Java News from Saturday, January 10, 2004

There's an interesting article in the New York Times today about online voting in the Michigan primary which I'm afraid demonstrates just how little knowledge of security most election officials have. It seems that in the Michigan Democratic primary it is now possible to vote over the Internet, in advance. To enable this some campaigns, including the Dean campaign, are bringing their own laptops to potential voters and asking them to vote on the campaigns laptops. Given that the campaign controls these machines, both software nad hardware, there is effectively no way to prevent them from rejiggering the votes to support their candidate. It would not be hard, for example, to make sure the laptops change all votes for Clark to a vote for Dean or vice versa, while making it appear that the voter has voted for the other candidate. I have no evidence nor is anybody alleging that such shenanigans have actually taken place. Nonetheless, if campaign sponsored online balloting continues, I have no doubt that this will happen, if not in this election then in the next one, and probably sooner rather than later.

There is one possible protection here. The ballots in this case are individually numbered, and according to the Times article, this is not a secret ballot. (which is legal because this is not a real election, only a caucus run by the party which subcontracts to the corporation Election Services Corp.) However, it's not clear whether voters can check that their ballot recorded a vote for the correct candidate. If they can't, there's a real problem here. According to this Dawson Bell column in the Detroit Free Press, the results will be kept temporarily and can be traced back to individual voters if there's a challenge. Better, but still not secure enough for my tastes. It does not let voters check their votes themselves. THis is not a voter verifiable audit trail. If I were a Michigan voter I'd demand a system in which an independent auditor checks each and every online (and mail-in) vote to make sure that the voter was actually the person who voted, and the vote recorded was the one they cast. If that's too expensive, then we should stick with ballots cast in the election booth on the election day. This needs to be stopped.