FBI investigates hack at e-voting software company - News - Business

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

FBI investigates hack at e-voting software company

By Paul Festa, Special to ZDNet
December 31, 2003
URL: http://www.zdnet.com.au/news/business/soa/FBI-investigates-hack-at-e-voting-software-company/0,139023166,120282279,00.htm

The FBI is investigating an intrusion into a computer network at an e-vote software company, which suspects the hack was politically motivated.

VoteHere, a 7-year-old company in Bellevue, Washington, on Tuesday confirmed reports that its network had been breached in October. The company identified a suspect and said it turned the case over to the FBI, the Secret Service and the U.S. Attorney's office for an investigation that is ongoing.

"This is a crime," said VoteHere chief executive Jim Adler. "This is about breaking and entering and stealing."

It's also, e-voting critics would say, about security. Still, Adler sought to portray the intrusion as evidence the system is working, because the break-in was quickly detected and investigated.

"What this demonstrates is that you cannot protect a system from outside attack," said Adler. "People draw the wrong conclusion, that because there was this intrusion, therefore you can't have confidence in e-voting. But the confidence comes from understanding and believing that nothing was compromised. And if it was, you want to make sure it was detected."

Citing the criminal investigation, Adler declined to say what the intruder might have taken before being caught. He also called that aspect of the incident immaterial.

"We don't really care what this guy got," said Adler. "Security doesn't rely on the secrecy of the algorithms. We're all a bunch of cryptos (cryptographers) over here, so we know there's no security through obscurity."

VoteHere has tentatively linked the suspect to a number of advocacy groups critical of electronic voting systems. The company declined to identify the suspect or the groups, again citing the investigation.

The FBI declined to comment on the case.

VoteHere, which has posted some of its technical documents to the Web at VerifiedVoting.org, and has pledged to reveal the source code to its software when it completes an internal review within months, said no elections were compromised in the intrusion.

The company's verification software works on top of other voting systems. So far only Sequoia Systems has licensed the technology, but has not yet implemented it.