|Page 2 of 2 <|
D.C. Council hearing sums up election: Poor training and preparation
Halderman, who had written about the invasion in a blog posting earlier in the week, revealed more at the hearing, including that his team was able to take control of key routing equipment in the voting system. That gave them access to, among other things, security cameras in a server room at board headquarters. (After his testimony, Halderman showed a reporter live video from the room, streaming to his iPhone.)
"This could easily have given us a totally separate second way to steal votes," he testified.
Halderman also reported that while he and his students were inside, they detected hackers from China and Iran prodding the system. They chose to modify a firewall and change the password to keep the would-be infiltrators out.
Halderman also revealed a more-serious security breach: A document containing names and addresses of the more than 900 voters eligible for the Internet voting trial was left on the test server, he testified, along with crucial ID numbers that would have allowed hackers to request and complete ballots. In a theatrical moment, Halderman opened a cardboard box he'd brought with him and pulled out a printout of the 953-page document.
"This was the biggest shock we've had in a very long time," Halderman said after testifying. "It's sort of the crown jewels of the security for the real election."
The board announced Monday that it was canceling the part of the system that would allow the return of completed ballots over the Internet but it said it would continue using the system to deliver ballots to overseas voters.
Experts, including Halderman, counseled Cheh to end the program altogether, but Suleman defended the effort to establish a workable Internet voting option for overseas voters. "This is a community good," he said, "and I think what we're doing is going to benefit the nation."
"I'm just worried about doing this ourselves with money that could be used for other things," Cheh said. "I think we ought to stop it, frankly."
Suleman persisted, asking for the chance to "build a better mousetrap."
"NASA did not get to the moon," he said, "without exploding a few rockets on the launchpad."