Computer Scientists Warn in New Report That U.S. Military and Overseas Ballots Now Vulnerable to Loss of Privacy, Identify Theft, Hackers, Tampering by Both American and Foreign Governments
System Never Publicly Tested or Used Even in a Primary Election to be Used for First Time in Nov. 7th Midterm Election!
"We believe that overseas voters deserve at least as much protection when they vote as when they purchase a book from Amazon...Our service people should not be voting on a system that creates risks of identity theft, hacking, and vote tampering and which requires voters to relinquish their right to a secret ballot."
-- From an Oct. 25, 2006 report by independent computer scientists and security experts on the Dept. of Defense's new overseas military voting system.
Last month we reported on the Defense Department's newly announced scheme to allow military and overseas ballots to be cast via the Internet. It was pointed out, among other concerns, that in many cases troop and overseas citizen votes would be subject to conversion from unsecured email voting into faxed documents by a private company who, in turn, would then forward the vote to the appropriate county jurisdiction.
The San Jose Mercury News quoted experts at the time who charged the system was "ripe for fraud" as military voters would apparently not be warned that their ballots might be seen by others and transferred into faxes, etc. by "a private contractor whose top executives have made political contributions to Republican Party organizations."
Underscoring those initial reports today, a group of independent computer scientists and E-Voting experts including David Jefferson of Livermore National Laboratories, Avi Rubin of Johns Hopkins, David Wagner of UC Berkeley, and Barbara Simons, a former researcher for IBM, have released an alarming short paper warning of "significant risks" found in the newly announced plan from the DoD's "Federal Voting Assistance Program" (FVAP).
The group had been members of a scientific peer review panel for a previous DoD Military and Overseas Internet voting scheme in 2004. At the time, they found the plan featured "a large number of security risks and vulnerabilities, including denial of service attacks, insider attacks, viral attacks on voters' PCs." That experimental program was subsequently cancelled after the findings.
But now, in September of this year --- just over one month ago --- the DoD announced and implemented their new scheme for military and overseas citizen voting via the Internet, to be used this November 7th without any public testing or peer review whatsoever.
According to today's report, the new DoD voting scheme --- known as the "Interim Voting Assistance System" (IVAS) --- has been put in place without any "publicly available external security examination" and has "never been used in a public election before (not even in a primary)."
The scientists say that security concerns about the new, untested system include loss of privacy and identify theft for the military and overseas voters and, even more troubling, they found the system to be vulnerable to hackers and tampering by governments both foreign and domestic.
The six page report is now available here [PDF].
From the report's troubling introduction:
In an email received by The BRAD BLOG this morning, Simons summarizes the report's three main findings, characterized as "serious concerns about the security issues posed by this new system."
Her succint, yet alarming, email is posted in full below....
--- Click here for REST OF STORY!... ---