Utah Republicans are caucusing online today. It’s a first for American politics and it seems like a great way to increase participation. It certainly is a great way to get voters to FEEL like they are participating. But are they? Did they? Or did they just provide the shiny front for digital malware to convert votes for Cruz to Trump, or votes for Trump to Kasich, or votes for Kasich to Cruz -- a shiny front for a ghost in the machine to do its dirty work?
Neil Jenkins, Senior Advisor for Cybersecurity Capabilities and Strategy at the Department of Homeland Security put the threat posed by online voting bluntly at the Election Verification Network conference on March 11 (just two weeks ago.)
“CS&C does not recommend the adoption of online voting for elections at any level of government at this time. While the convenience of being able to cast a ballot electronically may be appealing, the potential benefits do not outweigh the serious risks associated with online voting. These risks of course include the manipulation of votes and election results which may not be detectable before officials are sworn into office, loss of privacy and confidentiality of voting results if they are intercepted in transit or stolen from servers and disclosed to the public or denial of service attacks to the online voting system to delay elections and disenfranchise citizens.”
Smartmatic, the company running the Utah Republican caucus, assures everyone that it has created a nifty system to overcome such threats. Voters can verify their own votes! They provide a pin number, name and birthday to authenticate themselves and then have 30 minutes to vote. When they’re finished, they get a “receipt” with a number and their candidate. Later, they can go to an online bulletin board, enter the receipt number, and the system will respond with their candidate.
Sounds neat. Voters can even CHECK to see if their votes were recorded correctly. What could possibly go wrong?
Plenty. Malware is ubiquitous; it spreads like …well… a virus. And once it’s on your computer, or on the election server, it can undetectably change results. Until it’s found. Like 3 years later. (You might recall that Chinese malware ran on systems at the Pentagon for weeks without detection. And that was The Pentagon – not your county election server with a considerably smaller cybersecurity budget.)
So a lot of Utahns will FEEL like they voted for a particular candidate. But there is no way for them to KNOW if their votes were recorded correctly, or for the results to be audited to confirm that votes were recorded as cast.
Poorvi Vora, Professor of Computer Science at George Washington University, has compiled a laundry list of online voting threats, including:
- Malware on a voter’s computer that could change her vote while generating a receipt assuring her it was properly recorded.
- Malware on the election server that could provide a preordained tally to election officials while responding with the correct vote when an individual voter attempts to verify her choice.
- A denial of service attack that could shut down all or part of the voting system, disenfranchising targeted populations. Think of a system programmed to ignore or undercount votes in particular precincts.
- The lack of a public audit. A voter may THINK that she has verified her vote, but because she will be relying on the computer, she’ll have no way of knowing if her computer changed her vote, or if the election server counted it incorrectly. The public and independent observers will also have no way of determining whether the tally was correct
Common Cause supports paper-based elections because you can always go BACK to the paper to check computer tallied results in an audit or a recount. Experts in cybersecurity, who study this stuff day in day out, say that they are able to design voting systems that are very secure when used in polling places. Internet voting, however, is a very different beast.
Issues: Voting and Elections