For the first time in history, nearly every citizen of a U.S. state will be given access to participate in their general election today via email and faxing. But this special event is overshadowed by serious doubts as to security of all types of electronic voting, much less relying on email.
The New Jersey Experiment
New Jersey’s Christie administration made the announcement for the emergency policy change on November 3, in the wake of Hurricane Sandy. The idea is to permit registered voters in the Garden State to vote electronically using a system that Military and Overseas voters already use under the Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA). Actually, Jersey’s emergency plan is even less restrictive than the state’s existing procedure, which usually requires absentee voters under UOCAVA to mail in a signed affidavit.
According to the Governor’s office, “displaced voters may submit a mail-in ballot application either by email or fax to their county clerk. Once an application is approved, the clerk will electronically send a ballot to the voter by either fax or email in accordance to the voter’s preference. Voters must return their electronic ballot – by fax or email – no later than November 6, 2012, at 8 p.m.”
New Jersey voters can also vote by provisional ballot in counties other than their original residence if they prefer.
The Garden State’s extraordinary efforts come in direct response to Hurricane Sandy, which made landfall in New Jersey a little over a week ago and caused widespread damage to polling places and residents’ homes in a critical moment on the electoral calendar.
If such a storm had hit at any other time of the year, or even in an off-election year, it is not clear New Jersey would have taken these dramatic steps. For election watchers, though, New Jersey’s move is a grand experiment, a chance to find out how well the process works and what, if any, flaws crop up.
Hacking The Electronic Vote
This is a big deal. Online voting is not something that happens with any regularity in the U.S. Currently, only 28 U.S. states allow email and fax voting – even for for UOCAVA-eligible voters. Another five states allow fax-only ballots for the same demographic. Of these 33 states that have electronic absentee voting in place for Military and Overseas voters, only one – Arizona – also provides a Web portal for qualified voters to use.
In fact, despite promises of convenience, fast tabulation of votes and improved ease-of-use, there are big issues with all kinds of electronic voting (online or at the polling place). The biggest issue: security.
According to Verified Voting, a non-partisan watchdog site, the best election processes are those that include some sort of paper record of voting activity that can be audited if there is ever a question of fraudulent activity. But most electronic voting options don’t leave a paper trail.
Given that many state legislatures seem so concerned about voter fraud that they are enacting voter ID laws, it seems odd that the same groups seem more than happy to use voting systems that could be potentially hacked on a much larger scale – with no way to gather evidence to prove whether it happened or not.
On Monday, Roger Johnston, head of the Vulnerability Assessment Team at Argonne National Laboratory, posted an article on Popular Science outlining how simple it would be to grab some equipment from an electronics store and execute a man-in-the-middle attack on a touchscreen voting machine – for as little as $10 and a Saturday afternoon.
“The attacks require physical access. This is easy for insiders, who program the machines for an election or install them. And we would argue it’s typically not that hard for outsiders,” Johnston wrote. “A lot of voting machines are sitting around in the church basement, the elementary school gymnasium or hallway, unattended for a week or two before the election.”
Decentralization Limits The Damage
Elections in the U.S. are typically handled at the county level, with individual Clerk’s offices managing voter registration and the election process in the various counties and parishes. The good news is that would require hackers to break into a multitude of different machine types – a one-attack-fits-all strategy would not work.
The bad news – as mentioned above – is that with the exception of optical scan devices and electronic voting machines capable of printing a record of a voter’s choices, there’s no paper trail to audit. If these machines were tampered with, there is very little chance for such tampering to be immediately detected, unless the hacker is dumb enough to over-weigh the tampered votes of one candidate over another. Given the relative ease in which Johnston and his team created hacks for voting machines, this kind of tampering is very much a real danger.
A Really Big Target
This, more than any reason, is why the U.S. electorate has not attempted a “pure” online election. With electronic voting machines, at least there’s still a physical device you have to hack, which does not scale very well from the attackers’ viewpoint. But a truly online election, hitting one central server? That might be too tempting a target for hackers to resist. And a successful hack could change millions of votes.
Take the District of Columbia Board of Elections and Ethic’s rather daring public challenge in 2010: After setting up an Internet voting pilot to enable overseas voters to cast their ballots, the District invited all comers to try to break into the system and compromise its results.
In just a few hours, a team from The University of Michigan found a vulnerability and had inserted fictitious characters into the mock election’s ballot, even gaining control of the cameras watching the election servers to make sure their activity wasn’t visually spotted. The winner of the election? Futurama robot Bender.
“Our experience with the D.C. pilot system demonstrates one of the key dangers in many Internet voting designs: one small mistake in the configuration or implementation of the central voting servers or their surrounding network infrastructure can easily undermine the legitimacy of the entire election,” concluded the academic paper outlining the attack.
Today’s New Jersey experiment is a last-minute attempt to cope by a state battered by Hurricane Sandy. Given the very real security concerns surrounding electronic elections, don’t expect it to be the norm anytime soon. Hopefully, at least, it won’t be another object lesson in what can go wrong with electronic voting.
Image courtesy of Shutterstock.