Sunday, January 30, 2011

11-01-30 US electronic Voting Machines - Made to Defraud - Wired Magazine // EE.UU. máquinas de votación electrónica - hecho por fraude // 美国电子投票机-欺诈作出

Hacked Voting System Stored Accessible Password, Encryption Key

  • 1:55 pm  | 
An internet-based voting system that was hacked last week by researchers at the University of Michigan stored its database username, password and encryption key on a server open to attack.
Alex Halderman, a computer scientist at the university, has detailed the vulnerabilities and hacking techniques his students used to completely control the system last week. The hack allowed them to change votes and program the system to play his school’s fight song “Hail to the Victors”after each voter cast their ballot.
The hack, unnoticed by election officials until researchers notified them, forced election officials to take the system offline and adopt a contingency plan for the November elections.
Washington, DC, began testing its internet voting system last Tuesday in advance of the November elections. The system, paid for in part with a $300,000 federal grant, is designed to let overseas military and civilian voters cast ballots quickly, instead of relying on the postal system to deliver their votes in a timely manner.
But within 36 hours of the system going live, Halderman’s team found and exploited a shell-injection vulnerability that “gave us almost total control of the server software, including the ability to change votes and reveal voters’ secret ballots.”
We modified all the ballots that had already been cast to contain write-in votes for candidates we selected. (Although the system encrypts voted ballots, we simply discarded the encrypted files and replaced them with different ones that we encrypted using the same key.) We also rigged the system to replace future votes in the same way.
We installed a back door that let us view any ballots that voters cast after our attack. This modification recorded the votes, in unencrypted form, together with the names of the voters who cast them, violating ballot secrecy.
The hack left lots of traces that an intrusion detection system should have caught. Nonetheless, it went unnoticed for two business days until Friday afternoon when several testers directed election officials to the Michigan fight song playing on their $300,000 voting system.
See also:


Dear Kim Zetter:
Conditions of electronic voting machines, and refusal of the US government to initiate corrective actions, is old news by now... [1-4]
How about reporting some new news, such as conditions of the Case Management Systems (CMSs) in courts and prisons throughout the US? [5,6]
The CMSs are as essential as the voting machines for the safeguard of democratic society.
Joseph Zernik, PhD
Human Rights Alert (NGO)

[1] 10-08-28 Common Cause Voting Machines Report Malfunction and Malfeasance
[2] 10-04-19 Brennan Center for Justice Notice in Re: Unprecleared Voting Machines - violation of the voting act
[3] 05-00-00 Validating Voting Machine Software
[4] 05-05-19 MIT-Caltech: Auditing Technology for Electronic Voting
[5] 10-08-18 Zernik, J: Data Mining as a Civic Duty – Online Public Prisoners’ Registration Systems, International Journal on Social Media: Monitoring, Measurement, Mining 1: 84-96 (2010)
[6] 10-08-18 Zernik, J: Data Mining of Online Judicial Records of the Networked US Federal Courts, International Journal on Social Media: Monitoring, Measurement, Mining, 1:69-83 (2010)

11-01-30 Welcome Mexico - Last New Visitor! // Bienvenido Mexico - Visitante Mas Reciente! // 欢迎墨西哥- 最后的新访问者!

Last New Visitor

Visited January 30, 2011

11-01-30 "Financial Crisis Inquiry Commission" Report - a Cover-up // Encubrimiento de la delincuencia por los bancos EE.UU. // 掩盖犯罪的美国银行

Financial Crisis Inquiry Commission's 10 Major Findings Read the Article at The Huffington Post
Financial Crisis Inquiry
Financial Crisis Inquiry Commission Chairman Phil Angelides.

Joseph Zernik
CRIMINALIT­Y is the key word missing from the Financial Crisis Inquiry Commission report...
Therefore, the report should only be deemed another layer of cover-up of the true origins of the crisis by the US government­.

Evidence of criminalit­y by Bank of America and its senior executives is already abundant, there is no need to wait for the WikiLeaks release. It is only that the US Government treats BofA as the beneficiar­y of sovereign immunity.

[1] 10-05-05 Countrywid­e Bank of America NYSE BAC and its President Brian Moynihan Compilatio­n of Records Evidence of Racketeeri­ng
[2] 10-05-05 Chairs of US Congress Committees of the Judiciary and Banking Are Requested to Join Senator Feinstein'­s Inquiries on Comptrolle­r of the Currency
[3] 10-07-06 Complaint Filed with US Attorney Office Los Angeles Against Moynihan Bank of America [NYSE:BAC] Bryan Cave LLP Alleging Racketeeri­ng