In association with heise online

16 August 2009, 12:52

Hacking at Random: CCC demonstrates TEMPEST measurement of voting machines

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Andreas Bogk at HAR
Zoom In his presentation on TEMPEST measurements Andreas Bogk reiterates the CCC's view on voting machines
At the summer hacker festival "Hacking at Random" Andreas Bogk of the Chaos Computer Club has demonstrated a way of measuring electromagnetic radiation from a Nedap voting machine. In so doing, the CCC intends to challenge the position taken by the Physikalisch-Technischen Bundesanstalt (PTB), Germany's national metrology institute), which is responsible for testing voting machines. The PTB has expressed few concerns about the device's TEMPEST security. While the demonstration was carried out on a Dutch voting machine, results from testing a German device were also shown.

Those who have doubts about voting machine technology have always suspected what some proponents of digital voting still deny – that voting machines emit electromagnetic radiation which can be measured from several metres away using an appropriate antenna. CCC technician Bogk carried out a live demonstration using a scanner that recorded the radiation as audible signals. In the second part of the presentation Bogk explained how these signals can be measured and interpreted, a process developed by Dutch physicist Wim van Eck. This was followed by slides of measurement results from an earlier CCC test of a German machine. Apparently the CCC were not allowed to ship one of the German machines to the festival for the demonstration, although they plan to release a video of the measurements being taken.

Due to the level of interest in the CCC presentation, it was moved to the large 'Zonnehal' building and concluded to warm applause. Although the evaluation and decryption of the measured values remains to be carried out and will take some time, the hackers believe that they have once again demonstrated the poor level of security offered by voting machines. However, for that to be the case they now need to publicly show that the signals recorded allow data entered into the type of voting machine used in Germany to be reproducibly identified and differentiated. Following a judgement by the German Federal Constitutional Court, the use of Nedap machines is currently banned in Germany.

(Detlef Borchers)


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit