Hacker News new | past | comments | ask | show | jobs | submit login
Why experts are overwhelmingly skeptical of online voting (arstechnica.com)
12 points by arunbahl on Sept 4, 2020 | hide | past | favorite | 6 comments

The vulnerabilities they found are laughable. Even with all of them fixed, what about infected disk firmware, compromised Intel Management Engine (or the AMD equivalent), or a subverted compiler [1]? On the system itself, or on a developer's machine.

And suppose you somehow fix all of that, and run it on a mathematically verified secure chip. How do you know vulnerabilities weren't inserted into the silicon, or perhaps the whole chip was swapped with a compromised one when you weren't looking. There's already been reports of factory compromised hardware for credit card readers.

With control of the entire USA as the prize, you can bet that's the level of attack you'll be dealing with.

[1] https://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html

The demand for electronic and online voting is so high that I fear it will be implemented in a compromised way, before the problem is actually solved. As I understand it, all known descriptions of electronic voting are worse than paper ballots in terms of security and anonymity.

This is just what a former CS professor told me years ago, but it seems to be supported by what experts are saying.

Edit: clarity and addl thought

I think the key is, you can't tell if the system's been compromised by looking at it. And not even by taking it apart and examining it, bit by bit. Not without an electron microscope. And unlike with banking, you can't tell by the results either.

We need a clear way to communicate why it's so dangerous that computer illiterate people will understand, and that's as clear as I can put it.

In Germany online voting is forbidden by the constitutional court since 2009:

- https://www.ccc.de/en/updates/2009/wahlcomputer-urteil-bverf...

"In its decision today regarding the constitutional vote of the German Federal parliament in 2005, the judges of the Federal Constitutional Court made clear that comprehensible and secret votes are the core of our democratic system. This system is eroded by the use of voting machines. It must be possible for people without technical knowledge to trace and understand the complete voting process. Therefore, votes shall not be saved solely in electronic memory at any time."

Quote from the the TrailofBits audit report [0]

> Anyone with administrative access to the Voatz backend servers will have enough information to fully reconstruct the entire election, deanonymize votes, deny votes, alter votes, and invalidate audit trails


[0] https://github.com/trailofbits/publications/blob/master/revi...

Leaving aside technological security, one HUGE problem with online voting is that there is no way to ensure the vote was not coerced.

Scenario: A particular community/religious institution/school, etc., lets their members know (not in writing) that they will be required to have their vote witnessed by two other members, on pain of expulsion.

This is not far-fetched, even in some places in America, and certainly in other countries. Even if we can be 100% certain that the vote is secure and not tampered with online. I don't see any realistic technological solution for this. Giving the option of in-person or online voting won't solve it - those wishing to coerce will simply require members to pick the online option.

Yes, this is already possible with mail-in voting (and there are reports of it happening.) But if online voting becomes mainstream it will become a much bigger problem.

Disappointed that the article didn't mention this at all. Reminds me of https://xkcd.com/538/

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact