Pentagon's electronic voting system not secure
The major news sources were reporting on the Pentagon's SERVE system. The New York Times reported:
A $22 million system to allow soldiers and other Americans overseas to vote via the Internet is inherently insecure and should be abandoned, according to a report by computer security experts asked to review the new program.
The system, the Secure Electronic Registration and Voting Experiment, or Serve, was developed with financing from the Defense Department and will first be used in the primaries this year.
The review, requested by the government, noted that experts had voiced increasingly strong warnings about the reliability of electronic voting systems. It said the new program, restricted to voters overseas using personal computers to vote using the Internet, raised the ante on the risks of such systems.
Serve, the panel members wrote, "has numerous other fundamental security problems that leave it vulnerable to a variety of well-known cyberattacks, any one of which could be catastrophic."
Any system for voting over the Internet with common personal computers, the report noted, would run the same risks.
The Washington Post reported:
"It's not possible to create a secure voting system with off-the-shelf PCs using Microsoft Windows and the current Internet," said Avi Rubin, an associate professor of computer science and the technical director of the Information Security Institute at Johns Hopkins University.
He and Barbara Simons, a retired researcher from International Business Machines Corp., said their biggest fear is that this year's experiment would be a hit, leading to widespread Internet voting for the 2008 presidential election. That is when the kind of Internet attack they envision could emerge, possibly from foreign subversives.
"History has shown that when people have the opportunity to tamper with an election they do," said Rubin, noting that the Internet is rife with viruses and worms even when there is no incentive for an attack.
The threat to the current election is great enough that the program should be shut down immediately, said Rubin, Simons and the other two other scientists who released a report yesterday -- David Wagner, an assistant professor of computer science at the University of California at Berkeley, and David Jefferson of Lawrence Livermore National Laboratory.
TechTV's Tech Live had an interview with Wagner, but the site does not have today's show available yet.