My first experiences voting were in the city of Chicago, a city known for a “few” irregularities in voting from time to time.  At the time, we used voting machines on which there were a series of levers for each position on the ballot, and one that allowed people to vote a “straight” ticket for a particular party.  To vote, a voter pulled the right lever for one candidate and the left lever for another candidate …. except on some machines, it did not matter which levers you pulled, the machine recorded a straight ballot for one of the political parties.  These machines had clearly been tampered with in a manner that was difficult to detect, especially for the voter.

We moved from those voting machines to the punched card ballots.  Yes, there were challenges with hanging chads, but a voter could see how the vote was cast.  Then, in an effort to move ahead and improve voting efficiency,  communities adopted computerized voting machines.  It is possible to introduce viruses to these systems to effect votes, but it must be done on a machine by machine basis.  And, there is always the printed record of how a voter cast a ballot on most such machines.  (Personally, I always check the paper record, just to ensure it recorded how I intended to vote, and I recommend you do too!)

Now there are people who want to move our voting to the Internet.  Like most computer people, I look in horror at the thought of moving voting to the Internet.  Yes, it would make it much more convenient to vote, and might increase participation, but it would also attract some of the most determined hackers to break the system.  Will the voter know if his or her ballot is cast correctly, or will this be another example of the machines of old?  And, once elections get broken, will we be able to put it back together again?

Consider the experience in the District of Columbia in 2010.  Voting administrators were prepared to run an election over the Internet and challenged hackers to try to break the system.  It took a University of Michigan team less than two days to break the system!  Yes, the system used in DC could be fixed to block the kind of hack that was used, but that might result in opening another kind of problem with the system.  The truly scary part of hacking is that hackers might change the election and there would be no evidence that a hack had even taken place.

Yes, I am cynical about election security, not only from my early experience in Chicago, but also from my knowledge of computing.  Let’s consider a recent report on NPR in which Mike McConnell, a former director of national intelligence and before that, the director of the National Security Agency is quoted as saying:

We know, and there’s good evidence … of very deliberate, focused cyber-espionage to capture very valuable research and development information, or innovative ideas, or source code or business plans for their own advantage

Earlier this year there were stories of the FBI and Scotland Yard’s electronic discussion being compromised.  Large companies across the US and the world have been hacked for corporate secrets or credit card numbers or personal identities.  Julian Assange and the Wikileaks people have hacked into a variety of companies because the corporation did not support their efforts.  Furthermore, it is not just hackers.  Even Google (whose motto is “do no evil”) has admitted to bypassing customer security systems and stealing information on people’s phones.  In other words, one needs to be concerned not only about the external forces that might cause damage, but also the people who write the software to conduct the election and protect the results.

You might be asking at this point whether I purchase online or bank online, and the answer is yes.  I do these things with full knowledge that someone might intercept or change my transaction.  So, what is the difference, you ask?  It is one of scale.  The odds are very low that someone will target my personal transactions, but if they do, I will clearly notice the result.   While it is a hassle to  have had credit card numbers stolen and had to address the issues of getting charges off of my accounts, I address those issues because (a) I can and (b) it is a price I pay for efficiency of shopping and banking.

The larger the target, though, the more people who will be trying to hack.   For example, people do not write viruses for Microsoft products because of a philosophical difference with Microsoft.  Rather, they do it because they can have a major impact because so many people use Microsoft products.  What could possibly be a bigger target than an election in the United States?

Yes, someday we will be able to provide elections on the Internet.  Not until we get better at security though.

I recommend the following PBS video on the topic from a couple of days ago.  It is pretty convincing, especially when you reflect on all the stories you have heard recently about company databases being hacked.