"How to steal an election by hacking the vote" (Ars Technica PDF)

[David Farber <dave () farber net>]

Begin forwarded message:

From: Steve Goldstein <steve.goldstein () cox net>
Date: October 30, 2006 5:02:41 PM EST
To: "David Farber [IP]" <dave () farber net>, dewayne () warpspeed com  
(Dewayne Hendricks)
Subject: "How to steal an election by hacking the vote" (Ars Technica  
PDF)

http://arstechnica.com/articles/culture/evoting.ars


The 27-page downloadable PDF begins this way:

How to steal an election by hacking the vote

By Jon "Hannibal" Stokes
Wednesday, October 25, 2006
One bad apple...



Ads by Google

Real Tech Support

No Scripts, No OSRI 24/7, Guaranteed results.

www.yourtechonline.com

Advertise on this site

What if I told you that it would take only one person-one highly  
motivated, but only moderately skilled bad apple, with either  
authorized or unauthorized access to the right company's internal  
computer network-to steal a statewide election? You might think I was  
crazy, or alarmist, or just talking about something that's only a  
remote, highly theoretical possibility. You also probably would think  
I was being really over-the-top if I told you that, without sweeping  
and very costly changes to the American electoral process, this  
scenario is almost certain to play out at some point in the future in  
some county or state in America, and that after it happens not only  
will we not have a clue as to what has taken place, but if we do get  
suspicious there will be no way to prove anything. You certainly  
wouldn't want to believe me, and I don't blame you.
So what if I told you that one highly motivated and moderately  
skilled bad apple could cause hundreds of millions of dollars in  
damage to America's private sector by unleashing a Windows virus from  
the safety of his parents' basement, and that many of the victims in  
the attack would never know that they'd been compromised? Before the  
rise of the Internet, this scenario also might've been considered  
alarmist folly by most, but now we know that it's all too real.
Thanks to the recent and rapid adoption of direct-recording  
electronic (DRE) voting machines in states and counties across  
America, the two scenarios that I just outlined have now become  
siblings (perhaps even fraternal twins) in the same large, unhappy  
family of information security (infosec) challenges. Our national  
election infrastructure is now largely an information technology  
infrastructure, so the problem of keeping our elections free of vote  
fraud is now an information security problem. If you've been keeping  
track of the news in the past few years, with its weekly litany of  
high-profile breaches in public- and private-sector networks, then  
you know how well we're (not) doing on the infosec front.
Over the course of almost eight years of reporting for Ars Technica,  
I've followed the merging of the areas of election security and  
information security, a merging that was accelerated much too rapidly  
in the wake of the 2000 presidential election. In all this time, I've  
yet to find a good way to convey to the non-technical public how well  
and truly screwed up we presently are, six years after the Florida  
recount. So now it's time to hit the panic button: In this article,  
I'm going to show you how to steal an election.


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/