Tuesday, October 18, 2016

Securing the voting process: Four essential reads

Image 20160922 22509 1a0uggk.jpg?ixlib=rb 1.1
How secure is your vote? Hands with votes illustration via shutterstock.com
Jeff Inglis, The Conversation

Editor’s note: The following is a roundup of stories related to election cybersecurity.

Every vote counts. It’s the key principle underlying democracy. Through the history of democratic elections, people have created many safeguards to ensure votes are cast and counted fairly: paper ballots, curtains around voting booths, locked ballot boxes, supervised counting, provisions for recounting and more.

With the advent of computer technology has come the prospect of faster counting of votes, and even, some hope, more secure and accurate voting. That’s much harder to achieve than it might seem, though. Here are highlights of The Conversation’s coverage of why that is.

Voting machines are old

After the debacle of the 2000 election’s efforts to count votes, the federal government handed out massive amounts of money to the states to buy newer voting equipment that, everyone hoped, would avoid a repeat of the “hanging chad” mess. But more than a decade later, as Lawrence Norden and Christopher Famighetti at the Brennan Center for Justice at New York University explain, that one-time cash infusion has left a troubling legacy:

Imagine you went to your basement and dusted off the laptop or mobile phone that you used in 2002. What would happen if you tried to turn it on? We don’t have to guess. Around the country this election year, people are going into storage, pulling out computers that date back to 2002 and asking us to vote on them.

They asked election officials around the country about the situation, and report on some worrying findings, including how vulnerable the equipment is to cyberattack, and how voting machine breakdowns lead to long lines that deter voters from participating.

Not everyone can use the devices

Also limiting voter turnout is the fact that most voting machines don’t make accommodations for people with physical disabilities that affect how they vote. Juan Gilbert at the University of Florida quantifies the problem:

“In the 2012 presidential election, … The turnout rate for voters with disabilities was 5.7 percent lower than for people without disabilities. If voters with disabilities had voted at the same rate as those without a disability, there would have been three million more voters weighing in on issues of local, state and national significance.”

To date, most efforts to solve the problems have involved using special voting equipment just for people with particular disabilities. That’s expensive and inefficient – and remember, separate is not equal. Gilbert has invented an open-source (read: inexpensive) voting machine system that can be used by people with many different disabilities, as well as people without disabilities.

With the system, which has been tested and approved in several states, voters can cast their ballots using a keyboard, a joystick, physical buttons, a touchscreen or even their voice.

Machines are not secure

Nearly every voting machine in use, though, is vulnerable to various sorts of cyberattacks. For years, researchers have documented ways to tamper with vote counts, and yet few machines have had their cyberdefenses upgraded.

The fact that the election system is so widespread – with multiple machines in every municipality nationwide – also makes it weaker, writes Richard Forno at the University of Maryland, Baltimore County: There are simply more opportunities for an attacker to find a way in.

“Voter registration and administration systems operated by state and national governments are at risk too. Hacks here could affect voter rosters and citizen databases. Failing to secure these systems and records could result in fraudulent information in the voter database that may lead to improper (or illegal) voter registrations and potentially the casting of fraudulent votes.”

Even without an attack, major concerns

Even if an attack never happens – or if nobody can prove one happened – November’s election is vulnerable to sore losers taking advantage of the fact that cyberweaknesses exist.

There is more than enough evidence that a cyberattack is possible. And just that prospect could destabilize the country, argues Herbert Lin of Stanford University:

Imagine that on Nov. 9, the day after Election Day, the early presidential election returns show that Donald Trump has lost. … Trump could call the electronically tallied vote counts obviously fraudulent. Even without pointing to any internal campaign polling suggesting he would win, he could highlight the indisputable fact that no one knows what is going on inside the voting machines.

The ConversationIt’s enough to make you turn out to vote, and keep you up all night afterward.

Jeff Inglis, Science + Technology Editor, The Conversation

This article was originally published on The Conversation. Read the original article.