Online voting sounds like a dream: the 64 percent of citizens who own smartphones and the 84 percent of American adults with access to the internet would simply have to pull out their devices to cast a ballot. And Estonia—a northern European country bordering the Baltic Sea and the Gulf of Finland—has been voting online since 2005. But ask cybersecurity experts and they’ll tell you it’s really a nightmare. We are nowhere close to having an online voting system that is as secure as it needs to be. Ron Rivest, a professor at MIT with a background in computer security and a board member of Verified Voting, said it is a “naive expectation” to even think online voting is on the horizon. One of the most compelling arguments made in favor for online voting is that it could potentially increase voter turnout. Which is a problem in the US: In 2012, 61.6 percent of those eligible to vote turned out to cast a ballot as opposed to the 58.2 percent that came out in 2008—a 3.4 percentage point decrease. According to the Pew Research Center, the American voter turnout in 2012 was low in comparison to elections in other nations, too. But Rivest said there’s no “hard evidence” to prove that making the process more accessible via the Internet will result in increased voter turnout. And even if one were to accept the unverified assumption that online voting would boost the number of people who vote, a larger dilemma still exists.
Did Republican nominee Donald Trump just ask Russian strongman Vladimir Putin to cast the deciding vote in the US presidential election? On Wednesday morning, Trump said he hoped Russia would find and publish 30,000 e-mail messages deleted by his Democratic rival, Hillary Clinton, from the personal server she used as secretary of state. It was a startling spectacle: a presidential candidate urging a foreign government to play a role in America’s game of thrones. But there’s a chance Putin is already a player. The trove of embarrassing e-mails stolen from the Democratic National Committee, which were leaked to the press just in time for this week’s party convention in Philadelphia, were probably swiped by Russian hackers, according to US intelligence officials and independent cybersecurity companies. Russia’s apparent election tampering — and Trump’s call for the Russians to expose Clinton’s deleted e-mails — shows that the insecurity of America’s data networks could undermine our ability to hold free and fair elections. But if the Russian president would go this far to pick our next president, why not take the direct approach? Why not tamper with the computers that manage the nation’s voting systems? Maybe that has already happened. Those voting systems are certainly vulnerable.
National: More than 30 states offer online voting, but experts warn it isn’t secure | The Washington Post
The popularity of voting online is growing and will be in place for the presidential election in more than 30 states, primarily for voters living overseas or serving in the military. But security experts and some senior Obama administration officials fear there is not enough protection for any ballots transmitted over the Internet. They are warning…
Utah: GOP caucus will be online, but don’t expect Internet voting to take hold elsewhere | Deseret News
When it comes to innovative ways to increase voter turnout, Utah seems to break all the rules. This is a state that lets you vote by mail, vote early and, at least for a three-year trial period, lets you register on the day you vote. Conventional wisdom says that if Republicans run your state, you aren’t supposed to have all those things. “When I go to national election conventions, people are all scratching their heads,” Mark Thomas, chief deputy to Lt. Gov. Spencer Cox, told me. “We’re doing things that only some of the liberal states are doing.” So it shouldn’t be terribly surprising that, if you are a registered Republican in Utah, you will have the chance to vote online in the upcoming presidential preference caucus March 22. That’s just another bold step in a conservative state that’s surprisingly progressive about elections, right? Well, it’s bold all right. As Shakespeare said, “Boldness be my friend.” But as English essayist Charles Lamb said, “’Tis the privilege of friendship to talk nonsense, and to have her nonsense respected.”
This article was originally posted at Freedom to Tinker on August 10, 2015. It is reposted here with permission of the author.
A recent paper published by Smartmatic, a vendor of voting systems, caught my attention. The first thing is that it’s published by Springer, which typically publishes peer-reviewed articles – which this is not. This is a marketing piece. It’s disturbing that a respected imprint like Springer would get into the business of publishing vendor white papers. There’s no disclaimer that it’s not a peer-reviewed piece, or any other indication that it doesn’t follow Springer’s historical standards. The second, and more important issue, is that the article could not possibly have passed peer review, given some of its claims. I won’t go into the controversies around voting systems (a nice summary of some of those issues can be found on the OSET blog), but rather focus on some of the security metrics claims.
The article states, “Well-designed, special-purpose [voting] systems reduce the possibility of results tampering and eliminate fraud. Security is increased by 10-1,000 times, depending on the level of automation.”
That would be nice. However, we have no agreed-upon way of measuring security of systems (other than cryptographic algorithms, within limits). So the only way this is meaningful is if it’s qualified and explained – which it isn’t. Other studies, such as one I participated in (Applying a Reusable Election Threat Model at the County Level), have tried to quantify the risk to voting systems – our study measured risk in terms of the number of people required to carry out the attack. So is Smartmatic’s study claiming that they can make an attack require 10 to 1000 more people, 10 to 1000 times more money, 10 to 1000 times more expertise (however that would be measured!), or something entirely different?
National: Online Voting For Academy Awards Must Not Become Model For Public Elections, Cyber Security & Voting Rights Experts Warn | Paramus Post
A group of concerned cyber security experts and voting rights advocates released a statement today warning that Internet voting for this year’s Academy Awards must not become a model for public elections. The group includes advocacy organizations Common Cause and Verified Voting and some of the most renowned figures in computer science including Ron Rivest, co-founder of RSA and Verisign and recipient of the Turing Award; and Dr. Barbara Simons, former President of ACM and author of Broken Ballots: Will Your Vote Count? “When the Academy of Motion Picture Arts and Sciences announced that it would be using an online voting system to help its members choose this year’s Oscar nominees and finalists, thereby adding to the “credibility” of online voting, we found ourselves compelled to remind the general public that it is dangerous to deploy voting by email, efax, or through internet portals in public governmental elections at this time,” the experts said. “Public elections run by municipal, local and state governments should not be compared to elections like the one run by the Academy.”
Regular as clockwork — just after an election which generated far too many stories of people waiting far too long to vote (and far too many local election officials saying that everything went fine and that there were no problems) — come the calls for voting via the Internet. The press wonders if we are a third-world country, politicians posture and most securityexperts say “don’t go there.” Some examples: A headline in The Washington Post was “Estonia gets to vote online. Why can’t America?” New Jersey tells people they can vote via email. A famed Russian computer security expert is quoted by the BBC saying that “the lack of well-established online voting systems is a real threat to the democratic nations of the Western world” (because kids will not vote if they can’t do it online).
Anyone who has not been comatose these past few years already knows why we don’t vote over the Internet. Most vendors of electronic systems are generically incapable of producing secure ones. Just Google “voting machine security” for many examples, and if that is not enough try “SCADA security.”
National: Fundamental Security Problems Plague Proposed Internet Voting Systems | MIT Technology Review
A decade and a half into the Web revolution, we do much of our banking and shopping online. So why can’t we vote over the Internet? The answer is that voting presents specific kinds of very hard problems. Even though some countries do it and there have been trial runs in some precincts in the United States, computer security experts at a Princeton symposium last week made clear that online voting cannot be verifiably secure, and invites disaster in a close, contentious race. “Vendors may come and they may say they’ve solved the Internet voting problem for you, but I think that, by and large, they are misleading you, and misleading themselves as well,” Ron Rivest, the MIT computer scientist and cryptography pioneer, said at the symposium. “If they’ve really solved the Internet security and cybersecurity problem, what are they doing implementing voting systems? They should be working with the Department of Defense or financial industry. These are not solved problems there.”
Sometimes, a few votes make a huge difference. Just ask Rick Santorum. In January, Rick Santorum won the Iowa caucuses, but, because of vote counting and tabulation errors, Mitt Romney was declared the winner. In the two weeks before the error became clear, Romney’s campaign gained momentum, while Santorum’s withered. Unfortunately, the same problem – or worse – could easily occur in Massachusetts. This year, voters will choose the president, and control of the US Senate may come down to the race shaping up between Scott Brown and Elizabeth Warren.
Carolyn Crnich likes to be second-guessed: The registrar of voters in Humboldt County, Calif., scans every ballot and makes the election results available, online or on disk, so that anyone, anywhere, can count them. Community activists do just that. The result: 100 percent audits of the supervisor’s results, a sharp contrast to Florida, which limits vote counts to a small number of ballots in a single race. “I don’t like saying to my constituents, ‘Hey, just trust me,’ ” Crnich said. “Now, I don’t have to. Count them yourself, and if you find anything out of the ordinary, I want to know.” In 2008, the Humboldt County Election Transparency Project did find something out of the ordinary: 197 ballots dropped by machines. That led to an examination of the elections software used in Humboldt, about 200 miles north of San Francisco. So many problems were found, the system was decertified for use in California. It continues counting ballots in two Florida counties without incident, although a state Division of Elections advisory urged counties to get an upgrade. But elections supervisors shouldn’t get too comfortable with any system, experts say.
Internet voting systems are inherently insecure and should not be allowed in the upcoming general elections, a noted security researcher said at the RSA Conference 2012 being held here this week. David Jefferson, a computer scientist at Lawrence Livermore National Laboratories and chairman of the election watchdog group Verified Voting, called on election officials around the country to drop plans to allow an estimated 3.5 million voters to cast their ballots over the Internet in this year’s general elections. In an interview with Computerworld on Wednesday, Jefferson warned that the systems that enable such voting are far too insecure to be trusted and should be jettisoned altogether. Jefferson is scheduled to participate in a panel discussion on the topic at the RSA conference on Thursday. Also on the panel are noted cryptographer and security guru Ron Rivest, who is the “R” in RSA, and Alex Halderman, an academic whose research on security vulnerabilities in e-voting systems prompted elections officials in Washington to drop plans to use an e-voting system in 2010. “There’s a wave of interest across the country, mostly among election officials and one agency of the [Department of Defense], to offer Internet voting” to overseas citizens and members of the military, Jefferson said. “From a security point of view, it is an insane thing to do.”
Lawmakers came close to requiring that state election officials implement online voting this year, with an eye toward allowing military personnel overseas easier access to the ballot box. A Watertown lawmaker plans to make a fresh attempt in the next regular session.
Computer scientists who took part in an Oct. 27 panel discussion organized by Secretary of the State Denise Merrill said, unanimously, such a system cannot possibly be secured. “Secure Internet voting is a bit like the phrase ‘safe cigarettes,'” said Massachusetts Institute of Technology professor Ron Rivest. “It’s just an oxymoron. It’s just not possible to do this securely.”
National: Online Voting: Just A Dream Until Security Issues Can Be Fully Addressed, Experts Say | Courant.com
Allowing citizens to cast ballots online would increase participation in elections and make democracy more accessible. But don’t expect to vote on your iPhone in Connecticut anytime soon; the technology just isn’t there to ensure secure elections, said several experts who participated in a panel discussion at Central Connecticut State University Thursday night hosted by Secretary of the State Denise Merrill.
“The biggest concern I have about Internet voting is that we don’t know how to do it securely,” said Ron Rivest, an expert in cryptology and a professor at the Massachusetts Institute of Technology. “It sounds wonderful but it’s an oxymoron. … We don’t have Internet experts who know how to secure big pieces of the Internet from attack. Rivest called online voting a fantasy and said it’s at least two decades from replacing the methods currently in use.
Alex Halderman, a computer science professor at the University of Michigan, is another skeptic. He led a team of students from the university who successfully penetrated a test-run of Internet voting in Washington, D.C., in 2010. “We began … role playing — how would a hacker, a real malicious attacker, attempt to break in and compromise the vote and, within 48 hours of the start of the test, we had gained virtually complete control of the voting server and changed all of the votes,” he said.