DC Internet Voting Trial Attacked 2 Different Ways

mtrachtenberg writes "University of Michigan Professor J. Alex Halderman and his team actually had two completely separate successful attacks on Washington, DC's internet voting experiment. The second path in was revealed by Halderman during testimony before the District of Columbia's Board of Elections and Ethics on Friday. Apparently, a router's master password had been left at the default setting, enabling Halderman to access the system by a completely different method than SQL injection. He presented photographs of a video stream from the voting offices. In addition, he found a file that had apparently been left on the test system contained the PINs of the 900+ voters who would have used the system in November. Others on the panel joined Halderman in pointing out that it was not just this specific implementation of internet voting that was insecure, but the entire concept of using today's internet for voting at all. When a DC official asked why internet voting could not be made secure when top government secrets were secure on the internet, Halderman responded that a big part of keeping government secrets secret was not allowing them to be stored on internet-connected computers. When a DC official asked the panel whether public key infrastructure couldn't allow secure internet voting, a panel member pointed out that the inventor of public key cryptography, MIT professor Ronald Rivest, was a signatory to the letter that had been sent to DC, urging officials there not to proceed with internet voting. Clips from the testimony are available on YouTube." Update: 10/09 19:24 GMT by T : Reader Cwix points out two newspaper stories noting these hearings: one in the Washington Post, the other at the Chicago Tribune. Thanks!

Re:Facts don't matter

[Xaositecte]

What I've never understood;

Many of the companies famous for building voting machines also built their reputations building ATMs and such.

ATMs are, to the best of my knowledge, tremendously secure, even when you have physical access to the machine. Basically, when people money is on the line, they do not fuck around at all.

Why then are they making voting machines less secure than ATMs? The expertise clearly exists to do it properly, the only explanation I can see is intentional sabotage of the voting process.

There's an even bigger problem: selling votes

[YA_Python_dev]

There's an even bigger problem: selling votes.

If I'm allowed to vote at home criminals can use threats and/or bribes to convince me to vote in their presence so they can be sure that I voted exactly how they wanted.

That's why vote must always be strictly secret and voters must always have plausible deniability about their choices. E.g. in most modern democracies voters are prohibited from taking photos inside the voting booth for exactly this reason: so anyone else cannot be sure of their votes, and threats and bribes to influence elections become much less effective.