Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Change can start with a vote – The Birth of the Linux Voting Machine

By technophobe01

A scenario most of us are familiar with – it’s early December and we dutifully march into the closet, attic, shed, basement to gather up Christmas decorations. We pull box after box into the living room and enjoy memories as we pull out piece after piece. The holiday music is playing, the kids aren’t fighting, and there is an air of hope and expectation throughout the home.

Then, (insert ominous music), you get to the box with the Christmas lights. Deep down, we all dread this moment. The lights, naturally, are a tangled mess. You begin to pull them out and the frustration builds. “Who put them in like this?!” The dog bolts out of the room. You plug the first tangled mess in, nothing. You toss that one aside grumbling. The kids take their phones and head for their room. Mom mumbles something about “same thing, every year” and disappears.

You plug the second one in and half work, half don’t. You shake the lights like a Polaroid picture because you saw your dad do that 30 years ago. Now they all turn off. The third one has a crushed bulb, you know because you stepped on it. You think, “Oh, the lights came with spares, I can replace this and we are golden.” You replace the broken light bulb. Nothing.

Finally, you give up and announce to no one, “I’m going to Target to buy new lights.”

This, my friends, is our voting machine network in the United States of America.

Electronic voting machines have been the target of hackers since their inception. Not a surprise given what they do and the opportunities for impact of hacking one of these machines. The real travesty is that these machines were not initially designed with security in mind at all. The “security” model of these machines is that the school janitor unplugs the machine when voting day is over and jams it into the first utility closet that has space. We may overstate it a bit but honestly, it’s not far off.

How bad is the problem? Well, consider the state of Oregon has switched back to paper voting by mail. In reference to current voting machines, an Oregon official had this to say, “Throw them on the scrap pile.” And you thought our Christmas lights intro was over the top…….

Microsoft has entered into the fray as well with ElectionGuard.  “ElectionGuard enables end-to-end verification of elections, open results to third-party organizations for secure validation, and allow individual voters to confirm their votes were correctly counted.” Interestingly, ElectionGuard is a free open-source software development kit available on Github.

Is there another option?

Why Polymorphing for Linux?

Polymorphing for Linux is a technology that hardens open source Linux distributions by scrambling the binary code to create a unique version of the operating system. This is accomplished by running the source code of your chosen Linux distribution through an advanced polymorphic compiler to scramble the low-level machine code. The result is a Linux stack that has a unique binary makeup that still functions, performs and operates in exactly the same way but is completely impervious to memory-based attacks.

When attacking an operating system with randomized and unique resource mapping, hackers are unable to craft exploits and attacks that target specific memory vulnerabilities, even when the OS or applications remain unpatched for known issues. Each Polymorphed Linux OS deployment is effectively immunized against everything in the code-execution, overflow or memory corruption attack categories. This includes the memory-exploiting zero-day attacks that make up over 80 percent of all common vulnerabilities and exploits (CVEs) and are the most difficult to defend against.

The protection level is ramped up even further by recompiling the OS every 12 to 24 hours, rendering any customized or specifically targeted assault infeasible and futile. Polymorphing for Linux is also ideal for delivering enhanced and comprehensive protection during any security-patch gaps. A patch gap is the time period from when a vulnerability is created until security patches are made available and applied to fix the issue. This is vitally important because valuable systems can often go unpatched and exposed for up to a year or even longer in some cases.

The Future of Voting Machines with Polymorphing Linux

There are an estimated 400,000 voting machines in use in the United States today. Yes, estimated, we don’t really know exactly how many there are. Let that bake your noodle for a bit.

Secure voting machines, reduce hacking opportunities with Polymorphing Linux to ensure:

  • Roll back options
  • Backup trails
  • Management of software on the machine (i.e. remote access software)
  • Ensure air-gap promise

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.