Two years ago, hackers gained access to an online voting system created by the District of Columbia and altered every ballot on behalf of their own preferred candidates. On the “Thank You!” page that ran at the end of the voting protocol, they left their trademark—the University of Michigan fight song.
The online voting system was real, intended for use that November, but the compromised election, fortunately, was just a mock-up for testing security. The infiltrators were a team of graduate students led by University of Michigan computer scientist J. Alex Halderman. Which candidates got the fake votes? Skynet from the “Terminator” movies and Bender, the alcohol-fueled robot from TV’s “Futurama.”
But the hackers had a serious point: that Internet voting systems were a real threat to the integrity of the democratic process. “The question of whether Internet voting is secure is really not a political question,” Dr. Halderman says. “It’s a technical question.”
As many as three million voters will be eligible to vote online this fall, according to Pamela Smith, executive director of the Verified Voting Foundation, a nonpartisan fair elections watchdog group. In all, 31 states will offer some form of online voting, usually for overseas voters.
Election administrators have shied away from full-fledged Internet portals for 2012. Most of the online systems planned for November require voters to download their ballots, print them, sign them, scan them back into their computers, and send them to election officials via email or fax. But many of these voting programs use unencrypted email and are even more vulnerable to hackers than online portals. “The use of email for transmitting voted ballots is actually the worst form of online voting, the least secure,” Ms. Smith says.
At least 16 states or counties have applied this year for grants from the Department of Defense to experiment with online ballot-marking “wizards.” These programs are essentially Internet voting portals that stop short of counting votes. Voters mark ballots online, and their voting information makes a round trip to a central server and back to them. They receive a digitally completed ballot to email or to print and send by post. “It’s a small step to go from this to online voting,” says Stanford computer scientist and e-voting critic David L. Dill. “They just have to flip a switch.”
Online voting critics like Drs. Dill and Halderman have grown more vocal as they have received more requests to consult on high-tech voting technologies. At a recent workshop on absentee overseas voting, Ronald L. Rivest of MIT, a leading cryptographer, compared election officials asking for advice on best practices for Internet voting to drunkards asking for help getting into their cars to drive home.
Still, it is not clear that the protests will slow the march of technological optimism. “I believe everyone will have the option of voting online, certainly within our lifetime,” says Lori Steele, chief executive of Everyone Counts, a high-tech voting systems vendor.
A number of computer scientists are working to develop a more secure alternative to Internet-based elections. In this model—what professors Philip B. Stark and David A. Wagner of the University of California, Berkeley, call “evidence-based elections”—it is less important which machines are used so long as a paper trail is maintained. This allows results to be verified independently through audits and recounts.
The controversy over the 2000 Bush-Gore recount in Florida looms large in discussions of Internet voting. Though the punch-card system used in many Florida precincts wasn’t high-tech by today’s standards, it lacked a voter-verified paper trail. Internet voting could be a further step toward electoral insecurity, critics say. While inside the D.C. voting system, Dr. Halderman and his team saw signs of attacks from IP addresses in Iran and China.
“Election systems are a critical piece of public infrastructure,” Dr. Halderman says. “As they’re more and more connected to the Internet, that’s exposing [them] to attacks from anywhere around the world.”
—Mr. Agresta has written for the Atlantic and Slate.