Date: Wed, 12 Nov 2014 18:54:21 -0500
From: mark <whitroth at 5-cent.us>
To: undisclosed-recipients:;
Subject: [WSFA] Hacking Internet Voting via Ballot Tampering
Reply-To: WSFA members <WSFAlist at KeithLynch.net>

Excerpt:
Unfortunately, this idea has serious security flaws: It permits a single
hacker to remotely manipulate the outcome of any election.

When you download a file\342\200\224like a ballot\342\200\224or send an email\342\200\224such as a
vote\342\200\224your data flows through many untrusted computer systems (Fig. 3). For
example, your ballot can be intercepted on the way to you, viruses on your
computer can manipulate your vote without your knowledge, or your vote can
be modified while on its return trip to the government. Any of these
attacks can change the outcome of an entire election, since the hacker can
control ballot distribution, vote choice, and ballot submission.

This is not just a theoretical danger. At Galois, we have demonstrated
that a normal wireless router\342\200\224like the one your ISP installed in your
home, or that you bought and installed yourself\342\200\224can be taken over from
anywhere in the world.  By tweaking your router\342\200\231s software, your and your
family\342\200\231s votes are silently changed after they leave your computer and
before they reach election officials. What\342\200\231s more, there is no trace of
foul play, and the attack can be automated.  For example, hackers could
target a critical number of voters supporting a particular candidate in a
close race, thus tipping the election whichever way they\342\200\224or their
customers\342\200\224want.
--- end excerpt ---

<http://galois.com/blog/2014/11/hacking-internet-voting-via-ballot-tampering/>

         mark
http://galois.com/blog/2014/11/hacking-internet-voting-via-ballot-tampering/