An anonymous reader quotes a report from Politico: On Sunday, researchers at the Massachusetts Institute of Technology and the University of Michigan revealed numerous security flaws in the product that West Virginia and Delaware are using, saying it “represents a severe risk to election security and could allow attackers to alter election results without detection.” In fact, it may be a decade or more before the U.S. can safely entrust the internet with the selection of its lawmakers and presidents, according to some experts. Still, a handful of states are pushing ahead, with the encouragement of one politically connected tech entrepreneur — and the tempting logic of the question, “If we can bank online, why can’t we vote the same way?” These are the problems with that logic:
1) Elections are different. Lots of people bank, shop and socialize online — putting their money and personal details at potential risk of theft or other exploitation. But elections are unique for two reasons: They are anonymous and irreversible. Aside from party caucuses and conventions, virtually all U.S. elections use secret ballots and polling places designed for privacy. That protects people from being blackmailed or bribed to vote a certain way — but it also means that, barring an advance in the technology, voters have no way to verify that their ballots were correctly counted or challenge the results. That’s far different from a consumer’s ability to contest a fraudulent credit card purchase, which depends on their financial institution linking their activity to their identity.
2) The internet is a dangerous place. Even if it were possible to require electronic ballots to travel through servers only in the U.S., no method exists to ensure security at every server along the way. It would be like trusting FedEx to deliver a package that had to pass through warehouses with unlocked doors, open windows and no security cameras. The most effective way to protect data along these digital paths is “end-to-end” encryption […] Researchers have not figured out how to use end-to-end encryption in internet voting.
3) People’s devices may already be compromised. It’s hard enough to protect a ballot as it transits the internet, but what really keeps experts up at night is the thought of average Americans using their computers or phones to cast that ballot in the first place. Internet-connected devices are riddled with malware, nefarious code that can silently manipulate its host machine for myriad purposes. […] Importantly, election officials cannot peer into their voters’ devices and definitively sweep them for malware. And without a secure device, end-to-end encryption is useless, because malware could just subvert the encryption process.
4) Hackers have lots of potential targets. What could an attacker do? “There are literally hundreds of different threats,” said Joe Kiniry, chief scientist of the election tech firm Free & Fair. Among the options: Attacking the ballot; Attacking the election website; Tampering with ballots in transit; Bogging down the election with bad data; and/or The insider threat involving a “bad” employee tampering with an election from the inside.
5) Audits have faulted the major internet voting vendors’ security. Virtually every audit of an internet voting system has revealed serious, widespread security vulnerabilities, although the ease with which a hacker could exploit them varies.
6) Internet voting advocates disagree. Election officials who embrace internet voting deny the risks are as serious as the experts say.
7) What it would take to make internet voting secure. Secure internet voting depends on two major advances: technology that allows voters’ computers and phones to demonstrate that they are malware-free, and end-to-end encryption to protect ballots in transit. […] Solving these problems would require expensive, long-term collaboration between virtually every big-name hardware- and software-maker, Kiniry said. Note: Each point listed above has been abbreviated for brevity. You can read the full article here.