mr crypto (229724) writes "In 2010 the Washington DC election board announced it had set up an e-voting system for absentee ballots and was planning to use it in an election. However, to test the system, it invited the security community and members of the public to try and hack it three weeks before the election.
"It was too good an opportunity to pass up," explained Professor Alex Halderman from the University of Michigan. "How often do you get the chance to hack a government network without the possibility of going to jail?"
With the help of two graduate students, Halderman started to examine the software. Despite it being a relatively clean Ruby on Rails build, they spotted a shell injection vulnerability within a few hours"
Link to Original Source