No matter the strongest admonitions against it, for years, by virtually all computer science and security experts to offer an opinion on it -- ya know, the folks who actually know how this stuff works, or doesn't -- proponents of Internet Voting are relentless in their advocacy. Kind of how the proponents of polling place e-voting used to tell us that such schemes were tamper-proof, error-free and much more secure than paper.
No matter how many Internet Voting schemes fall flat on their face (voter participation plummeted 83% when Honolulu tried it), get entirely hacked (even by computers in Iran and China) or are taken down by a 10,000 computer denial of service attack (but that was in Canada, so no biggie, right?), some seem to care so little about transparent, oversee-able democracy and self-governance, that they are willing to risk entire elections and the verifiable votes of the citizenry in order to carry out such dangerous and ill-considered adventures.
And so, yet again, with all of those warnings ignored, we find another online election has been wholly compromised -- and now cancelled -- after it was discovered that a business school student hacked into it and stole hundreds of passwords and IDs, so that he could fix the results of the election...
Last month, California State San Marcos student Matt Weaver was arrested, according to the North County Times, "on suspicion of election fraud, unlawful access to a computer or database, and 10 counts of identity theft," on the final day of a four-day Internet Voting election for student government. Weaver was running for President of the student body.
The 23-year old third-year business major was reportedly arrested and jailed on March 15, when Campus police "found him at a school computer and in possession of a device that can be used to steal computer passwords."
He was set free on $50,000 bail and has yet to be charged, but for some reason, unlike in most non-school elections, the FBI seems to care about this one...
"We are looking into it," said FBI Special Agent Darrel Foxworth. "I can't say exactly what we are looking at, but given the facts and circumstances that have been reported to us, it appears there may be violations of federal laws."
Foxworth declined to say why the incident has captured the attention of federal investigators.
The compromised online accounts of 700 CSSM students -- used for signing up for classes "as well as to vote in Associated Students Inc. elections" -- have now been locked down, the victims warned, and the election, which will now start from scratch, has been rescheduled for next month.
One hint as to why the FBI may be interested in the case is found in an article covering the incident by Sandy Fitzgerald at Mobiledia, appropriately headlined "Why Online Voting Isn't So Safe."
The article explains that "Federal authorities are also examining Weaver's activities to decide if such hacking may interfere with state or national elections."
That's nice of them.
In the meantime, Fitzgerald warns, while this case was unusual, it's hardly unheard of as "students' privacy at other campuses and high schools had also been compromised" recently...
In another incident, this one discovered last year at Santa Clara University, "A hacker tapped into an academic records database ... and changed the grades of about 60 current and former students."
The unauthorized access went on for more than a year before officials ever noticed, after which, "SCU began reviewing tens of thousands of student records going back to 2000 and found that grades had been modified, in some cases changed from F's to A's."