Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > Need urgent help checking voting machines for Java code - today!

Reply
Thread Tools

Need urgent help checking voting machines for Java code - today!

 
 
jmarch@prodigy.net
Guest
Posts: n/a
 
      09-12-2006
Folks,

I'm an elections observer in Pima County AZ credentialled by both the
Pima County Democratic and Libertarian parties. I need to be able to
check the Diebold Election Systems central tabulator for illicit Java
programs that might alter the central vote tally database.

In case you're not aware, Diebold's central vote tabulator stores it's
data in MS-Access. Yeah. Which means it can be "back doored" all too
easily. The box runs Windows 2000.

I already have a method for doing this for Visual Basic scripts from
the command line:

C:\>findstr /l /s /i /m /c:"select case" /c:"elseif" /c:"end sub" *.* >
c:\vblog.txt

The "findstr" command (built into Win2k and XP) will report back all
files that contain any of those three strings which are common stuff in
VB. I can then pull up the log file created and manually look at each
one for potential cheatin' stuff.

I need an equivelent for Java, as a separate second command line to
write to a "jslog.txt" file. But I don't know enough about Java to
create such a critter.

Any ideas? This is for a test this evening as today is the AZ
primaries.

(Note: yeah, I know they might compile it and screw us. Nothing I can
do about that except hope that any cheater is a pretty low-grade
geek...

Jim March / jmarch -at- prodigy.net
Member of the Board of Directors,
Black Box Voting Inc.
www.blackboxvoting.org

 
Reply With Quote
 
 
 
 
Oliver Wong
Guest
Posts: n/a
 
      09-12-2006

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Folks,
>
> I'm an elections observer in Pima County AZ credentialled by both the
> Pima County Democratic and Libertarian parties. I need to be able to
> check the Diebold Election Systems central tabulator for illicit Java
> programs that might alter the central vote tally database.
>
> In case you're not aware, Diebold's central vote tabulator stores it's
> data in MS-Access. Yeah. Which means it can be "back doored" all too
> easily. The box runs Windows 2000.
>
> I already have a method for doing this for Visual Basic scripts from
> the command line:
>
> C:\>findstr /l /s /i /m /c:"select case" /c:"elseif" /c:"end sub" *.* >
> c:\vblog.txt
>
> The "findstr" command (built into Win2k and XP) will report back all
> files that contain any of those three strings which are common stuff in
> VB. I can then pull up the log file created and manually look at each
> one for potential cheatin' stuff.
>
> I need an equivelent for Java, as a separate second command line to
> write to a "jslog.txt" file. But I don't know enough about Java to
> create such a critter.
>
> Any ideas? This is for a test this evening as today is the AZ
> primaries.
>
> (Note: yeah, I know they might compile it and screw us. Nothing I can
> do about that except hope that any cheater is a pretty low-grade
> geek...


I believe the pseudo-equivalents to VB's "select case", "elseif" and
"end sub" are "switch", "else"[*] and "}" respectively. However, for the
number of matches you're likely to get with "}", you might as well just read
the entire Java source code.

I don't see how finding these constructs, either in VB or Java, will
help you detect "illicit programs" in any way (unless this is one of those
"going through the motions to give the illusion of security" kind of
things), so maybe I completely misunderstood your question.

Are you trying to make sure there aren't any Java programs installed at
all? Well, as an easy first step, I'd go into the control panel and
uninstall any Java Virtual Machines I could find. That'll probably stop most
low-grade cheaters. If you're looking for keywords that almost always appear
in Java programs, you can try stuff like "public static void main(String",
"public class", "package", "import".

As for your "they might compile it and screw us", I have to say they
will definitely compile it. Java, traditionally, is compiled, not
interpreted. Which means if they're low grade, they probably compiled it. If
they manage to get a Java program running without compilation, that's
probably evidence of a high-grade cheater. So you should look for files with
the .class file extension. If the first 4 bytes are 0xCA 0xFE 0xBA 0xBE,
then it's a Java file. These 4 bytes are not whithin ASCII, so I'm not sure
if you can use findstr to detect them.

- Oliver

*: "else if" might be a better match, but then you'd have to deal with
whitespace issues like "else if".

 
Reply With Quote
 
 
 
 
jmarch@prodigy.net
Guest
Posts: n/a
 
      09-12-2006
Oliver Wong wrote:

> I believe the pseudo-equivalents to VB's "select case", "elseif" and
> "end sub" are "switch", "else"[*] and "}" respectively. However, for the
> number of matches you're likely to get with "}", you might as well just read
> the entire Java source code.
>
> I don't see how finding these constructs, either in VB or Java, will
> help you detect "illicit programs" in any way (unless this is one of those
> "going through the motions to give the illusion of security" kind of
> things), so maybe I completely misunderstood your question.
>
> Are you trying to make sure there aren't any Java programs installed at
> all? Well, as an easy first step, I'd go into the control panel and
> uninstall any Java Virtual Machines I could find. That'll probably stop most
> low-grade cheaters. If you're looking for keywords that almost always appear
> in Java programs, you can try stuff like "public static void main(String",
> "public class", "package", "import".
>
> As for your "they might compile it and screw us", I have to say they
> will definitely compile it. Java, traditionally, is compiled, not
> interpreted. Which means if they're low grade, they probably compiled it. If
> they manage to get a Java program running without compilation, that's
> probably evidence of a high-grade cheater. So you should look for files with
> the .class file extension. If the first 4 bytes are 0xCA 0xFE 0xBA 0xBE,
> then it's a Java file. These 4 bytes are not whithin ASCII, so I'm not sure
> if you can use findstr to detect them.
>
> - Oliver
>
> *: "else if" might be a better match, but then you'd have to deal with
> whitespace issues like "else if".


First off, I appreciate the feedback. I didn't realize Java is usually
compiled. Visual Basic usually isn't and I was thinking the two were
broadly similar. My bad.

The goal isn't to treat any Java (or VB) stuff as bad, but rather look
for database accesses. This system is pretty locked down, it's not a
general purpose station and there's only one live .MDB (Microsoft
DataBase) file on there. If anything is accessing it other than the
Diebold utilities provided, that's trouble and that's what we're
looking for.

It sounds like this sort of check isn't really possible with Java.
Sigh. Well, VB is a more obvious choice so...we'll at least check for
that.

Is this all "make work"? Honestly, we realize that anybody really good
can tamper to hell and gone and we'd never spot it. What we're hoping
is that since nobody is looking at this stuff or has been in previous
years, they've gotten sloppy enough to catch. It seems worth trying
anyways.

In another county we've documented use of a USB keychain device with
encryption on one of these tabulators. We don't know what they were
slipping in or out of the box but we know they were doing something. I
can't be too clear because it's an ongoing issue.

Jim March

 
Reply With Quote
 
bikemh
Guest
Posts: n/a
 
      09-12-2006

Oliver Wong wrote:
> So you should look for files with
> the .class file extension.


why not *.jar?

I don't see any reason, though, why any malware would not be there as
an *.exe. But this does bring up a kind of amusing irony to WORA

 
Reply With Quote
 
bikemh
Guest
Posts: n/a
 
      09-12-2006

Oliver Wong wrote:
> So you should look for files with
> the .class file extension.


why not *.jar?

I don't see any reason, though, why any malware would not be there as
an *.exe. But this does bring up a kind of amusing irony to WORA

 
Reply With Quote
 
Oliver Wong
Guest
Posts: n/a
 
      09-12-2006
<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
>
> Honestly, we realize that anybody really good
> can tamper to hell and gone and we'd never spot it. What we're hoping
> is that since nobody is looking at this stuff or has been in previous
> years, they've gotten sloppy enough to catch. It seems worth trying
> anyways.


Who are the potential cheaters, though? If you have time to run this
"pre-vote testing" phase, why not just completely wipe the harddrive, and
reinstall whatever software is needed from scratch right before voting
starts? Then the only possibility of cheating at this point is either you
(or whoever the technician doing this is) cheating, or Diebold themselves
cheating. In either cases, there's nothing you can really do to prevent
those.

If you have problems with voters stick USB keys into the machine, how
about physically locking down the machine so that only approved input
devices are accessible? IF you had an LCD touch screen, you could hide
everything except the screen, so all the user can do is touch on points on
the screen.

- Oliver

 
Reply With Quote
 
bikemh
Guest
Posts: n/a
 
      09-12-2006

Oliver Wong wrote:

>
> Who are the potential cheaters, though? If you have time to run this
> "pre-vote testing" phase,


Hi, Oliver. I believe he's indicating that he's an observer only, and
does so at the central computer which receives vote numbers from out in
the field, from the individual precincts or wards.

> why not just completely wipe the harddrive, and
> reinstall whatever software is needed from scratch right before voting
> starts?


almost inevitably, some (or even most) of the machines wouldn't be
ready on time. Don't forget that a crony or relative of some politician
will likely be in charge overall.

>Then the only possibility of cheating at this point is either you
> (or whoever the technician doing this is) cheating, or Diebold themselves
> cheating.


If the results are coming in from precincts to the central tabulator
over the internet, that's another avenue

>In either cases, there's nothing you can really do to prevent
> those.


except he's not trying to prevent so much as to "catch", as he says. Of
course, he might catch his own side doing something, you never know.

That being the case, it might be a better strategy to use whatever
Win2K has that parallels Task Manager.

But if the idea is that some malicious software is already installed,
but needs to be started from the console (or perhaps a CRON equivalent,
if one exists in Win2K) at the critical time - then I can see how the
search for software comes into play.

After all of that, just think what a nightmare will exist when some
supposedly "enlightened" government initiates actual voting via the
internet.

>
> If you have problems with voters stick USB keys into the machine, how
> about physically locking down the machine so that only approved input
> devices are accessible? IF you had an LCD touch screen, you could hide
> everything except the screen, so all the user can do is touch on points on
> the screen.
>
> - Oliver


 
Reply With Quote
 
bikemh
Guest
Posts: n/a
 
      09-12-2006

bikemh wrote:
> Oliver Wong wrote:


>
> > why not just completely wipe the harddrive, and
> > reinstall whatever software is needed from scratch right before voting
> > starts?

>
> almost inevitably, some (or even most) of the machines wouldn't be
> ready on time. Don't forget that a crony or relative of some politician
> will likely be in charge overall.


though maybe something like vmware would allow Oliver's astute
observation to be practical in the actual situation

 
Reply With Quote
 
jmarch@prodigy.net
Guest
Posts: n/a
 
      09-12-2006
Oliver Wong wrote:

> If you have problems with voters stick USB keys into the machine, how
> about physically locking down the machine so that only approved input
> devices are accessible? IF you had an LCD touch screen, you could hide
> everything except the screen, so all the user can do is touch on points on
> the screen.
>
> - Oliver


No, this is the central tabulator station, the one PC at county
elections HQ that takes in the votes from the whole county. Voters
don't have access.

It's the county elections officials and Diebold on-site staff that are
the threats and yes, trying to block those guys is a hell of a fight.
If we do enough scrutiny we might scare them into not cheating in the
first place, which is fine. If they DO cheat I want to catch them.

Not impossible depending on how sloppy they are.

Somebody mentioned that I might find "my side" cheating. If so, y'all
have my promise I'll bust 'em as fast as anybody. I just moved to
Arizona today and will be registering Libertarian. In California I was
registered Republican but a member of the Republican Liberty Caucus,
which means "GOP but with major libertarian leanings". I've done
election checkouts for both Republican and Democratic candidates. My
concern is about the process, not who wins.

I believe there are corrupt elements of both major parties and even a
little in the minors, although not as much because without serious
power they don't attract those types.

Jim March

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Java: JTNEF - Sending email with Voting buttons in Outlook. jemrusalem07 Software 0 04-24-2012 09:28 AM
urgent help....need urgent help on say string task.. pooja Software 0 03-03-2009 06:16 AM
Volunteer -- Java/XML for Open Source Public Voting Project dechert@gmail.com Java 4 07-02-2007 04:58 PM
Response.Expires=0 have different effect on different machines, need urgent help Jenny Javascript 1 05-14-2004 05:24 PM
Perl Programmers, America Needs Your Help! We Need Secure Voting Machines Dave Roberts Perl Misc 24 01-23-2004 05:59 PM



Advertisments