The local government of the District of Columbia has been conducting a pilot project to test an internet-based voting system that would give overseas and military voters a way to download and submit absentee ballots online. Here's a PDF of the system architecture. Before using the system in a real voting process, the public was invited to evaluate its security and usability. That's where J. Alex Halderman of Freedom to Tinker comes in:
This is exactly the kind of open, public testing that many of us in the e-voting security community -- including me -- have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days' notice. I assembled a team from the University of Michigan, including my students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff.
Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters' secret ballots. In this post, I'll describe what we did, how we did it, and what it means for Internet voting.
An awful lot of meaty details follow, but here's the punchline:
Based on this experience and other results from the public tests, the D.C. Board of Elections and Ethics has announced that they will not proceed with a live deployment of electronic ballot return at this time, though they plan to continue to develop the system. Voters will still be able to download and print ballots to return by mail, which seems a lot less risky.
Oh, diva snap.
Hacking the D.C. Internet Voting Pilot (Freedom to Tinker, thanks Jake)
Since the whistle was blown on Trump denying aid to Ukraine unless it “investigated” his political opponents in the U.S., his position has been that there was no quid pro quo. Yesterday, his White House chief of staff Mike Mulvaney admitted there was, and added a sneering “get over it” for good measure. This was, […]
On August 8, 1974, President Richard Nixon delivered his resignation speech to the American public. Moments before this historical event, he was calmly joking around with the TV crew as if this was just any other presser. And then…. “…I have felt it was my duty to persevere, to make every possible effort to complete […]
President Donald Trump thinks this photo, of House Leader Nancy Pelosi berating him over his abandonment of America’s Kurdish allies, will make her look bad. The BBC quotes Republican “leaders” as saying Pelosi—apparently one of two women at the table and five in the room—was behaving in an “unbecoming” manner. Pelosi set the photograph as […]
Do you own a Mac? Unless you’re using it for a paperweight, you almost can’t afford not to get the Magnificent Mac Bundle. It’s a roundup of some truly essential security and file management apps, bundled up with great photo and video enhancers. The best part is that all nine apps are potentially available for […]
As much as vaping has taken over the market during the last decade, there’s still a lot of questions about the technology, as well as health concerns that we’re just now finding out about. One thing you can say about smoking: You know exactly what you’re getting, especially when it comes to pipes that you […]
We can’t all go through life with just a pair of sneakers and flip-flops. Sometimes, you have to invest in a pair of high-quality dress shoes. However, you’ve probably discovered that high-end footwear almost always comes with eye-popping price tags. You’ve got to compromise on second-hand or just suck it up and take out a […]