Internet voting way too risky, say experts

Phil Martinez stands at a voting booth at the old Wheeland school house to vote in a primary, on January 21, 2012 in Little Mountain, S.C. Would more people vote if they could do so online?

Every time an election rolls around, you hear about some pitifully low percentage of people who actually bother to go to the polling place and cast a ballot. At the same time, one can’t help notice the decline in many bricks and mortar retail stores and the attendant growth of online shopping. So why not put two and two together here? Why not vote over the Internet? Skip all that hassle of looking up where you’re supposed to vote, getting there, parking, waiting in line. Just log on, in your pajamas if you want, and cast a ballot the same way you would order some shoes.

“It would be something that would be more convenient for voters, you could just do it from the privacy of your own home,” says J. Alex Halderman, Assistant professor of electrical engineering and computer science at the University of Michigan. “That has the potential to increase voter turnout, which is a very good thing. But, the problem is internet voting presents very serious security challenges that we don't know how to solve, and might not know how to solve anytime soon.”

Halderman knows about those security problems first hand. A couple years ago the District of Columbia was trying out Internet voting and invited hackers to try busting into the system. Halderman and his students took them up on it. “We started about 48 hours prior to when the system was going to go online. By time it was ready to go online, two days later, we had enough information to allow us to completely alter the outcome of the election,” he says.

But people shop online all the time without having their credit cards stolen. Why should voting be any more dangerous? “Superficially, a voting transaction looks a lot like a financial transaction online, but in the back, they are fundamentally different,” says David Jefferson. He’s a computer scientist at Lawrence Livermore National Laboratory and chairman of Verified Voting, an election watchdog group. “In the financial world, transactions can almost always be reversed. Merchandise can be returned, money can be returned, and transactions can be voided. It's impossible to void a voting transaction, and so that means you have to engineer a voting system up front so that it's invulnerable to any kind of failures. Well, this is beyond our ability to do.”

At a conference last week, Jefferson urged an immediate halt on Internet voting, including filling out a ballot, taking a picture of it, and emailing it in “I have to say that email voting, which is legal at least for some voters in 33 states, is by far the worst form of voting,” he says, “because email is not even transmitted encrypted, it's transmitted in the clear, and so anyone can read those ballots, or substitute ballots for the ones voted, and no one will ever know.”

Jefferson says paper ballots can be tampered with too but a hacker online can create a larger scale of problem. Alex Halderman says think of it this way: “In a time when Google, Twitter, and the Pentagon are facing hacking attempts every day and are not successfully defending against some of them, there's just no way that tiny municipalities running election systems across the country are going to get Internet voting security right.”

Also in this program, the true promise of technology has been realized. Scientists in Japan have developed the Speech Jammer, an appliance specially built to make people shut up.


About the author

John Moe is the host of Marketplace Tech Report, where he provides an insightful overview of the latest tech news.
Log in to post4 Comments

Spreading Irrational Hysteria -
Tarvi Martens, who designed the Estonia Internet voting system, says it’s “more secure than Internet banking” http://t.co/Jh6Onyd
Natalie Tennant, sec of state for West Virginia says her Internet voting system worked w/o security or other problems for WV overseas military.
Its used in domestic elections in Norway, Switzerland, and India. France and Mexico City will use it this year for overseas voters.
Elections Canada, which administers that country’s federal elections, wants Internet voting for all its elections. Several Canadian cities have been doing it for years.
Privacy need not be a problem. One module takes the name and checks eligibility. A second module puts up the blank ballot, and saves the vote. They never connect. And the two modules can shuffle their data so no links can be found. (They didn’t do that in the DC system.)
Auditability is provided for by the module logs.
Coercion in mail-in voting districts has not been a problem. The penalties are a deterrent, and the crime is easy to prove. Who wants to risk several years in prison just to control one or two votes?
Paper security blankets only fool the naïve into thinking they have a secure and trust-worthy voting system. The entire history of voting fraud is based on paper ballots.

Halderman, Jefferson, et al are spreading irrational hysteria, by disregarding all the successes of Internet voting around the world. DC was only a practice - NOT a real vote. One hack of a carelessly constructed practice system does not damn all Internet voting.

Market Place could do a much better job of providing its readers with more than one point of view on this subject.

William J. Kelleher, Ph.D.
Blog: http://tinyurl.com/IV4All
Twitter: wjkno1
Author of Internet Voting Now!

I am delighted to see this addressing many of the issues, problems and concerns related to Internet voting and correctly stating that there is no way to make a system secure. Maybe it is being done in other places but that in no way means that the vote count is true and accurate.
It would be most helpful if Mr. Moe would also address the fact that the currently in use electronic voting and vote counting machines are also easily hacked and/or fitted with malware. Vote counting is done in secret in the little "black box" with absolutely no way for the public to observe the vote counting and know that all votes are counted as cast and intended by the voters. This secret completely unverifiable way of conducting a vote count is wrong. All voting and vote counting systems should allow for a completely transparent vote counting system that is publicly observable and understood by all.

I'm not sure I understand why it supposed to be impossible to make Internet voting work in the United States. Other countries have done it successfully. I'm a Swiss citizen living in a United States and have been voting in Switzerland for some time now over the Internet. I have not heard that there were any problems with the security and validity of the system and the results. Maybe John could have done more research on how other places that successfully implemented it are doing it instead of writing a column on why it is not possible.

With Generous Support From...