It’s over. The voting went smoothly. As of the time of writing, there are no serious fraud allegations, nor credible evidence that anyone hacked the voting rolls or voting machines. And most important, the results are not in doubt. While we may breathe a collective sigh of relief about that, we can’t ignore the issue until the next election. The risks remain. As computer security experts have been saying for years, our newly computerized voting systems are vulnerable to attack by both individual hackers and government-sponsored cyberwarriors. It is only a matter of time before such an attack happens. Electronic voting machines can be hacked, and those machines that do not include a paper ballot that can verify each voter’s choice can be hacked undetectably. Voting rolls are also vulnerable; they are all computerized databases whose entries can be deleted or changed to sow chaos on Election Day.
Political candidates have always done everything in their power to target voters. But in the current election cycle, with primary election season officially under way, technology is giving them a lot more power than before. It is at the point where privacy advocates are referring to it as “voter surveillance.” Bruce Schneier, author, blogger and CTO of Resilient Systems, wrote in his recent book “Data and Goliath” that voter surveillance data can cause “unique harms” to the political process due to, “personalized marketing’s capability to discriminate as a way to track voting patterns and better ‘sell’ a candidate or policy position.”
For the past six years, Volkswagen has been cheating on the emissions testing for its diesel cars. The cars’ computers were able to detect when they were being tested, and temporarily alter how their engines worked so they looked much cleaner than they actually were. When they weren’t being tested, they belched out 40 times the pollutants. Their CEO has resigned, and the company will face an expensive recall, enormous fines and worse. Cheating on regulatory testing has a long history in corporate America. It happens regularly in automobile emissions control and elsewhere. What’s important in the VW case is that the cheating was preprogrammed into the algorithm that controlled cars’ emissions. Computers allow people to cheat in ways that are new. Because the cheating is encapsulated in software, the malicious actions can happen at a far remove from the testing itself. Because the software is “smart” in ways that normal objects are not, the cheating can be subtler and harder to detect. We’ve already had examples of smartphone manufacturers cheating on processor benchmark testing: detecting when they’re being tested and artificially increasing their performance. We’re going to see this in other industries.
Editorials: Bruce Schneier movie-plot threat contest: Winning entry imagines online voting gone wrong. | Slate
Imagine this: It’s the morning of Election Day, 2020. Americans across the country cast secure, encrypted votes from their smartphones and laptops, electronically choosing their president for the first time in history. Turnout reaches record highs. Live results online show that it’s a close race between the two leading candidates. But by early afternoon, an independent candidate—a sketchy figure with ties to multiple terrorist organizations and no public support whatsoever—mysteriously takes the lead. At 4 p.m., he officially wins the election. The American people rise up in protest: Clearly, hacking, bribery, or other nefarious activity has taken place. However, because the voting software is designed with end-to-end encryption to ensure anonymity, no audit or recount is possible. America’s next president is a terrorist. This is the hypothetical scenario that won Bruce Schneier’s annual online “movie-plot threat” contest by popular vote this past weekend.
As the College of Cardinals prepares to elect a new pope, security people like me wonder about the process. How does it work, and just how hard would it be to hack the vote? The rules for papal elections are steeped in tradition. John Paul II last codified them in 1996, and Benedict XVI left the rules largely untouched. The “Universi Dominici Gregis on the Vacancy of the Apostolic See and the Election of the Roman Pontiff” is surprisingly detailed. Every cardinal younger than 80 is eligible to vote. We expect 117 to be voting. The election takes place in the Sistine Chapel, directed by the church chamberlain. The ballot is entirely paper-based, and all ballot counting is done by hand. Votes are secret, but everything else is open. First, there’s the “pre-scrutiny” phase. “At least two or three” paper ballots are given to each cardinal, presumably so that a cardinal has extras in case he makes a mistake. Then nine election officials are randomly selected from the cardinals: three “scrutineers,” who count the votes; three “revisers,” who verify the results of the scrutineers; and three “infirmarii,” who collect the votes from those too sick to be in the chapel. Different sets of officials are chosen randomly for each ballot. Each cardinal, including the nine officials, writes his selection for pope on a rectangular ballot paper “as far as possible in handwriting that cannot be identified as his.” He then folds the paper lengthwise and holds it aloft for everyone to see. When everyone has written his vote, the “scrutiny” phase of the election begins.
The future of voting is online, and moving Arizona’s elections to the Internet would save money, deter voter fraud and increase efficiency, a state lawmaker says. “We will vote online some day,” said Sen. Bob Worsley, R-Mesa. “So why not start to figure it out and get ahead of the curve and have Arizona lead the way on this?” Worsley introduced SB 1387 to create an online voting pilot program before the 2014 primary election. It would require at least one county and one city, town or other local jurisdiction to be involved and allow for votes to be cast via the Internet. … Bruce Schneier, the author of five books on cryptography, computer and network security and overall security, said he likes the idea of online voting but doesn’t think it can be done securely. “We have not, in the history of mankind, created a computer system without a security vulnerability,” he said. Worsley, founder of retail catalog giant SkyMall, insists the system he proposes can be reliable. “My business did over a million transactions a year,” he said. “I know that this can be done securely.” Worsley compared Internet voting to the millions of online banking or stock transactions that happen every day, but Schneier said there’s a fundamental difference. “The important difference is that voting, by definition, is anonymous,” he said. “If there’s electronic banking fraud, we look at what happens, we can roll it back and make everybody whole. We can’t do that with a voting system.”