Skip to main content

    Beer-powered bending robot elected to DC school board by hackers

    Beer-powered bending robot elected to DC school board by hackers

    /

    In 2010 the DC school board challenged hackers to infiltrate its new web-based absentee voting system, which resulted in the election of animated robot Bender Bending Rodriguez of Futurama fame, according to The Register and hacker / professor Alexander Halderman.

    Share this story

    A head in the polls
    A head in the polls

    In 2010 the DC school board challenged hackers to infiltrate its new web-based absentee voting system, which resulted in the election of animated robot Bender Bending Rodriguez of Futurama fame, according to The Register and hacker / professor Alexander Halderman. Halderman and two grad students from the University of Michigan achieved the hack within a few hours after discovering a vulnerability that granted them access to the "public key" that's used to encrypt ballots — with the key, the team was able to alter the ballots already cast and replace new ballots with fakes.

    Screen_shot_2012-03-02_at_3

    In what seems like a plot element from 24, the hackers also accessed the school board's broader network, including a video surveillance system that allowed the team to monitor the habits and behavior of workers and security guards and plan their attacks accordingly. The hacker team's report says that it used the system "to gauge whether the network administrators had discovered our attacks — when they did, their body language became noticeably more agitated." After accessing the system's terminal server the team detected other outside attacks from the Persian Gulf University in Iran, and New Jersey, China, and India, prompting Halderman and company to block the IP addresses of competing operatives. Finally, the team left its "calling card" by programming the voting site to play the University of Michigan's fight song shortly after it loaded.

    But while these officially sanctioned hacking shenanigans provided comedic results, the team says that the situation for internet voting is serious. They say that one small mistake in network configuration or implementation "can easily undermine the legitimacy of the entire election," and that internet voting is likely to be vulnerable to other types of attacks, including internal sabotage, even if external attacks are ruled out. The team concludes that "securing internet voting in practice will require significant fundamental advances in computer security," and urges internet voting supporters to reconsider the technology unless "major breakthroughs are achieved." Otherwise, we might end up "electing" a robotic lush who's hellbent on destroying the human species.