“Internet Voting Security; Wishful Thinking Doesn’t Make It True”
Duncan Buell
On March 21, in the midst of Kentucky’s deliberation over allowing votes to be cast over the Internet, its daily poll asked its readers, “Should overseas military personnel be allowed to vote via the Internet?” This happened the day before their editorial rightly argued against Internet voting at this time.
One of the multiple choice answers was “Yes, it can be made just as secure as any balloting system.” This brings up the old adage, “we are all entitled to our own opinions, but we are not entitled to our own facts.” The simple fact is that Internet voting is possible – but it is definitely NOT as secure as some other balloting systems. This is not a matter of opinion, but a matter of fact. Votes cast over the Internet are easily subject to corruption in a number of different ways.
To illustrate this point, two colleagues of mine wrote simple software scripts that allowed us to vote multiple times in the paper’s opinion poll. We could have done this with repeated mouse clicks on the website, but the scripts allowed us to do it automatically, and by night’s end we had voted 60,000 times. The poll vendor’s website claims that it blocks repeated voting, but that claim is clearly not entirely true. We did not break in to change the totals. We did not breach the security of the Courier-Journal’s computers. We simply used programs instead of mouse clicks to vote on the poll website itself.
Some policy makers are wishing that the net were secure and the security promises of vendors were true, and they are not listening to the computer experts who know otherwise. Why shouldn’t we entrust computer voting security to government and its vendors? Ask that of South Carolina taxpayers; hackers have shipped overseas all tax records and identifying information from 1998 to 2012. Wishful thinking is dangerous when it causes us to fail to protect our best interests; we must defend our data just as we defend our shores.
This was a simple online poll that was easily compromised. Internet voting vendor software will be harder to compromise, but this shows that computer security is hard and claims must be proved. Before we entrust critical public functions such as voting to such software, the public deserves a solid demonstration that such claims are truly substantiated, and policy makers need to be schooled in a proper skepticism about computer security. That has not yet happened.
There is an irony in hacking an online poll about whether voting can be hacked. But it points to a much-needed dialogue between policy makers and computer security experts. Elections are too important to be entrusted, without proof, to the marketing hype of an Internet voting company. The nation’s real elections should be decided by the voters in the nation’s jurisdictions, not by whichever entity – foreign or domestic – happens to have the best software bots running on any given biennial Tuesday in November.
As Professor Buell points out “Internet voting vendor software will be harder to compromise, but this shows that computer security is hard and claims must be proved.”. That has been tested once, in Washington, D.C. and the result was exposure of a clearly insufficient Internet voting system.
For now we await vendors willing to subject their systems to ongoing rigorous professional and open public adversarial testing. We admit it will take a lot to satisfy us that systems are sufficiently secure from outsiders and insiders. But it seems vendors are hardly willing try.
PS: Not so long ago another newspaper’s poll was compromised, by parties and methods not disclosed, will little lessons learned by the newspaper.
