Election integrity advocates recently launched a campaign to block a bill, SB908, that would have introduced email voting for Californians living overseas. We fought it for several reasons.
First, paperless voting itself is dangerous because there is no independent way to check the results claimed by the machines, and no way to recover when something goes wrong, and it will. Voting across the Internet is worse, because it opens up the voting system to several more types of attack, from anywhere in the world, all of them dangerous. Voting by email attachment is even worse, because no attempt is made to encrypt the ballot as it travels from computer to computer across the globe on the way to its destination.
Any of these computers is quite capable of “photoshopping” or simply blocking any ballot that passes through. A ballot sent from Afghanistan could pass through computers in China, Iran, Russia, or any other country interested in “fixing” ballots headed for California. This is only one of several severe vulnerabilities in Internet voting.
Secondly, world class computer security experts have repeatedly and emphatically stated that Internet voting is dangerous. Nevertheless, Washington DC insisted on running a pilot Internet voting project last fall. DC officials prudently opened a “secured” pilot system up to red team (hack) testing. It took University of Michigan “wolverines” less than 36 hours to take complete control of everything – ballots, encryption codes, passwords, voter records, emails, the tabulator, operating system, network – everything. This was a “hardened” system using encryption that the officials were going to put into real use. What the pilot project did was put a huge exclamation point on the message that the best Internet voting system is none at all.
Thirdly, the most pernicious vulnerability comes from the people that can control the systems that collect and count the votes. Vendors program and install the voting systems. Election officials have insider access to them. Then there is the lone company that makes the uninspected and regularly “updated” operating system that runs on almost all the machines, Microsoft; plus the Chinese companies actually manufacturing the computers and the all-important chips.
Finally, if you add the Internet into the mix, we have hackers who can attack from anywhere in the world. Any of these individuals or companies have the possibility of rigging elections, and with that, decisions about how trillions of dollars are spent, and issues of war, peace, and justice. Rigging elections existed in America since long before the arrival of computers. This is not new. What is changing is the capability of fewer people to rig ever more elections from within an increasingly centralized, more powerful, and essentially invisible electronic system.
Full Article: Internet Voting In California? | California Progress Report.