More than 30 states offer online voting, but experts warn it isn’t secure

More than 30 states offer online voting, but experts warn it isn’t secure
By Sari Horwitz May 17 at 6:00 AM

The popularity of voting online is growing and will be in place for the presidential election in more than 30 states, primarily for voters living overseas or serving in the military.

But security experts and some senior Obama administration officials fear there is not enough protection for any ballots transmitted over the Internet. They are warning states that any kind of online voting is not yet secure and most likely will not be for years to come.

“We believe that online voting, especially online voting in large scale, introduces great risk into the election system by threatening voters’ expectations of confidentiality, accountability and security of their votes and provides an avenue for malicious actors to manipulate the voting results,” Neil Jenkins, an official in the Office of Cybersecurity and Communications at the Department of Homeland Security, said at a conference of the Election Verification Network this spring.

Thirty-two states have some form of electronic transmission of ballots over the Internet, compared with no states with online voting in 2000. In Alaska, for example, all voters can submit an absentee elections ballot online from computers in their own homes.

Missouri offers electronic ballots for members of the military who are serving in a “hostile zone” overseas. North Dakota permits overseas citizens or military members deployed overseas to vote online. And in 20 other states and the District of Columbia, certain voters living abroad will be allowed to return their absentee ballots via email or fax in the upcoming presidential election.

Supporters of Internet voting say the advantages are obvious: a more convenient way to vote that is aligned with modern lifestyles. People bank, shop, read the newspaper, make travel plans and stay in touch with friends online. Electronic voting is also seen by supporters as a way to increase turnout in elections.

But while the convenience of casting a ballot online is appealing, the potential benefits do not outweigh the serious security and privacy risks, Jenkins said, adding that his Homeland Security cyber-division “does not recommend the adoption of online voting for elections at any level of government at this time.”

The risks include the manipulation of votes and election results, which might not be detectable before officials are sworn into office, and the loss of privacy and the confidentiality of voting results if they are intercepted or stolen from servers, he said.

Pamela Smith, president of Verified Voting, a nonprofit organization that advocates for legislation and regulation to promote accuracy, transparency and verifiability of elections, said that at first blush, online voting seems like a good idea to many people.

“Sometimes jurisdictions that are adapting something like this spin it as ‘this is very 21st century, this is the modernization of elections,” Smith said. “But it’s one of those cases where tried and true technology actually works best for elections. Paper ballots have many advantages. When something is online, you don’t have that physical record of voter intent.”

Experts say that states will not be able to protect themselves from experienced hackers, including foreign countries who could meddle with a U.S. election. That is one of the reasons that Ron Rivest, an Internet security expert and professor at the Massachusetts Institute of Technology, gives online voting security “a big fat F.”

“The Chinese are very good at getting into everybody’s systems,” Rivest said. “They’ve attacked most of the Fortune 500 companies successfully.”

In Alaska, voters casting their ballots online see a disclaimer from the state Division of Elections: “When returning the ballot through the secure online delivery system, you are voluntarily waving [sic] your right to a secret ballot and are assuming the risk that a faulty transmission may occur.”

J. Alex Halderman, a University of Michigan professor and director of its Center for Computer Security and Society, cites a pilot project six years ago in the District where the public was invited to attack a proposed Internet voting system. Halderman led a team that within 48 hours was able to gain nearly complete control of the server and change every vote.

“We don’t have the technology to vote online safely,” said Halderman, who made a video that shows how his hackers were able to even get inside the security cameras and watch the people running the D.C. system. “It will be decades more before Internet voting can be secure.”

Last year, Utah’s lieutenant governor, Spencer J. Cox (R), oversaw a task force that studied whether Utah should implement Internet voting. The task force concluded that despite the advantage of making voting easier and more convenient, Utah should not use online voting yet because of the security risks.

“An election requires legitimacy, accuracy, and ballot privacy,” the Utah report said. “Weak security in any of these areas will attract attention from those whom have malicious intent. Security compromises among large corporations give us an example of potential problems, and while these companies may accept these problems as the cost of doing business, an election cannot.”

Nevertheless, Utah’s Republican Party decided to experiment with online voting this spring when Republicans were able to vote electronically for the first time in the Utah caucuses in March.

But along with the security and privacy concerns of security experts, Utah voters had many technical problems.

Some frustrated voters tried eight or nine times unsuccessfully to get on to the system; others clicked to vote for a candidate but were sent to another website. Some thought they were approved to vote online, but weren’t. Thousands had lost the 30-digit personal identification number required to vote that had been mailed to them, or it had been deleted or caught up in spam.

A month after the election, it became clear that nearly a third of the people who tried to vote online were unable to do so, Smith of Verified Voting said.

But James Evans, the chairman of the Republican Party in Utah who led the effort to allow Utah residents to vote online, has called it a success.

“We are proud to have taken a leading role in election modernization,” Evans said in a statement after the election. “By offering online voting, we expanded the number of options citizens have to participate and made voting as convenient as possible. Technology proved key in engaging citizens and bolstering democracy.”


https://www.washingtonpost.com/news/post-nation/wp/2016/05/17/more-than-30-states-offer-online-voting-but-experts-warn-it-isnt-secure/

Comments

Post a Comment

Popular posts from this blog

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke...
Read more

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that th...
Read more

New ATM's: withdraw money with veins in your finger

New cash machines: withdraw money with veins in your finger Cash machine technology that reads the pattern of finger veins is already available in Japan and Poland   By Telegraph Reporters 6:59PM BST 15 May 2014 Cash machines could soon be installed with devices that identify customers by reading the veins in their fingers. The technology is already being rolled out in Poland, where 1,730 cash machines will this year be installed with readers, negating the need for a debit card and Pin. Developed by Hitachi, the Japanese electronics firm, the machines read the patterns of the veins just below the surface of the skin on your finger using infra-red sensors. The light is partially absorbed by haemoglobin in the veins to capture a unique finger vein pattern profile, which is matched to a profile. The technology is used by Japanese banks and also in Turkey, offering “groundbreaking levels of accuracy and speed of authentication”, Hitachi said, which in t...
Read more