Need to Alter Just 10% of EVMs to Steal Elections: 2010 EVM Hacker
Video Editor: Sandeep Suman
At 5 am on 21 August 2010, a day after his 16th wedding anniversary, police took Hari Prasad into custody in Hyderabad.
Why? Prasad, Alex Halderman and Rob Gongrijpp had demonstrated the two ways in which an Electronic Voting Machine (EVM) could be hacked in just 24 hours.
Prasad is a technology and software security expert. Halderman is a professor of computer science and engineering at the University of Michigan, and Gonggrijp is a Dutch hacker who had worked with Julian Assange on WikiLeaks in 2010.
After the ‘hack’, Prasad and the others wrote a paper and released a video demonstrating how they had hacked the EVM.
With the 2019 Lok Sabha elections approaching, The Quint spoke to Prasad about the EVM hacking row:
Can an EVM be hacked? How can it be done?
There are several stages in which a criminal can attack these machines. One may be the origin itself, where large-scale manipulation can happen without even knowing about it.
Like, if something is happening inside the machine, you’ll not even come to know. The chips that they’re buying today, they’re buying from a company in Japan and a company in the US. Maybe with their history and all, you may say they’re the most reputed company, so we’re believing them.
You write all those points out, I demand the Election Commission... these are those stages where we believe these machines will be secure. They have to mention that. They have to make it public, so that people know that where all this government or this Election Commission (EC) went by.
Your hack was on an older, M2 model EVM. What about the newer M3 models?
I read an article in a newspaper that said the new M3 model EVMs are unhackable and secure. Those claims may hold up when an attack comes from outside. But when an insider is compromised, what then? They’re calling them secure while believing in the code inside – over which they have no control. The other “security” they have is checks and balances they’ve spread across lakhs of offices across the field, in the complete belief that everybody is sincere to their job.
How did you get an authentic Electronic Voting Machine for the 2010 hack demonstration?
Somebody called me up, (someone) who is part of the Election Commission and said, ‘I want to get you an EVM. You’re claiming you can hack it. Will you be able to do it if we give (you) an original machine?’
We said, ‘yes.’ We were so excited because we already saw something and had an idea about how it can be done, so we said ‘yes.’
How did you go about the EVM hack?
We demonstrated two loopholes in the security. One was how to attack a display unit. The display is the only way to show the result, and people have to believe whatever is shown on the display as true. We simply had to put something as a man in the middle.
You can use any RF (radio frequency) for this. You don’t even need wireless or Bluetooth. So, we used the simple chips that we had on hand.
And the other thing we did was demonstrate how to manipulate the memory. We tried to demonstrate that the memory chip that is used is also unsecured and it’s very simple to change the (number of) votes in the memory (chip).
In fact, we also managed to show the votes that were cast, which means you can actually extract that data as well. There were other vulnerabilities in the machine as well, which we didn’t get time to explore.
After the hack, Prasad, Halderman and Gongrijpp wrote a paper about EVMs’ security vulnerabilities and released a video demonstrating the hack. Both are publicly available on IndiaEVM.org
What came next after the hack?
We immediately wrote a paper about the vulnerabilities and released it. After that I went to the news channel, TV9, and presented the video. We took the video in such a way that we demonstrated the machine’s control unit number.
Why? Because the Election Commission began saying that this is not our machine, that it’s a lookalike. That’s the reason we wanted to make it clear that this is machine belonged to the Election Commission.
After that they filed a case against me, saying that the machine was stolen. In fact, the machine was sent back to them and it went to the same place from where it came. The only request from the person who sent us the the original EVM was not to disclose his/her name.
How did your life change after the arrest?
I suffered because of the incident. I lost about four-and-a-half years of my professional career because no engineer was ready to work with me. I lost orders from my clients also. The software industry is a sensitive industry. In fact, I stepped out of technology and went into real estate to survive.
I was released on bail after being held for eight days. In the bail order, the judge praised me, saying that if I’d done was wrong, the Election Commission had to prove some malicious intent on my part. They said that instead of punishment, I should be rewarded for exposing the loopholes and flaws in the machine.
After that, police started coming to our office and started questioning all our engineers, asking them what they tried to touch in the machine, or what they tried to meddle with. Things like this will scare engineers and they will run away. I had to virtually shut down. The same thing can happen to others also, if at all they raise their voices.
Did you ever fear for your life or your family’s lives?
Fear? (laughs) No, I don’t care about my life. When you’re working for the nation, the kind of valour you feel is different. It gives you a lot of strength. You’ll enjoy fighting for your country.
I never received, or cared much about, such threats. I heard Shuja (Syed Shuja) say that so many people were killed. I heard he’s just doing drama and that he’s duping everyone. I don’t think we have such kinds of, what you call... I don’t know.
But the stakes are very high, and you can’t rule it out either. That said, I never faced any threats like that. But my family doesn’t like it because they get scared.
They saw the police from Mumbai pick me up from my house at 5 am. 20 August was the day of my marriage, and the next morning they picked me up from my home. My wife was so scared. Any time somebody brings up this topic and somebody takes my name, she gets worried. I was only in custody for eight days, but for her, those eight days were hell.
Because people were saying stuff like they may not leave him, they may kill him and all these kinds of cinematic scripts will come to her, right? Maybe that’s why the family was worried. I never bothered though. Till the time I had never done anything wrong, or had any wrong motive... I always feel that what I did was right and I stand by it.
Are Voter Verified Paper Audit Trails (VVPATs) a more secure alternative to EVMs?
The Election Commission called us to demonstrate the VVPAT system some time around 2014. We gave our feedback, saying that the present mechanism doesn’t completely suffice because the VVPAT machine doesn’t give control to the voter to see whether what’s printed is right or wrong.
I mean to say – the option of validating what the VVPAT has printed does not exist.
Today, it’s been observed that more than 80-90 percent people don’t observe what happens in the VVPAT. In surveillance cameras, it was observed that people don’t wait to see the vote that’s printed out. They just press the button and come out. They don’t wait there to see whether it’s correct or not. That way, the whole purpose of introducing VVPAT to tackle the problem fails.
On the other hand, if the contestant expresses suspicions, the Election Commission tells them to go to court and get a court order to recount votes. This is a tedious process, and many people give up because of the long time and process. Many a times, a candidate is disqualified well after their tenure has ended.
How can we ensure EVMs are secure?
To steal an election you don’t need to steal all the machines, you don’t need to manipulate all the machines. Manipulating even 10 percent of the machines is enough. Forget win or lose, even if one machine is hacked, then the entire technology is unfit for election. That’s what we have to consider.
It has to be 100 percent secure and transparent. This is what I have to say. So, I, even today, when the EC is claiming that they’re secure, I say, “Make it transparent so that you can shut down people like Hari Prasad.” Make the entire architecture open. Put all the steps. Let people question you. If at all you’re wrong... that’s called transparency.
Secrecy is not a process of securing democracy. Ballots have to be secret, not the process. They are trying to make the process secret, which is completely denied from the beginning, by us.
If you take recent elections, after the VVPAT; what you have to observe is, see the patterns before VVPAT and after VVPAT. There are many issues that have come out after VVPAT.
The citizens of the country need a free and fair election. Not just by some sort of confidence or trust. They can’t simply trust that because the Election Commission has said a machine is secure, you believe they are secure. You have to witness that they are secure. And that can happen only if you keep everything open.