infosec-news October 2010 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] Students Hack Washington D.C.'s Web Voting S

[ISN] Students Hack Washington D.C.'s Web Voting System to Play College Fight Song

From: InfoSec News <alerts_at_nospam>
Date: Wed Oct 06 2010 - 05:52:19 GMT
To: isn@infosecnews.org

http://gawker.com/5656641/students-hack-washington-dcs-web-voting-system-to-play-college-fight-song

By Max Read
Gawker
Oct 5, 2010

A pilot internet voting program in Washington D.C. for this November's
elections has been scrapped. Why? Well, officials invited hackers to
give the system their "best shot," and some college kids did—and pulled
off a pretty good prank.

During a trial period of the web voting system last week, the Board of
Elections and Ethics asked "computer experts" to "prod its
vulnerabilities" in preparation for the upcoming elections—in which the
system was going to be put to use by some 900 overseas voters in lieu of
absentee ballots. But the trial period was quickly put on hold, with the
board citing "usability issues."

"Usability issues," like the fact that the site would play the
University of Michigan fight song, "Hail to the Victors," after users
cast a ballot.

Apparently, U. of Mich. Prof. J. Alex Halderman (that's him on the
right), who had been working on the project, "unleashed his students"
(in the words of the election board's chief technology officer Paul
Stenbjorn) on the system. And this was the result. According to
Stenbjorn, that particular hole has been closed, but the board has
decided to scrap the "digital vote by mail" pilot program out of
concern.

[...]

_______________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn