"Alex Halderman"

A bipartisan, GOP-led voting machine security bill that would actually fix vulnerabilities in US elections

The Secure Elections Act is a bipartisan Senate bill with six co-sponsors that reads like a security researcher's wish-list for voting machine reforms. Specifically, it reads like Matt Blaze's wishlist, hewing closely to the excellent recommendations laid out in his testimony to the House of Representatives' Committee on Oversight and Government Reform Subcommittee on Information Technology and Subcommittee on Intergovernmental Affairs Hearing on Cybersecurity, recounting his experiences as a security researcher and as the founder of Defcon's Vote Hacking Village. Read the rest

Leaked NSA docs: Russian military hacked US voting software company, spearphished 122 election officials

An anonymously leaked Top Secret NSA report on Russian state hackers interfering with the US elections has been published by The Intercept, which had the documents independently analyzed by a who's-who of America's leading security experts. Read the rest

Enterprise firewalls are man-in-the-middling HTTPS sessions like crazy, and weakening security

A group of security researchers from academe and industry (including perennial Boing Boing favorite J Alex Halderman) have published an important paper documenting the prevalence and problems of firewalls that break secure web sessions in order to scan their contents for undesirable and malicious content. Read the rest

Alex Halderman: we will never know if the Wisconsin vote was hacked unless we check now

Alex Halderman has clarified his earlier remarks about the integrity of the Wisconsin election: in a nutshell: voting machine security sucks, hackers played an unprecedented role in this election; there are statistical irregularities in the votes recorded on software-based touchscreen machines and the votes registered with paper ballots counted by optical scanners, so why the hell wouldn't we check into this? Read the rest

Wisconsin: America's top voting-machine security expert says count was irregular; Fed judge says gerrymandering was unconstitutional

University of Michigan prof J Alex Halderman (previously) is one of America's top experts on voting machine security (see this, for example), and he's issued a joint statement with voting-rights attorney John Bonifaz to the Clinton campaign, advising them to ask for a recount of the Wisconsin votes. Read the rest

It's pretty easy to hack traffic lights

Researchers from the University of Michigan EE/Computer Science Department (previously) presented their work on hacking traffic signals at this year's Usenix Security Symposium (previously), and guess what? It's shockingly easy to pwn the traffic control system. Read the rest

If the 2016 election is hacked, it's because no one listened to these people

Ever since the Supreme Court ordered the nation's voting authorities to get their act together in 2002 in the wake of Bush v Gore, tech companies have been flogging touchscreen voting machines to willing buyers across the country, while a cadre computer scientists trained in Ed Felten's labs at Princeton have shown again and again and again and again that these machines are absolutely unfit for purpose, are trivial to hack, and endanger the US election system. Read the rest

Now we know the NSA blew the black budget breaking crypto, how can you defend yourself?

Well, obviously, we need to get Congress to start imposing adult supervision on the NSA, but until that happens, there are some relatively simple steps you can take to protect yourself. Read the rest

The NSA sure breaks a lot of "unbreakable" crypto. This is probably how they do it.

There have long been rumors, leaks, and statements about the NSA "breaking" crypto that is widely believed to be unbreakable, and over the years, there's been mounting evidence that in many cases, they can do just that. Now, Alex Halderman and Nadia Heninger, along with a dozen eminent cryptographers have presented a paper at the ACM Conference on Computer and Communications Security (a paper that won the ACM's prize for best paper at the conference) that advances a plausible theory as to what's going on. In some ways, it's very simple -- but it's also very, very dangerous, for all of us. Read the rest

Today's terrifying Web security vulnerability, courtesy of the 1990s crypto wars

The Logjam bug allows attackers to break secure connections by tricking the browser and server to communicate using weak crypto -- but why do browsers and servers support weak crypto in the first place? Read the rest

Buy your own TSA-surplus pornoscanner for $8K

Remember when the TSA spent $113K on Rapiscan pornoscanners that turned out not to work? Now they're selling them off for $8,000. Read the rest

Security researchers buy pornoscanner, demonstrate how to sneak in guns & bombs

Researchers from UCSD, the U Michigan, and Johns Hopkins will present their work on the Rapiscan Secure 1000 at Usenix Security tomorrow; the Secure 1000 isn't used in airports anymore, but it's still in courts, jails, and government security checkpoints (researchers can't yet get their hands on the millimeter machines used at airports).

Telex: an infrastructure-level response to state Internet censorship

J. Alex Halderman and his colleagues have unveiled Telex, a "state-level response to state-level censorship." It's a network of censorship-busting major ISPs that provide infrastructure-level, hard-to-detect proxying that allows people in repressive regimes to get access to sites blocked by their national firewalls. The descriptive materials on the site are very easy to grasp and very exciting.

* Telex operates in the network infrastructure -- at any ISP between the censor's network and non-blocked portions of the Internet -- rather than at network end points. This approach, which we call "end-to-middle" proxying, can make the system robust against countermeasures (such as blocking) by the censor.

* Telex focuses on avoiding detection by the censor. That is, it allows a user to circumvent a censor without alerting the censor to the act of circumvention. It complements anonymizing services like Tor (which focus on hiding with whom the user is attempting to communicate instead of that that the user is attempting to have an anonymous conversation) rather than replacing them.

* Telex employs a form of deep-packet inspection -- a technology sometimes used to censor communication -- and repurposes it to circumvent censorship.

* Other systems require distributing secrets, such as encryption keys or IP addresses, to individual users. If the censor discovers these secrets, it can block the system. With Telex, there are no secrets that need to be communicated to users in advance, only the publicly available client software.

* Telex can provide a state-level response to state-level censorship. We envision that friendly countries would create incentives for ISPs to deploy Telex.

Read the rest

Evoting security researchers at U Michigan root DC's voting machines with ease

Oldsma sez, "DC election officials put a test version of their voting system up in a mock primary and invited white hat attacks. U. Michigan broke it completely within 36 hours. DC officials reply, in a nutshell, 'Well, that's why we asked people to test it.'"

D.C. voting officials knew there might be openings in the upload procedure, said Paul Stenbjorn, director of information services at the D.C. Board of Elections and Ethics.

"It was disappointing that it was as easy as it was for them," he said, "and that we hadn't been more proactive about closing down these known issues."

In the end, Stenbjorn considers the experiment a success. "This was why we had the public examination period," he said. "Obviously, we would have liked a smooth noncontroversial deployment of our new system, but this was a known potential outcome..."

Halderman expected the system to be fairly easy to compromise.

"Web security is a very difficult problem," he said. "Major web sites like Facebook and Twitter regularly suffer from vulnerabilities, and banks lose millions of dollars to online fraud every year. These high-profile sites have greater resources and far more security experience than the municipalities that run elections, and yet they are still constantly having problems. It may someday be possible to build a secure method for voting over the Internet, but in the meantime, such systems should be presumed to be vulnerable based on the limitations of today's security technology."

Michigan researchers hack Washington DC computer voting system

EFF E-Voting

(Thanks, Oldsma, via Submitterator! Read the rest

Hari Prasad, India's evoting researcher, working to save Indian democracy from dirty voting machines

Hari Prasad is one of the winners of this year's Electronic Frontier Foundation Pioneer Awards; in Prasad's case, the prize was awarded based on his excellent work dissecting the (deeply flawed) electronic voting machines used in India's elections. Prasad was imprisoned by Indian authorities for pointing out the many vulnerabilities he and his colleagues discovered.

Free again, Prasad continues to work for fair and honest elections in India, the world's largest democracy. EFF fellow Jim Tyre has written up Prasad's amazing story in a blog post. Prasad and the other Pioneer winners will receive their awards next Monday, November 8, at a ceremony at San Francisco's 111 Minna Gallery (I'm emceeing).

Even after Prasad was released on bail in late August, he was mostly prevented for a significant period of time from returning to his home, family, and work in Hyderabad. The police in Mumbai had the right to question Prasad every day, and in fact did on most days. Because of the substantial distance between the two cities, returning to Hyderabad for more than a few very short trips was a practical impossibility until early October. During that time, the police repeatedly questioned Prasad about the identity of the anonymous source and little else, and told him that he would be discharged if he revealed the name.

Subsequent to Prasad's release on bail, there have been a number of significant developments. The police have continued their quest to discover the identity of the anonymous source. An engineer and activist from Pune, Mukund Lagoo, was arrested and held without bail.

Read the rest

Alex Halderman's totally epic hack of the DC internet voting system pilot program

The local government of the District of Columbia has been conducting a pilot project to test an internet-based voting system that would give overseas and military voters a way to download and submit absentee ballots online. Here's a PDF of the system architecture. Before using the system in a real voting process, the public was invited to evaluate its security and usability. That's where J. Alex Halderman of Freedom to Tinker comes in:

This is exactly the kind of open, public testing that many of us in the e-voting security community -- including me -- have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days' notice. I assembled a team from the University of Michigan, including my students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff.

Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters' secret ballots. In this post, I'll describe what we did, how we did it, and what it means for Internet voting.

An awful lot of meaty details follow, but here's the punchline:

Based on this experience and other results from the public tests, the D.C. Board of Elections and Ethics has announced that they will not proceed with a live deployment of electronic ballot return at this time, though they plan to continue to develop the system.

Read the rest

Voting machine hacked to run Pac-man

Over at the Submitterator, lbigbadbob points us to this video of a Sequoia AVC Edge touch-screen DRE voting machine hacked to, er, play Pac-man. This was done without breaking any of the tamper-evident seals. Nice work, J. Alex Halderman, University of Michigan, and Ariel J. Feldman, Princeton University! From the project page:

How did you reprogram the machine?

The original election software used the psOS+ embedded operating system. We reformatted the memory card to boot DOS instead. (Update: Yes, it can also run Linux.) Challenges included remembering how to write a config.sys file and getting software to run without logical block addressing or a math coprocessor. The entire process took three afternoons.


In celebration of the 30th anniversary of the iconic arcade game, we reprogrammed the AVC Edge to run Pac-Man. It uses MAME to emulate the original hardware. (We own the electronics from a real Pac-Man machine.) We could have reprogrammed it to steal votes, but that's been done before, and Pac-Man is more fun!

PAC-MAN on the Sequoia AVC-Edge DRE voting machine Read the rest

Next page