PC World - Electronic voting systems have drawn fire from courts, lawmakers and citizens groups -- and now they're under attack by hackers.
It's an organized assault, too. E-voting technology expert Rebecca Mercuri, a Harvard research fellow who has been outspoken in her opposition to such systems, has issued a "Hack the Vote" challenge, trying to illustrate what she calls the systems' unreliability and vulnerability.
She unveiled the so-called Mercuri Challenge at the recent Black Hat Briefings and Defcon 12 security conferences.
Mercuri suggested that electronic voting machines be hacked during their pre-election testing so officials will abandon them before an actual election. "People in the election community say this technology is bulletproof," Mercuri says. "It's not."
She especially opposes use of electronic voting technology in its current state, which doesn't allow for a verifiable backup. "I'm not asking anyone to break any laws. We just want the opportunity to hack e-voting systems to prove that it can or cannot be done," she says.
Mercuri says the likeliest e-voting fraud would involve unauthorized remote access to voting machines, when a hacker manipulates results; or backdoor access to voting systems by workers with approved access but their own agenda. She described her concerns at a Defcon keynote address, "Hack the Vote."
As part of her challenge, Mercuri is calling on e-voting system vendors VoteHere Inc. and Advanced Voting Solutions to provide any challengers with "full specifications" of their voting systems for review. The first person to change vote tallies without being detected can claim $10,000 from a separate challenge.
The $10,000 is being offered by noted e-voting proponent and Carnegie Mellon University computer scientist Michael Shamos. His $10,000 bet, the Direct-Recording Electronic Hacking Challenge, contends that no one can hack into a DRE voting machine undetected.
"It is impossible to tamper with e-voting systems without being detected," he said in a telephone interview countering Mercuri's claims. Shamos says no one has ever taken him up on the challenge because, as he puts it, "the fundamental system is unhackable."
Shamos recently added another twist to his challenge. Takers must fork over $5,000 to be held in escrow for Shamos. If the contestant fails to tamper with the e-voting results undetected, Shamos keeps the $5,000.
Both Shamos and Mercuri acknowledge that they are using the same vehicle while on opposite sides of the e-vote debate. Mercuri says her public challenge is meant to draw attention to Shamos's DRE Hacking Challenge.
However, a growing number of e-voting naysayers agree with much of what Mercuri claims. For example, in April, California banned the use of touch-screen voting machines in
This state transportation department uses computer science students from a local university as programming interns, and everyone is happy with the arrangement -- until one intern learns how to bring down the mainframe.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Gartner Magic Quadrant for Client Management Tools
- The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution
- In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility
- Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Gartner Magic Quadrant for Application Security
- The market for application security testing is changing rapidly. Technology trends, such as mobile applications, advanced Web applications and dynamic languages, are forcing... All Government IT White Papers
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the...
- Endpoint Data Management: Protecting the Perimeter of the Internet of Things Not surprisingly, "Internet of Things" (IoT) and Big Data present new challenges AND opportunities for enterprise IT. Teams need to harness, secure and...
- How to Protect Enterprise Data Yet Enable Secure Access for End Users Learn how BYOD, Big Data and the use of rogue applications and devices is putting corporate data at risk, best practices from IT...
- All Government IT Webcasts