Verified Voting Blog: Hacking the D.C. Internet Voting Pilot

The District of Columbia is conducting a pilot project to allow overseas and military voters to download and return absentee ballots over the Internet. Before opening the system to real voters, D.C. has been holding a test period in which they’ve invited the public to evaluate the system’s security and usability. This is exactly the kind of open, public testing that many of us in the e-voting security community — including me — have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days’ notice. I assembled a team from the University of Michigan, including my PhD students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff. Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters’ secret ballots. In this post, I’ll describe what we did, how we did it, and what it means for Internet voting.

The Voting News Daily: N Carolina Touchscreens flip votes. Will internet voting cause election debacle?

Chicago’s voting machines mis-spelled Green Pty candidate’s name as ‘Rich Whitey’. The election board is reprogramming 4,200 machines…Stunned voters watched touchscreens flip their votes in New Hanover CO NC..Vote PA needs your help in fight for paper ballots….”Overseas and military voters have unprecedented options for requesting, receiving and casting their ballots in 2010.” says Pres…