Monday, July 04, 2016
Australia and online voting
there are the “experts” who claim that we shouldn’t implement electronic votingOk, here's the thing: when people are actual experts, you don't put "experts" in quotes. Dr. Vanessa Teague, one of the experts referred to, has written extensively about the topic, including peer-reviewed papers about voting systems and computer security. One can see that from her University of Melbourne faculty page and her Google Scholar profile. To dismiss someone whom Google Scholar reports as having been cited 1064 times by other academics as an "expert" is at best completely misleading.
This style continues in this muddle of a paragraph
All of these things “might” be true but they don’t “necessarily” have to be true and don’t in the end serve as justification for not implementing electronic voting.I really don't know what to say. The statements made by experts are evidence that can be challenged by doing tests. That's science. Putting things in quotes to disparage them is not.
And then we get to the latest bit of technology magic, Blockchain
Blockchain-based voting has the benefit that voting can be done online anonymouslyReally. Anonymously. The Blockchain public ledger, in which every transaction has a user ID attached, enables anonymous voting? How does it do that exactly? How does one ensure that only eligible voters vote, and that the vote that they cast (presumably by posting the vote to the Blockchain) is both verifiable and anonymous, when the user ID must be traceable?
The reality of a vote using the Blockchain is you're posting a traceable vote to a public ledger, which is to say, you're undermining anonymity and enabling coercion.
But Blockchain is in any case the kind of sleight of hand distraction a magician would perform, to distract you from other key activities. In system security, you must ensure that every component of the system is secure, not just one component. Even if Blockchain were somehow a magic crypto solution for storing and checking the vote (which it isn't) you still have to cast the vote. From an actual computer in the real world, not a theoretical computer. And actual computers in the real world, whether they be desktops or mobile devices, are hacked and compromised all the time. In fact the exact same author who just wrote the above quote about Blockchain-based voting's benefits wrote in the article just previous to the voting one that even antivirus security companies can't get security right.
Antivirus software is very complicated. It has to understand the nature of a very large number of different types of files and the different ways in which these files can be altered to escape detection. In order to efficiently process files that may be being written to a disk or arriving via a web link or email, antivirus software usually runs on the computer with extra privileges. This makes the consequence of attacks on this type of software particularly serious. The counter-intuitive result of this is that antivirus software gives malware writers even greater opportunities for attack on a computer than if the software hadn’t been installed in the first place. In security jargon, it actually increases the “attack surface”.That is exactly correct. But if you think antivirus software is very complicated, Internet voting software is vastly more complicated than that. You've got the entire attack surface of the client computer used to cast the votes, and the entire attack surface of the network used to transmit the votes, and the entire attack surface of the servers used to store and count the votes (including Blockchain, which doesn't run on some abstract cloud, but on actual servers or desktops that can be compromised in many ways, including simply capturing enough mining computers to outvote any other writes to the chain).
Recording votes on the blockchain could be combined with two-factor authentication such as that employed by a system used in Utah recently. This system allowed online voting for the Republican Party’s presidential nominee during the recent US primaries.Like the system used in Utah? The one The Guardian reports was "plagued by glitches" where "as many as 13,000 people had tried to sign up but could not because of a variety of technical problems" and "The state party disregarded warnings from prominent computer scientists and from the National Institute for Standards and Technology, which oversees federal certification of voting equipment, that online voting systems are dangerously vulnerable to malware, putting both the integrity and the secrecy of the vote at risk." That system is the one you want to hold up as a model?
I don't know how one can reconcile understanding not increasing attack surface in one article with advocating vastly increasing attack surface in the following one; I'm going to assume it is associated with frustration with what is admittedly a very complex and slow paper-based election process in Australia.
If you want to read some actual thoughtful analysis of online voting in Australia, in addition to Dr. Teague's article and extensive submissions on the topic, I also recommend that there be an extensive examination of the risks and benefits associated with electronic voting in Australia. Oh wait, there already was, by the Australian Parliament in 2013, and they concluded that the benefits don't outweigh the risks. It's an excellent, comprehensive, clear report. And it only puts things in quotes when it is actually quoting people and statements.
Parliament of Australia - Inquiry into and report on all aspects of the conduct of the 2013 Federal Election and matters related thereto -