Pentagon's electronic voting system not secure
The major news sources were reporting on the Pentagon's SERVE system. The New York Times reported:
A $22 million system to allow soldiers and other Americans overseas to vote via the Internet is inherently insecure and should be abandoned, according to a report by computer security experts asked to review the new program.The system, the Secure Electronic Registration and Voting Experiment, or Serve, was developed with financing from the Defense Department and will first be used in the primaries this year.
The review, requested by the government, noted that experts had voiced increasingly strong warnings about the reliability of electronic voting systems. It said the new program, restricted to voters overseas using personal computers to vote using the Internet, raised the ante on the risks of such systems.
Serve, the panel members wrote, "has numerous other fundamental security problems that leave it vulnerable to a variety of well-known cyberattacks, any one of which could be catastrophic."
Any system for voting over the Internet with common personal computers, the report noted, would run the same risks.
The Washington Post reported:
"It's not possible to create a secure voting system with off-the-shelf PCs using Microsoft Windows and the current Internet," said Avi Rubin, an associate professor of computer science and the technical director of the Information Security Institute at Johns Hopkins University.He and Barbara Simons, a retired researcher from International Business Machines Corp., said their biggest fear is that this year's experiment would be a hit, leading to widespread Internet voting for the 2008 presidential election. That is when the kind of Internet attack they envision could emerge, possibly from foreign subversives.
"History has shown that when people have the opportunity to tamper with an election they do," said Rubin, noting that the Internet is rife with viruses and worms even when there is no incentive for an attack.
The threat to the current election is great enough that the program should be shut down immediately, said Rubin, Simons and the other two other scientists who released a report yesterday -- David Wagner, an assistant professor of computer science at the University of California at Berkeley, and David Jefferson of Lawrence Livermore National Laboratory.
TechTV's Tech Live had an interview with Wagner, but the site does not have today's show available yet.
Comments
I have read with interest the series of article re: SERVE; An alternative view: DEMS just don't want to make it easy for servicemembers like myself to vote because we are predominantly Republican. It is extrememly difficult to vote from overseas, on ships, or in the hills or deserts of the middle east. Paper or mail doesn't work well. I know alot about this SERVE program as I am a voting officer in a Navy unit. If the program is having such problems then why is it further along than many other system for civilians in the states? Will this be the final version or end all? probably not...but the military is striving to the future with this program, and all i hear is a bunch of bellyaching because we are trying to fix the problems of 2000 to avoid it again. This is a test basis year, working out the bugs, the entire military is not going to use it until there has been a chance to see it work and fix the bugs. There is alot more integrity in the military system and its people, and less chance for fraud then in Palm Beach County so go focus your wrath for Florida on someone else. Despite being thousands of miles from home, these soldiers and sailors want to vote and should be able to vote simply because some mail clerk or junior enlisted screwed up their ballot while they are standing duty worrying about the next car bomb. Go pick a different battle.
Posted by: d | January 23, 2004 1:47 AM