A New South Wales parliamentary election was held a few weeks
ago, and it featured an Internet voting system, called iVote, which made access
to the election easier for disabled and rural voters. As might be expected with
any online voting system, there were doubts about security of iVote before the
election took place. Specifically, researchers “warned that the NSW system had
not sufficiently addressed potential security concerns. The election went on,
and some of those eligible to cast their votes on iVote did so. Not surprisingly,
it turned out that the system was vulnerable attack. The same researchers who
had warned about the possibility of security issues have discovered security flaws
in iVote. Of roughly 4.5 million votes cast, up to 66,000 were vulnerable to this
security flaw. The flaw made it possible for attackers to intercept and change
votes cast using the Internet voting system.
This is not the only instance of an online voting system
being vulnerable to attack. Estonia’s I-voting system, which has been in used
in Estonian elections in varying degrees since 2005, has been shown to have multiple
vulnerabilities. Security researchers recently published a paper analyzing the
security of the system. They concluded that “there are abundant ways that such
an attacker could disrupt the voting process or cast doubt on the legitimacy of
results,” and recommended that “Estonia discontinue use of the I-voting system.”
Perhaps it is not currently feasible to create a secure online voting system.
There are other issues with online voting besides the voting
systems themselves. For a vote to have integrity, the voter’s own computer must
be secure against vulnerabilities, and free from viruses that may manipulate
their vote. For every voter’s computer to be secure seems far less practicable
than building a secure online voting system in the first place. Considering the
possibility of viruses and other means of tracking, there are also concerns
about the anonymity of online voting. Although our current voting process isn’t
perfect, it seems less flawed than an online voting solution.
Since the world is becoming increasingly connected, it might
at first make sense that so too would our voting process. But given what seems
to be inherent security issues with such systems, and the paramount importance placed
on the integrity of accurate elections, it is easy to conclude that online
voting is not a good idea.
No comments:
Post a Comment