New reports cast doubt on Internet voting

February 2, 2004

Computers are spreading into nearly every aspect of American life, but the door may have just slammed shut on them as they try to enter the polling booth. Two recent reports have called for pulling the plug on online voting unless serious security concerns are addressed. Many security experts say the flaws cannot be fixed.

The new reports cast a harsh light on this Saturday's upcoming Democratic caucuses in Michigan, where many voters have already cast their ballots remotely using electronic voting.

All the current controversy has one big benefit, says Richard Valelly, a political science professor at Swarthmore (Pa.) College and a close observer of the American electoral system. "We're moving now to more of a point of debate about it [online voting]. And that's all to the good."

Some of harshest criticisms involve SERVE (the Secure Electronic Registration and Voting Experiment). Conducted by the Defense Department, SERVE is supposed to allow 100,000 Americans living abroad, including armed services personnel, to vote via the Internet in primaries and the November election. United States citizens abroad selected for the experiment could visit the SERVE website from any computer connected to the Internet and cast their ballots.

But a review of the SERVE system issued by four security experts Jan. 21 found serious risks of corruption. The report urged that SERVE be shut down and that voting via the Internet not be attempted at any time in the foreseeable future.

As a result, last week several organizations representing Americans living overseas, including the groups Republicans Abroad and Democrats Abroad, recommended that SERVE not be used in this year's elections, the Washington Post reported.

Meanwhile, a review of Maryland's online touch-screen voting system - initiated by the state last week - triggered more skepticism.

The system "contains considerable security risks that can cause moderate to severe disruption in an election," said RABA Technology, the firm employed to test the system. The risks were present even though the system is intended to be used at polling places and does not send information over the Internet, removing one major source of possible tampering.

The report did say that if certain fixes were made, the state's March primary election could be held using the machines. But it called for new security measures to be taken before the November general election, including adding a feature that would create paper receipts for voters.

The major hurdle for online voting is technical. Unlike, say, e-commerce, where amounts are pegged to a certain person, balloting systems have to count votes accurately and yet also preserve anonymity. Add the vagaries of the Internet, and the challenges of fraud prevention are huge.

"E-commerce-grade security is not good enough for public elections," says the review report of the SERVE overseas voting system. "[T]he existence of technology to provide adequate security for Internet commerce does not imply that Internet voting can be made safe."

The report confirms the conclusions of earlier studies by the California Secretary of State's Task Force on Internet Voting and the Internet Policy Institute, both of which found serious flaws in Internet voting schemes.

"There would have to be some fundamental changes to PC architecture and to Internet architecture for [Internet voting] to be possible," says Avi Rubin, one of the four authors of the SERVE report, who is a professor of political science and technical director of the Information Security Institute at the Johns Hopkins University in Baltimore.

For example: Voting on a machine at a friend's house or a cyber-cafe could mean using a computer with malicious software in it. "These machines ... could be infected with viruses, they could just be designed to steal votes, and there's no accounting for that in the system," he says.

Think of the new Mydoom virus currently roaming the Internet, he adds. "One of the things it allows is remote control of any of the infected machines. Just imagine if any of those were ones people were trying to vote on. Then the attackers could change votes."

Not everyone agrees. Americans overseas are among the most disenfranchised voters, says Michael Alvarez, a political scientist at CalTech in Pasadena, Calif., and a member of the group asked by the Defense Department to review SERVE.

He says he hopes the SERVE project will continue through November because it is intended as a wide-ranging experiment that not only tests security but the "accessibility, accuracy, and useability" of an Internet-based voting system. (He did not participate in the review by Mr. Rubin and three of the four other security experts in the group.)

And the 100,000 voters picked to use the SERVE system during this year's elections represent only a tiny fraction of all voters, says Professor Alvarez, coauthor of the book "Point, Click and Vote: The Future of Internet Voting."

But others counter that the 2000 election showed that every vote counts: Tiny swings of votes in key states, they say, could have thrown the presidency to Al Gore instead of George W. Bush.

"Internet voting is irresistibly attractive," says Professor Valelly. Americans work long hours and take fewer vacations than citizens of most industrialized countries. That crowded schedule makes the idea of at-home voting appealing to many people, he says, even though personally he doesn't like the idea of "privatizing the act of voting - literally, since you take it inside your home."

Even the use of electronic touchpads - known as DRE (Direct Recording Electronic) voting - has come under renewed scrutiny after being on the fast track. The Help America Vote Act of 2002 allocated $3.9 billion for states to improve and update their voting procedures after the debacle in Florida during the 2000 election.

A number of companies have produced DREs, and several states, including Maryland, have made major purchases of systems. In the recent California recall election, about 9 percent of voters used touch-screen computers to cast their ballots.

But following last week's New Hampshire primary, conducted entirely using paper ballots, New Hampshire Secretary of State Bill Gardner told the AP he was "aghast that other places are considering touch-screen computers."

Citizen groups such as the Electronic Frontier Foundation, VerifiedVoting.org, and the California Voter Foundation have decried the lack of security in online systems. They have urged that should online voting be employed, a paper audit trail would have to become a mandatory feature of any electronic-voting system.