Computer security people will be able to tell you:
You can have a secret ballot OR a secure system, but not both. Internet banking and commerce can be secure, but only because the bank knows who the customer is.
Fair Vote Waterloo says:
On Referenda, Consultations, and Postcards
Australian Computer Expert Vanessa Teague:
Election explainer: why can’t Australians vote online
Daily Dot takes a much more technical look:
Online voting is a cybersecurity nightmare
“The” computer security expert, Bruce Schneier agrees:
More Voting Machine News
Barbara Simons asks: Why can’t we vote online?
Online voting is one of the things Canada’s ERRE Special Committee on Electoral Reform has been tasked with studying, so WRGreens own Bob Jonkman framed this important issue in the Canadian context in his Submission to the ERRE Consultation:
“I am opposed to electronic voting and online voting. I am a computer consultant by profession, and nothing I see in my work shows that people’s home computers or even the computers in most businesses have the security capable of upholding the Integrity requirement, ensuring reliable and verifiable results.
“The main issue with online voting is not computer security, but a fundamental incompatibility between voter identity and the secret ballot.
“When voting takes place outside of a polling station it is important that voter identity is established to prevent fraud. It must be provable that the ballot filled in online was actually filled in by a registered voter, and not by someone impersonating that voter. To achieve this, voters need to be issued a ballot with a serial number or barcode to ensure that only that one ballot is filled in for that registered voter. But if every ballot cast has a serial number, then the completed ballot with the voter’s choices is identifiable with the voter’s name and registration information. The secret ballot is impossible, and the Integrity criterion cannot be met.
“When voting does not take place in a polling station then it is possible that a voter will be coerced into voting according to the demands of the “head” of the household, or voting at the workplace according to the employer’s demands. Without the scrutiny of Elections Canada, voting integrity cannot be ensured.
“But computer security is an issue too. People’s personal computers are constantly being attacked by computer viruses, malicious web sites, and denial of service attacks from compromised Webcams. And spam. The difficulty of ensuring online voting integrity is at least as great as is the difficulty of eliminating spam (unsolicited, unwanted e‑mail, sometimes commercial in nature, sent in bulk). If you haven’t experienced problems with spam then it is likely your E‑mail Service Provider is filtering your e‑mail for you – but how many good messages are being filtered accidentally? You’ll never know, because you’ll never see them.
“There are actually very few large-scale spammers on the Internet, maybe a couple of dozen at most. But they’re responsible for almost all the unwanted e‑mail that clogs up billions of e‑mail accounts in the world. It shows how a few bad actors on the Internet can completely overwhelm an e‑mail system. Similarly, a few bad actors on the Internet can completely compromise an online voting system. If we can’t secure our mail systems to solve the spam problem, it is unlikely that we’ll be able to secure everyone’s computer to guarantee online voting integrity.
“It is unfortunate that there were so few computer security experts providing witness testimony to the Committee. Almost every computer security expert who has commented on electronic voting since the U.S. “hanging chad” elections in 2000 has decried the use of voting machines, and, more recently, online voting. Voting machines are regularly compromised, are not auditable by design (they have proprietary source code), and are prone to failure when needed most. Computer security lecturers delight their audiences with tales of voting machine touch screens that dodge the target when the “wrong” vote is selected, or that play marching band music after they’ve been compromised by a prankish hacker.
“Voting is very much different from buying a product from an online store. If the wrong product is delivered, the store will ship the right product the next day to ensure customer satisfaction. But if the wrong candidate is elected, there is no recourse the next day. It is unlikely that fraud will be detected until the voting machines are audited many weeks after the election, and even when fraud is detected the outcome will be hotly contested by the affected candidates. In fact, if voting machines don’t use publicly published open source code then it is likely election outcomes will be hotly contested because proving that no fraud was committed is impossible.
“However, vote tabulation by machine is perfectly acceptable, although there must be a requirement that vote tabulators are also audited and their source code is made public. Ballots designed for vote tabulators (optical mark cards) can always be counted manually if the electronic tabulation is in dispute.”
Here’s hoping the #ERRE Committee puts Online Voting aside until it might be accomplished securely.