Source:
BRAD BLOG D.C. Internet Vote Scheme Hacker: 'Within 36 Hours We Had Total Control of Server, Ability to Change Votes, Reveal Secret Ballots'University of Michigan's J. Alex Halderman fesses up...As we posited in our coverage yesterday of D.C.'s Internet Voting scheme which was hacked with the University of Michigan fight song, J. Alex Halderman, asst. professor of electronic engineering and computer science at the university, was, indeed, at the heart of the hack.
He details tonight that he and a small team of students were happy to participate in the test that D.C. election officials had announced, with just three days notice, inviting hackers to try and penetrate the system they planned to use this November, as developed with the Open Source Digital Voting Foundation.
Halderman writes in his explanation of how they did it:
Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters’ secret ballots.
And if you think that's chilling, Halderman goes on to note that all cast ballots on the system were modified and overwritten with write-in votes, all passwords taken --- including the encryption key, which e-voting supporters constantly suggest will keep such systems safe --- before they went on to install a back door to let them view any votes cast later, after their attack, along with the names of voters and who they voted for...
FULL STORY:
http://www.bradblog.com/?p=8109Read more:
http://www.bradblog.com/?p=8109