Slashdot Mirror

← Back to Stories (view on slashdot.org)

Estonia Urged To Drop Internet Voting Over Security Fears

Posted by Unknown on from the still-better-than-a-diebold-machine dept.

wiredmikey (1824622) writes "A team of global IT experts have urged Estonia to drop electronic voting from this month's European elections, saying they had identified major security risks. They also said the system's operational security is lax, transparency measures are insufficient. and the software design is vulnerable to cyber attacks. 'Estonia's Internet voting system blindly trusts the election servers and the voters' computers,' said U.S. computer scientist J. Alex Halderman, a co-author of the report released Tuesday. 'Either of these would be an attractive target for state-level attackers, such as Russia.'" The source for the voting system is available for anyone to inspect. The Estonian National Electoral Committee released a statement dismissing the researchers claims: "At this point, we can give only preliminary answers to allegations published in the Guardian, as the researchers have not shared the full results of their work with us. The researchers met with officials from the electoral committee in October 2013, and could have contacted us at any point in the last 6 months to share the initial findings of their research. ... The researchers have not discovered any new attack vectors that had not already been accounted for in the design of our system as a whole. ... It is not feasible to effectively conduct the described attacks to alter the results of the voting. ... The electoral committee has numerous safeguards and failsafe mechanisms to detect attacks against the elections or manipulated results."

2 of 116 comments (clear)

  1. Re:bollocks by gl4ss · · Score: 5, Insightful

    maybe.

    but for voting of the parliamentary DO NOT FUCKING USE INTERNET VOTING.

    why? technical cheating? actually no. that's just one worry. even if it worked 100% secure the main problem of *being able to sell your vote* remains. that also means your spouse can intimidate you into voting who he/she wants. your employer can intimidate you to vote who they want you to vote for. the local mafia can pay a visit and demand you vote for their candidate.

    --
    world was created 5 seconds before this post as it is.
  2. E-voting should not, can not (safely) be done by Catbeller · · Score: 5, Insightful

    Using computers to register, count, transfer, and archive vote tallies is impossible to do without an almost certain effort to alter the vote totals by parties interior to the project (people creating and maintaining the systems and the show runners) and outside the project ("hackers"). Of the two, the insiders are far more likely.

    This is not a failure of tech or of implementation. This is a human thing: those disposed to alter election tallies have infinite motivation to find a way to do it. They can either slip in during the coding phase or the implementation phase, or even during the elections. Like rats, they will find a way.

    The difference between paper and electronic is basic: paper leaves a physical trail. E-voting can be rigged to leave NO trace. IS rigged to leave no trace. No audit is possible: all audits are predicated that the datasets and code are correct to begin with. If someone slips in backdoors, they can alter vote totals in real time and therefore all recounts will be "accurate". Paper receipts are useless, because what is printed is not necessarily what actually happened. Paper printouts that are reviewed by the voter on site for accuracy and then stored in boxes by the voting agents *can* be a valuable check, for the paper should match the e-count. But why then the extra step of the computer? Just use paper to begin with. Canada does it (I hope still does) and they count elections by hand in three hours, no matter what the size, local or national, because human counting easily scales.

    Source code is worthless as a trace. One never knows what the machine is actually doing from microsecond to microsecond; the code executed need not match what you see on the source. This makes coders heads explode, but it is true. The machine can be programmed to lie. I know this, because I have done it, on orders from my bosses, in the past, to make a bit more money for my company. Cheating is easy and it is undetectable if you are even marginally clever about it. The count can also be altered far from the source tabulating machine and local system, at other levels. Such malignancy will not be accounted for by the counting company; their rep is on the line, they don't believe it is possible and further they don't want to know.

    Use e-voting and you will see the powerful grab control, one way or another. Use paper.