Diebold makes electronic voting systems. In fact they make a lot of electronic voting systems! They advertise “Over 130,000 Diebold electronic voting stations are being used in locations across the United States to assist voters in exercising their most fundamental constitutional right: the right to vote.” With the 2000 and 2004 elections being shrouded in suspicion of voter fraud, you would think that Diebold would make every effort to ensure the security of their product. They have not.
The guys at Princeton have put together a video that shows just how insecure these systems really are. Aside from the multiple logical attacks that work against them, the ways to defeat the physical security are countless. They seem to use a “wafer-tumbler” type lock that can be easily picked in under 5 seconds. Don’t know how to pick locks? No problem. Just unscrew the bottom and you have access!
As if all this was not disturbing enough, Diebold had put a picture of the master key to these systems up on their online store and Ross Kinard of SploitCast used it to create a working key of his own. While this may seem difficult, it is not. Using the image, one can determine which key blank to use fairly easily. This is because there are really not that many key blanks in use; especially for “wafer-tumbler” type locks. Once the key blank is determined, all that is left is to figure out how deep make the cuts. This can be quickly determined by referencing the photo that was so kindly provided by Diebold on their online store. Granted, there are a few more details to be aware of, but anyone who has invested much time in learning how to defeat locks should have little trouble in figuring them out.
Ross writes:
I bought three blank keys from Ace. Then a drill vise and three cabinet locks that used a different type of key from Lowes. I hoped that the spacing and depths on the cabinet locks’ keys would be similar to those on the voting machine key. With some files I had I then made three keys to look like the key in the picture.
He then sent the keys to J. Alex Halderman at Freedom To Tinker.com who quickly confirmed that two of the three keys would, indeed, open the door to the memory card on the Diebold system. This video shows the key Ross made opening the voting machine used in the Princeton study:
Didbold has finally removed the picture of the key from their website, but it would seem that it’s too little too late. The picture is out there along with more than 130,000 voting machines on which a key made from it will work. It looks like this is one company that has some explaining to do!
