Communications of the ACM
Online Voting: We Can Do It! (We Have To)
Credit: Getty Images
When it comes to elections, nine of 10 security experts agree that cellulose is safer than electricity.a The best way to vote, they say, is to take the horse-and-buggy down to town on election day, mark up a paper ballot, and put it in a ballot box. The very thought of online voting is anathema. Yet, the status quo in voting is hardly secure, and online voting is inevitable. The agenda for concerned security experts should be to assure online voting is more secure than paper voting. If 60 years of computer security research cannot yield the solution, then it has been going in the wrong direction.
The nay-saying experts are not Luddites, exactly. They recognize the evolution of the field of computer security has followed an arc with its greatest successes in practical solutions to common problems (virus scanning, public key protocols for website verification and privacy, constant inspection and testing for system security errors) rather than in complex, infrequent use cases. Election requirements for assuring a democratically elected government go beyond the usual needs of commerce and communication.
Comments
Joel Mussman
This is an excellent article about the technology side of an online voting system. But it ignores a major issue.
In the U.S. our system is based on the idea that when a person shows up at a polling place the cannot be coerced and the vote recorded is their vote. It is not a perfect system, but the polling place is a sanctuary where no one can enter an influence your vote, and no bad guy can actually check to make sure you voted the way they wanted you to even if you are blackmailed or held hostage.
Mail-in ballots were a step toward an online scenario, system is flawed, and every year there is a case of some political worker "collecting" votes from elderly and poor constituents who don't have any way to get to the polls, and then fraudulently gaming the system. Read the news, do a Google search. At least it is a small percentage right now.
Online voting completely removes the sanctuary of the polling place. There is no way to prove who is being coerced or scammed into voting a particular way. Political organizations will flood the homes of voters to "make sure they vote" and influence them as they stand over them while they vote. Nobody will know. And after 45 years of doing cyber security I still can't see any credential scheme for a system of this magnitude that cannot be corrupted by simply turning your credentials over to someone else, either willingly, by being phished, or under duress.
And why do we need it anyways? Is it so hard to get out of your chair to support democracy? Are you a human in a Wall-E world? And if it is, then who cares about you? Let the people who vote control the system. If you don't vote, live with what other people want. Or, be like other countries that take away social support if you didn't get off your butt and vote.
I'm sorry, but for me online voting removes the most important premise of our system: you have to place your own vote privately. This is a solution looking for a problem. Everybody is so tech-happy they forget why certain things are done certain ways in their rush to "improve" it.
Displaying 1 comment