WASHINGTON – The Pentagon (search) is standing by an Internet voting system (search) it developed for U.S. citizens overseas despite an independent analysis that said it was so vulnerable to attacks that it should be scrapped.
In a report released Wednesday, four computer security experts said the Secure Electronic Registration and Voting Experiment (search), or SERVE, could be penetrated by hackers, criminals, terrorists or foreign governments.
"Internet voting presents far too many opportunities for hackers or even terrorists to interfere with fair and accurate voting, potentially in ways impossible to detect," the computer experts said in a statement. "Such tampering could alter election results, particularly in close contests."
But Defense Department spokesman Glenn Flood said the Pentagon was confident that the system, which could get its first test Feb. 3 in South Carolina's primary election, was secure.
"We knew from the start that security would be the utmost concern," Flood said. "We've had things put in place that counteract the things they talked about."
The experts specified these risks, among others:
--There is no way to verify that the vote recorded inside the system is the same as the one cast by the voter.
--It might be possible for hackers to determine how a particular individual voted, "an obvious privacy risk."
--The system may be vulnerable to attacks from many quarters, some undetectable.
"Not only could a political party attempt to manipulate an election by attacking SERVE, but so could individual hackers, criminals, terrorists, organizations such as the Mafia and even other countries," the report said.
The report said four states tried a limited form of Internet voting in the 2000 election. They were Florida, South Carolina, Texas and Utah.
Another concern was that because of the automated nature of the system, it might be vulnerable to vote buying, selling or swapping in large numbers.
In 2000, the report said, the first Internet-based attempt at vote swapping in a presidential election was seen with the creation of a Web site to encourage swapping between voters for Al Gore and Ralph Nader.
While that attempt depended on the honor system and no money changed hands, similar characteristics in SERVE could give rise to enforced vote-swapping or to the purchase of votes, the report said.
The four security experts were among 10 the Pentagon asked to study the SERVE system and look for vulnerabilities. The other six experts decided not to issue a report, Flood said.
The four experts were Aviel Rubin of the Johns Hopkins University; David Wagner of the University of California, Berkeley; David Jefferson of the Lawrence Livermore National Laboratory, and independent consultant Barbara Simons.
So far, seven states have signed on to the experimental system: Arkansas, Florida, Hawaii, North Carolina, South Carolina, Utah and Washington.
Flood said the system may be available for South Carolina expatriates to use during the coming primary, "but for sure it will be available for the November elections."
About 6 million U.S. voters live overseas, most of them members of the military or their relatives, Flood said. The computer experts said the SERVE system is designed to handle about 100,000 votes from the seven states.
Michigan is using a separate system for its Democratic presidential caucuses.