The local government of the District of Columbia has been conducting a pilot project to test an internet-based voting system that would give overseas and military voters a way to download and submit absentee ballots online. Here's a PDF of the system architecture. Before using the system in a real voting process, the public was invited to evaluate its security and usability. That's where J. Alex Halderman of Freedom to Tinker comes in:
This is exactly the kind of open, public testing that many of us in the e-voting security community -- including me -- have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days' notice. I assembled a team from the University of Michigan, including my students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff.
Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters' secret ballots. In this post, I'll describe what we did, how we did it, and what it means for Internet voting.
An awful lot of meaty details follow, but here's the punchline:
Based on this experience and other results from the public tests, the D.C. Board of Elections and Ethics has announced that they will not proceed with a live deployment of electronic ballot return at this time, though they plan to continue to develop the system. Voters will still be able to download and print ballots to return by mail, which seems a lot less risky.
Oh, diva snap.
Hacking the D.C. Internet Voting Pilot (Freedom to Tinker, thanks Jake)
California and 23 other states are suing to stop the Trump administration’s shocking legal reversal of states’ authority to set their own rules on climate-warming tailpipe emissions.
Facebook CEO Mark Zuckerberg’s “please don’t regulate us too much” charm offensive stopped off in Washington, DC today, where Zuck met with Donald Trump and various members of Congress.
A day after a photo emerged of Justin Trudeau in brownface, as an Aladdin-esque genie at a 2001 party, the other shoe dropped: video of him fully blacked-up in a minstrel wig. The video dates from the 1990s. CBC News: The video was shot in the early 1990s, however it’s not clear where it takes […]
Studies have shown cannabidiol (more popularly known as CBD) to be effective in two main areas: Pain relief and stress relief. Both of those make the non-psychoactive, cannabis-derived compound a natural for topical creams. There’s no shortage of CBD products out there, but here’s eight of our favorites, all specifically designed for dermatological use – […]
If you’re part of the maker community, you know Make:. Though Make: magazine is off the shelves as of this year, the eBooks and resources put out by Maker Media are still a fantastic resource for the new generation of tinkerers, hackers, and robotics geeks. If you’re in that tribe, listen up: they’ve released a […]
Life isn’t getting any less hectic, and pressure cookers are a quick, healthy solution for a growing number of kitchens. But if you thought your Instant Pot was versatile, there’s a major upgrade on the market: The Yedi 9-in-1 Total Package Instant Programmable Pressure Cooker. If you’ve somehow never used a pressure cooker before, try […]