Report Says E-Voting Is Unsafe Political Speech7/11/2000; 8:53:40 PM ''Voting in your pajamas is unsafe. So says the latest study published by the Voting Integrity Project, a non-partisan group based in Arlington, Virginia that has openly attacked the Arizona Democratic Party's Internet primary election in March.''Wired bring up a couple of things..."But critics have decried [Election.com]'s closed-mouth security policies, and say that fair elections need to be independently evaluated, something Election.com has never agreed to."WTF? Election.com won't let us, the people, independently evaluate our elections? Who do they think they are?"Election.com officials counter that the election had no security lapses, and was therefore a success that needs no further scrutiny. "Well, who could tell? We aren't allowed to look!From the report itself,

Internet Voting of any kind tends to involve a shift of control of elections from the election officials to election vendors because of the technical expertise required. State and federal laws governing elections, commerce and privacy do not currently provide sufficient protection to ensure election integrity or voter privacy in such a case. Finally, Internet Voting offers a frightening new capability to vote thieves - the ability to automate vote fraud through programmed attacks on the voting process. Remote Internet Voting represents a further shift of responsibility for maintenance of the voting infrastructure from the election officials and vendor to the voter or third party-provider of the platform (employer, hotel, military installation, school, etc.). This has deep implications for election integrity and privacy as well.

This seems quite dead-on.

The Internet is already host to hackers of all manner from all over the world. Although the number who are talented and motivated enough to construct the kinds of programs capable of breaking through fire walls, gaining root privileges and escaping detection may currently be limited to a few thousand, but the reality is that it does not take much talent to write a computer virus and unleash it via the Internet.

Absolutely true. Slashdot recently ran an article about such low-skill ''hackers''. It referred to this fascinating paper, in which the authors use a ''honeypot'' (a bait system, designed to attract hackers for study) to trap people who could break into a computer system and gain full access, yet are literally incapable of inserting a floppy and loading files from it on the system they've hacked. (That's an interpretation for you of one of the chat logs, where one hacker has to teach another how to ''mount'' a disk. A floppy must be mounted in many stock UNIX systems before [normal] use.)Worry about what hackers may do to a voting system is definately valid, and the voting companies assurances to the contrary merely raise suspician, they do not encourage me to trust them. Frankly, the voting companies bear most of the earmarks of security software snake oil.

Until that time [when secure remote voting is feasible], since in-polling place Internet voting is technically feasible and the security issues with it are manageable, it is reasonable to experiment with it now, provided it is done in a non-binding fashion. It would be our recommendation that such experiments include rigorous testing by independent experts. In order to accomplish that, vendors would have to be amenable to sharing source codes and other proprietary information with the testers. We strongly urge the vendors to do this, perhaps in conjunction with the FEC systems standards process.

Absolutely.

Because all of our rights and freedoms as Americans depend on free, fair and secure elections, it is imperative that publicly binding Internet voting elections be curtailed until the integrity and fairness can be assured.

Emphasis mine. This is a very well-reasoned essay, IMHO. I was unaware that the election companies were so closed about our election process! In light of that and the unanswered security issues, I would tend to agree with that conclusion.I knew it would be a while before we could do it, but I hope we do make the effort. I think it would be worthwhile.