Australia: iVote flaw ‘allowed vote to be changed’; electoral commission fixes vulnerability | ABC

A “major security hole” that could allow an attacker to read or change someone’s vote has been discovered in the New South Wales online iVote platform, security experts say. The iVote system allows people to lodge their votes for Saturday’s state election online, instead of visiting a physical polling station. It aims to make voting easier for the disabled or for people who live long distances from polling booths. However computer security researchers said they found a critical issue and alerted the NSW Electoral Commission on Friday afternoon. University of Melbourne research fellow Vanessa Teague, who found the security vulnerability, said it was a difficult hack to pull off, but could potentially affect ballots en masse. “We’ve been told repeatedly that votes are perfectly secret and the whole system is secure and it can’t be tampered with and so on, and we’ve shown very clearly than that’s not true – that these votes are not secret and they can be tampered with,” Ms Teague said.

Australia: Security flaw in New South Wales puts thousands of online votes at risk | Freedom to Tinker

New South Wales, Australia, is holding state elections this month, and they’re offering a new Internet voting system developed by e-voting vendor Scytl and the NSW Electoral Commission. The iVote system, which its creators describe as private, secure and verifiable, is predicted to see record turnout for online voting. Voting has been happening for six days, and already iVote has received more than 66,000 votes. Up to a quarter million voters (about 5% of the total) are expected to use the system by the time voting closes next Saturday. Since we’ve both done extensive research on the design and analysis of Internet voting systems, we decided to perform an independent security review of iVote. We’ll prepare a more extensive technical report after the election, but we’re writing today to share news about critical vulnerabilities we found that have put tens of thousands of votes at risk. We discovered a major security hole allowing a man-in-the middle attacker to read and manipulate votes. We also believe there are ways to circumvent the verification mechanism.

Australia: Legal action considered over online voting glitch | Northern Star

Minor parties are threatening legal action after being omitted from the “above-the-line” section of the electronic ballot for the New South Wales election. About 19,000 votes were received before the NSW Electoral Commission realised the Animal Justice Party and the Outdoor Recreation Party had been left off the top section. In a preferential system, it is a major concern. Voters who do not wish to number their preferences can take the easy option and just write “1” next to the party they favour – above the line.

Australia: New South Wales online ballot error ‘disadvantaged’ parties, court action flagged | ABC

A political party accidentally left off online versions of ballot papers has indicated it could take court action after the New South Wales election. The iVote online voting system was suspended for much of yesterday after the NSW Electoral Commission was alerted to the error by the Outdoor Recreation Party’s Peter Whelan. The system is available to voters who are vision impaired, have reading difficulties, live more than 20 kilometres from a polling station or will be out of the state on election day. Mr Whelan said he was shocked when he logged on to the website yesterday. Despite his party having drawn a sought-after Group B “above the line” position on the Upper House ballot paper, it did not appear there on the electronic version. The Animal Justice party, which drew Group C on the ballot, was also omitted.

Australia: New South Wales poll result could be challenged after parties are left off electronic ballot paper | The Guardian

The result of the upper house election in New South Wales could be contested after 19,000 early voters cast their votes on electronic ballot papers that left off the names of two of the parties above the line. The Animal Justice party and Outdoor Recreation party were left out on the electronic voting site iVote. About 19,000 people cast their vote before the error was noticed, but the NSW Electoral Commission has declared their votes will still be valid. Online voting was suspended for about five hours on Tuesday when the error was discovered.

Australia: New South Wales e-vote system taken down | The New Daily

New South Wales’ online voting system was suspended for six hours because of an error on the Upper House ballot paper for the state election. The NSW Electoral Commission (NSWEC) “paused” the iVote system after two parties were omitted from a section of the paper. The iVote system is available to voters who are vision-impaired, have reading difficulties, live more than 20km from their nearest polling station or will be interstate or overseas on election day. The Animal Justice Party and the Outdoor Recreation Party were left off the “above the line” section of the paper, the ABC reports. By 5pm Tuesday the iVote website was back up and running.

Australia: NSW’s online gamble: why internet and phone voting is too risky | The Conversation

Up to 250,000 votes are expected to be cast using the iVote electronic voting system between March 16 and the close of polls on March 28 in the New South Wales election. That would represent a massive increase on the 46,864 votes at the 2011 state election and could mean about 5% of the total vote is cast electronically, using a telephone or via the internet. It looks set to be by far the biggest test of electronic voting in Australia, which has largely been limited to small trials in the past, and one of the largest online votes worldwide. If the NSW election proves to be close, those electronic votes could prove crucial. But before electronic voting begins on Monday, people in NSW should be warned: there are many unanswered questions about the integrity and privacy of those votes. Late last year, the federal Joint Standing Committee on Electoral Matters recommended against electronic voting in federal elections. Its report concluded that:

Australia is not in a position to introduce any large-scale system of electronic voting in the near future without catastrophically compromising our electoral integrity.

National: Why Internet voting remains a risky proposition | FCW

Voting in public elections via the Internet could be a national security risk, according to a researcher at Lawrence Livermore National Laboratory’s Center for Applied Scientific Computing. In a presentation titled “Intractable Security Risks of Internet Voting,” computer scientist David Jefferson said the risks of electronic ballots cast via the Web far outweigh the conveniences such systems can offer. He presented his conclusions at a recent LLNL Computation Seminar Series, though his efforts in that area are independent of his work at the lab. In addition to his research into high-performance computing applications at LLNL, he serves on a number of state and federal government panels that focus on election security issues, especially those related to electronic and Internet-based voting, and is on the board of directors of the California Voter Foundation.

Australia: NSW state election 2015: China may seek to hack electronic votes: report | The Canberra Times

If you thought Chinese intelligence agencies had more on their minds than the NSW election, you should think again, according to a security analysis that found our key trading partner may seek to disrupt the state’s democratic big day. A report commissioned by the NSW Electoral Commission warned cyber attacks could be waged against iVote, an electronic system that will allow eligible people to vote in the March 28 election using the internet or a phone. Up to 200,000 voters are expected to register. The consultants’ report, parts of which have been labelled “silly”, lumped groups such as al-Qaeda and the governments of China, North Korea and Iran with the home-grown “threat” of anti-coal and refugee activists. It claimed covert groups with a “broad spectrum of capability” may use “offensive actions” to influence the NSW election result, embarrass authorities or gain media attention.

Canada: Online voting still years away at the federal level | Northern Life

While it was a success in Greater Sudbury last October, online voting is still years away at the federal level, says Canada’s chief electoral officer. Marc Mayrand, who was in Sudbury on Sunday getting local election workers ready for this year’s federal election, said there are still too many issues with online voting for it to be done on a scale as big as a national vote. “The technology is there,” Mayrand said. “But there’s still issues around security (and) verification … Hackers are getting ever more sophisticated. And there are also concerns around transparency.” There’s also worry about switching from a system where election officials personally witness people voting, to one where voters use a PIN number to cast a ballot at home, or wherever they happen to be.

Canada: Edmonton executive committee to petition the province to allow online voting | Edmonton Sun

Future elections are one step closer to including e-ballots as Edmonton’s executive committee voted Tuesday to petition the province to allow online voting. A brief report was brought to the committee at the request of Coun. Andrew Knack outlining what it would take for the city to include internet voting for future elections. “There’s no foolproof system,” admitted Knack, a proponent of online voting, in response to concerns raised about the potential threats that web-based elections may pose. Computer programmer Chris Cates voiced those concerns to the committee. “I see the Internet as full of risks,” Cates said. “In the long run, something is going to happen.” He referred to issues that were found in the online voting that the Alberta PC Party used when choosing Jim Prentice to lead them as an example of what can go wrong and warned that one person could seriously jeopardize the system. He added a recount would be relatively impossible because no paper ballots would be available to count.,

United Kingdom: Outsourcing voting: How private companies could profit from British elections | Politics.co.uk

Switching to electronic voting poses lucrative opportunities for private companies – and they’re now champing at the bit to get involved. It is, right now, a relatively small market. Only about 20 countries around the world look to the international marketplace to procure electronic systems which will help their elections run smoothly. Most of them have done so out of necessity. Governments facing limited public trust have proved more likely to abandon the laborious – and easily manipulated – paper-based voting methods than those in countries whose system isn’t obviously broken. Latin American states have been the most enthusiastic adopters. They’ve had some success. In Brazil, where the most recent presidential contest saw a gap of just 1.5% between the two main candidates, the results were released by the morning after polling day. And they weren’t contested. In Europe progress has been slower. An Irish attempt turned into a classic IT fiasco. A Dutch effort was quickly hacked, prompting embarrassment and a rapid retreat to paper-only systems. Europe has on the whole been a tricky market because of widespread worries about cybersecurity and privacy issues. And then, last month, a sudden enthusiasm for making the change suddenly emerged in Britain.

Editorials: 5 Ways To Fix America’s Dismal Voter Turnout Problem | ThinkProgress

Voter turnout in the U.S. during the last midterm election hit the lowest point since the 1940s. The number of Americans heading to the polls each election has been declining for the last fifty years and lawmakers have recently been pushing efforts to keep even more people away from the polls. People do not exercise their right to vote for various reasons, some of which are easier to solve than others. According to a U.S. … Voters can already use their smartphones in some cities to simplify daily tasks like tracking how long they have to wait for a bus or train. So why shouldn’t information about polling places be available online? Joe Kiniry, the principal investigator with computer science company Galois, said that while he was working in Denmark, he helped to build a system voters could use to figure out the length of lines at polling places. “Of course it’s doing that by watching people’s cell phones as they walk into the polling place and figuring out how long it took you to get to the front of the line, how long it took you to leave,” he said. “So in the adoption of this cheap, easy technology… we’ve now traded off the cost and efficiency of an election with the privacy of voters.”

Lithuania: Parliament to discuss legalizing online voting in elections | Xinhua

Lithuanian government approved an initiative on Monday under which online voting could be allowed as soon as in 2016. The proposal to allow e-voting in Lithuania has been put forward by two ministers of the Lithuanian social-democratic cabinet at a governmental meeting and given green light for the further discussions in the parliament. “We have discussed the proposal, it has been approved and forwarded for discussions in the parliament’s spring session,” Juozas Bernatonis, minister of justice, told journalists after the meeting.

California: Why not vote with your home computer? | San Diego Reader

Despite protests from a psychiatrist, Del Mar will be allowed to proceed with an online poll of local registered voters, an act city officials say does not constitute an election and thus is exempt from state laws prohibiting online voting. … Dr. Edward Mohns, however, sued the city and San Diego–based Everyone Counts Inc., the company that received the contract to set up and monitor the poll on January 29, arguing that the system “has not been certified by the California Secretary of State.” The courts acted swiftly, ruling the next day that Mohns’s request for an injunction could not go through because he could not demonstrate that he would specifically be harmed from the poll-taking.

Australia: Sydney’s Secure Logic signs $1m online voting contract | CRN

Sydney-based Secure Logic has signed a contract to host the NSW Electoral Commission’s iVote system for the next five years. Secure Logic will provide the NSWEC with infrastructure and platform-as-a-service in a deal worth $990,000. The platform will be able to be scaled during peak election periods, according to head of sales and marketing for Secure Logic, Fergus Brooks. Spanish company Scytl was awarded the contract to provide the online voting software for iVote in May last year, after the state government announced plans to expand iVote for the 2015 election.

Utah: State GOP chairman wants caucus, not a primary | Deseret News

Utah Republican Party Chairman James Evans said Friday the party plans to hold a caucus instead of a primary election next year to choose the Republican nominee for president. “We’ll just do our own presidential caucus,” Evans said, calling the decision the party’s to make. “If the state is trying to insist on something different, then they would be out of bounds here.” It’s the latest salvo in an ongoing dispute between Utah Republicans on how best to select candidates and centers on control of the nominating process and voter turnout. Rep. John Cox, R-Ephraim, said he wants to draft a bill to hold an online primary election for president in 2016. Cox said the dates of the primary will also have to be changed to conform with new national party requirements.

California: DelMar Voter Wants to Stop Online Election Set for Tuesday | Courthouse News Service

Del Mar rushed through approval of an Internet-based city voting system and plans to use it next Tuesday, a resident says in a request for an injunction against it. The Tuesday vote will be an advisory election, in which voters will be asked to choose one of three plans for a new Civic Center, also known as the City Hall/Town Hall Project. Only Del Mar voters will be allowed to vote. Del Mar, pop. 44,000, 20 miles north of San Diego, is a wealthy community best known for its racetrack. On Thursday, Dr. Edward Mohns sued Del Mar, its city manager, its administrative services director and Everyone Counts Inc., a San Diego-based company that got the contract to set up the Internet voting system. In his lawsuit in Superior Court, Mohns says that the voting system “has not been certified by the California Secretary of State,” and that the City Council did not give final approval for it until its Jan. 20 meeting.

Editorials: Digital Democracy? – Yes, Please; but Not Online Voting | Glyn Moody/ComputerworldUK

It is a sign of the times that the Speaker of the House of Commons – not the first person that comes to mind as being part of the digital age – has established a Digital Democracy Commission to look into ways to re-imagine democracy for the connected world. With one important exception – that concerning online voting – its recommendations are sensible and to be welcomed. … Enabling people to vote online would indeed draw in many young people who otherwise wouldn’t vote, and that’s hugely important. So why am I against the idea? Well, the report quotes a good encapsulation of the key issues here by the Open Rights Group:

Voting is a uniquely difficult question for computer science: the system must verify your eligibility to vote; know whether you have already voted; and allow for audits and recounts. Yet it must always preserve your anonymity and privacy. Currently, there are no practical solutions to this highly complex problem and existing systems are unacceptably flawed.

Canada: Ontarians like online voting, but turnout boost may be minor, study suggests | The Globe and Mail

Voters and election administrators were satisfied with online ballots in many of last fall’s Ontario municipal races, according to a new study, but the digital shift’s impact on declining turnout appears to be modest. Ninety-seven municipalities across Ontario used online voting in October, most for the first time, in addition to traditional in-person voting and mail-in ballot options. Half of the municipalities participated in a study by the Internet Voting Project, which surveyed voters, candidates and election administrators. Preliminary results of the study are being released in a webinar Thursday afternoon.

Oklahoma: Election Reform Bills | KTUL

In the election process, casting your vote, and the steps the lead up to it are virtually frozen in the past. “I’ve never met a government process that can’t be modernized,” said Oklahoma State Senator David Holt, looking to kick start election reform with a series of bills that would hopefully increase voter turnout. How bad have things gotten? “In 1992 over 70% of Oklahomans voted in the Presidential election, but in 2012 only 50%, third worst in the nation,” he said. The bills would do things such as online voter registration, and voting by mail like folks do in Colorado, Washington, and Oregon. … As for one day actually voting online? “We’re a ways off, decades probably,” said Holt.

International: Pirate party founder: ‘Online voting? Would you want 4chan to decide your government?’ | The Guardian

In 2012, a contest for US schools to win a gig by Taylor Swift was hijacked by members of the 4chan website, who piled ​on its online vote in an attempt to send the pop star to a school for deaf children. Now, imagine a similar stunt being pulled for a general election, if voting could be done online. Far-fetched? Not according to Rick Falkvinge, founder of Sweden’s Pirate ​party. “Voting over the internet? Would you really want 4chan to decide your next government?” he said, during a debate about democracy and technology in London, organised by the BBC as part of its Democracy Day event. Falkvinge was responding to a question about whether online voting – or even voting from smartphones – would encourage more people to vote. Besides online pranksters, his reservations included the potential ability of governments and security agencies to snoop on people’s online votes.

Estonia: E-voting for NRIs – Estonian experience and Concerns | NITI

The Supreme Court of India has directed the Government of India to enable e-voting facility for the Indians living abroad. This historical decision will let the NRIs to vote online making things better for the Electorate. Earlier, NRIs used to fly back home to cast their vote during elections but now they can vote for their favourite candidate with a click of a mouse. The Election Commission had earlier recommended e-ballot voting for Indian passport holders abroad. The Government had given voting rights to the NRIs in 2010, but as per the rule – the voter has to be present in their constituency on the day of voting. But with this things might change for better. The Central Government had told the Supreme Court that the EC’s recommendation to extend voting rights to NRIs through postal ballots have been accepted in letter and spirit. Taking note of the submissions, a bench comprising Chief Justice HL Dattu and AK Sikri asked the Government to inform it about “further steps taken to implement the suggestions.”

Canada: Online voting unlikely in next Saskatchewan civic elections | The Star Phoenix

When it comes time for Saskatoon citizens to choose their mayor and councillors in 2016, they probably won’t be able to do so on their laptops, tablets or smartphones. Internet voting – which has become increasingly common in municipal elections across Canada – is unlikely to make a debut in any Saskatchewan cities or rural municipalities by the next election. “We’re looking down the road (from 2016),” said Rod Nasewich, legislation and regulations director for the provincial ministry of government relations. Before Internet voting or Internet voting pilot projects are permitted in the province, Saskatchewan’s Local Government Elections Act would have to be amended. Nasewich said such changes are not being pursued because “There hasn’t been a lot of widespread lobbying or support from the municipal sector for that.”

United Kingdom: Could e-voting be on its way in the UK? | BBC

There’s a ritual to the way most people vote in most UK elections – parliamentary, local, European and in referendums – which has remained largely unchanged for many decades. On election day, traditionally a Thursday, voters go to their local polling station and cast their ballots by marking crosses in boxes with a pen or pencil and paper. The ballots are then counted by hand after the polls close. The digital revolution, which has swept through so many areas of modern life, has barely touched the system by which we elect our democratic representatives. Moves to modernise it with automated systems have so far met with high levels of resistance amid concerns over security and fraud. …  Concern over security is the main reason the UK government has so far resisted any significant moves towards e-voting. Cabinet Office Minister Sam Gyimah told the political and constitutional affairs committee there were “more downsides than upsides” to the technology.

Canada: Online voting: Thunder Bay council to get yet another report | CBC News

City councillors in Thunder Bay are one step closer to approving electronic voting for the next municipal election. Councillors like Trevor Giertuga say they’ve come around to accepting online and telephone voting. “Last time I voted against internet voting, but this time, I believe I’m going to vote in favour of it,” he said. “But I don’t want to do it as a knee-jerk reaction based on frustrations from this election. I’m just changing my mind on this one.” Giertuga supported a call to ask the city clerk to examine electronic voting. Council received a very similar report about four years ago, which was turned down by council.

Canada: Scytl offers 25% discount over election problems | Cornwall Standard Freeholder

While the company responsible for the delay in releasing results from the Oct. 27 municipal elections has apologized and offered compensation, 20 municipalities in Ontario are saying it isn’t enough. Scytl Canada Inc. was awarded the contract in January 2104 to provide election services for the internet and telephone ballots. However, on election night, municipalities using the service were waiting until after 11 p.m. for results that should have been made available by 8:30 p.m. due to human error. The delay, according to Scytl, was due to an anomaly found during routine processing causing tabulation to be rerun and a thorough manual audit to be done. Five election files had been mislabeled due to human error and rather than just rename the files, Scytl reran the entire process. Scytl stands by the fact the election results are 100% accurate. Municipalities affected received a letter of apology and an offer of a 25% discount on the final payment for their services in addition to a 10% discount on a future online voting project.

Australia: Politicians unanimously vote down online voting | Government News

The prospect of online and electronic voting at Australian federal elections has officially had its plug pulled for the foreseeable future. The Parliamentary Committee tasked with investigating the feasibility of digitising Australian ballots has unanimously found that a high-tech solution is still too risky, complicated and expensive to make it a reality in the near term. The probe came after the now infamous Western Australian vote counting bungle that forced the state back to the polls after ballot papers were somehow mislaid. Now in a second interim report issued by the Electoral Matters Committee, federal politicians have concluded that although there is a raft of technological improvements that could be made to the running of elections, a fully digitised solution is still a long way off. “After hearing from a range of experts, and surveying the international electoral landscapes it is clear to me that Australia is not in a position to introduce any large – scale system of electronic voting in the near future without catastrophically compromising our electoral integrity,” said the Committee’s chairman, Tony Smith MP. The Committee’s main beef with online and electronic systems – aside from the obvious threat of hacking – is that the confidentiality of how people vote could be undermined or compromised. At the moment voters physically front-up at polling booths and have their name crossed off a roll before being given two ballot papers, or more in the case of a referendum.

Editorials: Online voting rife with hazards | Barbara Simons/USA Today

Today Americans are voting in an election that could shift control of the U.S. Senate and significantly impact the direction our nation will take in the next few years. Yet, 31 states will allow over 3 million voters to cast ballots over the Internet in this election, a practice that computer security experts in both the federal government and the private sector have warned is neither secure nor trustworthy. Most states’ online voting is limited to military and overseas voters, but Alaska now permits all voters to vote over the Internet. With a hotly contested Senate seat in Alaska, the use of an online voting system raises serious concerns about the integrity of Alaska’s election results. Alaska’s State Election Division has even acknowledged that its “secure online voting solution” may not be all that secure by posting this disclaimer on its website: “When returning the ballot through the secure online voting solution, your are [sic] voluntarily waving [sic] your right to a secret ballot and are assuming the risk that a faulty transmission may occur.” Unfortunately, faulty transmission is only one of the risks of Internet voting. There are countless ways ballots cast over the Internet can be hacked and modified by cyber criminals.

Editorials: Why we don’t have online voting (and won’t for a long while) | Michael Cochrane/World Magazine

Society deems the voting process so important that it must be 100 percent reliable. We may tolerate failures with our cars and computers, but not our elections. The degree to which an election is free and fair is the very heart of our representative form of democracy in the United States. Technological advancements that might make the voting process more efficient or convenient could also chip away at that integrity, which requires a voting system that is available, secure, and verifiable. At an early October panel discussion on internet voting hosted by the Atlantic Council, Pamela Smith, president of Verified Voting, addressed voting system availability. “If the equipment should happen to break down, you need something else to vote on to replace it. Otherwise people are disenfranchised by that malfunction,” she said. … “Any voting system that you use has to be able to demonstrate clearly to the loser and their supporters that they lost,” Smith said. “And to do that, you need actual evidence. Voters need to be able to see that their votes were captured the way that they meant for them to be and election officials need to be able to use that evidence to demonstrate that votes were counted correctly.”