For those interested in expanding voting access by allowing voters to cast their ballots over the Internet, one government expert/activist has bad news – the security and privacy risks associated with Internet voting won’t be resolved anytime soon. David Jefferson, computer scientist in the Lawrence Livermore’s Center for Applied Scientific Computing, has studied electronic voting and security for more than 15 years. He believes “security, privacy, reliability, availability and authentication requirements for Internet voting are very different from, and far more demanding than, those required for e-commerce.” In short, voting is more susceptible to attacks, manipulation and vulnerabilities. Some champions of Internet balloting believe the safeguards that protect online shoppers from hackers can also protect the sensitive information and meet the legal regulations associated with voting online. Advocates further believe that Internet voting will increase turnout, cut costs and improve accuracy. Jefferson refuted these claims by asserting that there currently is no strong authentication or verification solution for online shopping. Also, while proxy shopping is a common occurrence and is not against the law, proxy voting is not allowed.
… Some states have started to experiment with email voting, which Jefferson said is especially vulnerable to attack as email headers can be easily forged, email does not use end-to-end encryption and it does not offer reliable authentication methods. Emails can also be manipulated in transit by IT personnel who control its path. Malware can also be injected into receiving vote servers.
Moreover, fraudulent ballots are extremely difficult to detect because there is currently no reliable system online. Unlike paper or in-person ballots, “Internet elections are essentially impossible to audit, and there’s no meaningful way to recount because there are no original indelible records of the voters’ intent against which to compare the outcome,” Jefferson stated. “The only vote records are on the server, and they are highly processed electronic ballot images that have been operated on by millions of lines of code on the client device, during transit through the Internet and on the server and canvass systems.”
Full Article: Online voting still faces security issues — GCN.