University of Michigan Prof. Alex Halderman has now released some details about his successful attack on the District of Columbia’s proposed Internet voting system which has been under test for the last week. (See www.freedom-to-tinker.com.) It is now clear that Halderman and his team were able to completely subvert the entire DC Internet voting system remotely, gaining complete control over it and substituting fake votes of their choice for the votes that were actually cast by the test voters. What is worse, they did so without the officials even noticing for several days. Let there be no mistake about it: this is a major achievement, and supports in every detail the warnings that security community have been giving about Internet voting for over a decade now. After this there can be no doubt that the burden of proof in the argument over the security of Internet voting systems has definitely shifted to those who claim that the systems can be made secure.
Computer security and election experts have been saying for over 10 years that the transmission of voted ballots over the Internet cannot be made safe with any currently envisioned technology. We have been arguing mostly in vain that:
Prof. Halderman demonstrated all of these points:
* For identification only. This statement is from Dr. Jefferson and does not purport to represent Livermore National Laboratories.
See Verified Voting’s Internet Voting Information page for more information about Internet voting.