Stealing and leaking emails from the Democratic National Committee could be just the start. Hacking the presidential election itself could be next, a bipartisan group of former intelligence and security officials recently warned. Whomever was behind the DNC hack also could target voting machines and the systems for tabulating votes, which are dangerously insecure. “Election officials at every level of government should take this lesson to heart: our electoral process could be a target for reckless foreign governments and terrorist groups,” wrote 31 members of the Aspen Institute Homeland Security Group, which includes a former director of the Central Intelligence Agency and a former secretary of Homeland Security. That echoes warnings computer security experts have been sounding for more than a decade: that the system for casting and counting votes in this country is also ripe for mischief. … Thirty-one states and the District of Columbia allow military personnel and overseas voters to return their ballots electronically, according to Verified Voting, a non-profit group that advocates transparency and security in U.S. elections. “The election official on the receiving end has no way to know if the voted ballot she received matches the one the voter originally sent,” the group warns. Some ballots are sent through online portals, which exposes the voting system to the internet. And that’s one of the most dangerous things elections officials can do, because it provides a remote point of access for hackers into the election system.Full Article: How Hackers Could Destroy Election Day - The Daily Beast.
During the 2012 American presidential election, 129 million people cast ballots, while 106 million eligible voters neglected to do so. That’s only a 54.9 percent conversion rate, not to mention the 51 million voters who weren’t registered. Meanwhile, in 2015, there were almost 172 million Americans making purchases online. Those are apples and oranges, admittedly, but the ease with which the shopping occurs only helps its proliferation. If the ultimate goal is maximizing the country’s voting turnout, shouldn’t we develop an Internet voting system? Voting from a computer at home could be far easier than waiting in long lines at polling stations or filling out mail-in forms. But can it ever happen? “For as far into the future as I can see, the answer is no,” says David Jefferson, a computer scientist in the Center for Applied Scientific Computing at Lawrence Livermore National Laboratory. In May 2015, Jefferson examined the possibility of Internet voting in a paper called “Intractable Security Risks of Internet Voting.” For anyone who has ever owned a personal computer, the first problem is obvious: malware.
“Unless we were to re-design the Internet from the ground up, there’s not likely to be a solution to these problems. We’re not even remotely close to guaranteeing that there’s no malware on your computer,” Jefferson says. The malware can do whatever task it’s programmed to accomplish, from erasing votes cast to changing them. And they can do these things without leaving any trace. “The malware might erase itself a half second later, and so there might be no evidence. And that’s one of half a dozen of problems.”
It’s easy to get excited about internet voting. Social media, Skype, online banking—these types of tools and services have expanded our voices, connected us the world over, and added convenience and efficiency to our lives. Who wouldn’t want to see elections benefit from these kinds of advances? But internet voting isn’t online banking or video calling or tweeting. Voting is a special activity, and trying to do it online poses special problems, most of which security researchers don’t yet know how to solve. “The technology is just too insecure to entrust such an important right of American people to that insecure technology,” said Bruce McConnell, global vice president and cyberspace program manager at the East West Institute and former deputy under secretary for cybersecurity at the Department of Homeland Security. “The technology is just too insecure to entrust such an important right of American people to that insecure technology.”Full Article: Why we won't all be voting online anytime soon | The Daily Dot.
While the country is probably still a long way from online voting, some states are testing the waters and building technology into election-related processes. For the 2016 presidential election, Ohio will incorporate a common data format in its election management systems that will help election officials quickly and accurately collect election data from precincts with non-interoperable election management systems, and then quickly release that information to the public and news outlets. It’s hoped that the common formats will reduce the opportunities for error on election nights, when deadlines are tight and pressure for results is keen. Ohio’s changes are based on the methods outlined in the National Institute of Standards and Technology’s special publication: A Common Data Format for Election Results Reporting. … Many believe that no matter how strong companies like Smartmatic make their security, it’s impossible to secure votes across the hardware and networks that would make up an electronic voting system.Full Article: Tech tiptoes into the voting process -- GCN.
If we can bank and shop online, why can’t we also vote online? This once-common refrain — I certainly used to ask the question — has been answered in recent years by revelations that hackers have penetrated some of our largest financial institutions, retailers, entertainment studios and, of course, the federal government. We can do our banking and shopping online because, as Lawrence Livermore computer scientist David Jefferson said earlier this year, “Financial losses in e-commerce can be insured or absorbed, but no such amelioration is possible in an election. And, of course, the stakes are generally much higher in a public election than in an e-commerce system.” Jefferson’s view that online voting — and especially e-mail — is extremely vulnerable to being hacked, intercepted or manipulated is shared by many experts, including those at the National Institute of Standards and Technology and the U.S. Election Assistance Commission.Full Article: Carroll: The high risk of e-voting - The Denver Post.
“Your vote counts” is a snappy slogan just short enough to fit on a lapel button, but snappy is not the same as “secure.” As the 2016 campaign unfolds, there’s renewed interest in enabling voters to vote over the Internet. The notion that choosing a president could be as easy as using a smartphone to order a pizza is tempting to some, but until cybersecurity wizards prove that a vote cast is a vote counted, Internet balloting is unreliably risky. Internet voting has its passionate advocates. One California pundit argues that since his bills, banking, shopping, even the data on his children’s homework is on the Internet, why shouldn’t his voting be there, too. It’s not safe to vote where he shops? Exactly, says David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who was the chairman of the technology committee of the California Internet Task Force.Full Article: EDITORIAL: Internet balloting too risky - Washington Times.
Those who believe that “voting online is the future” or that it is “possible given current technology” to create a secure online voting system are dangerously mistaken. According to computer experts, Internet voting is vulnerable to cyber-attack and fraud—vulnerabilities inherent in current hardware and software, as well as the basic manner in which the Internet is organized. It is unlikely that these vulnerabilities will be eliminated at any time in the near future. State legislators and secretaries of state who are considering implementing Internet voting, or even the delivery by e-mail of voted ballots from registered voters, should reconsider such measures. These programs would be vulnerable to a variety of well-known cyber-attacks, any of which could be catastrophic. Such attacks could be “launched by anyone from a disaffected lone individual to a well-financed enemy agency outside the reach of U.S. law.” They also “could result in large-scale, selective voter disenfranchisement,” privacy violations, vote buying and selling, and vote switching “even to the extent of reversing the outcome of many elections at once….” The biggest danger, however, is that such attacks “could succeed and yet go completely undetected.”Full Article: The Dangers of Internet Voting.
Editorials: You can transfer your paycheck, fill out your taxes and control airplanes online. Why can’t you vote? | Bangor Daily News
You can transfer your life’s earnings between bank accounts online. You can apply for a credit card and file your tax returns online. If you’re an air traffic controller, you probably use a Web-based system to direct the planes — and people’s lives — above you. So what’s the deal with voting? Why can’t you use your phone or computer to cast your ballot remotely? Experts don’t have faith in the ability of the Internet to maintain what’s needed in a voting system: keeping your vote secret, preventing coercion, verifying your identity, allowing you to vote only once, and recording your vote correctly. If not now, though, will the option to vote online be available in the future? … Skeptics of online voting are of course concerned about security breaches. Could a third party hack into the system and interfere with an election’s results? What about the potential for violations of voter privacy?Full Article: You can transfer your paycheck, fill out your taxes and control airplanes online. Why can’t you vote? | BDN Maine.
For those interested in expanding voting access by allowing voters to cast their ballots over the Internet, one government expert/activist has bad news – the security and privacy risks associated with Internet voting won’t be resolved anytime soon. David Jefferson, computer scientist in the Lawrence Livermore’s Center for Applied Scientific Computing, has studied electronic voting and security for more than 15 years. He believes “security, privacy, reliability, availability and authentication requirements for Internet voting are very different from, and far more demanding than, those required for e-commerce.” In short, voting is more susceptible to attacks, manipulation and vulnerabilities. Some champions of Internet balloting believe the safeguards that protect online shoppers from hackers can also protect the sensitive information and meet the legal regulations associated with voting online. Advocates further believe that Internet voting will increase turnout, cut costs and improve accuracy. Jefferson refuted these claims by asserting that there currently is no strong authentication or verification solution for online shopping. Also, while proxy shopping is a common occurrence and is not against the law, proxy voting is not allowed.Full Article: Online voting still faces security issues -- GCN.
National: Security risks and privacy issues are too great for moving the ballot box to the Internet | Phys.org
Contrary to popular belief, the fundamental security risks and privacy problems of Internet voting are too great to allow it to be used for public elections, and those problems will not be resolved any time soon, according to David Jefferson, who has studied the issue for more than 15 years. Jefferson, a computer scientist in the Lawrence Livermore’s Center for Applied Scientific Computing, discussed his findings in a recent Computation Seminar Series presentation, entitled “Intractable Security Risks of Internet Voting.” His study of Internet voting issues is independent of his Lawrence Livermore research work. Nonetheless, he reminded the audience that “election security is a part of national security,” noting that this is a primary reason he is so passionate about this issue. “I am both a technical expert on this subject and an activist,” Jefferson emphasized in his introductory remarks. “Election security is an aspect of national security and must be treated as such.” The view held by many election officials, legislators and members of the public is that if people can shop and bank online in relative security, there’s no reason they shouldn’t be able to vote on the Internet, Jefferson said. “Advocates argue (falsely) that Internet voting will increase turnout, reduce costs and improve speed and accuracy.” They promote the idea that “you can vote anytime, anywhere, even in your pajamas.”Full Article: Security risks and privacy issues are too great for moving the ballot box to the Internet.
Voting in public elections via the Internet could be a national security risk, according to a researcher at Lawrence Livermore National Laboratory’s Center for Applied Scientific Computing. In a presentation titled “Intractable Security Risks of Internet Voting,” computer scientist David Jefferson said the risks of electronic ballots cast via the Web far outweigh the conveniences such systems can offer. He presented his conclusions at a recent LLNL Computation Seminar Series, though his efforts in that area are independent of his work at the lab. In addition to his research into high-performance computing applications at LLNL, he serves on a number of state and federal government panels that focus on election security issues, especially those related to electronic and Internet-based voting, and is on the board of directors of the California Voter Foundation.Full Article: Why Internet voting remains a risky proposition -- FCW.
In a state that that takes pride in being on the technological cutting edge, most California voters will mark paper ballots with ink by Nov. 4, whether they vote at their polling place or by mail. The state’s reliance on paper would have seemed unlikely 15 years ago. California’s then-Secretary of State Bill Jones floated a radical idea in 1999: let people vote online. He convened task force to look into the possibility. “Here we are in the dot com boom,” said David Jefferson, a computer scientist who chaired the task force’s Technology Committee. “It’s an exciting thing. Of course we would all like to vote online. Let’s just figure out how to deliver it to the people of California.” Jefferson now works on one of the world’s fastest computers at Lawrence Livermore National Laboratory. He recalls when the online voting project started to fall apart. “In the course of that study, which took place over several months, doubts began to creep in,” he said. “And then we began to find more and more flaws.”Full Article: Paper is Still the Tech of Choice for California Elections | KQED News.
Would the ability to vote in your pajamas, on a smart phone, make you a better participant in the political process? Would it make you care more? Utah’s lieutenant governor has convened a committee to study the idea of making the state a pioneer in Internet voting. They might want to look to Norway, which tried such a thing — then, according to a headline writer at npr.org, did a “Ctrl+Alt+Delete” on the whole thing a few weeks ago. Utah Director of Elections Mark Thomas told the Deseret News last week that the biggest hurdle to overcome is security. Norwegian officials would agree. They couldn’t do it. NPR quotes Lawrence Livermore National Laboratory computer scientist David Jefferson as saying, “There is no way to guarantee that the security, privacy and transparency requirements for elections can all be met with any practical technology in the foreseeable future.”Full Article: Improving voter turnout still a tough nut to crack | Deseret News.
After a two-year trial for Internet voting, Norway is pulling the plug. The country’s Office of Modernization said in a statement that there’s no evidence that online voting, tested in elections in 2011 and 2013, improved turnout. It also said that “political disagreement” over the issue, along with voters’ fear that ballots might not be secure, could undermine the democratic process. The office said it had “decided that the attempt with voting over the Internet should not be promoted.” The idea of online voting has been in the ether for as long as the Internet, so Norway’s experience might be relevant elsewhere. … David Jefferson, a computer scientist at Lawrence Livermore National Laboratory, wrote in 2011 that “computer and network security experts are virtually unanimous in pointing out that online voting is an exceedingly dangerous threat to the integrity of U.S. elections. “There is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology in the foreseeable future,” he says.Full Article: Norway Does A Ctrl+Alt+Delete On E-Voting Experiment : The Two-Way : NPR.
By now, just about everyone connected to the Internet is familiar with this process: Required to fill out and sign a form of some kind, you ask for and receive a hyperlink via email. You open the link, find the form you need (perhaps a pdf), download it, print it, fill it out and mail it off. That’s a common practice, though increasingly old-school by today’s online standards. There doesn’t seem to be anything particularly risky about the transaction; few would think twice about conducting business that way. But while integrity is important in all transactional realms, it rises to precious when we’re talking about voting. And that’s why a similar process, new this year and slated to be part of Maryland’s primary election in June, has some civic-minded computer security experts sounding alarms about the potential for fraud. … The three experts who wrote to the board about this in 2012 were David Jefferson, a computer scientist based at the Lawrence Livermore National Laboratory in California; J. Alex Halderman, assistant professor of electrical engineering and computer science at the University of Michigan; and Barbara Simons, a retired IBM computer scientist and an expert on electronic voting. They are part of network of vigilant computer security experts who independently assess state elections systems and report their concerns.Full Article: Experts remain concerned about Maryland election fraud threat - baltimoresun.com.
I just read Doug Chapin’s article on the vote rigging at Cal State San Marcos, and I would add several observations. Had this been a public election conducted via Internet voting, it would have been much more difficult to identify any problem or to capture the perpetrator, Mr. Weaver. Mr. Weaver was captured because he was voting from school-owned computers. This was networked voting but not really Internet voting. The IT staff was able to notice “unusual activity” on those computers, and via remote access they were able to “watch the user cast vote after vote”. But in a public online election people would vote from their own private PCs, and through the Internet, not on a network controlled by the IT staff of election officials. There will likely be no “unusual activity” to notice in real time, and no possibility of “remote access” to allow them to monitor activity on a voter’s computer. Note also that university IT staff were able to monitor him while he was voting, showing that they were able to completely violate voting privacy, something we cannot tolerate in a public election.Full Article: David Jefferson on College Vote Hack | Election Law Blog.
Voting Blogs: California Assembly committee passes Internet voting bill with secret amendments | Kim Alexander’s Weblog
Last Tuesday at the California Assembly Elections committee hearing,AB 19 by Assemblyman Phil Ting (D-San Francisco) was heard and passed on a 4-3 vote. If enacted, the bill would create a California online voting pilot program. Over the weekend, while cleaning out some old papers, I had deja vu moment when I came across a December 4, 2000 news release issued by then-Assembly Majority Leader Kevin Shelley announcing the introduction of AB 55, which among other things, as originally introduced would have established an online voting pilot program under the direction of the Secretary of State. That provision was ultimately amended out, and Mr. Shelley would go on to become the Secretary of State of California and one of the nation’s first political leaders to support a voter verified paper audit trail and mandatory election recounts.Full Article: Kim Alexander's Weblog: CA Assembly committee passes Internet voting bill with secret amendments.
An attempt to illegally obtain absentee ballots in Florida last year is the first known case in the U.S. of a cyberattack against an online election system, according to computer scientists and lawyers working to safeguard voting security. The case involved more than 2,500 “phantom requests” for absentee ballots, apparently sent to the Miami-Dade County elections website using a computer program, according to a grand jury report on problems in the Aug. 14 primary election. It is not clear whether the bogus requests were an attempt to influence a specific race, test the system or simply interfere with the voting. Because of the enormous number of requests – and the fact that most were sent from a small number of computer IP addresses in Ireland, England, India and other overseas locations – software used by the county flagged them and elections workers rejected them. Computer experts say the case exposes the danger of putting states’ voting systems online – whether that’s allowing voters to register or actually vote. “It’s the first documented attack I know of on an online U.S. election-related system that’s not (involving) a mock election,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who is on the board of directors of the Verified Voting Foundation and the California Voter Foundation.Full Article: Cyberattack on Florida election is first known case in US, experts say - Open Channel.
If online voting is good enough for the Oscars, why isn’t it good enough for public elections? A panel of experts assembled on Feb. 14 to consider whether the Academy of Motion Picture Arts and Sciences’ decision to capture votes online for this year’s Oscars means that technology has matured to the point where public elections can be held online. According to an article in The Hollywood Reporter, voting to determine who would receive a nomination for an Academy Award began Dec. 17 and ended Jan. 3. While a majority of Academy members registered to take advantage of the online voting option, the process was not without its snags. Many confessed to password trouble, while others worried about hackers jeopardizing voter intent. … David Jefferson, a computer scientist at Lawrence Livermore National Laboratory and chairman of the board for the nonprofit Verified Voting, outlined several major differences between private elections, like those conducted for the Academy Awards, and public elections. Public elections, Jefferson said, inherently have much higher standards for security, privacy and transparency. “Just because this works for private elections or is useful for private elections, we don’t want people thinking … it is appropriate for public elections.”Full Article: Could Online Oscar Voting Lead to Online Public Elections?.
For the first time ever, this year’s Oscar winners were selected online. The Academy of Motion Picture Arts and Sciences decided to let its members vote online, but cybersecurity and elections experts say that casting Internet ballots in public elections is still a long way off. Even picking Best Picture winners led to serious snafus. The voting deadline for the Oscars was extended in early January after some members had issues with account registration (password requests were answered by snail mail rather than email). But in public elections, deadlines can’t be extended. A group of cybersecurity and elections experts last week reiterated the dangers of modeling public elections after private ones. Companies who design online voting systems for award shows or corporate shareholder meetings may suggest these systems can also be used in congressional or presidential races. Those claims should be met with skepticism, said computer scientist David Jefferson, chairman of the nonprofit Verified Voting Foundation. “There are major differences between private and public elections: the degree of security required, the degree of privacy required, the degree of transparency required,” Jefferson said in a telephone press conference Thursday. “In a public election we’re talking about a national security situation.”Full Article: Online voting: Safe for Oscars, but not yet for elections? | TechHive.