Advocates of Internet voting typically form their opinions without real knowledge of how software works, said Barbara Simons, a computer scientist and board member of VerifiedVoting.org. She gave an Aug. 8 talk to the research division of Microsoft; the company posted a webcast of her presentation online. “They don’t understand why when we say you can’t find all the software bugs, you can’t,” Simons said. An analogous public policy example of how software can permit inadvertent flaws that enable later malicious exploitation is the U.S. tax code, she said. Congress periodically approves well-intentioned updates to that complex system which, once implemented, “turn out to benefit a single company in ways that have not been anticipated before the update,” she said.
Simons also said that election officials can discount security risks such as insider threats–since they’re insiders. “When you mention insider threats, election officials sometimes get indignant, and think that we’re accusing them of being criminal, which of course we’re not,” she said. But, there are all types of insiders, Simons noted. Anyone with access to the software code, or even just the computers running balloting software, can potentially throw an election.