepper beard-grinning for the camera, fists still on the circuit board, as if to look directly into the eyes of the American taxpayer: Don’t look at me-you’re the one who paid for this thing.Īppel’s mischief might be called an occupational asset: He is part of a diligent corps of so-called cyber-academics-professors who have spent the past decade serving their country by relentlessly hacking it. Clutching a screwdriver, he deftly wedged out the four ROM chips-they weren’t soldered into the circuit board, as sense might dictate-making it simple to replace them with one of his own: A version of modified firmware that could throw off the machine’s results, subtly altering the tally of votes, never to betray a hint to the voter.
He summoned a graduate student named Alex Halderman, who could pick the machine’s lock in seven seconds. No sooner did a team of bewildered deliverymen roll the 250-pound device into a conference room near Appel’s cramped, third-floor office than the professor set to work. With a few cursory clicks of a mouse, Appel parted with $82 and became the owner of an ungainly metallic giant called the Sequoia AVC Advantage, one of the oldest and vulnerable, electronic voting machines in the United States (among other places it’s deployed in Louisiana, New Jersey, Virginia and Pennsylvania).
0 kommentar(er)
