Voting Blogs: Hacking the Polls: Vulnerability in Electronic Voting Systems | Independent Voter Network

Among those who advocate for the “modernization” of our voting systems, internet-based electronic voting and registration platforms are often offered as an ideal solution to the problems inherent in our current registration and voting processes. A newly published paper describes the ease with which a small group of researchers was able to hack a Washington D.C. based internet voting pilot project, demonstrating that these new systems are not ready for take-off. In 2010, the Washington D.C. Board of Elections and Ethics announced that it would offer a “Digital Vote-by-Mail Service” that would have allowed overseas voters registered in the District to cast their votes over the internet. The federally-funded project ran a mock election allowing for public testing of its functionality and security ahead of the November election. A research team from the University of Michigan at Ann Arbor reports that it was able to gain “near complete control of the election server” in under two days time. Even more disturbingly, the hackers state that elections officials were effectively incapable of discerning that their system had been compromised.

Voting Blogs: In Theory And Practice, Why Internet-Based Voting Is a Bad Idea | Slashdot

A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it’s a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there’s no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they’re overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.

District of Columbia: Hackers Elect Futurama’s Bender to the Washington DC School Board | PCWorld

Electronic voting has earned a pretty bad reputation for being insecure and completely unreliable. Well, get ready to add another entry to e-voting’s list of woes. One Bender Bending Rodríguez was elected to the 2010 school board in Washington DC. A team of hackers from the University of Michigan got Bender elected as a write-in candidate who stole every vote from the real candidates. Bender, of course, is a cartoon character from the TV series Futurama. This was not some nefarious attack from a group of rogue hackers: The DC school board actually dared hackers to crack its new Web-based absentee voting system four days ahead of the real election. University of Michigan professor Alexander Halderman, along with two graduate students, did the deed within a few hours.

National: Internet voting systems too insecure, researcher warns | Computerworld

Internet voting systems are inherently insecure and should not be allowed in the upcoming general elections, a noted security researcher said at the RSA Conference 2012 being held here this week. David Jefferson, a computer scientist at Lawrence Livermore National Laboratories and chairman of the election watchdog group Verified Voting, called on election officials around the country to drop plans to allow an estimated 3.5 million voters to cast their ballots over the Internet in this year’s general elections. In an interview with Computerworld on Wednesday, Jefferson warned that the systems that enable such voting are far too insecure to be trusted and should be jettisoned altogether. Jefferson is scheduled to participate in a panel discussion on the topic at the RSA conference on Thursday. Also on the panel are noted cryptographer and security guru Ron Rivest, who is the “R” in RSA, and Alex Halderman, an academic whose research on security vulnerabilities in e-voting systems prompted elections officials in Washington to drop plans to use an e-voting system in 2010. “There’s a wave of interest across the country, mostly among election officials and one agency of the [Department of Defense], to offer Internet voting” to overseas citizens and members of the military, Jefferson said. “From a security point of view, it is an insane thing to do.”

National: Oscar voting by computer invites cyber attacks – Academy’s plan to allow voting by computer is an open invitation for cyber attacks and fraudulent outcome | latimes.com

It’s often been said that Oscar season reflects the broader splendors and dysfunctions of American public life. The Academy of Motion Picture Arts and Sciences’ ideals of scrupulous fair play have been under constant challenge in recent years, on such issues as the promotional pull of A-list stars, the power of big-studio money and negative advertising campaigns designed to undermine the competition.

Now, though, the academy may be committing a blunder of its own making. It recently announced that it would be ditching its current all-mail secret ballot system, and that its more than 5,000 members would be voting through their own computers, starting next year. The academy said the software developed by the San Diego-based computer voting company Everyone Counts would incorporate “multiple layers of security” and “military-grade encryption techniques” to ensure that nothing untoward or underhanded could occur before PricewaterhouseCoopers, its accountancy firm, captured the votes from the Internet ether. Unfortunately, leading computer scientists around the world who have looked at Internet voting systems do not share the academy’s confidence. On the contrary, they say the technology is vulnerable to a variety of cyber attacks — no matter how many layers of encryption there are — and risks producing a fraudulent outcome without anyone necessarily realizing it.

National: Ballot Secrecy Keeps Voting Technology at Bay | Scientific American

Voters in the recent Iowa caucuses and Tuesday’s New Hampshire primary will rely on paper ballots as they have for generations. In the very next primary on January 21, South Carolinians will vote with backlit touch-screen computers. In an age of electronic banking and online college degrees, why hasn’t the rest of the nation gone the way of the Palmetto State? The reason is simple and resonates with the contentious debate that has yet to be resolved after at least 15 years of wrangling over the issue of electronic voting. No one has yet figured out a straightforward method of ensuring that one of the most revered democratic institutions—in this case, electing a U.S. president—can be double checked for fraud, particularly when paperless e-voting systems are used.