We do almost everything online, from banking to buying a house and managing our most private health care issues. But when it comes to voting, Americans will likely have to wait decades before the online world is deemed secure enough to handle electronic ballots, a group of electronic voting and security experts said Wednesday.
“There’s very good reasons for that,” said Joseph Lorenzo Hall, chief technologist at the Center for Democracy & Technology, speaking at an event announcing a new white paper on the potential of and risks associated with online voting produced by the Atlantic Council and McAfee Inc., part of Intel Security. “Unfortunately right now when you talk about Internet voting, it is on uncontrolled platforms. If you’re going to do some critical democratic process like voting online you don’t want to leave that up to the security of peoples’ desktops, laptops and phones.” According to Hall, experts agree that it could be 30 to 40 years before the U.S. will have an online infrastructure secure enough for online voting.
As the 2014 midterm election season approaches, young Americans want to know why voting has yet to make the move to the online world. Although other countries, like Estonia, have been voting online for years, experts agreed that issues surrounding availability, security and anonymity remain major roadblocks to the adoption of online voting in the U.S.
“For online voting in all its forms to take off, security will need to be vastly improved,” wrote Peter Haynes, the main author of the white paper and a senior fellow for the Strategic Foresight Initiative in the Atlantic Council’s Brent Scowcroft Center on International Security. “When a hacker steals money online, the theft is easily discovered. Banks, online retailers, and other companies offering services over the Internet factor in some degree of loss as a cost of doing business online, and generally indemnify their customers against bad actors. Online voting poses a much tougher problem: lost votes are unacceptable. Online voting systems are complex, and any updates often must be separately recertified by election authorities. And unlike paper ballots, electronic votes cannot be ‘rolled back’ or easily recounted.”
Pamela Smith, president of Verified Voting, said one of the main challenges facing online voting is availability. “There may be challenges with availability if, for example, there is some kind of distributed denial of service attack that could occur during the voting period, particularly during the last phase of the voting period when everybody tends to leave everything for the last minute,” Smith said.
And because elections in the U.S. are run by local governments at the county level, there isn’t a lot of money available to fund necessary security and reliability enhancements, and testing. “And those counties tend not to have great big IT budgets with lots of funding for IT staff and really robust capabilities for avoiding the downside of a DDOS attack that maybe a major corporation even has challenges avoiding and they’re putting millions of dollars behind it,” Smith said. “Elections have special properties that other online transactions simply don’t have. The anonymity property that votes are supposed to be anonymous … you have to authenticate that the voter is an eligible voter and that’s who’s voting, but once you’ve done that, you separate that identity from their actual vote. That’s a really challenging problem in auditing.”
“Identity is a real problem today,” Kent Landfield, director of standards and technology policy at McAfee, said. “Identifying somebody definitively is something that has to be there to support one man, one vote.” And while some of the building blocks that will make identification possible are starting to make progress, such as the National Strategy for Trusted Identities in Cyberspace (NSTIC), the technology is just not there yet. “Today we don’t have an infrastructure that can successfully work well in guaranteeing electronic voting online. There’s too many ways that it can be circumvented, there’s too many ways that it can be attacked,” Landfield said.
Hall also raised concerns about the increasing online activities of government intelligence agencies around the world and the difficulty of knowing for certain what has been compromised and for what purpose. The other significant security issue that could easily impact the integrity of online elections is the rise of what Hall described as “wholesale attacks,” such as the recently discovered Heartbleed and Shellshock bugs — vulnerabilities that made secure systems around the world insecure overnight.
“By having publicly routable endpoints, servers that are accepting votes online, you expose the attack surface to anyone in the world,” Hall said. “The second you have some really attractive candidate that hackers really like, the second that that happens in an Internet balloting election, that person will win. I will bet you $100 right now that that will happen.” Follow @DanielVerton