This unique opportunity for independent scientific analysis of voting system source code demonstrates the fallacy of the closed-source argument for such a critical system. Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts. We highlight several issues including unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes. For example, common voters, without any insider privileges, can cast unlimited votes without being detected by any mechanisms within the voting terminal. Furthermore, we show that even the most serious of our outsider attacks could have been discovered without the source code. In the face of such attacks, the usual worries about insider threats are not the only concerns; outsiders can do the damage. That said, we demonstrate that the insider threat is also quite considerable. We conclude that, as a society, we must carefully consider the risks inherent in electronic voting, as it places our very democracy at risk.
Bio: Dan Wallach is an Assistant Professor in the Department of Computer Science at Rice University in Houston, Texas. He earned his bachelor's at the University of California, Berkeley and his PhD at Princeton University. His research involves computer security and the issues of building secure and robust software systems for the Internet. Wallach began his security career in 1995 when he and his colleagues found serious flaws in the security of Java applets; an attacker could use your web browser to hijack your entire computer. Wallach has also studied security issues that occur in distributed and peer-to-peer systems. Wallach, along with colleagues at Johns Hopkins, co-authors a groundbreaking study that reported significant flaws in Diebold's AccuVote-TS electronic voting system. He has testified about voting security issues before government bodies in the U.S., Mexico, and the European Union.