Monday, May 23, 2016
Internet voting video of the week - Barbara Simons
Sunday, May 15, 2016
Internet voting video of the week - Andrew Appel
Wednesday, May 11, 2016
Internet voting video of the week - Tom Scott
online voting - get ready to provide evidence
The Government has also asked that the committee consider the issues of mandatory voting and online voting.The government is proposing that five principles guide the parliamentary committee's study, of which the most relevant for the purposes of this blog is
4. Safeguarding the integrity of our voting process.The timing is tight to produce a comprehensive report.
The Government is proposing that the special all-party committee issue its final report to Parliament by December 1, 2016.from News Release - Government of Canada proposes All-Party Parliamentary Committee on Electoral Reform and Democratic Institutions - Frequently Asked Questions.
Online and in-person consultation hearings are proposed. I have asked (through my Twitter account) if there will be a specific hearing on online voting.
Sources of information are@CdnDemocracy Will there be a hearing specifically about online voting?— Richard Akerman (@papervote) May 11, 2016
- Twitter: @CdnDemocracy
- Web: http://www.DemocraticInstitutions.gc.ca/
- Twitter: Minister of Democratic Institutions @MaryamMonsef
Sunday, June 07, 2015
The code that the machine runs must be correct (without significant bugs or errors), which is difficult (and expensive).
Worse, you must be certain that the code you have validated is actually the code it runs for every vote during the election, which is impossible. As in, literally impossible. The problem is, the only way to find out what code the machine is running is to ask it. Because machines are programmed by humans, machines can lie, just like humans.
Here's how it works:
Computer running the validated code1. Computer expert queries the computer about what code it is running
2. Computer says "I am running the validated code"
Computer running hacked code1. Computer is hacked, adding malicious (lying) code to the validated code
2. Computer expert queries the computer about what code it is running
3. The malicious code lies and says "I am running the validated code"
This is not theoretical, this is exactly what a rootkit does.
So if the machine only records votes electronically, you can never be sure if your vote was correctly recorded. (This is not to mention the possibility of alteration during a long electronic chain of transmission to get to the final election results.)
The only way to verify your vote is to get a paper printout, so that you can look at the paper and validate that it shows your vote as cast. But again, remember the computer can lie. You can vote for party A, the computer can record the vote for party B and then print a paper receipt saying you voted for party A.
The only way to actually be certain of the vote count is to count the paper...
which means you just spent millions of dollars replacing a pen.
These are just the core issues, in an ideal system.
In reality, there are many more problems with voting machines. Although some were based on ATMs, ATMs are physically bigger, have a simpler job, have much clearer transactional validation (ask for $100, complain if you don't get $100), and have dedicated maintenance teams. While some voting machines were build by ATM manufacturers (like Diebold), the coding was rushed (at least we assume so, we don't get to see the coding), the machines are only used once a year at most, and the maintenance is done by amateurs who don't have the bank's monetary motivations for maintaining accuracy. In such a situation, voting machines can have many errors including:
* touchscreen misalignment
* coding errors
* introduction of malicious code e.g. via USB
* failure due to poor storage or aging out
* existing software vulnerabilities (particularly since most run Windows) that are uncovered during the lifetime of the machine but never patched, opening them to network or USB attack
Friday, April 17, 2015
Internet voting risks
I have been tweeting many links about Internet voting risks on the account @papervote
but now it is time to put them together in a blog post.
You can also find links in my bookmarks (which are drawn from many of my accounts, not just @papervote) under tag voting_tech_risks (click link for full list).
Also see extensive materials at http://www.verifiedvoting.org/resources/internet-voting/
Statements from Computer Scientist OrganisationsComputer scientists are best positioned to understand the risks related to the use of computers for voting. They have made clear statements against the use of Internet voting at this time.
✭ US Association for Computing Machinery (ACM) - Internet voting
Internet voting adds additional concerns about security, verifiability and auditability to those already known about electronic voting. ...✭ Computer Technologists' Statement on Internet Voting
At the present, paper-based systems provide the best available technology to [preserve the ability to audit and/or recount the votes].
Several serious, potentially insurmountable, technical challenges must be met if elections conducted by transmitting votes over the internet are to be verifiable.
Government Reports / Tech Reports✭ US Office of the Director of National Intelligence - Opening Statement to Worldwide Threat Assessment Hearing (PDF) - February 26, 2015
Remarks from the Honorable James R. Clapper, Director of National Intelligence:
I'll start with cyber threats. Attacks against us are increasing in frequency, scale, sophistication and severity of impact.✭ Foundation for Information Policy Research - Response to The Speaker’s Commission on Digital Democracy (PDF) - September 27, 2014
this technology still has very significant issues with security, privacy, coercion resistance, auditability and comprehensibility, which preclude its use in high-stakes contests where capable and well-resourced actors (political parties, lobby groups and even foreign governments) may have an incentive to manipulate the system✭ Parliament of Australia - Inquiry into... 2013 General Election - Second Interim Report: An assessment of electronic voting options
This excellent report, licensed in the Creative Commons for reuse (CC BY-NC-ND 3.0 Australia) covers many risks related to Internet voting, with very clear language.
Full report (PDF) can be downloaded; individual sections also available.
✭ NISTIR 7770 - Security Considerations for Remote Electronic UOCAVA Voting (PDF) - February 2011
✭ UK Electoral Commission - Key issues and conclusions: May 2007 electoral pilot schemes (PDF; copy from Archive.org) - August 2007
issues with the security and transparency of the solutions
Expert Analysis✭ Independent Report on E-voting in Estonia
Audio and Video✭ Security Analysis of Estonia's Internet Voting System by J. Alex Halderman - published to YouTube Dec 28, 2014
From the Chaos Communication Conference (31c3) in 2014. You can also see the video on their website.
✭ Why electronic voting is a BAD idea - published to YouTube Dec 18, 2014
The above video is a fantastic clear explanation of why electronic voting machines are a security risk and why Internet voting is even worse.
Presented by Tom Scott for Computerphile, filmed by Sean Riley.
✭ Videos from online course Securing Digital Democracy by J. Alex Halderman
✭ SRI International - Podcast (audio) - Internet voting - October 10, 2010
Interviewing Jeremy Epstein.
Articles, Blog Posts, etc.✭ Freedom to Tinker - Decertifying the worst voting machine in the US - by Jeremy Epstein - April 15, 2015
✭ Remarkable Virginia IT Agency Report Details Reasons for WinVote Decertification - by Doug Chapin - April 15, 2015
✭ Sydney Morning Herald - International experts warn of the risks of Australian online voting tools - March 24, 2015
✭ Communications of the ACM - Security Risks, Privacy Issues Too Great for Internet Voting - March 12, 2015
Above article reports on a presentation by computer scientist David Jefferson.
✭ CBC - Internet voting isn't a big draw for younger voters, researcher says - February 11, 2015
Note that Nichole Goodman is a social sciences researcher, not a computer scientist.
✭ Analyst opinion: Don’t take online voting for granted - by Nick Wallace - January 30, 2015
Government should consider alternatives to online voting. ... Preventing fraud is a tall order. ... An additional challenge is preserving the secret ballot...✭ USA Today - Online voting rife with hazards - November 4, 2014
Above article by computer scientist Barbara Simons.
EducationLearn more about the issues.
... more to come
Wednesday, October 19, 2011
City of Markham's Internet voting story at GTEC 2011
Using Digital Technology to Connect with Citizens in the Town of Markham
Given the apparent decrease in voter engagement, Canadian governments are faced with seeking innovative ways to connect with the public. When used strategically, digital technologies are an effective means to engage citizens. Through the use of Internet voting and the implementation of multiple interactive online initiatives, the Town of Markham has become a leader in eDemocracy. In this session attendees will hear from the Mayor of Markham, the visionary behind Markham’s innovative use of digital technologies to engage citizens, as well as the CEO of Delvinia, the firm behind the initiatives and the only organization to collect consumer data on Internet voting in three consecutive elections.
from GTEC 2011 Conference Program at a Glace
Wednesday, September 28, 2011
in which I help the news media
"Our latest DIG report examines the Town of Markham’s experience with Internet voting in the 2003, 2006 and 2010 municipal election"
This is good.
In 2010, with the support of Ryerson University, Delvinia secured an Engage Grant from the Natural Sciences and Engineering Research Council (NSERC) to commission Nicole Goodman, a PhD candidate specializing in Canadian political institutions and alternative voting methods, to provide a scholarly perspective on the data collected following the 2010 election as well as a comparison to the data Delvinia collected in the 2003 and 2006 elections.It is also excellent to see academic research in this field and a rigorous report.
The DIG report is available online at www.delvinia.com/dig. The full research report is available for purchase through Delvinia. Please refer to our order form to obtain a copy of the report.from http://www.delvinia.com/delvinia-releases-dig-report-on-edemocracy-and-citizen-engagement/
So objective fact 1: Delvinia is selling the full report.
In addition to helping the Town raise awareness of Internet voting in the 2003, 2006 and 2010 municipal elections, Delvinia also conducted in-person and online surveys to collect data regarding public attitudes, feelings and beliefs toward Internet voting in each of those elections.from http://www.delvinia.com/should-canadians-have-the-opportunity-to-vote-online/
So objective fact 2: Delvinia was paid by the City of Markham to promote Internet voting in 2003, 2006 and 2010 (the same years in the same city concerning the same topic that the newly-released evoting report covers).
4) The correct way to report this, providing the full context, would be
Delvinia, a company paid by the City of Markham to promote Internet voting in 2003, 2006 and 2010, is now selling a detailed report about Internet voting in Markham. The report concludes Internet voting was a great success.
I am not criticising Delvinia or the report, I am just stating the objective facts of the context of the report.
So I will now help some news reporting organisations.
This is what the Star wrote
Internet voting in advance polls in Markham has helped increase overall voter turnout, engage non-voters to vote and greatly improve overall voter satisfaction, according to a research and public opinion report released Monday.http://www.thestar.com/news/article/1059558
In the report by Delvinia, a digital strategy firm, voter turnout in Markham has increased by 35 per cent since the introduction of Internet voting in 2003, and much of that is attributed to the advent of online voting.
You may note that neither in this extract nor indeed anywhere in the entire article does it mention the context I provided above. The article with context would be
Internet voting in advance polls in Markham has helped increase overall voter turnout, engage non-voters to vote and greatly improve overall voter satisfaction, according to a research and public opinion report released Monday.This is what IT World Canada wrote
In the report by Delvinia, a digital strategy firm, voter turnout in Markham has increased by 35 per cent since the introduction of Internet voting in 2003, and much of that is attributed to the advent of online voting. Delvinia, a company paid by the City of Markham to promote Internet voting in 2003, 2006 and 2010, is now selling a detailed report about Internet voting in Markham.
New data culled from Markham, Ont. voters could make a case for the introduction of Internet voting across all levels of government in Canada, according to a new report from user experience design firm Delviniahttp://www.itworldcanada.com/news/e-voting-gets-almost-unanimous-praise-study-finds/144015
The Toronto-based digital consultancy released the findings of its eDemocracy and Citizen Engagement report on Monday, which focused on the Town of Markham’s recent online voting initiatives. The municipality has offered online voting for its local elections since 2003.
And here, again, is the article with the actual full context added
New data culled from Markham, Ont. voters could make a case for the introduction of Internet voting across all levels of government in Canada, according to a new report from user experience design firm DelviniaI want to be completely up-front: I am profoundly disappointed that major Canadian news media are not providing the full context of this report. I expect the news media to provide context for ANY press release, announcement, speech, interview or think-tank report. Information without context is no foundation for democracy.
The Toronto-based digital consultancy released the findings of its eDemocracy and Citizen Engagement report on Monday, which focused on the Town of Markham’s recent online voting initiatives. The municipality has offered online voting for its local elections since 2003. Delvinia, a company paid by the City of Markham to promote Internet voting in 2003, 2006 and 2010, is now selling a detailed report about Internet voting in Markham.
UPDATE: I should also mention, in case you think this is a minor nuance on an obscure story buried in the back pages of the paper, that "Online voting changes the game" was the Toronto Star's front-page, above-the-fold, banner full-width headline story for Monday September 26, 2011. In newspaper terms, they declared it the single most important story in the world for September 26, 2011.