8th
Is Internet Voting Safe?
Is Internet Voting Safe? The answer, of course, is not really. And it likely never will be in the way most folks imagine it. Here’s why:
Small-scale fraud is relatively easy with both paper ballots and electronic ballots. Look up any recent federal election for ample evidence of both.
But, as pervasive as it is, physical ballot fraud doesn’t scale well. It’s much harder to stuff ballots statewide than it is in just one county or polling place. Too many people have to be involved there are too many eyes on the system for large-scale fraud to go undetected.
Electronic fraud, because carried out in software, scales easily and automatically as soon as some exploit or security compromise can be found that enables it. Just look at how much spam is unwittingly sent by people’s PCs. Spamming and e-ballot-stuffing are two very different crimes, but the same kinds of client expoloits can be used for both.
Given sufficient motivation and time, an attacker can find one or more exploits in any internet voting system the runs on untrusted hardware, or on any upstream access point or router. He can then use that exploit to deploy programs that generate, alter, or prevent some number of ballots, systemwide.
Yes, properly implemented cryptographic potocols help, as do physical steps in the process (paper trails). The Arizona system discussed in the Wired article is a printable absentee ballot, not an online voting booth.
But no, I don’t think these methods help enough, not when real power is at stake.
At the very least, electronic voting should be limited to low-stakes offices and opinion polls, and even then results should be vetted using independent sampling. Votes should also be, for good measure, cryptographically verifiable by voters.
