The local government of the District of Columbia has been conducting a pilot project to test an internet-based voting system
that would give overseas and military voters a way to download and submit absentee ballots online. Here's a PDF of the system architecture
. Before using the system in a real voting process, the public was invited to evaluate its security and usability. That's where J. Alex Halderman
of Freedom to Tinker
This is exactly the kind of open, public testing that many of us in the e-voting security community -- including me -- have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days' notice. I assembled a team from the University of Michigan, including my students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff.
Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters' secret ballots. In this post, I'll describe what we did, how we did it, and what it means for Internet voting.
An awful lot of meaty details follow, but here's the punchline:
Based on this experience and other results from the public tests, the D.C. Board of Elections and Ethics has announced that they will not proceed with a live deployment of electronic ballot return at this time, though they plan to continue to develop the system. Voters will still be able to download and print ballots to return by mail, which seems a lot less risky.
Oh, diva snap
Hacking the D.C. Internet Voting Pilot (Freedom to Tinker, thanks Jake)
Wisconsin Governor and balanced-budget hawk Scott Walker’s failed bid for the GOP presidential candidacy left him with $1.2 million in debt.
The Federal Election Commission has deadlocked on a complaint about an employer who coerced his salaried employees into donating to a PAC he had started; the three Democratic commissioners voted to take action, the three GOP commissioners voted against, and that means that nothing will happen.
This week, Marvel Comics published the first issue of Captain America: Steve Rogers in which it’s revealed that since his earliest days, Captain America has been a double agent for Hydra, the thinly veiled allegory for the Nazis; in an epic Twitter rant, Livejournal alumnus and Dreamwidth cofounder Denise Paolucci explains the way that perpetual […]
We’d all love a 75-inch TV screen on which to view our favorite shows. But not all of us can drop the cash needed to get one of those broadcasting beauties (or even have the space needed to house them).Thankfully, there’s an alternative. With the SainSonic Mini LED Portable Projector (only $59.99 in the Boing Boing Store), you can project a picture […]
If you want to add some real firepower to your programming repertoire, learn Java–one of the most adaptable, widely-used programming platforms around. You can easily do that with this Ultimate Java bundle, now just $69 in the Boing Boing Store.Across 14 lectures and 117 hours of content, the educators at online academy eduCBA will walk you through […]
Every company wants to harness the power of social media, but few understand how to make that happen. Be one of those select few with this Social Media Marketing Course & Certification package, now just $29 in the Boing Boing Store.Over 12 modules of course material, you’ll learn what it takes to increase a brand’s […]