October 12, 2010
A University of Michigan computer scientist and his team were not the only ones attempting to hack the Internet Vote scheme that Washington D.C. had planned to roll out for actual use with military and overseas voters in this November’s mid-term election.
- A d v e r t i s e m e n t
According to testimony given to a D.C. City Council committee last Friday by J. Alex Halderman, asst. professor of electrical engineering and computer science at University of Michigan, hackers from Iran and China were also attempting to access the very same network infrastructure, even as his own team of students had successfully done so, taking over the entirety of the Internet Voting system which had been opened for a first-of-its-kind live test.
[See our report last week on details of what had already been disclosed about Halderman's startling hack prior to last Friday's hearing.]
“While we were in control of these systems we observed other attack attempts originating from computers in Iran and China,” Halderman testified. “These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded.”
In his stunning public testimony — before a single member of the D.C. Board of Ethics and Elections (BoEE), and a nearly empty chamber — Halderman explained how the team had, by the time they discovered their fellow intruders, already gained complete control of the system, it’s encryption key and its passwords. The system was developed as part of an Internet Voting pilot program with the Open Source Digital Voting Foundation.