During the 2018 midterms, deployed military personnel from West Virginia will be the first in the nation to vote in a federal election on their smartphones using a blockchain-based app—despite numerous concerns from cybersecurity experts. Concern over voting security in the midterm elections is rising, after the Department of Homeland Security detected Russian hackers targeting voter registration databases in at least 21 states in 2016. While most of the systems were not breached, and there is no evidence that Russian agents were able to manipulate voter data or election results, it’s likely that the cybercriminals were scanning them for vulnerabilities to potentially exploit in the future, the department said. … Cybersecurity experts are less confident in the safety and viability of a system like Voatz. “This is the last thing that people need to be thinking about when it comes to voting right now,” said Joseph Lorenzo Hall, chief technologist at the nonpartisan Center for Democracy and Technology. “There are so many more boring pieces of low-hanging fruit, like two-factor authentication, password management, and defending against phishing attacks. But that’s unfortunately not as exciting to most people as the blockchain voting stuff.”
The core problem with blockchain voting is that it is a form of internet voting, Lorenzo Hall said. “It fundamentally requires computers communicating over the internet to do these kinds of things,” he added. “And internet voting is probably one of the worst ideas ever. Our phones, our networks, the servers on the other side, every single one of those is totally insecure.”
Sawhney compares mobile voting to mobile banking, which most people feared 10 years ago, but is now a common practice.
But this argument discounts the amount of online banking fraud that occurs, Lorenzo Hall said. “They can buy insurance for it or build it into the price of services,” Lorenzo Hall said. “But we won’t accept an election system where 10% of ballots just disappear or change without anyone noticing.”
Systems that involve submitting encrypted ballots to the blockchain also must contend with the fact that the forms of encryption we currently use will be broken within 10 to 20 years, Lorenzo Hall said. “We expect an amount of secrecy around voting,” Lorenzo Hall said. If your votes can be exposed in the future, that could lead to dire consequences, he added.