This story appeared on Network World at
http://www.networkworld.com/columnists/2012/111412-bradner.html

If the Internet is magic, why can't we vote on it

'Net Insider By Scott Bradner, Network World

November 14, 2012 10:15 AM ET

Network World - Regular as clockwork -- just after an election which generated far too many stories of people waiting far too long to vote (and far too many local election officials saying that everything went fine and that there were no problems) -- come the calls for voting via the Internet. The press wonders if we are a third-world country, politicians posture and most security experts say "don't go there."

Some examples:

*A headline in The Washington Post was "Estonia gets to vote online. Why can't America?"

*New Jersey tells people they can vote via email.

*A famed Russian computer security expert is quoted by the BBC saying that "the lack of well-established online voting systems is a real threat to the democratic nations of the Western world" (because kids will not vote if they can't do it online).

Anyone who has not been comatose these past few years already knows why we don't vote over the Internet. Most vendors of electronic systems are generically incapable of producing secure ones. Just Google "voting machine security" for many examples, and if that is not enough try "SCADA security."

Most of the articles that ask why we are not doing Internet voting answer their own question. Estonia can do Internet voting because everyone has a government issued scannable ID -- the U.S. does not have such a thing. Apparently the voters in Estonia trust the government to not figure out who voted for whom -- I kinda doubt that the U.S. population would be so trusting of its governments.

An article in The New York Times on the topic of Internet voting quoted MIT's Ron Rivest, observing, "One of the main goals of the election is to produce credible evidence to the loser that he's really lost." A hackable system, as an electronic voting system would inevitably be, would not be able to produce such credible evidence.

I just watched the ending of the History Channel's overly dramatic but still very interesting "The Men Who Built America" series. One of the threads in the episodes shown last night concerned the 1896 U.S. presidential election between William Jennings Bryan and William McKinley. Bryan had spent a lot of time campaigning against monopoly businesses and the exploitation of workers. Among his targets were J.P. Morgan, John D. Rockefeller and Andrew Carnegie -- the main subjects of the series. Morgan, Rockefeller and Carnegie decided that they needed a president who was on their side, so proceeded to essentially buy the election for McKinley.

Buying a president took some work and money in those days. It would not take much of either to buy a president in an environment were we were using Internet voting equipment manufactured by the current set of vendors, who seem to have anti-clue when it comes to security, to select our president.

Fixing the far-too-long lines at some polls would be a good thing to do, but not at the expense of making it probable that some 13-year-old kid in Eastern Europe decides who gets elected.

Disclaimer: Many people at Harvard worry about the fairness of elections, but I have not heard that any of them have expressed an opinion on hackable elections, so the above view is mine.