Pentagon's Online Voting Program Deemed Too Risky
by Dan Keating Washington Post Staff Writer Thursday, January 22, 2004; Page A01
A Pentagon program for Internet voting in this year's presidential election is so insecure that it could undercut the integrity of American democracy and should be stopped immediately, according to computer-security specialists who were asked to review the $22 million pilot plan intended for about 100,000 overseas voters.
The critical report released yesterday is intended to halt the momentum building for national Internet voting as the least expensive and most convenient way to upgrade election technology that was exposed as unreliable in 2000.
"It's not possible to create a secure voting system with off-the-shelf PCs using Microsoft Windows and the current Internet," said Avi Rubin, an associate professor of computer science and the technical director of the Information Security Institute at Johns Hopkins University.
He and Barbara Simons, a retired researcher from International Business Machines Corp., said their biggest fear is that this year's experiment would be a hit, leading to widespread Internet voting for the 2008 presidential election. That is when the kind of Internet attack they envision could emerge, possibly from foreign subversives.
"History has shown that when people have the opportunity to tamper with an election they do," said Rubin, noting that the Internet is rife with viruses and worms even when there is no incentive for an attack.
The threat to the current election is great enough that the program should be shut down immediately, said Rubin, Simons and the other two other scientists who released a report yesterday -- David Wagner, an assistant professor of computer science at the University of California at Berkeley, and David Jefferson of Lawrence Livermore National Laboratory.
The Pentagon's Federal Voting Assistance Program was created in 1986 to help military personnel stationed overseas vote. It also serves civilian Americans living abroad. Yesterday, a Pentagon spokesman defended the pilot program.
"The concern for security is a good thing, and we respect what they've done," Glenn Flood said. "But we think the thing will be secure, and security will continue to be enhanced. We're not going to stop it."
Supporters say the pilot for military, government and private citizens abroad is important to learn the right way to gather electronic votes and to help overseas voters who often have trouble casting ballots. The chance of a security threat has to be weighed against the knowledge gained and the improved voting access for those people, said R. Michael Alvarez, co-director of the CalTech-MIT Voting Technology Project and co-author of "Point, Click and Vote," a recent book about online voting.
"There's a widespread perception that Internet voting is going to happen at some time," he said. "As scientists, we'd like to lay out some kind of rational path that leads from punch cards and lever machines to that logical future."
Britain and Switzerland are experimenting with Internet voting, and the Michigan Democratic Party cited the Pentagon effort as a reason for running its own online voting program in this year's caucuses, which are Feb. 7. The authors of the report, which did not review Michigan's system, said any Internet voting would be open to fraud.
Alvarez got a $1.8 million Pentagon grant to study the Internet voting experiment. He invited critics such as Rubin -- who had already published a paper critical of Internet voting -- to participate in the review. "It's a democracy. Debate is critical. We brought in these people now because we want that feedback," Alvarez said.
The four authors of yesterday's criticism were among 10 researchers involved in the review. Alvarez said he plans a report from the entire group after the election, when the system's performance can be gauged.
The Pentagon pilot includes 50 counties in seven states that volunteered: Arkansas, Florida, Hawaii, North Carolina, South Carolina, Utah and Washington. South Carolina's Feb. 3 primary will make it the first state to try the system. Hawaii's chief elections officer, Dwayne Yoshina, said he has read the report and intends to stick with the program for a September primary and the November election.
The system is expected to be used for requesting absentee ballots and casting them in presidential primaries and the fall election, said Meg McLaughlin, president of Accenture eDemocracy Services, the contractor building the system.
"There's nothing in the report that is new to us," she said. "There's nothing that we didn't address."
McLaughlin said she was surprised that the critics would not want the experiment to run through the election to learn from it.
But Simons said that calling the program an experiment ignores the fact that voters will be casting votes that will count. If there is a question about the legitimacy of those votes, she said, the election could be undermined. It is no favor to overseas voters to let them think they have cast ballots when they actually have not, she said.
Supporters note that the late-arriving overseas ballots contributed to the 2000 Florida ballot fiasco. That election led to calls for better voting systems and better ways to collect ballots from citizens abroad.
Mitayo Potosi
_________________________________________________________________
MSN Premium includes powerful parental controls and get 2 months FREE* http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines
-------------------------------------------- This service is hosted on the Infocom network http://www.infocom.co.ug