[LINK] Pentagon dumps vulnerable Internet voting system

Fri Feb 6 16:47:41 EST 2004

Pentagon dumps vulnerable Internet voting system
Thu 5 February, 2004 23:54 
By Will Dunham
Reuters
http://www.reuters.co.uk/newsArticle.jhtml?type=internetNews&storyID=4296692&section=news

WASHINGTON (Reuters) - The Pentagon has said it has scrapped its programme
to allow U.S. troops and other Americans overseas to vote through the
Internet because the system was so vulnerable to computer hackers it could
cast doubt on the integrity of U.S. election results.

The Pentagon heeded the advice of cyber-security experts who urged in a
January 21 report the program be abandoned because it was impossible to
create a voting system with current personal computers and the Internet
that would stop hackers or terrorists from tampering with election results.

The $22 million (15.24 million pounds) Secure Electronic Registration and
Voting Experiment, or SERVE, program was supposed to allow 100,000 U.S.
troops and civilians overseas to cast votes through the Internet during
this presidential election year.

Deputy Defence Secretary Paul Wolfowitz wrote a memo on January 30 saying
the Pentagon "will not be using the SERVE Internet voting project in view
of the inability to assure legitimacy of votes that would be cast using the
system, which thereby brings into doubt the integrity of election results,"
said a Defence official, speaking on condition of anonymity.

Pentagon officials previously defended the system and said enhanced
security procedures had been implemented.

The first tryout for the SERVE system had been scheduled for this past
Tuesday's South Carolina presidential primary, but the Pentagon put the
system on hold.

"I do appreciate the need for providing better absentee voting for military
personnel and civilians overseas. I just don't think that the Internet was
the way to do it. I applaud their decision," Avi Rubin, technical director
of the Information Security Institute at Johns Hopkins University and an
author of the report, said in an interview.

These overseas Americans currently rely on absentee paper ballots.
Obtaining and returning ballots from distant lands can be frustrating and
dependent on sometimes-unreliable foreign postal services.

Wolfowitz's memo, written to David Chu, under secretary of Defence for
personnel and readiness, allows the Pentagon to continue work already in
progress to look into "other technical applications for voting on the
Internet or electronically," the Defence official said.

"The door is still open to other methods. It's just that the SERVE we have
decided not to use," he said.

The cyber-security experts argued in their report that, with votes cast on
the Internet, elections could be vulnerable to a range of cyber attacks
that already have affected banks, Web providers and other businesses
operating online.

Because the danger of successful large-scale attacks by hackers on an
Internet voting system was so great, they asked the Pentagon to shut down
development of SERVE and not attempt anything like it in the future until
the Internet and personal computers are fundamentally redesigned to ensure
security.

"There are two main problems: one is that PCs (personal computers) are
insecure. And the second is that the Internet is insecure," Barbara Simons,
a retired IBM researcher also an author of the critical report, said in an
interview.

"The people who were working on SERVE were very dedicated and hard working.
And they understood a lot of the issues. But you can't make something work
if it's an impossible problem. And this is an impossible problem right
now," Simons said.

-- 
More has been screwed up on the battlefield and misunderstood in the
Pentagon because of a lack of understanding of the English language than
any other single factor
-- Gen John W. Vessey, Jr.

Regards
brd

Bernard Robertson-Dunn
Canberra Australia
brd at austarmetro.com.au