Verified Voting Public Commentary: Verified Voting Lauds Successful Test Hack of Internet Voting Pilot

Verified Voting applauds the decision of the District of Columbia Board of Elections and Ethics to suspend their plan to offer overseas voters the dangerous option of returning their voted ballots by a “digital vote by mail” Internet voting system. The District’s plans to continue other Internet-based ballot return methods (including email and fax) for the District’s military and civilian overseas voters still raise concerns among voting security experts. DC election officials made the decision after inviting technology experts to hack the Board’s prototype voting system during a trial period. The test pilot was apparently attacked successfully shortly after it began by a team of academic experts led by Prof. J. Alex Halderman at the University of Michigan.

The attack caused the University of Michigan fight song to be played for test voters when they completed the balloting process. Full details of the hack and its impact on submitted test ballots are expected to become available in the coming days. In addition to the Michigan team’s breach of the voting system, Verified Voting’s Board Chair Dr.David Jefferson documented a very serious vote loss problem that caused voters to inadvertently return blank ballots while believing that they had submitted complete ballots. The disenfranchising bug was noted in at least two widely used computer/browser configurations. It is possible that the same problem would affect voters trying to use email or some fax systems to return voted ballots.

Leading computer technology and legal experts, including members of Verified Voting’s Board of Directors, have issued strong warnings about the risks of Internet voting in government elections. Last week, a letter signed by VV board members and others warned DC lawmakers that the pilot project risked “the security of every vote on the ballot.” A joint letter from Verified Voting, Common Cause and VoterAction recommended suspension of electronic return of voted ballots.

Verified Voting founder Prof. David L. Dill initiated the “Computer Technologists Statement on Internet Voting” in 2008, which warned that Internet voting presents several fundamental, perhaps insurmountable challenges to ballot integrity. Among those challenges is very architecture of the Internet. “Electronic return of voted ballots presumes a level of security that cannot be achieved with today’s Internet,” said Smith. “We appreciate DC’s election officials’ provision of an opportunity for technologists to illustrate that point through this public test,” she added. “But as with any technical project, let alone one that proposes to cast votes using the Internet, the importance of an independent review cannot be overstated. It’s vital that independent experts conduct a full review of the system design, with emphasis on security properties and analysis of any potential weaknesses that could result in lost votes, whether through malfunction or exploit by attackers.”

Dr. Jefferson, a computer scientist who helped plan a conference this summer on technical challenges with remote voting systems for military and overseas citizens, noted: “It is disturbing but not surprising that attackers were able to penetrate a Web voting system in short order. In an Internet environment permeated by cybercrime and national security threats, the quest for reliable, secure and accurate Internet voting — which includes voting by email and fax — remains a long way off. It will likely require a re-engineering of the basic Internet and PC system software and perhaps cryptographic breakthroughs as well, before we are able to fully secure a public election in which voted ballots are transmitted from private computers via the public Internet. We should not be taking these huge risks now.”

Dr. Jefferson’s work on Internet voting issues spans the decade and includes co-authoring, with Verified Voting Board member Dr. Barbara Simons and other leading scientists, a major security assessment of an Internet voting system developed for the Department of Defense’s Federal Voting Assistance Program.

With appropriate engineering and security protections, technologists working with Verified Voting endorse the use of Internet-based election services for the filing of absentee ballot applications and the delivery of blank ballots for overseas voters. Fortunately, the DCBOEE offers these election services to its military and overseas voters from the Board’s website. “We can use Internet technologies in many responsible ways to speed up the voting process for our men and women in uniform overseas,” Smith noted. “Challenges remain, but we must not put voted ballots and the accuracy of election results at risk.”

Comments are closed.