10/05/2010

D.C.'s online voting experiment fails miserably

I am not very surprised that this type of computer system can be hacked.

Last week, the D.C. Board of Elections and Ethics opened a new Internet-based voting system for a weeklong test period, inviting computer experts from all corners to prod its vulnerabilities in the spirit of "give it your best shot." Well, the hackers gave it their best shot -- and midday Friday, the trial period was suspended, with the board citing "usability issues brought to our attention."

Here's one of those issues: After casting a vote, according to test observers, the Web site played "Hail to the Victors" -- the University of Michigan fight song.

"The integrity of the system had been violated," said Paul Stenbjorn, the board's chief technology officer.

Stenbjorn said a Michigan professor whom the board has been working with on the project had "unleashed his students" during the test period, and one succeeded in infiltrating the system.

The fight song is a symptom of deeper vulnerabilities, says Jeremy Epstein, a computer scientist working with the Common Cause good-government nonprofit on online voting issues. "In order to do that, they had to be able to change anything they wanted on the Web site," Epstein said. . . .

Labels:

2 Comments:

Blogger Mike aka Proof said...

Two words: Paper trail.
If the system doesn't have it, it cannot be verified.

10/05/2010 10:59 PM  
Blogger John Lott said...

"Paper trail" is actually kind of silly, in that there is nothing magical about paper. Write once-read only memory, whether CDs or other mediums, is no different that paper, except that they are much easier to use. If people are able to redo their votes, paper and these other methods do not provide any protection.

10/06/2010 1:06 AM  

Post a Comment

<< Home