Wednesday, April 20, 2011

if I can do X online, then why not voting

This is a kind of typical "if I can bank online securely, why not vote online" story by Lena Almeida

Let’s boost participation by allowing online voting

Canada.com - April 15, 2011

And this is a kind of typical "hey our government cybersecurity research lab was hacked" story

Top Federal Lab Hacked in Spear-Phishing Attack

Wired Threat Level - April 20, 2011

Because the answer is, you don't bank online securely. People's online banking is hacked ALL THE TIME. Everyone's systems, including national cybersecurity facilities in the US and Canada, get broken into by determined, sophisticated attackers.

Let me make it clear, I respect Ms. Almeida's question. It is not at all obvious to someone who hasn't stepped through the properties of our current paper-based system one-by-one, and who hasn't analysed the risks of a purely Internet-based system, why online voting shouldn't be as simple as filing your taxes online.

What you CAN do with banking is have their experts follow a forensics trail, undo the unauthorized changes, and return your account to its correct state. As happened to me recently when my credit card number was stolen.

If your vote is reversable 1) it has to be personally identifiable 2) ANYONE with technical knowledge can reverse it.

So that's why you can't vote online. It's not a technical problem. There are no technical barriers to voting online. Amongst many, many other things it's a security problem. Even if you can solve the security problem, you still can't verify what code is running (so open source doesn't help). Even if you could solve the security AND the code verification problems, you still can't stop someone standing over you at home as you vote, and threatening you if you don't vote the correct way (the coercion problem). Or someone can just steal someone's voting credentials and skip the bother of threatening them (the authentication problem).

Hackers will attack your vote, it's just a question of whether they succeed. And the company or individuals writing the code could be malicious, corrupted or threatened. Or the company making the servers. Or the people in the server room. Or actively malicious insiders anywhere along the network chain. Or citizens can be systematically intimidated into voting a certain way. Or the voting credentials of huge numbers of people who don't bother to vote can simply be stolen (e.g. monitoring the mailboxes of students and other young people for convenient mailings with PIN numbers that are unlikely to be used).

Oh, and even if someone miraculously everyone involved in the long chain between you and your vote being recorded on a distant server is trustworthy and not malicious, the software can still have bugs. In fact it's pretty much guaranteed to have bugs. Bugs which may not show up until millions of real users start hammering the real system on election day. So it can still fail spectacularly. Or even worse, fail silently and undetectably, misrecording or losing votes.

But other than that, online voting is a great idea.

PS If you think the TV shows have mastered this problem, I suggest googling so you think you can dance vote hacked or head right to

How the 'Dancing' vote was hacked - MSNBC Cosmic Log - November 19, 2010

Labels: ,

Indeed. http://www.slaw.ca/2010/10/25/electronic-voting-and-the-law-its-not-like-e-banking/

Post a Comment

<- Older Posts - Newer Posts ->

This page is powered by Blogger. Isn't yours?