Monday, October 18, 2010

Online Voting is Still Insecure

Being a computer programmer, I am used to certain questions. Youth always want to know what games I have written. The answer to that is none. I’m not a gamer and that’s not the kind of programming I do. This answer usually boggles the minds of teenagers. Their response usually goes something like, “Well, what other kind of programming is there?”

One of the most common questions I get from adults during election season is why online voting is so scarce. It makes no sense to most adults. They’ve been buying things online with relative security for years. Why can’t we do that with voting?

It all comes down to trustworthiness. The simple fact is that we do not yet have systems with sufficiently sophisticated security to safely pass your vote from your computer, through a series of private (and probably public) servers to a secure destination server.

Maybe someday we will have those kinds of secure systems. But we’re not there yet. One expert quoted in this Time article suggests that we’re a decade or more away from that technology.

Voting differs from online purchases in the verifiability of the outcome. When you use your credit card to make an online purchase, you can verify the outcome of the purchase. You get the product and see the charge on your statement. You know fairly quickly if you get no shipment or get the wrong product. If someone else makes a purchase using your credit card, you see the charge on your statement.

There’s no feedback mechanism like that in voting. You have no way to verify that the vote you cast on your computer actually gets counted the way you sent it in. If you try to vote and get told that you have already voted, you know that someone else has fraudulently cast a vote in your behalf. But if you’re like lots of people that don’t bother to vote, you’ll never know that someone used your ID to commit voter fraud.

A problem that also exists with mail-in ballots is how to know that the person submitting the ballot is actually who they claim to be, and how to know that the ballot is submitted secretly and without coercion. That’s a problem you face with any kind of remote balloting. We may never overcome this problem regardless of how sophisticated our technology gets.

That’s really only the tip of the iceberg. As the Time article notes, public servers that gather and calculate election data are readily hackable. Don’t believe for a minute that there aren’t people out there that have sufficient motive to engage in this kind of hacking. With enough talent, a hacker can make sure that no one else even knows that fraud has been committed. With the right kind of attack, there may be no way to know it occurred, let alone track it down.

The cumbersomeness of physical balloting systems turns out to be a security feature. Hand marked ballots placed in locked boxes in front of election judges from different parties currently provides a more secure system than any system that uses higher technology.

We will probably get to the point where we can have reasonably secure Internet based remote voting systems. But we don’t have that today.

No comments: