National: How Hackers Could Destroy Election Day | The Daily Beast

Stealing and leaking emails from the Democratic National Committee could be just the start. Hacking the presidential election itself could be next, a bipartisan group of former intelligence and security officials recently warned. Whomever was behind the DNC hack also could target voting machines and the systems for tabulating votes, which are dangerously insecure. “Election officials at every level of government should take this lesson to heart: our electoral process could be a target for reckless foreign governments and terrorist groups,” wrote 31 members of the Aspen Institute Homeland Security Group, which includes a former director of the Central Intelligence Agency and a former secretary of Homeland Security. That echoes warnings computer security experts have been sounding for more than a decade: that the system for casting and counting votes in this country is also ripe for mischief. … Thirty-one states and the District of Columbia allow military personnel and overseas voters to return their ballots electronically, according to Verified Voting, a non-profit group that advocates transparency and security in U.S. elections. “The election official on the receiving end has no way to know if the voted ballot she received matches the one the voter originally sent,” the group warns. Some ballots are sent through online portals, which exposes the voting system to the internet. And that’s one of the most dangerous things elections officials can do, because it provides a remote point of access for hackers into the election system.

National: Why Can’t We Just Vote Online? | Pacific Standard

During the 2012 American presidential election, 129 million people cast ballots, while 106 million eligible voters neglected to do so. That’s only a 54.9 percent conversion rate, not to mention the 51 million voters who weren’t registered. Meanwhile, in 2015, there were almost 172 million Americans making purchases online. Those are apples and oranges, admittedly, but the ease with which the shopping occurs only helps its proliferation. If the ultimate goal is maximizing the country’s voting turnout, shouldn’t we develop an Internet voting system? Voting from a computer at home could be far easier than waiting in long lines at polling stations or filling out mail-in forms. But can it ever happen? “For as far into the future as I can see, the answer is no,” says David Jefferson, a computer scientist in the Center for Applied Scientific Computing at Lawrence Livermore National Laboratory. In May 2015, Jefferson examined the possibility of Internet voting in a paper called “Intractable Security Risks of Internet Voting.” For anyone who has ever owned a personal computer, the first problem is obvious: malware.
“Unless we were to re-design the Internet from the ground up, there’s not likely to be a solution to these problems.” “We’re not even remotely close to guaranteeing that there’s no malware on your computer,” Jefferson says. The malware can do whatever task it’s programmed to accomplish, from erasing votes cast to changing them. And they can do these things without leaving any trace. “The malware might erase itself a half second later, and so there might be no evidence. And that’s one of half a dozen of problems.”

National: Tech tiptoes into the voting process | GCN

While the country is probably still a long way from online voting, some states are testing the waters and building technology into election-related processes. For the 2016 presidential election, Ohio will incorporate a common data format in its election management systems that will help election officials quickly and accurately collect election data from precincts with non-interoperable election management systems, and then quickly release that information to the public and news outlets. It’s hoped that the common formats will reduce the opportunities for error on election nights, when deadlines are tight and pressure for results is keen. Ohio’s changes are based on the methods outlined in the National Institute of Standards and Technology’s special publication: A Common Data Format for Election Results Reporting. … Many believe that no matter how strong companies like Smartmatic make their security, it’s impossible to secure votes across the hardware and networks that would make up an electronic voting system.

Colorado: The high risk of e-voting | The Denver Post

If we can bank and shop online, why can’t we also vote online? This once-common refrain — I certainly used to ask the question — has been answered in recent years by revelations that hackers have penetrated some of our largest financial institutions, retailers, entertainment studios and, of course, the federal government. We can do our banking and shopping online because, as Lawrence Livermore computer scientist David Jefferson said earlier this year, “Financial losses in e-commerce can be insured or absorbed, but no such amelioration is possible in an election. And, of course, the stakes are generally much higher in a public election than in an e-commerce system.” Jefferson’s view that online voting — and especially e-mail — is extremely vulnerable to being hacked, intercepted or manipulated is shared by many experts, including those at the National Institute of Standards and Technology and the U.S. Election Assistance Commission.

Editorials: Internet balloting too risky | Washington Times

“Your vote counts” is a snappy slogan just short enough to fit on a lapel button, but snappy is not the same as “secure.” As the 2016 campaign unfolds, there’s renewed interest in enabling voters to vote over the Internet. The notion that choosing a president could be as easy as using a smartphone to order a pizza is tempting to some, but until cybersecurity wizards prove that a vote cast is a vote counted, Internet balloting is unreliably risky. Internet voting has its passionate advocates. One California pundit argues that since his bills, banking, shopping, even the data on his children’s homework is on the Internet, why shouldn’t his voting be there, too. It’s not safe to vote where he shops? Exactly, says David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who was the chairman of the technology committee of the California Internet Task Force.

Editorials: The Dangers of Internet Voting | Hans A. von Spakovsky/Heritage

Those who believe that “voting online is the future” or that it is “possible given current technology” to create a secure online voting system are dangerously mistaken.[1] According to computer experts, Internet voting is vulnerable to cyber-attack and fraud—vulnerabilities inherent in current hardware and software, as well as the basic manner in which the Internet is organized. It is unlikely that these vulnerabilities will be eliminated at any time in the near future. State legislators and secretaries of state who are considering implementing Internet voting, or even the delivery by e-mail of voted ballots from registered voters, should reconsider such measures. These programs would be vulnerable to a variety of well-known cyber-attacks, any of which could be catastrophic. Such attacks could be “launched by anyone from a disaffected lone individual to a well-financed enemy agency outside the reach of U.S. law.” They also “could result in large-scale, selective voter disenfranchisement,” privacy violations, vote buying and selling, and vote switching “even to the extent of reversing the outcome of many elections at once….” The biggest danger, however, is that such attacks “could succeed and yet go completely undetected.”

Editorials: You can transfer your paycheck, fill out your taxes and control airplanes online. Why can’t you vote? | Bangor Daily News

You can transfer your life’s earnings between bank accounts online. You can apply for a credit card and file your tax returns online. If you’re an air traffic controller, you probably use a Web-based system to direct the planes — and people’s lives — above you. So what’s the deal with voting? Why can’t you use your phone or computer to cast your ballot remotely? Experts don’t have faith in the ability of the Internet to maintain what’s needed in a voting system: keeping your vote secret, preventing coercion, verifying your identity, allowing you to vote only once, and recording your vote correctly. If not now, though, will the option to vote online be available in the future? … Skeptics of online voting are of course concerned about security breaches. Could a third party hack into the system and interfere with an election’s results? What about the potential for violations of voter privacy?

Editorials: Online voting still faces security issues | Mark Pomerleau/GCN

For those interested in expanding voting access by allowing voters to cast their ballots over the Internet, one government expert/activist has bad news – the security and privacy risks associated with Internet voting won’t be resolved anytime soon. David Jefferson, computer scientist in the Lawrence Livermore’s Center for Applied Scientific Computing, has studied electronic voting and security for more than 15 years. He believes “security, privacy, reliability, availability and authentication requirements for Internet voting are very different from, and far more demanding than, those required for e-commerce.” In short, voting is more susceptible to attacks, manipulation and vulnerabilities. Some champions of Internet balloting believe the safeguards that protect online shoppers from hackers can also protect the sensitive information and meet the legal regulations associated with voting online. Advocates further believe that Internet voting will increase turnout, cut costs and improve accuracy. Jefferson refuted these claims by asserting that there currently is no strong authentication or verification solution for online shopping. Also, while proxy shopping is a common occurrence and is not against the law, proxy voting is not allowed.

National: Security risks and privacy issues are too great for moving the ballot box to the Internet | Phys.org

Contrary to popular belief, the fundamental security risks and privacy problems of Internet voting are too great to allow it to be used for public elections, and those problems will not be resolved any time soon, according to David Jefferson, who has studied the issue for more than 15 years. Jefferson, a computer scientist in the Lawrence Livermore’s Center for Applied Scientific Computing, discussed his findings in a recent Computation Seminar Series presentation, entitled “Intractable Security Risks of Internet Voting.” His study of Internet voting issues is independent of his Lawrence Livermore research work. Nonetheless, he reminded the audience that “election security is a part of national security,” noting that this is a primary reason he is so passionate about this issue. “I am both a technical expert on this subject and an activist,” Jefferson emphasized in his introductory remarks. “Election security is an aspect of national security and must be treated as such.” The view held by many election officials, legislators and members of the public is that if people can shop and bank online in relative security, there’s no reason they shouldn’t be able to vote on the Internet, Jefferson said. “Advocates argue (falsely) that Internet voting will increase turnout, reduce costs and improve speed and accuracy.” They promote the idea that “you can vote anytime, anywhere, even in your pajamas.”

National: Why Internet voting remains a risky proposition | FCW

Voting in public elections via the Internet could be a national security risk, according to a researcher at Lawrence Livermore National Laboratory’s Center for Applied Scientific Computing. In a presentation titled “Intractable Security Risks of Internet Voting,” computer scientist David Jefferson said the risks of electronic ballots cast via the Web far outweigh the conveniences such systems can offer. He presented his conclusions at a recent LLNL Computation Seminar Series, though his efforts in that area are independent of his work at the lab. In addition to his research into high-performance computing applications at LLNL, he serves on a number of state and federal government panels that focus on election security issues, especially those related to electronic and Internet-based voting, and is on the board of directors of the California Voter Foundation.

California: Paper is Still the Tech of Choice for California Elections | KQED

In a state that that takes pride in being on the technological cutting edge, most California voters will mark paper ballots with ink by Nov. 4, whether they vote at their polling place or by mail. The state’s reliance on paper would have seemed unlikely 15 years ago. California’s then-Secretary of State Bill Jones floated a radical idea in 1999: let people vote online. He convened task force to look into the possibility. “Here we are in the dot com boom,” said David Jefferson, a computer scientist who chaired the task force’s Technology Committee. “It’s an exciting thing. Of course we would all like to vote online. Let’s just figure out how to deliver it to the people of California.” Jefferson now works on one of the world’s fastest computers at Lawrence Livermore National Laboratory. He recalls when the online voting project started to fall apart. “In the course of that study, which took place over several months, doubts began to creep in,” he said. “And then we began to find more and more flaws.”

Utah: Improving voter turnout still a tough nut to crack | Deseret News

Would the ability to vote in your pajamas, on a smart phone, make you a better participant in the political process? Would it make you care more? Utah’s lieutenant governor has convened a committee to study the idea of making the state a pioneer in Internet voting. They might want to look to Norway, which tried such a thing — then, according to a headline writer at npr.org, did a “Ctrl+Alt+Delete” on the whole thing a few weeks ago. Utah Director of Elections Mark Thomas told the Deseret News last week that the biggest hurdle to overcome is security. Norwegian officials would agree. They couldn’t do it. NPR quotes Lawrence Livermore National Laboratory computer scientist David Jefferson as saying, “There is no way to guarantee that the security, privacy and transparency requirements for elections can all be met with any practical technology in the foreseeable future.”

Norway: Norway Does A Ctrl+Alt+Delete On E-Voting Experiment | NPR

After a two-year trial for Internet voting, Norway is pulling the plug. The country’s Office of Modernization said in a statement that there’s no evidence that online voting, tested in elections in 2011 and 2013, improved turnout. It also said that “political disagreement” over the issue, along with voters’ fear that ballots might not be secure, could undermine the democratic process. The office said it had “decided that the attempt with voting over the Internet should not be promoted.” The idea of online voting has been in the ether for as long as the Internet, so Norway’s experience might be relevant elsewhere. … David Jefferson, a computer scientist at Lawrence Livermore National Laboratory, wrote in 2011 that “computer and network security experts are virtually unanimous in pointing out that online voting is an exceedingly dangerous threat to the integrity of U.S. elections. “There is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology in the foreseeable future,” he says.

Maryland: Experts remain concerned about Maryland election fraud threat | Baltimore Sun

By now, just about everyone connected to the Internet is familiar with this process: Required to fill out and sign a form of some kind, you ask for and receive a hyperlink via email. You open the link, find the form you need (perhaps a pdf), download it, print it, fill it out and mail it off. That’s a common practice, though increasingly old-school by today’s online standards. There doesn’t seem to be anything particularly risky about the transaction; few would think twice about conducting business that way. But while integrity is important in all transactional realms, it rises to precious when we’re talking about voting. And that’s why a similar process, new this year and slated to be part of Maryland’s primary election in June, has some civic-minded computer security experts sounding alarms about the potential for fraud. … The three experts who wrote to the board about this in 2012 were David Jefferson, a computer scientist based at the Lawrence Livermore National Laboratory in California; J. Alex Halderman, assistant professor of electrical engineering and computer science at the University of Michigan; and Barbara Simons, a retired IBM computer scientist and an expert on electronic voting. They are part of network of vigilant computer security experts who independently assess state elections systems and report their concerns.

Verified Voting in the News: California College Vote Hack | David Jefferson/Election Law Blog

I just read Doug Chapin’s article on the vote rigging at Cal State San Marcos, and I would add several observations.  Had this been a public election conducted via Internet voting, it would have been much more difficult to identify any problem or to capture the perpetrator, Mr. Weaver. Mr. Weaver was captured because he was voting from school-owned computers. This was networked voting but not really Internet voting. The IT staff was able to notice “unusual activity” on those computers, and via remote access they were able to “watch the user cast vote after vote”. But in a public online election people would vote from their own private PCs, and through the Internet, not on a network controlled by the IT staff of election officials. There will likely be no “unusual activity” to notice in real time, and no possibility of “remote access” to allow them to monitor activity on a voter’s computer.  Note also that university IT staff were able to monitor him while he was voting, showing that they were able to completely violate voting privacy, something we cannot tolerate in a public election.

Verified Voting in the News: California Assembly committee passes Internet voting bill with secret amendments | Kim Alexander’s Weblog

Last Tuesday at the California Assembly Elections committee hearing,AB 19 by Assemblyman Phil Ting (D-San Francisco) was heard and passed on a 4-3 vote. If enacted, the bill would create a California online voting pilot program. Over the weekend, while cleaning out some old papers, I had deja vu moment when I came across a December 4, 2000 news release issued by then-Assembly Majority Leader Kevin Shelley announcing the introduction of AB 55, which among other things, as originally introduced would have established an online voting pilot program under the direction of the Secretary of State. That provision was ultimately amended out, and Mr. Shelley would go on to become the Secretary of State of California and one of the nation’s first political leaders to support a voter verified paper audit trail and mandatory election recounts.

National: Cyberattack on Florida election is first known case in US, experts say | NBC

An attempt to illegally obtain absentee ballots in Florida last year is the first known case in the U.S. of a cyberattack against an online election system, according to computer scientists and lawyers working to safeguard voting security. The case involved more than 2,500 “phantom requests” for absentee ballots, apparently sent to the Miami-Dade County elections website using a computer program, according to a grand jury report on problems in the Aug. 14 primary election. It is not clear whether the bogus requests were an attempt to influence a specific race, test the system or simply interfere with the voting. Because of the enormous number of requests – and the fact that most were sent from a small number of computer IP addresses in Ireland, England, India and other overseas locations – software used by the county flagged them and elections workers rejected them. Computer experts say the case exposes the danger of putting states’ voting systems online – whether that’s allowing voters to register or actually vote. “It’s the first documented attack I know of on an online U.S. election-related system that’s not (involving) a mock election,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who is on the board of directors of the Verified Voting Foundation and the California Voter Foundation.

National: Could Online Oscar Voting Lead to Online Public Elections? | Government Technology

If online voting is good enough for the Oscars, why isn’t it good enough for public elections? A panel of experts assembled on Feb. 14 to consider whether the Academy of Motion Picture Arts and Sciences’ decision to capture votes online for this year’s Oscars means that technology has matured to the point where public elections can be held online. According to an article in The Hollywood Reporter, voting to determine who would receive a nomination for an Academy Award began Dec. 17 and ended Jan. 3. While a majority of Academy members registered to take advantage of the online voting option, the process was not without its snags. Many confessed to password trouble, while others worried about hackers jeopardizing voter intent. … David Jefferson, a computer scientist at Lawrence Livermore National Laboratory and chairman of the board for the nonprofit Verified Voting, outlined several major differences between private elections, like those conducted for the Academy Awards, and public elections. Public elections, Jefferson said, inherently have much higher standards for security, privacy and transparency. “Just because this works for private elections or is useful for private elections, we don’t want people thinking … it is appropriate for public elections.”

National: Online voting: Safe for Oscars, but not yet for elections? | TechHive

For the first time ever, this year’s Oscar winners were selected online. The Academy of Motion Picture Arts and Sciences decided to let its members vote online, but cybersecurity and elections experts say that casting Internet ballots in public elections is still a long way off. Even picking Best Picture winners led to serious snafus. The voting deadline for the Oscars was extended in early January after some members had issues with account registration (password requests were answered by snail mail rather than email). But in public elections, deadlines can’t be extended. A group of cybersecurity and elections experts last week reiterated the dangers of modeling public elections after private ones. Companies who design online voting systems for award shows or corporate shareholder meetings may suggest these systems can also be used in congressional or presidential races. Those claims should be met with skepticism, said computer scientist David Jefferson, chairman of the nonprofit Verified Voting Foundation. “There are major differences between private and public elections: the degree of security required, the degree of privacy required, the degree of transparency required,” Jefferson said in a telephone press conference Thursday. “In a public election we’re talking about a national security situation.”

National: Computer security experts and advocates: Internet voting poses risk | Politico.com

Just because online voting is possible, doesn’t mean the U.S. government should try it for national elections any time soon. That’s the message computer security experts and advocates for voting rights are trying to get across to American voters. David Jefferson, a Lawrence Livermore computer scientist, said Thursday that hosting a national election online poses a national security threat. Jefferson was part of a press conference hosted by Common Cause, a transparency advocacy organization. He pointed out three fundamental areas of attack by hackers or viruses, with no immediate solutions for online voting. “Client side” attacks would trigger malicious software in a voter’s computer or smartphone itself. “Server side” attacks could bring down the servers that would collect and count the votes and the “denial of service” attacks could actually prevent people from voting and take the server down. “There is no fundamental solution to any of these categories of problems, and at least for the client or server side, anyone in the world can initiate such an attack. It can be completely undetectable so the outcome would be wrong and no one would know about it,” said Jefferson, who serves on the board of the Verified Voting Foundation and California Voter Foundation. Even if a faulty outcome is discovered, he added, there would be no way to correct it as there would be no audit trail to “recount.”

National: Pentagon unit pushed email voting for troops despite security concerns | McClatchy

As Election Day approaches, county clerks’ offices in 31 states are accepting tens of thousands of electronic absentee ballots from U.S. soldiers and overseas civilians, despite years of warnings from cyber experts that Internet voting is easy prey for hackers. Some of the states made their techno leaps even after word spread of an October 2010 test of an Internet voting product in the nation’s capital, in which a team of University of Michigan computer scientists quickly penetrated the system and directed it to play the school’s fight song. The Michigan team reported that hackers from China and Iran also were on the verge of breaking in. Election watchdogs, distraught over what they fear is a premature plunge into an era of Internet voting, lay most of the blame on an obscure Defense Department unit that beckoned state officials for 20 years, in letters, legislative testimony and at conferences, to consider email voting for more than 1 million troops and civilians living abroad.

Maryland: Online voter registration vulnerable to attack, researchers say | The Washington Post

A voting rights group and some of the nation’s leading researchers on election technology are urging Maryland voters to check the accuracy of their online voter registration files after warning that the data had been left vulnerable to tampering. Researchers at the University of Michigan, the Lawrence Livermore National Laboratory and a former president of the Association for Computing Machinery wrote to Maryland officials late last month urging them to take immediate steps to better protect a new system that allows Marylanders to update their voter registration online. The letter warned that anyone with access to a Maryland voter’s full name and birth date could exploit a simple online tool to change the voter’s address, party affiliation or other information. Such changes, especially a change of address, could lead to a voter’s ballot not being counted normally on Election Day.

Maryland: Cracks in Maryland and Washington Voter Databases | NYTimes.com

Computer security experts have identified vulnerabilities in the voter registration databases in two states, raising concerns about the ability of hackers and others to disenfranchise voters. In the last five years, Maryland and Washington State have set up voter registration systems that make it easy for people to register to vote and update their address information online. The problem is that in both states, all the information required from voters to log in to the system is publicly available. It took The New York Times less than three minutes to track down the information online needed to update the registrations of several prominent executives in Washington State. Complete voter lists, which include a name, birth date, addresses and party affiliation, can be easily bought — and are, right now, in the hands of thousands of campaign volunteers.

Maryland: Cracks in Maryland and Washington Voter Databases | NYTimes.com

Computer security experts have identified vulnerabilities in the voter registration databases in two states, raising concerns about the ability of hackers and others to disenfranchise voters. In the last five years, Maryland and Washington State have set up voter registration systems that make it easy for people to register to vote and update their address information online. The problem is that in both states, all the information required from voters to log in to the system is publicly available. It took The New York Times less than three minutes to track down the information online needed to update the registrations of several prominent executives in Washington State. Complete voter lists, which include a name, birth date, addresses and party affiliation, can be easily bought — and are, right now, in the hands of thousands of campaign volunteers.

National: How Close Are We to Internet Voting? | Mashable

You can do basically anything online. From booking a flight to securely transmitting medical records to your doctor, from buying groceries to managing your bank account, the web supports all sorts of complex transactions. But one common task has firmly resisted the lure of online convenience: voting. At least mostly. There is actually some online voting already happening in very limited ways. At least 32 states and the District of Columbia will allow military or overseas voters to return absentee ballots via email, fax or an Internet portal, in effect offering a form of remote electronic voting to some segment of the population. But for the majority of voters, a trip to a polling place will be necessary to cast a vote in this year’s election. Why is that? Surely, if engineers can figure out how to safeguard your medical records or transfer large sums of money over the Internet, beaming a vote from your living room should be a piece of cake. That’s a popular refrain among proponents of Internet voting systems, and on the surface, it makes sense. If security-obsessed industries like banking and medicine have embraced the Internet, why is voting still stuck in the relative dark ages? As with most things, the reality is a bit more complicated. According to VerifiedVoting.org, a non-profit organization dedicated to ensuring the “accuracy, integrity and verifiability” of elections in a digital age, all voting systems should have a few key components. First, there needs to be a fully auditable, preferably voter-verifiable paper trail that maintains the integrity of the secret ballot. Second, voting systems need to have in place strong mechanisms to prevent any undetected changes to votes. Third, systems should not be easily subject to wide-scale service disruptions. Indeed, the Help America Vote Act (HAVA), passed in 2002 as a response to the Florida recount debacle of 2000, requires some of these provisions under the law.

National: The Problems with Online Voting | Wall Street Journal

Two years ago, hackers gained access to an online voting system created by the District of Columbia and altered every ballot on behalf of their own preferred candidates. On the “Thank You!” page that ran at the end of the voting protocol, they left their trademark—the University of Michigan fight song. The online voting system was real, intended for use that November, but the compromised election, fortunately, was just a mock-up for testing security. The infiltrators were a team of graduate students led by University of Michigan computer scientist J. Alex Halderman. Which candidates got the fake votes? Skynet from the “Terminator” movies and Bender, the alcohol-fueled robot from TV’s “Futurama.” But the hackers had a serious point: that Internet voting systems were a real threat to the integrity of the democratic process. “The question of whether Internet voting is secure is really not a political question,” Dr. Halderman says. “It’s a technical question.” As many as three million voters will be eligible to vote online this fall, according to Pamela Smith, executive director of the Verified Voting Foundation, a nonpartisan fair elections watchdog group. In all, 31 states will offer some form of online voting, usually for overseas voters.

Verified Voting in the News: Internet voting way too risky, say experts | Marketplace

Every time an election rolls around, you hear about some pitifully low percentage of people who actually bother to go to the polling place and cast a ballot. At the same time, one can’t help notice the decline in many bricks and mortar retail stores and the attendant growth of online shopping. So why not put two and two together here? Why not vote over the Internet? Skip all that hassle of looking up where you’re supposed to vote, getting there, parking, waiting in line. Just log on, in your pajamas if you want, and cast a ballot the same way you would order some shoes. “It would be something that would be more convenient for voters, you could just do it from the privacy of your own home,” says J. Alex Halderman, Assistant professor of electrical engineering and computer science at the University of Michigan. “That has the potential to increase voter turnout, which is a very good thing. But, the problem is internet voting presents very serious security challenges that we don’t know how to solve, and might not know how to solve anytime soon.”

Voting Blogs: In Theory And Practice, Why Internet-Based Voting Is a Bad Idea | Slashdot

A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it’s a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there’s no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they’re overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.

National: Internet voting systems too insecure, researcher warns | Computerworld

Internet voting systems are inherently insecure and should not be allowed in the upcoming general elections, a noted security researcher said at the RSA Conference 2012 being held here this week. David Jefferson, a computer scientist at Lawrence Livermore National Laboratories and chairman of the election watchdog group Verified Voting, called on election officials around the country to drop plans to allow an estimated 3.5 million voters to cast their ballots over the Internet in this year’s general elections. In an interview with Computerworld on Wednesday, Jefferson warned that the systems that enable such voting are far too insecure to be trusted and should be jettisoned altogether. Jefferson is scheduled to participate in a panel discussion on the topic at the RSA conference on Thursday. Also on the panel are noted cryptographer and security guru Ron Rivest, who is the “R” in RSA, and Alex Halderman, an academic whose research on security vulnerabilities in e-voting systems prompted elections officials in Washington to drop plans to use an e-voting system in 2010. “There’s a wave of interest across the country, mostly among election officials and one agency of the [Department of Defense], to offer Internet voting” to overseas citizens and members of the military, Jefferson said. “From a security point of view, it is an insane thing to do.”