Every time an election rolls around, you hear about some pitifully low percentage of people who actually bother to go to the polling place and cast a ballot. At the same time, one can’t help notice the decline in many bricks and mortar retail stores and the attendant growth of online shopping. So why not put two and two together here? Why not vote over the Internet? Skip all that hassle of looking up where you’re supposed to vote, getting there, parking, waiting in line. Just log on, in your pajamas if you want, and cast a ballot the same way you would order some shoes. “It would be something that would be more convenient for voters, you could just do it from the privacy of your own home,” says J. Alex Halderman, Assistant professor of electrical engineering and computer science at the University of Michigan. “That has the potential to increase voter turnout, which is a very good thing. But, the problem is internet voting presents very serious security challenges that we don’t know how to solve, and might not know how to solve anytime soon.”
Halderman knows about those security problems first hand. A couple years ago the District of Columbia was trying out Internet voting and invited hackers to try busting into the system. Halderman and his students took them up on it. “We started about 48 hours prior to when the system was going to go online. By time it was ready to go online, two days later, we had enough information to allow us to completely alter the outcome of the election,” he says.
But people shop online all the time without having their credit cards stolen. Why should voting be any more dangerous? “Superficially, a voting transaction looks a lot like a financial transaction online, but in the back, they are fundamentally different,” says David Jefferson. He’s a computer scientist at Lawrence Livermore National Laboratory and chairman of Verified Voting, an election watchdog group. “In the financial world, transactions can almost always be reversed. Merchandise can be returned, money can be returned, and transactions can be voided. It’s impossible to void a voting transaction, and so that means you have to engineer a voting system up front so that it’s invulnerable to any kind of failures. Well, this is beyond our ability to do.”