The Australian Electoral Commission is hoping that when it next comes time to vote, citizens will have no difficulty finding a polling station or working out exactly how long they will be waiting. The agency is preparing to develop two mobile applications – one for public usage and the other for its election workforce – to provide better access to its services and information. The public app will allow citizens to check their enrolment status and details of federal, state or local electoral divisions, and use GPS to identify the closest polling station and wait time. … The agency makes no mention of the use of the app for electronic voting, and it remains unlikely that this will change in the short term, as the agency wrestles with aging IT systems that need immediate rectification.
Estonia, the only country in the world where voters elect their leaders through online balloting, is taking steps to fend off potential hacking attacks as cyber-security fears intensify. A software overhaul for the system, introduced in 2005, is ready for testing before local elections in October, according to Tarvi Martens, the National Electoral Committee’s head of e-voting. The upgrade includes anti-tampering features known as end-to-end verifiability that addresses security concerns from groups such as the Organization for Security and Cooperation in Europe, he said. “End-to-end verifiability is the ‘Holy Grail’ for electronic voting,” Martens said this month in a phone interview. “When we talk about international criticism, the new software now addresses it.”
It’s hard to imagine that people thousands of miles away are able to sit at a computer and change the course of an election. But as we’ve seen in the United States, that’s not just a troubling concept, it’s a startling reality that has profound implications for voters, politicians, political parties and the media. When it comes to Canada, most experts agree it’s not a matter of if or even when (we experienced some limited interference in 2015), but of how badly nation-states, organized crime, activists and thrill seekers will want to sow chaos, confusion and manipulation.
Online voting is not a secure way for electors to choose a new government, says the chief technology officer of a Cambridge-based cybersecurity firm eSentire. “As a technologist and someone who is very concerned about the integrity of our elections, I would not be a fan or supportive of any electronic voting system,” said Mark McArdle. Online voting is expected to be used by 150 to 200 Ontario municipalities in the next round of municipal elections in October 2018. One of those cities will be Cambridge, which allowed online voting and telephone voting for a two-week advance voting period in 2014. In the next election in 2018, Cambridge will expand early voting to three weeks, and allow internet and telephone voting on election day.
Australia: Cloud infrastructure, biometric ID could be used by New South Wales’s iVote system | Computerworld
The New South Wales Electoral Commission (NSWEC) is eyeing potential changes to its iVote platform ahead of the NSW’s 2019 election. iVote offers both browser-based Internet voting and telephone voting. It was used in the 2011 and 2015 NSW state elections, and as well as in the 2017 Western Australia election and a number of by-elections. … In 2015, cyber security researchers uncovered a vulnerability in iVote that could potentially be exploited to stage man-in-the-middle attacks to subvert votes. “We found a serious security hole that exposed the browsing session both to an attack called the FREAK attack and another attack called the Logjam attack,” one of the researchers, Dr Vanessa Teague from the University of Melbourne, last year told the hearing of a NSW parliamentary inquiry.
Editorials: Congress should require paper voter ballots, electronic cybersecurity | Bruce Fein/Washington Times
Something is rotten in the state of our electronic voting practices. They are recklessly wandering towards online voting despite their high vulnerable to hacking and manipulation by cyberspace clowns, partisans, enemies, or all three. Congress should invoke its power under Article I, section 4 of the Constitution to require in federal elections use of paper ballots or electronic voting machines that produce voter-verified paper ballots. Congress should encourage States to do likewise for state elections through a federal grant-in-aid program. Firewalls should also be required between internet and voter registration, vote-tabulating machines, ballot delivery, and election management systems. Before certification of final election results, a random sample of electronic voting system totals should be compared with hand counts of the votes on the corresponding paper ballots to detect hacking or error. Elections are too important to be left to amateurs or to luck, which Congress seems not to understand.
Editorials: The Russians will be back: America’s election infrastructure is a sitting duck for foreign adversaries | Joe Mohen/Salon
Russia’s apparent attempt to interfere with the 2016 presidential election continues to make news. Some reports have suggested that voting systems were attacked — by unknown parties and in various ways — in at least 39 states. These attacks make it increasingly obvious just how vulnerable American voting systems are. This is not the first time our voting systems have been tested. After the 2000 presidential election, voting systems were updated to prevent simple counting errors. The margin of victory in Florida in the infamous 2000 presidential election was a mere 537 votes, less than the margin of error of the voting procedures then in use. We will never know who would have become president had the systems used at that time been more accurate. Less well known is that earlier that same year Al Gore won the first (and only) significant U.S. election ever run over the internet — the Arizona Democratic primary. My company at that time had been contracted to run that primary, and we assumed that every hacker in the world would be trying to sabotage that statewide election.
The Swiss government has given the green light to two cantons to resume online voting in time for the next set of referendums in September. The cantons of St Gallen and Aargau will be able to resume e-voting, joining six other cantons which already offer the system. Online voting was used previously in St Gallen and Aargau between 2010 and 2015, when the government banned the practice before that year’s general election, due to security loopholes. During that time, both cantons used the Vote électronique system which involved a total of nine cantons before the government withdrew its authorization.
The NSW Electoral Commission scored $5.4 million in this year’s state budget to rebuild its iVote online voting system in time for the next state election in 2019. The funding is part of a $23 million package to improve the agency’s online systems, which will also see the introduction of “an end-to-end solution for the disclosure of political donations, expenditure and the lodgement of public funding claims,” budget documents state. Last month the NSWEC asked the market to suggest off-the-shelf software that could replace the online voting system’s current core platform. “The RFI [request for information] process will give suppliers the opportunity to demonstrate new or innovative solutions that may better meet the needs of the NSWEC,” the agency said at the time.
We do our banking, our shopping and manage our relationships online. But our democracy remains decidedly analogue: in 2017, the simple act of casting a vote requires citizens to trudge down to a polling booth, queue up, and tick a box on a voting slip. … The most clear threat to online voting is the prospect of a cyber attack. If malicious actors were able to hack into the voting system, they might be able to manipulate the result. The threat of this has grown in recent years. Russian hackers are said to have interfered in last year’s US election by stealing information from US Democrats. Being able to target the voting system itself would be a much bigger prize. Hackers might not even have to gain access to the voting system. Launching a distributed denial of service (DDos) attack, in which a system is flooded with internet traffic to the extent that legitimate attempts to access it cannot get through, could hamper the online voting process.