Voting on the Internet for important elections is dangerous because:
it is paperless voting. There is no way to independently double-check the count, and we are not likely to know that something went wrong.
When something does go wrong, and it will, there is no way to recover, because there are no paper ballots to recount.
it is not secure from insider attacks : the people programming or running the software may have other priorties
nothing on the Internet is secure from outsider attacks (CNET Hacker Chart, 2011), especially a voter's PC
it is vulnerable to phishing, denial of service attacks, and other kinds of attacks
even the best end-to-end systems can only tell you if something went wrong; without paper, they have no way to recover
even the best end-to-end systems (Helios, Scantegrity) are not easily understood, therefore, will not be trusted in the aftermath of a close, important election
it is open to vote selling, and voter coercion (your boss or spouse telling you how to vote)
See also : "Internet Voting in California?" (7/11)
Expert Comments on Internet Voting
- "The internet has the potential to transform democracy in many ways,
but permitting it to be used for public elections without assurance that the results are verifiably accurate is an extraordinary and unnecessary risk to democracy."
Computer Technologists' Statement on Internet Voting (9/08)
Dr. David Jefferson, Cyber Security Expert,
Lawrence Livermore National Laboratory and
voting technology advisor to five California Secretaries of State.
"It is essentially impossible to secure an online public election ... over current Internet and telecom protocols using standard commercial hardware and operating system software. ...
You may well hear claims that strong voter authentication or sophisticated cryptography can and do routinely secure public online elections.
Please listen to the independent experts who will tell you that no amount of authentication and no (known, vetted) crypto protocol can do this. These claims of security are false."
David Jefferson's Comments to the FCC on Internet Voting (12/09)
Dr. David Jefferson : If I can shop and bank online, why can't I vote online? (11/11)
Dr. Barbara Simons : The Internet and Voting: Worth Doing Right (6/09)
During an Internet voting panel discussion at the EVT/WOTE '11 (voting systems) conference, August 9, 2011, the question was asked of the world class technical experts present - "Do you think, does anybody think, that if China wished to attack any Internet election that we might envision today, that they could not succeed?" The answer was "no".
Reports on Internet voting
Email voting is even more dangerous than unencrypted Internet voting. Please see the following:
SB 908: Email Voting In California (7/11)
Election Integrity Advocates Take On Internet Voting In California (7/11)
Dr. David Jefferson, Cyber Security Expert
"While all Internet voting systems are vulnerable to such attacks and thus should be unacceptable to anyone, email voting is by far the worst
Internet voting choice from a national security point of view since it is the easiest to attack in the largest number of different ways. ...
The computer security research community in the U.S. is essentially unanimous in its condemnation of any currently feasible form of Internet voting, but most especially of email voting."
Email Voting: A National Security Threat in Government Elections (6/11)
Debra Bowen, California Secretary of State.
"I believe we must continue to remove as many barriers as possible to ensure California's military voters and their dependents are able to fully participate in their democracy.
However, the return of voted ballots by email is too risky given current technology and security standards."
Letter to Senator Runner, April 27, 2011 (3/11)
Dr. Ron Rivest, Cyber Security Expert, MIT
"It is child's play these days to hire a botnet to send out tens or hundreds of millions of spam email messages; I doubt the filters on most election jurisdiction servers would be able to cope...
And of course, you can target servers according to the politics of the targeted jurisdiction."
For citizens living overseas, there are procedureal remedies to the problems of voting from afar.:
The MOVE Act has done much to use the Internet to expedite voter registration, and receiving blank ballots across the Internet
The Military Postal Service Agency has made much progress in expediting the sending and receiving of ballots overseas. See the Military Postal Service Agency Report for 2010
Laws such as California's AB477 allow paper ballots to arrive 10 days late, so long as they are postmarked by Election Day
We need to move the date of the meeting of the Electoral College to early January, to allow plenty of time to recount ballots, including those arriving from overseas
Nobody, and no machine, should be counting votes in secret.
For further information, email me at :
November 8, 11