Quote:

---

A little more than 24 hours after online ballots started pouring into the Washington, D.C., Board of Elections and Ethics in late September, it became apparent that something was amiss. Washington's newly elected U.S. Representative went by the name of Colossus. A villainous computer from science-fiction lore captured the city-council chairmanship. And 15 seconds after voters cast their ballots, they were serenaded by the University of Michigan fight song. The system had been hacked.

Fortunately the vote was merely a test, and the disruption was designed to be instructive. For the first time, Washington planned to allow overseas and military voters to submit their ballots over the Internet during next month's elections. To gauge its security and iron out the kinks, officials invited hackers to take a whack at breaching the system's defenses. That task turned out to be far too easy. "It just took one open door," says J. Alex Halderman, the University of Michigan computer scientist who led the assault. Within three hours, Halderman and two graduate students located a flaw in the system's "brittle" security design. After waiting a day for votes to stream in, the trio hijacked the server — changing ballots, broadcasting the maize and blue's fight song, seizing control of the security cameras in the board's offices and unearthing a folder containing the personal information of the more than 900 overseas voters who were to receive online ballots next month. It took 36 hours for officials to notice they had indeed been hacked.


They won't have to wait long to find out the answer. During next month's midterm elections, 33 states will allow a few million military and overseas voters to return their ballots online. Yet few, if any, states have taken the time to test their networks. While it may be tempting to jettison long lines, hanging chads and finicky voting machines for the ease of the Web, experts warn that Internet voting invites disaster. "We don't have the technology yet to do this in a secure way, and we may not for a decade or more," says Ron Rivest, a computer scientist and cryptography expert at MIT. The worst-case scenario? "You may find elections that end up with a totally unclear result," Rivest says. "You may find the entire system taken over and trashed."


Chastened by the exercise, Washington is canceling plans to let voters return ballots digitally. But some states are undeterred by the red flags. "The system we have is totally different. You can't compare apples and oranges," says West Virginia Secretary of State Natalie Tennant. Mountain State voters in eight counties will be able to cast ballots online next month, using a complex, privately designed system that includes a secure website, passwords and encryption codes. The process varies from state to state. In Arizona, authorized voters will be e-mailed a ballot, which they will be able to print, fill out and then upload and return. County officials will verify each voter's name, address and signature, just as they will do for mail-in ballots. "I guess an e-mail could theoretically be intercepted, but generally speaking, we're confident," says Matthew Benson, a spokesman for Arizona's secretary of state. Massachusetts voters will have the luxury of returning ballots over e-mail.


The bad news is that while the Michigan team left a mischievous calling card to alert officials to their prank, malevolent intruders won't be inclined to advertise their dirty work. As it turned out, Halderman and his team weren't the only hackers to try to penetrate the Washington system. While inside, they noticed computers with IP addresses in China and Iran, among others, trying to gain access to the network. (The Michigan team changed the system's password to prevent them from doing so.) "This is a fact of life on the Internet today," Halderman says. "There are bad guys out there probing for weaknesses, trying to break into any computer they can find."

---