— From an Oct. 25, 2006 report by independent computer scientists and security experts on the Dept. of Defense’s new overseas military voting system.
Last month we reported on the Defense Department’s newly announced scheme to allow military and overseas ballots to be cast via the Internet. It was pointed out, among other concerns, that in many cases troop and overseas citizen votes would be subject to conversion from unsecured email voting into faxed documents by a private company who, in turn, would then forward the vote to the appropriate county jurisdiction.
The San Jose Mercury News quoted experts at the time who charged the system was “ripe for fraud” as military voters would apparently not be warned that their ballots might be seen by others and transferred into faxes, etc. by “a private contractor whose top executives have made political contributions to Republican Party organizations.”
Underscoring those initial reports today, a group of independent computer scientists and E-Voting experts including David Jefferson of Livermore National Laboratories, Avi Rubin of Johns Hopkins, David Wagner of UC Berkeley, and Barbara Simons, a former researcher for IBM, have released an alarming short paper warning of “significant risks” found in the newly announced plan from the DoD’s “Federal Voting Assistance Program” (FVAP).
The group had been members of a scientific peer review panel for a previous DoD Military and Overseas Internet voting scheme in 2004. At the time, they found the plan featured “a large number of security risks and vulnerabilities, including denial of service attacks, insider attacks, viral attacks on voters’ PCs.” That experimental program was subsequently cancelled after the findings.
But now, in September of this year — just over one month ago — the DoD announced and implemented their new scheme for military and overseas citizen voting via the Internet, to be used this November 7th without any public testing or peer review whatsoever.
According to today’s report, the new DoD voting scheme — known as the “Interim Voting Assistance System” (IVAS) — has been put in place without any “publicly available external security examination” and has “never been used in a public election before (not even in a primary).”
The scientists say that security concerns about the new, untested system include loss of privacy and identify theft for the military and overseas voters and, even more troubling, they found the system to be vulnerable to hackers and tampering by governments both foreign and domestic.
The six page report is now available here [PDF].
From the report’s troubling introduction:
IVAS was announced to the public only last month (September), and has been designed and built only over the last several months, an extremely short time for a system of this complexity and importance. The current system has never been used in a public election before (not even in a primary), and has not been subject to any publicly available external security examination. The technical specifications have not been made publicly available.
In an email received by The BRAD BLOG this morning, Simons summarizes the report’s three main findings, characterized as “serious concerns about the security issues posed by this new system.”
Her succint, yet alarming, email is posted in full below….
My colleagues David Jefferson, Avi Rubin, David Wagner and I have just released a short paper about the government’s IVAS system that involves absentee voting using email and fax and ballot distribution over the Internet. See
http://servesecurityreport.org/ivas.pdf
We believe this system poses significant risks, as described in this excerpt from our article:
In summary, we see three main risks:
1. Tool One exposes soldiers to risks of identity theft. Sending personally identifiable information via unencrypted email is considered poor practice. No bank would ask their customers to send SSNs over unencrypted email, yet Tool One does exactly that. This problem is exacerbated by potential phishing attacks.
2. Returning voted ballots by email or fax creates an opportunity for hackers, foreign governments, or other parties to tamper with those ballots while they are in transit. FVAP’s system does not include any meaningful protection against the risk of ballot modification.
3. Ballots returned by email or fax may be handled by the DoD in some cases. Those overseas voters using the system sign a waiver of their right to a secret ballot. However, it is one thing for a voter’s ballot to be sent directly to their local election official; it is another for a soldier’s ballot to be sent to and handled by the DoD –
who is, after all, the soldier’s employer.
Please help us circulate the document.
Regards,
Barbara
The EAC was suppose to set the standards for SERVE, but as of ’05, they had no plans of adopting any criteria
What happened ?, oh wait…is Caroline Critchfield Hunter in yet as head of the EAC ?
Link
Another way of sliding a few thousand un-registered Republican votes into the mix
Headlines read after Nov 8th ‘The overseas vote brought it home for the GOP’
hmmm….makes me wonder if this is a new way to nullify the military vote, so that those serving who oppose the war don’t figure significantly into any races, local or national.
multi-pronged attack, purge the rolls, hack the tabulators, hack the touch screens, long lines , discredit exit polls , human error , come out on the 8th Nov and promise to have it fixed by the next elections while stating all of the above did not alter the outcome !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
same old same old ,R 51% D 49% who would of thunk ?
If they can’t steal enough votes from the soldiers this way before the election ends, they can always have Lieberman request that soldiers be able to vote AFTER the election is closed like he did in 2000.
Somebody better make some kind of secret Democrat soldier database, and compare it with who gets the worst assignments in the future. I’m thinking there is going to be a connection there in this rewards-for-loyalty govenment of ours!
Heres an E-mail from Caroline Hunter, sent to TV stations complaining about ads the DNC was running
Shows just where her interests LIE
Link
Picked this up from this guy
Link
Here we go again, liberals trying to stop those in the military to vote.
Libs want convicted felons and illegal immigrants the right to vote but not our own military.
What I want to know is, what is so sacrosanct about Nov. 7th? How dare the true peoples voice in America be left to a mere deadline! Where is the common sense during this NATIONAL CRISIS! Every legislator and law-maker should join together in view of all the evidence throughout this country as to the irrefutable corruption of our election system and be forced back into emergency session to do the right thing. I don’t know about you but I’ll take patience over instant gradification any day. In 2-4 weeks the real solution for just this election, emergency paper ballots could be printed. Also a letter to each and every registered voter could be sent out letting them know if they are still registered, and where their precinct is. Hell, why not make Election Day a national holiday! Any law-maker who can’t admit to this CRISIS is a disgrace to AMERICAN LIBERTY AND JUSTICE!!!!!!!!!!!!!!!!!!!!!!!!
Then when the balance of power shifts back to WE THE PEOPLE, true independent studies by qualified experts(that are not paid by the vending machine companies)should be done to allow us to get our money back from these ABOMINATIONS.
It just makes much more sense to stop these problems NOW instead of wasting more time and treasure in law suits after the fact or letting Congress or the Supreme Court step in to pick the winners.
Our soldiers are forbidden to speak up for their rights so we must do it for them. They are risking their lives for us – see Camp Falcon as to how the CIC is treating them.
I had read that absentee ballots in Maryland were not counted and that there were some scandals involving the military vote in 2004 – I was reading The Green Party Recount and Conyers’ Blog incl. his report on his hearing WHAT WENT WRONG IN OHIO and there was so much to keep up with including the suspicious destruction of voting information including the sign-in sheets in New Mexico just before the Green Party was going to do a recount though they are supposed to be kept for 2 years after an “election”. I think that it was NM that took THREE DAYS to count the vote in 2004 after saying on election nite that they were stopping the counting of votes because their workers were TOO TIRED!!!
THE PRESIDENTIAL ELECTION COMES ONCE EVERY FOUR YEARS, WHY DIDN’T THEY HAVE A SECOND SHIFT – WHAT DID THE OTHER STATES DO WHEN THEIR VOTE COUNTERS GOT TIRED ON ELECTION NITE?
I like the combination of green and yellow and reverse text is interesting to look at from an artistic standpoint but very hard on your eyes esp. if have eye problems – is there a way to change bradblog to the usual type of text for individual users?
Does anyone know how the National Association of Secretaries of State and the National Association of Election Directors are funded?
Did they lobby against the federal gov. giving the authority and power to set standards for voting machines?
Ruth