On Apr 14 2015, the Virginia State Board of Elections immediately decertified use of the AVS WinVote touchscreen Direct Recording Electronic (DRE) voting machine. This seems pretty minor, but it received a tremendous amount of pushback from some local election officials. In this post, I’ll explain how we got to that point, and what the problems were. As one of my colleagues taught me, BLUF – Bottom Line Up Front. If an election was held using the AVS WinVote, and it wasn’t hacked, it was only because no one tried. The vulnerabilities were so severe, and so trivial to exploit, that anyone with even a modicum of training could have succeeded. They didn’t need to be in the polling place – within a few hundred feet (e.g., in the parking lot) is easy, and within a half mile with a rudimentary antenna built using a Pringles can. Further, there are no logs or other records that would indicate if such a thing ever happened, so if an election was hacked any time in the past, we will never know.
Now for some background. The AVS WinVote is a Windows XP Embedded laptop with a touchscreen. Early versions of the software ran the Windows 2000 (an election official told me about playing solitaire on the device, to demonstrate just how complete it was). Later versions ran a somewhat cut-down version, although it’s not clear to me how much it was actually cut down. The WinVote system was certified as meeting the Voting Systems Standards (VSS) of 2002, and was approved for use in Virginia, Pennsylvania, and Mississippi. (It was decertified a few years ago in Pennsylvania, and Mississippi also stopped using theirs a few years ago after some malfunction that I can’t recall in Hinds County.) [A later version of the software was submitted for certification to the Election Assistance Commission, but never approved. I don’t know if that version solved any of the problems described here.]
So how did Virginia get to decertification? It seems that in the November 2014 election, voting machines in one precinct were repeatedly crashing, and it was hypothesized to be due to some interference from someone trying to download music using their iPhone. (There were other problems with other brands of voting machines, but I’m going to focus on the WinVote.) The State Board of Elections invited the Virginia Information Technology Agency (VITA, the agency charged with providing IT services to the state government) to investigate the problem. The report, which was released on Apr 14, includes a litany of problems. [I still don’t understand how the iPhone interfered with the system, but that’s not really important at this point.]
I’ve been in the security field for 30 years, and it takes a lot to surprise me. But the VITA report really shocked me – as bad as I thought the problems were likely to be, VITA’s five-page report showed that they were far worse. And the WinVote system was so fragile that it hardly took any effort. While the report does not state how much effort went into the investigation, my estimation based on the description is that it was less than a person week.
Full Article: Decertifying the worst voting machine in the US.