Bruce McConnell Expert from the Department of Homeland Security
NPR: Online Voting ‘Premature,’ Warns Government Cybersecurity Expert
http://tinyurl.com/BMDHSNPR
Warnings about the dangers of Internet voting have been growing as the 2012 election nears, and an especially noteworthy one came Thursday from a top cybersecurity official at the U.S. Department of Homeland Security.
Bruce McConnell told a group of election officials, academics and advocacy groups meeting in Santa Fe, N.M., that he believes “it’s premature to deploy Internet voting in real elections at this time.”
McConnell said voting systems are vulnerable and, “when you connect them to the Internet, that vulnerability increases.” He called security around Internet voting “immature and underresourced.”
McConnell’s comments echo those of a number of computer scientists who say there’s no way to protect votes cast over the Internet from outside manipulation.
NIST: Internet Voting Not Yet Feasible http://tinyurl.com/NISTeVote
Internet voting is not yet feasible, researchers from the National Institute of Standards and Technology have concluded. ”Malware on voters’ personal computers poses a serious threat that could compromise the secrecy or integrity of voters’ ballots,” said Belinda Collins, senior advisor for voting standards within NIST’s information technology laboratory, in an May 18 statement. ”And, the United States currently lacks an infrastructure for secure electronic voter authentication,” she added. Collins released the statement in response to an inquiry from Common Cause, a Washington, D.C. nonprofit active in campaign finance and election reform.
“This statement should serve as a blunt warning that we just aren’t ready yet and proves that we can’t trust the empty promises of ‘secure Internet voting’ from the for-profit vendors,” said Susannah Goodman, head of Common Cause’s Voting Integrity Project. ”We urge election officials and state and federal lawmakers to heed NIST’s warning and step back, support further research and STOP online voting programs until they can be made secure,” Goodman added…
Secretary of the State’s Symposium on Online Voting
An exceptional panel of experts on voting technology and the challenges of overseas voting. Credit is due to the panelists, the Secretary, and those who contributed behind the scenes in making this event possible. John Dankowski, of Connecticut Public Broadcasting did an exemplary job of moderating a very civil, thorough debate. Video: http://tinyurl.com/SOTSOVS
Secretary of the State Denise Merrill’s testimony on S.B. 283, 2/22/2013:
Now, Senate Bill 283 concerning — AN ACT CONCERNING ON-LINE VOTING FOR MILITARY PERSONNEL SERVING OUT OF STATE. Again, I think everyone in this room supports the ability of our brave men and women in uniform, especially those serving overseas in places like Afghanistan, to vote and have their ballot counted.
I still have two, major concerns with this bill that prevent me from supporting it at this time. I mean, first, it talks about on-line voting. There — you should be aware, there’s a lot of different versions of what that actually means. So I’m presuming here it would mean developing an on-line application where the Soldier, Sailor, Airman or Airwoman or Marine can, again, have a secure log-in and — and actually select their ballot choices on the computer through a web-based application, which is different than some other proposals that have been made with electronic transmission.
This system, again, would be very costly, very expensive; and I’m talking millions of dollars to develop. My main objection to this, besides the cost which is significant — and, again, I’d like to make sure we have a problem before we spend that kind of money — but my main objection is that we simply — I don’t think we have the technology to guarantee the security, integrity of that ballot and prevent tampering or hacking these votes that are submitted on-line. It’s the same objection we have to any ballot submitted on-line at this time.
We had a — we convened a public forum on this topic with foremost experts in this field, last year at CCSU. The forum was televised; we have it on our web site; you can see what was said by these people. We asked one of the top computer science experts in the country what it would take to make on-line voting secure, and he said, Let me put it this way, saying you can have secure on-line voting is like saying you can have safe smoking.
Many people say, well, we can do bank on — banking on-line; why can’t we vote on-line? Again, I posed that exact question to the experts at that forum, and the answer was that the banking industry builds into their revenue forecast a two-to-three percent loss of funds every year due to fraud and hacking through on-line banking. I don’t think we can afford to have that kind of leeway, shall we say, in our election system. I don’t think we can adopt that kind of a model. And I, certainly, would never be able to accept the loss of a number of votes due to fraudulent hacking, just in the name of convenience. So I just don’t think we’re ready to go there.
Who knows; in the future, this may change. But I would just need to be assured before we came up with any system like that for any voter, that no one could tamper with the ballots. And I think right now, as you all know, if you have an e-mail system, yourself, I’m sure every one of us have had our e-mails hacked in some way or another or gotten or not received mail because it went into the wrong folder or whatever. It would be very difficult to design that kind of a system, so I’d be able to — I’d be — want to be able to look every Connecticut military person and their family in the eye and tell them that the vote is secure. And I don’t feel I can do that at this time.
From Representative Alexander’s Statement in Veterans Affairs Committee Hearing 2/19/2013:
REP. ALEXANDER: Thank you, Mr. Chair. I’ll be real quick. I appreciate the Clerk’s position in trying to make it easier to have servicemen and women vote any where deployed or — or in a unit wherever, and have a Voting Assistance Officer. I really took that to heart myself. But did you ever think of possible fraud when it comes to allowing military men and women to fax in their ballot, where, you know, as someone who — who was an Adjutant and ran an S1 in a battalion, the — the way usually squadrons and battalions work, you know, you’d have a Lance Corporal, a 19 or 20-year-old, fine, outstanding young man or woman who wanted to vote fill out the ballot, and then bring that piece of paper to the S1 office to be faxed. He or she doesn’t fax it themselves. Another clerk does.
ANTOINETTE SPINELLI: Oh, is that right?
REP. ALEXANDER: That — that would probably be the very common way this is implemented in most units, at the unit level, where you have a 19-year-old individual, a 20-year-old person, a Lance Corporal wants to vote — good on him for wanting to do that — brings that to their Platoon Sergeant up the chain. That Platoon Sergeant maybe, or a Squad Leader, facilitates the Lance Corporal to go to the S1 office. He submits that, and that will get faxed with a whole stack of other faxes that are going to go out in the office. And as someone that was an Adjutant, I was running an office like this day in and day out. And as an Adjutant, I would worry, as being sort of the person who is managing this type of office, that I would have a fellow maybe Lance Corporal faxing this information, where you might have someone that, being 19 or 20 years old, didn’t realize that, oh, changing it from, you know, Senator McCain, to President Obama is not a serious felony offense, which it is, and because of that chain of custody in — in reality, and — and the way maybe the military works in — in professional office spaces, I would just worry that during this handover to the fax, that you’re opening the door for potential fraud.
But the individual’s not, themselves, faxing it. Most likely, and most of the times in squadrons, you’re going to have a third party doing it, usually a 20, 21, 22-year-old Corporal or Lance Corporal doing that. And as an Adjutant running an S1, I’d be very concerned about this, and — and monitoring this very carefully, but — but that is something that would really concern me, and — and trouble me. Have the clerks thought of it from — from that angle at all? Where you could have potential voter fraud coming out of this?
