• We should now be fully online following an overnight outage. Apologies for any inconvenience, we do not expect there to be any further issues.

Hacker infiltration ends D.C. online voting trial

Toggle sidebar Toggle sidebar
Status
Not open for further replies.
highland145

highland145

Lifer
Oct 12, 2009
43,973
6,338
136
Now this is funny.

Last week, the D.C. Board of Elections and Ethics opened a new Internet-based voting system for a weeklong test period, inviting computer experts from all corners to prod its vulnerabilities in the spirit of "give it your best shot." Well, the hackers gave it their best shot -- and midday Friday, the trial period was suspended, with the board citing "usability issues brought to our attention."
Here's one of those issues: After casting a vote, according to test observers, the Web site played "Hail to the Victors" -- the University of Michigan fight song.
Click to expand...
http://voices.washingtonpost.com/debonis/2010/10/hacker_infiltration_ends_dc_on.html
 
kranky

kranky

Elite Member
Oct 9, 1999
21,019
156
106
Online voting is just a horrible idea. I wish people would just accept that it would never, ever be secure enough to use for such an important purpose, and drop the whole idea permanently.
 
AMDZen

AMDZen

Lifer
Apr 15, 2004
12,589
0
76
kranky said:
Online voting is just a horrible idea. I wish people would just accept that it would never, ever be secure enough to use for such an important purpose, and drop the whole idea permanently.
Click to expand...

Why do you think they want to do it? derp a' derp
 
S

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
kranky said:
Online voting is just a horrible idea. I wish people would just accept that it would never, ever be secure enough to use for such an important purpose, and drop the whole idea permanently.
Click to expand...

Agree. And who didn't see this getting hacking? It was bound to happen.
 
V

Vette73

Lifer
Jul 5, 2000
21,503
9
0
Yep; the best method I have seen so far is the scan form. No cross names, punching holes, computers with no hard copy, etc...

It can be scanned for easy counting and its a hard copy so it can be read back to prove the counting was correct.
 
sdifox

sdifox

No Lifer
Sep 30, 2005
100,371
17,931
126
Marlin1975 said:
Yep; the best method I have seen so far is the scan form. No cross names, punching holes, computers with no hard copy, etc...

It can be scanned for easy counting and its a hard copy so it can be read back to prove the counting was correct.
Click to expand...


we used that back in 90s for municipal election. Thought it was great. Now they switched to a touchscreen solution...humm...
 
V

Vette73

Lifer
Jul 5, 2000
21,503
9
0
sdifox said:
we used that back in 90s for municipal election. Thought it was great. Now they switched to a touchscreen solution...humm...
Click to expand...


Yea they have that here(VA) now, but you can request a scanform ballot. Guess which one I use. ;)
 
SagaLore

SagaLore

Elite Member
Dec 18, 2001
24,036
21
81
kranky said:
Online voting is just a horrible idea. I wish people would just accept that it would never, ever be secure enough to use for such an important purpose, and drop the whole idea permanently.
Click to expand...

I disagree. It can be done.

For a system like this to work, it will need at least two-factor authentication, full end to end encryption, and non-repudiation. It can't use any client-side scripting. If possible, it shouldn't even use a web-browser. Instead hard-code the vpn client into a standalone application that is code lower level (no .NET, no Java, etc.). It should protect its memory space, it should never used a shared object / dll. It should establish its vpn using an IP address provided by a dnssec enforced name server hosted by the voting dmz. It should never touch the filesystem for temporary files. The application will create a hash of all the serials of the hardware it has access to and send that.

The server hosting this should be in a dmz with no other hosts. It will not be publicly available - only connections can be made through the vpn. Each vpn assigned IP will have ACLs to prevent any communications between vpn hosts. The voting sever will simply serve content and receive requests, it will not hold any data. Another backend server will be in another dmz with strict ACLs between the two. All data will be immediately checksummed, and encrypted with a unique key specific to the voter. The checksums will be immediately sent to a 3rd server in a 3rd dmz, along with extended timestamps of each transaction associated with the vote. The hw serial has will also get saved here. The voting application will use its own ntp also hosted in a voting dmz, so all steps of the auth/vote are time synchronized.

After the voter casts, a digitally signed email with a time and transaction id will be sent to an email address they already had on file when signing up for online voting. It will not contain any identifiable information about who they voted for.
 
lupi

lupi

Lifer
Apr 8, 2001
32,539
260
126
Yes you're right, it could be done. And when every citizen is also paying 99% of income into taxes all the worlds problems would be solved.
 
911paramedic

911paramedic

Diamond Member
Jan 7, 2002
9,448
1
76
SagaLore said:
I disagree. It can be done.

For a system like this to work, it will need at least two-factor authentication, full end to end encryption, and non-repudiation. It can't use any client-side scripting. If possible, it shouldn't even use a web-browser. Instead hard-code the vpn client into a standalone application that is code lower level (no .NET, no Java, etc.). It should protect its memory space, it should never used a shared object / dll. It should establish its vpn using an IP address provided by a dnssec enforced name server hosted by the voting dmz. It should never touch the filesystem for temporary files. The application will create a hash of all the serials of the hardware it has access to and send that.

The server hosting this should be in a dmz with no other hosts. It will not be publicly available - only connections can be made through the vpn. Each vpn assigned IP will have ACLs to prevent any communications between vpn hosts. The voting sever will simply serve content and receive requests, it will not hold any data. Another backend server will be in another dmz with strict ACLs between the two. All data will be immediately checksummed, and encrypted with a unique key specific to the voter. The checksums will be immediately sent to a 3rd server in a 3rd dmz, along with extended timestamps of each transaction associated with the vote. The hw serial has will also get saved here. The voting application will use its own ntp also hosted in a voting dmz, so all steps of the auth/vote are time synchronized.

After the voter casts, a digitally signed email with a time and transaction id will be sent to an email address they already had on file when signing up for online voting. It will not contain any identifiable information about who they voted for.
Click to expand...
Na, they just need CAPTCHA. :eek:
 
Status
Not open for further replies.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom