|
|
|
|
|
|
by jeroenhd
601 days ago
|
|
|
I personally don't put much trust in the security of BIOS vendors. My desktop's motherboard straight up displays the BIOS password if you read the right EFI boot variable (obfuscated with some proprietary "encryption" algorithm with a hard coded key). Based on previous reports on the security of devices like these, I wouldn't be surprised if a quick flash dump of the NVRAM is enough to crack the password in seconds already. Perhaps voting machine manufacturers have finally made it too difficult to disassemble these machines in a short amount of time, but that's historically not been very difficult. I would reckon the access time needed to hack+access the BIOS lies in the area of "a few minutes, twice", not the kind of prolonged physical access you'd need to brute force the password. That's not exactly "someone posing as a voter could hack the machine", luckily, but then again apparently at least one hacker at DEF CON found a vulnerability in voting machines this year that won't be fixed before the upcoming American elections, so who knows if there's an exploit like that lying around. |
|
|