Source: H-Security
Researchers at the University of Michigan have reported that it took
them only a short time to break through the security functions of a
pilot project for online voting in Washington, D.C. "Within 48 hours of
the system going live, we had gained near complete control of the
election server", the researchers wrote in a paper
that has now been released. "We successfully changed every vote and
revealed almost every secret ballot." The hack was only discovered after
about two business days – and most likely only because the intruders
left a visible trail on purpose.
that has now been released. "We successfully changed every vote and
revealed almost every secret ballot." The hack was only discovered after
about two business days – and most likely only because the intruders
left a visible trail on purpose.
In 2010, the developers of the municipal e-voting system that enables
voters living abroad to vote via a web site, invited security experts
to conduct tests. The university researchers say that the project was
developed in cooperation with the Open Source Digital Voting Foundation (OSDV)
and that other US states have also worked on services similar to
Washington's "Digital Vote-by-Mail Service". They also praise the
system's transparency as exemplary but point out that its architecture
has fundamental security weaknesses and was not able to withstand a
shell injection and other common hacker techniques.
The security experts investigated common vulnerable points such as
login fields, the virtual ballots' content and filenames, and session
cookies – and found several exploitable weaknesses. Even the Linux
kernel used in the project proved to have a well known vulnerability.
They were also able to use the PDFs generated by the system to trick the
encryption mechanism, while unsecured surveillance cameras provided
additional insights into the infrastructure. While the open source
nature of the code made their work somewhat easier, they believe that
attackers would have been able to make quick headway even if the system
had been proprietary.
The researchers conclude that it is generally difficult to build
secure online voting systems. One small configuration or implementation
error would undermine the entire voting process. Even if central servers
were not used, which would be prime targets for hacking attempts, there
would still be a number of other points of attack. Fundamental advances
still need to be made in security, they say, before e-voting will truly
be safe.
