 So hello, and welcome to the elect me supreme overload of the universe campaign trip I Wish to thank all of you for volunteering for my campaign and I know you're probably wondering what you can possibly do to get me Elected, so I'm here to show you how Okay, first of all you need a little background on us elections When you think about voting you think it should be as simple as votes candidate equals votes candidate plus one This is what voting in the u.s. Really looks like We are an amazingly Decentralized system we have federal laws that apply But the federal laws are mainly for to guarantee certain things like access to the polls and anonymity Then we have state laws that apply 50 different sets of them as a matter of fact in each state Whoever's in charge of the election may be a different person some states as a secretary of state some states as a lieutenant governor Some states it's some appointed election official and all of the laws are different But elections aren't held at the state level They're held at the county level and there are over 3,000 counties in the u.s. So it's the county election officials who determine which vendor they're going to buy the equipment from How they're going to set up this equipment? What the ballot design is pretty much going to look like some of that is statewide but but Ballots differ They they're the ones that register the voters. They're the ones that set up this horrifically complex database and of course, there's like plus 3,000 of them But you see elections aren't held at the county level either It's the precincts where you go to vote and every single precinct in the u.s. Is different because my dog catcher isn't the same as yours and our school board members are not the same as yours and my Referendums aren't the same as yours so a u.s. Ballot can have as many as 11 pages of of You know single lines or paragraphs that you have to read and vote and it's extremely confusing so I Want to I Want you to think about voting in the u.s. Instead of as just picking a candidate and incrementing their votes by one as this huge heterogeneous Highly loosely configured distributed system and it has all of the problems that any distributed system have Now I mentioned that there are different state laws and they're different federal laws They do occasionally conflict and my favorite example is the state of Pennsylvania Pennsylvania is one of the 39 states that require that if you're voting on an electronic voting machine one of those dres That they must have a paper trail This is a good thing. We want there to be a paper record of the vote that you see on the screen The problem is that the way that paper trails are implemented. They have time stamps barcodes They may have Voter information on them so they violate federal law in that they they they make it possible to match They also have serial numbers so they make it possible to match a vote to a vote to the person who actually cast the vote And that's against federal law So Pennsylvania in their wisdom in order to keep these letter of both laws But the spirit of neither Decided that for every person who votes on an electronic voting machine in their state They must have a voter verified paper audit trail, but they can't use it and then of course there's this Okay for it for a t-shirt who can tell me what Hava stands for and what it did Okay, what does it do? Sure that one's brilliant So it was inflicted on us after the Florida 2000 fiasco So What it did is it was a funded mandate and funded mandates in the US are very rare It set aside a huge amount of money for these states to give to their counties to upgrade their voting systems Immediately they had a time-limited when they had to spend it and so of course they all went to the people who were advertising and And they bought mostly touch screens and some optical scan systems And that's pretty much why we're in the mess that we're in So who are we and why should you be listening to me? My name is Sandy Clark and I'm a graduate student at the University of Pennsylvania studying under Matt blaze Who's pretty well known in the hacker community We were hired along with Patrick McDaniels people at Pennsylvania State University and Giovanni Venus people He's here actually at the con They're from UC Santa Barbara, but they have a private pen testing company and they did all of our red teaming We were hired by Secretary of State Jennifer Brunner To do a complete in-depth analysis of all of the Ohio voting machines Now in the US there are four major vendors of voting machines, and they are in order of market share election software and systems Premier which is the company formally known as d-bold because of course changing your name fixes all of your problems and Between them they have a little over 80% of the market the other two Companies are heart inter-civic and sequoia systems Ohio uses ESNS d-bold and Heart they do not use sequoia, but last summer Secretary of State Debra Bowen who's the Secretary of California Commissioned a similar study that the California top-to-bottom study in which my advisor Matt blaze was the team lead that studied the sequoia systems So between the California top-to-bottom study and the Ohio Everest study Every major vendor of voting systems has had an in-depth analysis of their source code their hardware their procedures their Documentations and they've all been red teamed so oh while there's no correlation between lines of code and and Market share there is a connection between two of these companies For a t-shirt. Can anybody tell me what the connection between ESNS and d-bold is? This isn't Come get your shirt ESNS was started by Bob and Todd Yerosevich their brothers Bob left and spun off a company called d-bold so 80% of the votes that are tallied in the US election are tallied on on systems sold by companies owned by brothers It gives a new meaning to the term family values So what exactly is a voting system and this is where I have to dig out my really cool super NSA laser pointer In a voting system only those two parts. Oh Sorry in a voting system only those two parts which are the touch screen and the Pre-synced optical scanner are actually touched by the voters Everything else is part of the back-end system and that includes Windows servers running XP or Windows 2000 database software all sorts of removable media CF cards PCMCA cards even zip disks and Just it's a horrifically complicated Rube Goldberg system So the three things that everybody are familiar with are the electronic voting machines, which this has this ridiculous name DRE The precinct optical scanners Which is where you fill out a paper ballot and you go take it over to the scanner and you put it in and you know Right away whether your ballot was accepted or rejected and these centrally counted optical scanners Which are mostly used for absentee votes and for Provisional voting so you want to know what we found The first thing that we found is that special interest groups don't want you to get any work done We were hired to start in September and for the first four weeks Everybody battled back and forth as to whether or not they were going to let us publish Patrick Matt and Giovanni lost Days of sleep going back and forth over this because they weren't not going to let us sign anything Until we had control over our publishing. We did actually win Everything that we found is in the report Except for the actual examples of source code and those are in a private annex But there are pointers to them so you know what we found you just don't know exactly how they wrote it And you guys know what that stuff looks like anyway, but because we only had We were hired for three months, and we had a hard deadline. We had to finish all all of our finding and write a 300 page report In 10 and weeks and we were so worried that we wouldn't have enough time to find anything but we did manage to find a few things and Here's a list. I apologize for the small font, but I couldn't get them to fit on the screen So This the blue teams who were made up of 13 people 10 weeks 700,000 lines of code in the SNS when we combine heart and premiere with that 1.4 million lines of code that we had to go through we could not follow any set methodology We had to hack them So basically we threw darts and wherever a dart landed somebody went and looked and luckily for us The systems were such crap that we couldn't not find things um So What what exactly did we find just what you'd expect? Think back to your middle school intro to programming class and your your teacher telling you things not to do It's in this code. It's just bad. I know seven What seventh graders that write better code than this and Besides it was a bazillion languages even cobalt of all things all all in a mishmash Um So rather than give you any sort of specific examples, which would really violate them the nondisclosure agreements anyway You know what a buffer overflow looks like you know how to implement a sequel injection attack Instead I want to lead your your thoughts on along a different path I'd like to examine these voting systems as part of a distributed system instead of as individual attacks You see when academics and I don't know how this is in the corporate world But when academics find problems with a with a corporate piece of software We'll approach the vendors and we'll tell them and the first thing they try to do is trash our names and discredit our research But when they can't do that Then you get this sort of nebulous response from them. They say things like well There's absolutely no way and a malicious attacker is going to get close enough to our source code to implement this relatively Unimportant vulnerability we have all these other security procedures in place and these other security procedures include things like oh physical security Hardware authentication tokens tamper evidence seals Passwords encryption, you know all very valid items that you want in your security toolbox But the problem is that this is a system not an individual thing and they don't act by themselves They do interact and that Result in serious serious breaches and security So we'll start with physical security because those of you who know me know me in locks If any of you remember this photograph about a year or so Princeton was playing around with with debold voting machines And one of their sys admins not one of their their researchers, but one of the sys admins notice the key looked familiar He went home and he brought back the key to his home minibar and it is so familiar. It's identical So if you have a home minibar, there's a 90% chance that you can unlock a debold voting machine But guess what else your minibar key will unlock Ballot box on the left heart inter-civic ballot box on the right debold premier same key So maybe they got them on sale ESNS does not use the same keys, but they use exactly the same crappy design principle They are also cheap filing cabinet wafer locks You can buy them anywhere. You can buy the keys anywhere They use two keys one unlocks the electronics and the other one unlocks the ballot box If you don't want to bother to buy a key Deviant Olaf has a brilliant way to make a key from a picture of a photograph or print out of a photograph and a Guinness can So ask deviant to show you how But if you don't want the key you can just pick the locks You see Ohio didn't send us the keys for the first five days So in order for us to turn the machine on at all we had to pick the locks Paperclip and a little jiggling the real problem with these three vendors choice of locks and keys His oh god, you can't make this stuff up That that they use exactly the same key I'll give you the part numbers if you like But if you've got the key to a machine in California You've got the key to the machine in New York and Florida and Alaska and all over anywhere that they sell these machines It's the same key so What about the tamper evidence seals? Ohio's procedures specifically state that when the removable media is inserted in the slot that slot has to be covered With a tamper evidence seal now the removable media is used for a number of things including loading the firmware and Storing and tallying the votes and the audit trail. Okay, so this machine was set up for us by Ohio and Exactly as it was used in the last election and you can notice that it's got one of these really nifty little blue tamper evidence seals on it How good are these seals at detecting evidence of tampering you tell me they have to raise your hands because otherwise I can't get you your t-shirts for a t-shirt somebody give me a way to remove these seals undetectably Hair dryer works great. Come get it. Can get one Peel them off with what? thumbnail works actually if you watch the video hacking democracy the DVD Hari Hari Hurstie actually Peel them off using that the earpiece of his glasses and then pasted it on to a strip of ones that had never been used and then had the Elector Florida election officials try and find it and they couldn't Okay, any other ways? Go ahead Water won't work because it'll smear That's sort of like peeling it off, right? Go ahead Nick All right fair enough. I got One more t-shirt left anybody else way back in the green shirt. Thank you We are the ones at the strip we ordered 500 of those really cheap and and you And you can get them with any any serial number that you want By the way, the use of these tamper evidence seals allows a very fun Denial of service attack if people in your precinct are going to vote for the wrong person Election workers are taught to look for an intact seal a broken seal implies a compromised machine So go around breaking all the seals and they get their votes won't be counted. We don't want tamper evidence We want tamper resistant So maybe it's too much trouble to remove the seals and it's too hard to get a key or pick the locks you can always just Access one of the many open and unprotected ports Ethernet ports modem ports serial ports parallel ports every single vendor has at least one that you can get access to Some of them are hidden behind the crappy locks, but most of them are just there like this So Secretary of State Brenner told us that until she had seen this photograph She hadn't understood what her own election officials had been telling her her people had been watching Regular voters on election day walk up to these machines and pull out that plug And what happens when you do that first of all you disable your audit trail and second you get access to the serial port So so that leaves us only one real other form of security. Oh, I forgot there I Do you remember this photo from I think it was Defcon 12? I borrowed this from major malfunction who gave a great talk on how to own anything in for red The ESNS top of the line touchscreen machines are entirely controlled through infrared Unfortunately, they also have a reed switch. So you can't do it from very far. You also need a magnet. I'll get more on that later But yeah, yeah So what about the hardware authentication tokens and this is important All of the vendors require some form of hardware authentication token in order to have full control of the machine but the one That one there and this one there. This is heart inter civics spirus key and this is d-ball premieres Smart card encoder and smart voter cards. Both of those are available commercially They have very little if any crypto on them you can just Put on them, whatever you want get a hold of one right right your own stuff They're hella easy to program and get them now this box over here is a little bit more problematic That is ESNS's personal electronic ballot or peb and you've got to have one of these They you can't boot the machine without it. You can't upload firmware without it. You can zero out the vote totals You can't Start an election. You can't close an election. You can't collect all the votes You got to have one and they are not available commercially. We did try However, I did hear about three months ago. Someone stole some of them in Pittsburgh So you might be able to find them on eBay But you know we're hackers in our community if you can't buy something how do you get a hold of it? You have to Thank you. We made ours with a palm and a magnet Okay, any infrared transmitter will do we probably could have used a TV remote control and That's it for the hardware authentication So that leaves us just passwords and just encryption This would be great. I have to tell you I'm I get kind of depressed about this, but I have to laugh or else I'll cry Every vendor sells at least one machine that uploads firmware without asking for any password authentication whatsoever If you can stick your removable media into that machine, it will run whatever you give it in every case the default passwords are Ridiculously easy to guess as a matter of fact, let's do a little test Everybody shout out at once what you think the debold default password is one two three It's debold And In the cases where where the and the default passwords are rarely changed in the cases where they are changed They're easily crackable. Sometimes they're only six characters long So oh And you know what they hard-code passwords So the heart inter-civic hard-coded password is a five-letter word that means stupid In The ESNS I'm sorry because this is just awful in the ESNS We found a comment next to the hard-coded password and it's stated I kid you not We hard-coded this password so that hackers couldn't use it You can't make this stuff up In the places where they use encryption They use very bad encryption Um Well for example Debold machines use a password to encrypt the connection between the smart card and The actual DRE one smart card means one voter can cast one ballot. That's a good thing We want this to be encrypted They also use a password to encrypt the communication between the DRE and the removable media this do I have my This is actually a PCMCA card from an Ohio Debold voting machine. So that's also a good thing. We want them to encrypt that. We don't want it to be easily accessible and altered They use a third password to encrypt Those keys and store them in a file on the DRE and this is a bad thing You see they derive that password from the serial number on the side of the machine Um Heart inter civic they don't use a smart card. They use a pin number and one pin number equals one one voter can cast one ballot and When you first turn on a heart inter civic machine the system is is Networked and everything which is another bad thing When you when you first turn it on the first pin number of the day is generated using a decent random generator Every single subsequent Voter code is generated using a very predictable algorithm. So if you know one voter code You can predict all the next ones and vote as often as you like. I Think that if parents really loved their children They would drum into their wee little brains Along with the never takes candy from strangers never use homebrew crypto so You don't Yeah, I love this photo You don't have to worry about the passwords or the encryption Because there are backdoors into the system and you can get a great deal of flak from telling a vendor That you found a backdoor But I don't know what else you can call an intentionally coded function that when it is called provides its user with complete root Access to the system and it doesn't require a password. That's my definition of a backdoor So let me give you two examples the heart inter civic precinct and Opt and and central election headquarters optical scanners allow you to run test Elections and this is good because you want to verify that the optical scanners are counting the ballots correctly So in test mode in order to save you from writers cramp You can print out as many ballots as you want that are preconfigured with your candidates ovals already filled in So you could do a thousand or ten of thousands of these run them through the optical scanner And it will count them and you can determine whether the count is accurate fine in real election mode You can run those preconfigured ballots through and the optical scanner will actually spit them out and not allow them to be counted However in the software, there's the option to turn that check off So you can actually flip that little bit turn the check off run tens of thousands of Preconfigured ballots with your candidate going to win through the scanner and there's no way for the for them to tell the difference Let's see. Yes, and S Has another one You remember that little box that personal electronic ballot thingy. Well in the documentation They list three of them. There's a blue one. The blue one is a voter peb That allows one voter to cast one ballot There's a red one the red one is a supervisor peb That allows the poll worker to open and close the polls and collect the votes and reset the passwords if necessary There's a yellow peb. That's usually used by The vendor representatives if there's a problem with the machine and that resets everything back to its its default state It turns out Not in the documentation. There's a fourth kind of peb And this peb gives you complete root access to the machine and it doesn't require a password You just stick it in the slot and you have root. I Don't know what color it is But ours was black. So once you've got access to these machines This is my tribute to pirate radix Once you have them, what can you do with them? Anything you damn well, please here's a photograph of our little palm peb emulator resetting all of the passwords to Everest Here's an example of one of the election central big batch scanners Excuse me Displaying our Everest software very happily. I might add here's an example of the heart in your civic machine running Penn States own versions of firmware You notice the Penn State logo? We were going to put the University of Pennsylvania logo on there But ours is a Quaker and that just doesn't have quite the same intimidation So What does that leave us that leaves us with paper ballots and optical scanners? So I'm going to show you a couple of flaws with these but don't get me wrong This is still the best that we've got okay, and we can talk more about that later so The electronic machines the DREs are just broken. There's absolutely no way that we can recommend using them We can't recommend any fixes for them The paper ballots Have some serious flaws as well They rely for their security on a special type of ink and This special type of ink is Called a non-reading because it's absolutely invisible to scanners and So what happens is that though you can't you can't tell That little box is printed in special non-read security ink and further down on the ballot There are some other boxes that are also printed in special non-read security ink While the rest of the ballot is printed in regular ink The scanner is programmed to recognize where the dark spaces in the white spaces should be so if you Try and make a copy of this ballot your copy machine or your printer will print the whole thing out in regular readable ink And you'll put it through your optical scanner and the scanner will look at this and see dark spaces where it should have seen White spaces and it'll spit it out and it'll print across its little LCD screen possibly counterfeit. Oh By the way, these scanners spit the ballots out so fast. They are dangerous to stand next to When we were testing different ways of card stock just to see what we could get through the system The heaviest weight card stock went through the machine so fast it made a dent in the machine across the room We really wanted to try sharpen sheet metal, but we ran out of time So how do you forge one of these ballots with this non-read security ink? Why it out? Just blot out the parts that are that the scanner shouldn't see make as many copies as you want and stuff the ballot box this ballot was accepted as Valid by both the precinct based scanner and the election central big batch scanner. It can't tell the difference so You you might argue that that okay if we want to forge a ballot we want it to look like a real ballot the The average age of a poll worker in this country is 75 years old Voting election day starts at 5 30 in the morning and by the time they're counting ballots. It's what 11 30 at night So they're not going to notice any difference Besides that the ballot for my precinct is different than the ballot for your precinct So if they're going to an into a county where that which may have hundreds of precincts Since election law states that there has to be a precinct within walking distance um They're not going to notice any difference, but if you want to get picky okay You have to put the non-read sections back and that means you have to get a hold of this really special security ink Now you've seen this ink on a lot of things if you have a mortgage You might have seen or a car deed. You might see it on the deed. Usually you'll see it in yellow or you'll see it in red It's possible to get a hold of the yellow and red, but it is almost impossible I I tried for a week or so To and I'm pretty good at finding shit I Tried to get a hold of the black ink. There seems to be only one place that sells it They only sell in big batches and they only sell to known customers But in our world if you can't buy something how do you get a hold of it you? Make it we made ours with the cheapest inkjet cartridge. We could find it CVS So, you know what non-read ink really is? Ever run out of black ink cartridge on a black ink in in your inkjet and have it have to make ink out of the other three colors That's all you do is take a paintbrush dip it in all the holes smear it around until it gets to the to be the right color and Okay, it's an ugly-looking splotch. I got a C in art But that ballot was accepted as valid This this composite ink that your your nice little printer will make for you if you run out of black is Exactly the same thing as this high-security ink Yeah, you can so what you do is print print the ballot first with all the black spots using your black ink cartridge Take the black ink cartridge out and print the Exactly you what you yeah, you just have to have to program it to let it know which one should be which It's It's painless. Oh by the way the use of this ink makes for another interesting denial of service attack Denial of service by gel pen you see this non-reading the reason it can't be read is because it doesn't contain carbon and Most gel pens also don't contain carbon So if you'd like to disenfranchise a lot of voters who are going to vote for the wrong person Have a bunch of pens made up with that person's logo on them Stand outside the voting the precinct and hand them out to whoever will take them They'll mark their ballots with them and those ballots will not be counted and and I'll tell you it will not Cause any alarm though it when ballots aren't counted. It is called an undervote under votes happen all the time There was actually a lawsuit in Florida a year or so ago because a woman running for Senate in a she was democratic and she was in a democratic precinct and The normal average undervotes is about 3% and suddenly this precinct showed up with 13% of Where people just hadn't bothered to vote for her at all or vote period that that vote was apparently blank And a number of very well respected researchers two of whom worked on the California talk to bottom study We're hired to try and see whether there was any malicious Any evidence of maliciousness in this and they couldn't find anything that they could prove so Denial of service seems to work very very well So What else can you do? Well, this this is what we found the first time we turned the machine on You can simply recalibrate the touchscreen by touching to the wrong point and you can make it impossible to vote for any candidate You know you know how to recalibrate a touchscreen There's a little X and you touch the X just touch at some place bizarre on the screen and But we'll never count What else can you do? This is a debold smart card encoder Buy one of these off of eBay Hold down the turn it off Turn it on holding the on key and the yes key and you can program for as many unlimited votes as you like Yeah, it's that hard So you can cast multiple votes you can erase the audit logs disable the The audit trail zero the totals anything you damn well, please this picture by the way is an example of what happens If a toddler spills a sippy cup on the on the audit trail I think what they did is they just held up a straw and and drip down on it. So I started out my talk Telling you that I wanted to discuss the idea of The security of voting machines as part of a distributed system and I've spent this entire talk showing you example of an example at an example of individual attacks But I maintain that I have been discussing the Security of a distributed system and here's why The risk of viral propagation You see we demonstrated that it was possible for a single person With either voter access or poll worker access to upload malicious code onto a either either in the electronic DRE or onto an optical scanner system that they had in their local precinct At the end of the election that malicious code can write itself onto the removable media When the polls are closed that removable media is taken out of those machines and it is sent back to election central Which is at the county headquarters At that point it can exploit one of the many many many Vulnerabilities that are in the election database software and in the windows 2000 and windows XP software that the servers themselves run And it can upload itself onto that and then it controls the votes of the entire election It also controls the audit trail If you don't think that's important Let me remind you that in 2004 the entire country Waited to hear the results of the election in the state of Ohio Ohio was waiting to hear the results of one county Kaya Huga County I'm sorry you guys Um Kaya Hula County determined who got Ohio's electoral votes and that determined who became president of the United States One voter really can make a difference And that's not the worst case scenario You see these machines aren't used once and just thrown out Um This was a funded mandate in order to buy these machines in the first place The county's actually got money from the federal government that has never happened before and that will never happen again They are not going to charge their taxpayers money to replace these machines so This same database system is used to program all of the voting machines for the next election and the next election and the Lever machines were in use for over 40 years. Who knows how much longer. Um, we're going to be stuck with this shit um And even that isn't the absolute worst case scenario Now I admit this is a long shot But you see the back-end database systems are so complicated and so difficult to set up The documentation leaves out specific steps So the vendors actually have a second revenue source. They set up the elections for the individual counties They either send their representation Representatives to the county headquarters to set up the election or the county set send their voting information Back to the vendor headquarters and the vendors set up the election for them So in the absolute worst case scenario We've got a vector that goes from one voter in one podunk little precinct in some tiny little county in some Midwestern state Back to election central in the county headquarters and from there to the vendor and from there to every machine that they sell It is a worst-case scenario, but we're talking about The elections in one of the biggest and most important countries in the world that has to be something considered so one of the Responses that we got from the vendors when we published our report Was well, these are just a bunch of eggheads sitting in an ivory tower. None of this stuff is practical Well, I remind you Giovanni Vigna and his web boy security people read teamed everything They demonstrated they did not have access to the source code all they had was access to the to the same machines a voter would Have or a poll worker would have and they were able to carry out this virally propagated attack Part of our mandate with Ohio was to provide mitigation strategies and recommendations in most of the cases It's so broken We could not our best recommendation was scrap it and start over from scratch So what do I want you to do? I want you first of all to vote I Realized that I've just told you what's wrong with voting, but there are a lot of issues consider the wiretapping stuff the motion picture Copyright stuff Them going through your laptop at and any border these are issues before up before our Congress right now and we really really need Clueful people involved so I would do do Hope that you will vote in this election if you're a US citizen I leave that up to your wisdom I Want you to become poll workers as I said before They yeah, you get it. Oh, I love you guys As I said before on the average age of a poll worker is 75 They are simply not equipped to understand the technology and to recognize when there are problems and to fix them When they happen your counties need your technical expertise You get two hours of training you get up maybe a hundred and fifty dollars And you get one exhausting day, but you might also get the machines in your living room the night before the election I Know and I'm speaking from from actual knowledge. I know people who had eight machines in there in overnight The last thing we can do really is We have to build a better system We've got to get involved we have got to build something open source that runs on an open source platform not on proprietary hardware like all of the voting machines are and Like anything until we reach critical mass until enough of us get involved in this nothing is going to change But but we can change the world we did it with Linux. Why can't we do it with voting as well? um Copping ye who worked on the California voting system actually his thesis is a 461 line Python voting system that so far seems to be very very secure So we don't even need to do seven hundred thousand lines of code The last thing I want you to do is to remember To elect me supreme overlord of the universe, but you know what even if you don't I'm gonna win anyway, so we actually have some time for questions if anyone would like to ask Yes, can you can use a mic is there a mic? Yes, he asked is the report available online if you go to the secretary of state of Ohio's website And you look under elections all of the reports are there and ours was the academic report. So look for academic Ah SNS claims that they that they are are used in 43 states Debald is using about that in that many as well Now what's interesting is that? Secretary of State Burner Well, not not a technical person really did the right thing after the report Was turned in and she was getting a lot of flak from from a bunch of people She decided to push for the removable Removing of all of the electronic machines in Ohio. So they are going to she went beyond our recommendations actually They are going to use paper ballots and centrally counted optical scan systems California is doing the same thing And surprisingly God and this really threw me Texas is looking to get rid of their Dres and and go to completely optical scan as well who to thought Yes If you can get access to it you control it. There's no protection against it So if it might be hidden behind some of those crappy wafer locks, it might not depending on But but there is absolutely no the optical scanners have no protection against your uploading whatever firmware you want Say again Okay, so the question is do I think that right once memory might help strengthen auto trails? It would be it's certainly be worth testing. I could never prove any maliciousness I can tell you that the code is very poorly written So there's definite definite signs of incompetence There's no proof of any any form of maliciousness but Proof of greed if if you can say Getting something that is not ready for prime time out and sold on the market to 80 or 90 percent of the different states greed. Yes Oh five minutes Go ahead. Okay, so he's asking whether or not There should be a single vader vendor for every state so that every everything is the same and everyone understands How it works or whether you should have multiple vendors? I don't think that that is ever going to happen that would have a single vendor because Most state and federal laws require that you accept bids from a number of different vendors The thing is is that whoever is in charge of the elections be it the secretary of state or a lieutenant governor or whatever like that Has people test the machines and then certifies which machines are allowed to be sold in that state and which versions of software they're allowed to be running And then the software supposed to be an escrow and things like that so I Whether One system is better than than several I Couldn't say Because they're all just bad Behind you first the state of Ohio right now Jennifer Burner just is has a suit with debault because What they what they discovered when they tried to upload the votes into their back-end database system was that the removable media suddenly was missing votes and Debald is currently claiming that that's a result of the antivirus software that was running on the servers so So while there have not been any class-asked and locksuits by by the public there have been some brought by EFF there have been some brought by the States themselves and there have been some brought by by some special interest groups like black book box voting and a few other like that He said there's at least two vendors that have gone under because of lawsuits So we're pretty much out of time But but we'll be in questioning in the room across the hall. I think it's 109 So feel free to come and let's chat