Slashdot Mirror
Experts Critique SERVE Internet Voting System
linuxwrangler writes "SFGate is reporting that a critique by four security experts claims that SERVE, a system being developed to allow US citizens overseas to vote via the Internet, is so vulnerable to attacks that it should be scrapped. The other six experts who examined the system declined to issue a report. Nevertheless, the Pentagon stands by the system and plans to use in in elections next month."
It's a shame that the government and these companies can't get their act together, and build a simple, secure voting system that includes a paper trail. Why is that so complicated. I'm currently serving in the US Army in Germany, and an online voting system would truly make life easier. It's a soldiers job to defend democracy, so it's a very sacred thing for us to be able to take part in it. To be able to vote right over the internet without much hassle is something has taken far to long to develop.
Given that the US can't seem to get in-person voting right (Goooo Diebold), I doubt they're really ready for remote voting.
HOW'S MY POSTING? CALL 1-800-POSTING
Seriously, There are enough problems with the E-voting systems in the US. Deploying insecure systems overseas just makes a bad problem worse.
Here is the no rego NYTimes link for the article mentioned in the report.
(\(\
(^.^)
(")")
*This is the cute bunny virus, please copy this into your sig so it can spread
We'll be counting hanging TCP connections?
If the U.S. govt would ask a University Comp-Sci department (any University) to initiate an open-source secure electronic voting system, this problem would solve itself very rapidly.
Why do these things continue to go out to bid instead of being handled in academia where they should be?
The reason that it can be true that 1+1 > 2 is that very peculiar nonzero value of the + operator
...100% of respondents (in this case, all qualified) say the system sucks, and the people in power say "Nah, go with it!"
The optimistic interpretation: The pentagon is full of idiots.
The pessimistic interpretation: The pentagon is full of corrupt people.
My interpretation: The pentagon is full of corrupt idiots.
From the article:
"We've had things put in place that counteract the things they talked about."
Gee, thanks for being specific. I'm convinced.
2) Allow Voting
3) Announce result
Using this task order means that 2) is redundant and therefore has no impact on the result, therefore you do not need a secure system and can save money by purcasing a system off your friends
There are thousands of troops overseas who'd like to vote. Given that an election's outcome could easily determine the amount of time that these men and women remain overseas, I say their opinion matters...
I'm not sure why there's a push to do this electronically instead of the absentee ballots that troops have been using for years, but it's probably something to do with "possible impropriety" in how soldiers' overseas ballots were counted (or not) in 2000.
Most Americans don't vote, so I think it's only fitting that the people who are most effected by American policy now have a chance to have their votes counted!
NarratorDan
"If you're not confused by quantum mechanics, you really don't understand it." - Niels Bohr
What is the Pentagon doing developing voting systems? As a major recipient of government money, with no funding guarantees, wouldn't it have a significant vested interest in election results?
Vote by absentee ballot this year. I reckon the paper trail might be necessary (again).
Vonnegut: "What is the purpose of life? To be the eyes, ears, and conscience of the Creator of the Universe, you fool."
To see a world in a grain of sand, and then to step back and see the beach where the sand lies
The concnesus was a majority, 4 votes against; nil for.
... not working right when 700,000 Privates with the last name of Chen vote for the Communist party candidate. Who needs a Manchurian Candidate when you can just elect Chairman Jia Qinglin himself? :-P
~UP
Eat the Path.
Considering the US military presence in so many countries (I think 145 at last count) whats wrong with a few polite soldiers, a few witnesses, and a paper trail.
Lightning fast counting with no paper trail seems too much like an adaptable magic wand to say whatever Bush wants it to say.
ls
A-A-A-WHOOP!
I seem to recall that at least one state (Nevada?) does this and "NOTA" has on occasion 'won' in state-wide races.
> I've heard the idea batted around that only those
> residents of the actual States should get the
> right to vote as they're vote has a direct bearing
> on the policies that will affect them, whereas
> expats are removed from such policies by living in
> foreign countries.
Yeah, I've heard lots of ignorant and unfair ideas batted around in my time, too...
We're just as American as you are, thank you very much. And it's not like we're unaffected by US Government policy... For example -- you think Americans living abroad are exempt from paying taxes? If the US declared war on Australia tomorrow (granted, that's an unlikely event, but nevertheless), do you think the Aussie would just let me hop the next flight out of Brisbane Internaitonal back to LA? Hell, no -- I'd be interned as an enemy national.
In addition, living abroad gives us a unique advantage in seeing just how US foreign policy affects other countries and US relations with them.
> This suggestion also leads to the debate about
> allowing illegal immigrants the right to vote.
Apples and oranges. And what, pray tell, is there to "debate"? Answer: Zero. Nada. Zilch.
If immigrants can qualify for US citizenship, then they get to vote in US elections. Non-citizens are not allowed to vote. I think that's pretty easy to understand.
As for me, I was born and raised in the USA of native-born American parents; my American ancestors fought in the Revolution, the Civil War, and both World Wars; I hold a US passport; I pay US taxes. I am definitely a US citizen, and I definitely am enitled to vote in US elections.
Some people obviously have very fucked up ideas about what "citizen" means and no clue as to what it's like to be considered a foreigner.
Il n'y a pas de Planet B.
In Switzerland, we have tested from some years now an online voting system (more than 4 years ago already). I can not assure that there is an absolute security but until today, it appears no problem at all. The last census in 2000 was on Internet and it was a great success, people were very happy and have for a lot of people, using the Internet way instead the paper.
Switzerland is in Europe the most developed country in Internet with more than 70% of people using Internet.
There is a LOT of security check (for me a little too much hehe), at least three codes on each page, but for what I've studied the system, it appears very good, strong and evolved.
Now it is used for some small votes until that it will be absolutely validated. After that, we will have the possibility to use it for national vote.
Perhaps you should have test SERVE on some small votes before to use it for a national election. From other countries, people were looking the last US election with a suspicious mind, it would not be very good that one time again USA will have huge problems with that!
But Internet is for sure the voting machine of the future !
Note that this is not a computer security problem. Even if the voter's identity is established to a certainty, it doesn't ensure the voter is not being coerced.
There is simply no substitute for casting your vote in a manner that ensures your choice is unknown to those who might wish to coerce you. The only viable method for doing that is to have your privacy ensured in a public polling place, by poll watchers.
Lightning fast counting with no paper trail seems too much like an adaptable magic wand to say whatever Bush wants it to say.
Why Bush?
Those dead people in Chicago, the inner city residents who get bussed from polling place to polling place, and those who aren't, er, technically citizens, weren't voting Republican last time I checked.
Does you're side really want to start talking about voting fraud (as opposed to metaphysical "voter intent" and "hanging chads")?
Simple and secure online banking is commonplace - but there is no anonyminity involved.
Simple and anonymous vote counting is easy - but if you want to make it secure you have a whole extra set of problems
I hate to ask, but did anyone besides me read the actual report? These comments were based on attending (sitting) through two 3 day meetings, not even noting if the authors actually bothered to ask any questions or just sat through the powerpoints. Does anyone think these were the only ones there? Even the authors acknowledge they were not.
.org, put out a press release and say anything to get your 15 minutes of fame. Maybe my age has soured me but I smell trolling for a morning news segment.
The criticisms basically fall down on "computers are broke and can be exploited" - ain't that a newsflash. They fail to note that the system is being deployed in physically secure areas over a segment of the internet that is not accessible from non-military servers, the IP is not even available on standard DNS servers.
It is worth noting that they spent much space at the end telling the media how to get hold of them for interviews, is OPRAH listening?
Seriously, these are the days when you can register anyone as a
Incidently, for those wondering what interest the Pentagon has in elections, just ask all the military personnel stationed out of port and overseas that had their votes tossed out by party challenges in the 2000 elections. If they HAD been counted then the Supremem Court wouldn't have been involved in that year. Then again, maybe that's what really scares people about this whole idea.
It doesn't matter what you wrap your emotions around, Reality is a brick wall specifically designed to scramble eggs