SHORTLY BEFORE GOING LIVE, THE DISTRICT OF COLUMBIA’S INTERNET VOTING SYSTEM IS TAKEN OVER BY AMERICAN WHITE-HAT HACKERS AND ACCESSED BY BLACK HATS IN IRAN AND CHINA.
By Brad Friedman
From HUSTLER MAGAZINE August 2011
In 2009 the U.S. Congress passed, and the President signed, federal legislation allocating hundreds of millions of dollars for states across the nation to initiate Internet voting for military and overseas citizens. Yes, you heard that right. The elected beneficiaries of our riggable e-voting system have decided to double down on the madness. Touch-screen voting systems weren’t easy enough to hack?
One of the first rollouts of the new federally fueled Internet voting scheme happened—or nearly did—in Washington, D.C., just before the 2010 midterm election. It would have gone live, with real (unverifiable) votes cast by real people in a very real election, but for the quick work of some patriotic “hackers” from a Midwestern university, who proved what computer scientists and cybersecurity experts have been warning for years: These systems are exceedingly—perhaps even irreconcilably—vulnerable to undetected manipulation from outside hackers and corrupt insiders alike.
Over much of the past decade we’ve detailed the very real hazards of e-voting, along with the threat of, and evidence of, the easy election fraud it allows. That effort has helped to encourage a rollback of oft-failed, easily manipulated, always unverifiable touch-screen voting systems, which had nonetheless been slated for every voter in the United States. But while use of 100% unverifiable touch-screens is finally on the wane—with numerous states dumping them in favor of verifiable, hand-marked paper ballots—the federal government, in all its idiotic “wisdom,” seems hellbent on making things worse.
The District of Columbia’s Board of Elections and Ethics (BOEE) decided to conduct a test of its new Internet voting system for military and overseas voters by inviting the public to try to hack it just before the BOEE planned to use it in a real election. Within 36 hours of opening up the system on September 28, 2010, for that public hack test, it had become completely and utterly compromised, and the BOEE didn’t even have a clue about that for the first several days.
Once someone finally discovered the University of Michigan fight song playing on the Web browsers of test voters, the BOEE shut down the experiment “due to usability issues, ” as it told the public. A few days later those “usability issues” would come to full public light. A team of U-M computer science students and their professor had decimated D.C.’s supposedly “secure” Internet voting system’s architecture. It was child’s play.
J. Alex Halderman, assistant professor of electrical engineering and computer science at U-M, subsequently traveled to the nation’s capital to explain exactly what had happened. At a hearing conducted by the Council of the District of Columbia’s Committee on Government Operations and the Environment, Halderman recalled how he and several of his sharpest students had taken over every aspect of the system— from top to bottom. But, perhaps even more chilling, it turns out they weren’t alone.
“While we were in control of these systems, we observed other attack attempts originating from computers in Iran and China,” Halderman testified in a nearly empty conference room. “These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded.”
It hadn’t been Halderman’s first e-voting rodeo. About a month earlier, he and Princeton University Ph.D. student Ariel Feldman had revealed another remarkable hack. This one involved the same touchscreen e-voting system that was used in 2008 in 161 jurisdictions with almost 9 million registered voters. That hack, quite literally, really was child’s play. The entire voting system software was replaced by a game of Pac-Man—all without disturbing the so called tamper-evident seals that officials claim are sufficient for deterring hackers. In 2006, while a student at Princeton University, Halderman also played a key role in one of the first known hacks of a Diebold touch screen voting system.
The D.C. BOEE, for its part, was also no stranger to e-voting disasters. During a 2008 primary election, for example, thousands of inexplicable “phantom votes” were cast for write-in candidates on the BOEE’s new paper-based optical scan voting systems.
According to Halderman’s stunning testimony in Washington, the BOEE’s implementation of Internet voting was even more menacing. “Within 36 hours of the system going live,” he explained, “my team had found and exploited a vulnerability that gave us essentially total control of the voting system software. This included the ability to change votes and to reveal voters’ secret ballots. We modified all the ballots stored on the system that had already been cast by voters, and we changed the votes so that the votes would be counted for candidates we selected.”
In addition, Halderman and his team were able to discover the identity of every person who’d cast a vote and how each had voted. So much for the “secret ballot.” But that’s not all. The U-M hackers also injected into the system a script that would change every ballot ever cast on the system in the future and another script to allow them to come back anytime they wanted.
As election officials don’t tend to be experts in computer security—and even those who claim to be experts when hired really aren’t—a foolish error made entry to the system even easier than the U-M team had expected.
“We gained access to this equipment because the network administrators who set it up left a default master password unchanged,” Halderman told Councilwoman Mary M. Cheh, chairperson of the Committee on Government Operations and the Environment. (Of its five members, she was the only one who felt the issue was important enough to show up for the hearing.) “This password we were able to look up in the owner’s manual for the piece of equipment.”
It was only a four-letter password, but as it turned out, even a more difficult one would have likely been discovered in short order. That’s because the U-M team managed to take over the security camera apparatus where the election board’s servers were located.
Thus, Halderman told the committee, he and his fellow hackers were able to sit at a computer in Ann Arbor and observe in real time as the D.C. network’s operators configured and tested the equipment. They were able to, in Halderman’s words, “watch them on camera because we found [that] a pair of security cameras in the data center were on the same network as the pilot system and were publicly accessible with no password at all.”
Yes, the U-M team could actually watch the administrators typing the password into the system itself.
While comfortably inside the system, Halderman and his team discovered intrusions from computers in Iran and China, prompting the white-hat hackers from the United States to take measures to protect the D.C. system. “We decided to defend the network by blocking them out by adding rules to the firewall and by changing the password to a more secure one,” Halderman explained to Cheh.
“You changed the password of the BOEE system?” the stunned chairperson interjected.
“Of the pilot system, yes,” Halderman responded.
“You changed it?!” Cheh asked again, incredulously.
“We did, yeah, to something so that the Chinese and Iranian attackers wouldn’t get it,”he stated.
Following Halderman’s testimony, computer security and voting systems expert Jeremy Epstein told the committee, “For the first time, what computer scientists have been warning could happen in an election…isn’t just a theoretical problem.”
Happily, after all of this, the D.C. Board of Elections and Ethics decided to shelve Internet voting for the 2010 midterm election.
“Many of us have been arguing that election security is a matter of U.S. national security,” computer scientist Dr. David Jefferson of Livermore National Laboratory told me during an interview after the D.C. hearing. Jefferson, who now serves as chairman of VerifiedVoting.org, has worked for more than a decade on these issues. He has testified to countless official bodies about his concerns. Jefferson most recently worked on California Secretary of State Debra Bowen’s 2007 landmark Top-to-Bottom Review of the state’s electronic voting systems. (All were found to have been easily penetrated and manipulated during the first-of-its-kind independent hack testing by an official state commission.)
“It’s really important that it not be possible for foreign governments or crazy, self-aggrandizing hackers in other countries—or in our own—to be able to modify votes and get away with it, ”Jefferson said. “But usually this warning that I have given many times, that this is a national security issue, goes, well, underappreciated, ”he explained diplomatically during our conversation.
“After this,” Jefferson added, “there can be no doubt that the burden of proof in the argument over the security of Internet voting systems has definitely shifted to those who claim that the systems can be made secure…. This successful demonstration of the danger of Internet voting is the real deal.”
During the Council of the District of Columbia’s hearing, experts noted that—unlike banking online or via ATM, processes that are open to oversight by all parties before, during and after—the secret-ballot system used in U.S. elections cannot be carried out safely at this time on the Internet. Maybe in the future when technology changes, they said, but not for at least a decade.
In short, the experts concurred, this is not “a solvable problem” no matter how much politicians, political parties and even some ill informed voters may wish it to be.
“Let me ask you this, from a legislative perspective, ”Councilwoman Cheh said to each of the panelists as the hearing was winding down. “Should the council, by legislation, just shut this down?”
The answer from each one of those testifying was an unambiguous yes.
Nonetheless, 33 states ran Internet-voting pilot programs of various forms during the 2010 midterms. And, unless something changes, you can rest assured that folks who don’t really give a damn about democracy will continue to gamble with it in 2012—whether they’re Americans, Iranians, Chinese or even al-Qaeda hackers for that matter.
The madness of U.S. “democracy” continues.
Brad Friedman is a Los Angeles-based investigative journalist and political commentator. Besides co-hosting radio’s nationally syndicated Green News Report, he is the executive editor and publisher of The Brad Blog (BradBlog.com).