The local government of the District of Columbia has been conducting a pilot project to test an internet-based voting system
that would give overseas and military voters a way to download and submit absentee ballots online. Here's a PDF of the system architecture
. Before using the system in a real voting process, the public was invited to evaluate its security and usability. That's where J. Alex Halderman
of Freedom to Tinker
This is exactly the kind of open, public testing that many of us in the e-voting security community -- including me -- have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days' notice. I assembled a team from the University of Michigan, including my students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff.
Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters' secret ballots. In this post, I'll describe what we did, how we did it, and what it means for Internet voting.
An awful lot of meaty details follow, but here's the punchline:
Based on this experience and other results from the public tests, the D.C. Board of Elections and Ethics has announced that they will not proceed with a live deployment of electronic ballot return at this time, though they plan to continue to develop the system. Voters will still be able to download and print ballots to return by mail, which seems a lot less risky.
Oh, diva snap
Hacking the D.C. Internet Voting Pilot (Freedom to Tinker, thanks Jake)
Hold on to your wigs, people, the 2016 U.S. presidential race is about to get even weirder. Donald Trump and Bernie Sanders are the winners of the New Hampshire primaries.
Republican presidential candidate Donald Trump repeated a word suggested to him by a follower to describe rival Ted Cruz—pussy—at a campaign rally last night in New Hampshire. “I never expect to hear that again. She said he’s a pussy! Terrible. Terrible. What kind of people do I have here?” Trump said, after inviting the woman […]
Wanna see what a total clusterfuck the beginning of last night’s presidential debate was? Watch this video.
It’s 2016 and we like our technology really small. Our phones fit in our pockets, our remotes are lighter than ever, and even our cars seem to be shrinking. So your new drone shouldn’t be an exception. This Axis VIDIUS Drone is 21% off right now and it’s so little, your biggest problem won’t be […]
You’ve heard the news: cyber security is the new and very scary frontier. Hackers are out there just waiting for you to relax for a second and let them in. But that’s not going to happen to you. With a lifetime premium subscription to ZenMate VPN, you’re completely protected from anyone out there who wants […]
Remember back to the time when people thought java was just a hip way to talk about coffee? Or you vaguely remembered from geography class that it’s an island in the South Pacific? We’ve come a long way since then and now that we’ve rocket blasted into the tech future, you’re going to need to […]