Internet voting is just too hackable, say security experts

SAN FRANCISCO – Three ballot initiatives have been proposed in California to require the state to allow online voting, but security experts and some voting officials say the technology is nowhere near secure enough for something so crucial as the democratic process.

“When people stop me in the supermarket and ask, ‘When am I going to be able to vote on my cell phone?’ I say ‘Pretty soon — in about 20 years,’” said Dana DeBeauvoir, the county clerk for Travis County, Texas.

She was one of three speakers Wednesday in a session on online voting and security issues at Enigma 2016, a computer security conference held in San Francisco.

So much of daily life now happens online, including shopping, banking, communication, that voters naturally wonder why voting can’t too, said J. Alex Halderman, a professor of computer science at the University of Michigan in Ann Arbor, Mich. who researches voting and security.

USA TODAY

2016 Candidate Match Game

However, the ongoing litany of breaches, hacks and crashes in those realms are an object lesson in why voting shouldn’t happen there. It's just too important, he said.

"Imagine the incentives of a rival country to come in and change the outcome of a vote for national leadership. Elections require correct outcomes and true ballot secrecy," Halderman said.

Thus far, that doesn't exist. The panelists said while there have been multiple attempts to build verifiable and secure online voting systems over the past 20 years, so far all have proved wanting.

Halderman and his students have hacked several. In 2010, the District of Columbia issued a challenge to see if anyone could hack into a system it was building to allow overseas military to vote via the Internet.

"My students and I couldn't resist taking them up on it," he said.

His team managed to subvert the system, change votes and even leave a ‘calling card.’ After voters cast their ballots, their computers would play the University of Michigan fight song.

This past spring, the state of New South Wales in Australia used a new online system called iVote in an election. However, Halderman and computer security experts from Australia's University of Melbourne broke it within days.

"We were able to insert vote-stealing malware" into the system, Halderman said.

The team immediately disclosed the breach to election officials, but by then more than 66,000 votes had already been cast.

"We don’t have any evidence whether that vulnerability was exploited," said Vanessa Teague, a professor of computer science and expert on electronic voting at the University of Melbourne in Australia, who was part of the team.

Her experience makes her unequivocal in her evaluation.

"Voting over the Internet is a really bad idea," she said. "We haven’t yet solved important issues like authentication, dealing with malware, ensuring privacy and allowing voters to verify their votes."

California measures

Internet voting is an area where people may be excited about a new idea but may not have the technological expertise to properly evaluate it, she said.

"They think, 'Hey, we can vote in our bunny slippers and it’s going to be great,’" said Pamela Smith with Verified Voting, a non-partisan, non-profit organization that advocates for accuracy, transparency and verifiability of elections.

The impetus behind the California ballot initiatives appears to be the belief that online balloting will mean greater voter participation, Smith said.

Attempts in other countries seem to show that Internet voting only increases turnout negligibly. Efforts in Canada and Switzerland found that it only caused people to vote earlier but didn’t cause more people to actually vote, Smith told USA TODAY in an interview.

She noted the federal government spent a decade and a half and more than $100 million on a demonstration Internet voting project for military personnel overseas that included a program called SERVE, the Secure Electronic Registration and Voting Experiment. It was shut down by the Pentagon over security concerns.

"They just abandoned the effort," she said.

So far, a risk versus benefit analysis doesn't come down on the side of Internet voting, Halderman told the audience.

"It’s going to be decades, if ever, before the technology used for security is at the point where online voting can be done with confidence," he said. "There’s just so much that can go wrong, and the need for it is not nearly so pressing as the risk."