PC World - Electronic voting systems have drawn fire from courts, lawmakers and citizens groups -- and now they're under attack by hackers.
It's an organized assault, too. E-voting technology expert Rebecca Mercuri, a Harvard research fellow who has been outspoken in her opposition to such systems, has issued a "Hack the Vote" challenge, trying to illustrate what she calls the systems' unreliability and vulnerability.
She unveiled the so-called Mercuri Challenge at the recent Black Hat Briefings and Defcon 12 security conferences.
Mercuri suggested that electronic voting machines be hacked during their pre-election testing so officials will abandon them before an actual election. "People in the election community say this technology is bulletproof," Mercuri says. "It's not."
She especially opposes use of electronic voting technology in its current state, which doesn't allow for a verifiable backup. "I'm not asking anyone to break any laws. We just want the opportunity to hack e-voting systems to prove that it can or cannot be done," she says.
Mercuri says the likeliest e-voting fraud would involve unauthorized remote access to voting machines, when a hacker manipulates results; or backdoor access to voting systems by workers with approved access but their own agenda. She described her concerns at a Defcon keynote address, "Hack the Vote."
As part of her challenge, Mercuri is calling on e-voting system vendors VoteHere Inc. and Advanced Voting Solutions to provide any challengers with "full specifications" of their voting systems for review. The first person to change vote tallies without being detected can claim $10,000 from a separate challenge.
The $10,000 is being offered by noted e-voting proponent and Carnegie Mellon University computer scientist Michael Shamos. His $10,000 bet, the Direct-Recording Electronic Hacking Challenge, contends that no one can hack into a DRE voting machine undetected.
"It is impossible to tamper with e-voting systems without being detected," he said in a telephone interview countering Mercuri's claims. Shamos says no one has ever taken him up on the challenge because, as he puts it, "the fundamental system is unhackable."
Shamos recently added another twist to his challenge. Takers must fork over $5,000 to be held in escrow for Shamos. If the contestant fails to tamper with the e-voting results undetected, Shamos keeps the $5,000.
Both Shamos and Mercuri acknowledge that they are using the same vehicle while on opposite sides of the e-vote debate. Mercuri says her public challenge is meant to draw attention to Shamos's DRE Hacking Challenge.
However, a growing number of e-voting naysayers agree with much of what Mercuri claims. For example, in April, California banned the use of touch-screen voting machines in
The Pentagon's cybersecurity budget through 2018 is $23 billion to protect critical infrastructure and develop cyberattack capabilities. Although America and Chinese presidents discussed cybersecurity and cyber espionage, China is hitting back about US nation state hacking. Those cyberattacks could be from elite cyberwarfare warriors working in a secret NSA office called Tailored Access Operations (TAO); it has been successfully hacking China for nearly 15 years.
Free Insider Guide