Slashdot Mirror
32 States Offer Online Voting, But Experts Warn It Isn't Secure (bostonglobe.com)
Long-time Slashdot reader Geoffrey.landis writes: According to the Washington Post, 32 states have implemented some form of online voting for the 2016 U.S. presidential election -- even though multiple experts warn that internet voting is not secure. In many cases, the online voting options are for absentee ballots, overseas citizens or military members deployed overseas. According to Verified Voting, "voted ballots sent via Internet simply cannot be made secure and make easy and inviting targets for attackers ranging from lone hackers to foreign governments seeking to undermine US elections."
And yet 39% of this year's likely voters said they'd choose to vote online if given the option, according a new article in the Boston Globe, noting that "All 50 states and D.C. send ballots to overseas voters electronically," with Alabama even allowing them to actually cast their ballots through a special web site. "Security is exponentially increased over any other kind of voting because each ballot, as well as the electronic ballot box, has military-grade encryption," argues the founder of the software company that assures the site's security. "She also claims that Web voting is more accurate," reports the Boston Globe. "No more hanging chads or marks on a paper ballot that may be difficult to interpret. Web systems can also save money and can be upgraded or reconfigured as laws change..."
And yet 39% of this year's likely voters said they'd choose to vote online if given the option, according a new article in the Boston Globe, noting that "All 50 states and D.C. send ballots to overseas voters electronically," with Alabama even allowing them to actually cast their ballots through a special web site. "Security is exponentially increased over any other kind of voting because each ballot, as well as the electronic ballot box, has military-grade encryption," argues the founder of the software company that assures the site's security. "She also claims that Web voting is more accurate," reports the Boston Globe. "No more hanging chads or marks on a paper ballot that may be difficult to interpret. Web systems can also save money and can be upgraded or reconfigured as laws change..."
If this can be made to work, then we no longer need a congress. Everyone can vote directly on every issue.
I have been on duty as an observer on electronic voting in my home country.
If done right, you can have public scrutiny over e-voting as well.
1) Open source everything from code to protocols to procedures.
2) Have both public and commercial security assurance performed on everything.
3) Sign all software, both voter and server side. Use integrity checks everywhere.
4) Deploy physical tamper evidence on all servers and systems.
5) Perform admin tasks only under public scrutiny. There will be enough nerds and enthusiasts who WILL gather to find flaws in your procedures and opsec; use them wisely.
Nothing can be 100% secure, but good oversight CAN be achieved for electronic voting. It needs some fundamental decisions - publishing the code and protocols being the most important one.