Site Map
Voting News
Contact Us
About Us

is NOT!
associated with

Internet Voting Revisited:
Security and Identity Theft Risks of the DoDís
Interim Voting Assistance System

David Jefferson, Avi Rubin, Barbara Simons, and David Wagner
October 25, 2006


In 2004 the Defense Department Federal Voting Assistance Program (FVAP) built and intended to deploy a voting system called SERVE, the Secure Electronic Registration and Voting Experiment, designed to help military personnel and overseas civilians to register and vote in the primary and general elections of that year. As members of an external peer review panel for SERVE, we published a report entitled ďA Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE),Ē available at http://servesecurityreport.org. In the report we identified a large number of security risks and vulnerabilities, including denial of service attacks, insider attacks, viral attacks on votersí PCs, and many others. Shortly after publication of the report, the DoD terminated the program, citing security concerns.

We recently learned that FVAP has created a new online system, the Interim Voting Assistance System (IVAS). IVAS has a similar mission, namely to aid military personnel and overseas civilians to register and vote in the coming November 7 general election. In this short paper we present our serious concerns about the security issues posed by this new system. None of these security concerns is original; all were raised in a DoD internal review, discussed below.

IVAS was announced to the public only last month (September), and has been designed and built only over the last several months, an extremely short time for a system of this complexity and importance. The current system has never been used in a public election before (not even in a primary), and has not been subject to any publicly available external security examination. The technical specifications have not been made publicly available.

Read the whole report (6 pages)

It is disturbing that the DoD
did not heed warnings about the security risks of IVAS
from its own internal review.
~ Jefferson, Rubin, Simons, Wagner

Election Problem Log image
2004 to 2009


Accessibility Issues
Accessibility Issues

Cost Comparisons
Cost Comparisons

Flyers & Handouts

VotersUnite News Exclusives

Search by

Copyright © 2004-2010 VotersUnite!