Internet Voting Hack Alters PDF Ballots In Transmission

msm1267 (2804139) writes Threats to the integrity of Internet voting have been a major factor in keeping the practice to a bare minimum in the United States. On the heels of the recent midterm elections, researchers at Galois, a computer science research and development firm in Portland, Ore., sent another reminder to decision makers and voters that things still aren't where they should be. Researchers Daniel M. Zimmerman and Joseph R. Kiniry published a paper called 'Modifying an Off-the-Shelf Wireless Router for PDF Ballot Tampering' that explains an attack against common home routers that would allow a hacker to intercept a PDF ballot and use another technique to modify a ballot before sending it along to an election authority. The attack relies on a hacker first replacing the embedded Linux firmware running on a home router. Once a hacker is able to sit in the traffic stream, they will be able to intercept a ballot in traffic and modify code strings representing votes and candidates within the PDF to change the submitted votes.

Umm, encryption?

[thebes]

Why isn't that referenced? E2E encryption eliminates this, assuming the user is not an idiot.

Re:Voter surpression

But you can solve that with paper, too. In fact my state does: I live in a 100% vote-by-mail state, so there's no lines and no worries about having election day off or time to votes. It's not a perfect solution, but it does solve those problems. Although you can also print off a ballot if you lose the one mailed to it, which is less secure (all you need is a name and birthdate). Also, voting not in a voting place means there's no controls to prevent coercion and ensure vote privacy.