As e-voting comes of age, security fears mount

New technologies allowing voters to cast ballots via the Internet or other electronic means are catching on in the United States and elsewhere, even as fears mount about security of the systems.

A total of 33 US states are allowing some email, fax or online ballots in 2010, according to the Verified Voting Foundation, a group that monitors security of election systems.

These systems, which are also used in several other countries, can potentially increase voter participation but security remains a question mark, especially following one spectacular attack on an Internet vote pilot project.

The startling security breach came in September, when a pilot Internet vote system for the city of Washington, DC, was put online for a test.

A team of computer scientists from the University of Michigan had little trouble infiltrating the system, modifying ballots, changing the password and directing the system to play the university fight song.

"It was extremely easy. Within the first three hours or so of looking at the code we found the first open door and within 36 hours we had taken control of the system," said Alex Halderman, the Michigan professor who led the effort with his students.

To make matters worse, Halderman discovered that other hackers - including from Iran and China - were trying to do the same thing.

"I think these attacks would have succeeded given the weaknesses of the system," he told AFP.

Halderman and other computer experts say the penetration highlights flaws in online voting that cannot be fixed at present.

"After this, there can be no doubt that the burden of proof in the argument over the security of Internet voting systems has definitely shifted to those who claim that the systems can be made secure," says David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory and chairman of Verified Voting.

The development dealt a fresh blow ahead of the 2010 US elections to confidence in voting systems.

It follows the debacle in the 2000 presidential vote involving "hanging chads" from punch cards, and doubts about newer paperless vote machines that critics say leave no trail for a recount.

"I think Internet voting is the wave of the future, but as with any new system you have to have good testing and certification to be sure the public can trust the results," said Richard Soudriette, president emeritus of the International Foundation for Election Systems, which monitors elections and provides assistance worldwide.

Paul DeGregorio, chief of elections for the electronic voting firm Everyone Counts, says Internet systems currently in use in many locations including in Europe and Asia have withstood security challenges.

He said the critics of online voting "are well-meaning but they fail to take into account the context."

DeGregorio said electronic voting "empowers" voters including people with disabilities who cannot get to polling places, troops abroad and others living outside their home countries, including some six million Americans.

He said a return to paper and pencil "will disenfranchise many people," and fail to get out some younger, tech-savvy voters.

"Younger people are going to say, 'Why should I stand in line for half an hour to cast my ballot? Why can't I do it on my cell phone?" he said.

Pamela Smith, president of Verified Voting, said vulnerability questions remain, whether the systems accept votes directly online of by email or fax.

"I think these systems can be compromised," she said. "It might not happen this year, it might be in a close presidential election."

Susan Dzieduszycka-Suinat, president of the Overseas Vote Foundation which helps Americans abroad in elections, said the group is not ready to endorse online voting.

"At this point, there really isn't any proven, safe ballot return over the Internet that has gone through any certification that is agreed upon," she said.