Risky Votes

Despite warnings from computer experts that a $22 million online voting system is plagued by security risks, the Pentagon is moving forward with the project.

Known as Secure Electronic Registration and Voting Experiment, or SERVE, the system lets U.S. military members and their dependents or U.S. citizens living abroad vote in this year's presidential election via the Internet. SERVE effectively puts the mail-in absentee ballot system online.

The voting device is touted for allowing users to register online and check that their ballots were counted. But the authors of a new report -- which the government commissioned -- say SERVE is fraught with security risks.

The group noted that electronic voting booths have already shown to have numerous security flaws and other problems that make the systems unreliable. Those problems apply to SERVE as well, but because it is an Internet and PC-based system, the risks are multiplied. "[SERVE] has numerous other fundamental security problems that leave it vulnerable to a variety of well-known cyber attacks…any one of which could be catastrophic," the authors wrote.

Electronic voting, which has been debated for years, took on new relevance following the hotly contested 2000 presidential election, in which officials in Florida had to manually count paper ballots. They often found it was difficult or impossible to tell which candidate a voter meant to select. Electronic voting booths were supposed to fix that problem, but studies and investigative reports have raised doubts about the credibility of the machines.

Despite concerns that an online voting system is vulnerable to worms, viruses and other Internet-based security risks, the Defense Department has no plans to halt SERVE. Glenn Flood, a Pentagon spokesman, said last week, "The Defense Department stands by the SERVE program. We feel it's right on at this point, and we're going to use it."

Technology companies were quick to pounce on the experts' findings, and to dismiss them. Harris Miller, president of the Information Technology Association of America, called the report "academic" and said stopping SERVE "is the kind of risk-averse thinking that would send agoraphobics running into the streets."

The study's authors include prominent computer scientists who have researched government technology programs, including the controversial Terrorism Information Awareness project that was proposed by the Defense Advanced Research Projects Agency. For that project, TIA would scan large public and private databases of citizens' transactions for telling indicators of a terrorist attack.

A pair of experts who are watching SERVE's progress, as well as the Feb. 7 Michigan Democratic primary, which will allow online voting, say the process is characterized by experimentation. "The transition to the widespread use of Internet voting cannot, and should not, occur overnight," said Thad E. Hall of the Century Foundation in a statement last week. "There must be a deliberate strategy -- involving experimentation and research -- that moves along a rational path to Internet voting."

NASA Gets Smart

The General Services Administration announced last week that it has awarded a $93 million task order to develop a "state-of-the-art smart card" for NASA employees, which they would use to access agency facilities and information systems.

NASA is the lead agency on the program -- a pilot project for the federal government -- which has been in the planning stages for two years. GSA's Federal Technology Service awarded the task order to help develop the card to Maximus Inc. of Reston, Va.

Billed as the "One NASA" card, it will verify an individual's identity as he presents the card to a digital reader when entering facilities or accessing computer systems. David Saleeba, NASA's assistant administrator for security management and safeguards, said that the agency plans to run a small trial in May at the Marshall Space Flight Center in Huntsville, Ala. If that's successful, the card will be issued to 2,000 employees for additional testing, he said. And if all goes well with that phase, NASA plans to deploy more than 100,000 cards by the end of fiscal 2005, as long as the Office of Management and Budget approves, Saleeba added.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.