sionals have an obligation to explain
these risks.
Pilot projects are routinely declared
successes, regardless of any problems
encountered. However, it is dangerous to draw conclusions from a “
successful” Internet voting pilot project.
There is little reason to attack a small
pilot project, and a malicious player
might refrain from attacking a major
election until the new technology is
entrenched. Having claimed success,
independent of proof of the accuracy
of the pilot project, Internet-voting
vendors and enthusiasts routinely
push to extend Internet voting to a
broader group of voters, thereby seriously undermining election security.
Computer professionals must object
to pilot projects that do not plan for an
assessment of the integrity of the election and a public reporting of any dis-crepancies encountered.
Unlike legitimate computer-security experts, malicious attackers are not
likely to publicize their attacks, just as
credit-card thieves do not openly advertise their thefts. When election officials and policymakers ask for proof
that a voting system has been attacked,
it is important to keep in mind that
detecting well-devised attacks is inherently difficult. The burden of proof that
a voting system has not been attacked
should fall on those making the claim,
not the other way around.
Ultimately, the balance between the
integrity of election technology on the
one hand and convenience on the other is both a public-policy and a technological issue. Decision makers must be
warned of all the risks in order to craft
wise policy.
Acknowledgment
We are grateful to the referees who
provided us with excellent recommendations.
References
1. adida, b. Panelist remarks at panel on Internet voting.
Electronic Voting Technology Workshop/Workshop on
Trustworthy Elections (san Francisco, aug. 9, 2011);
http://www.usenix.org/events/evtwote11/stream/
benaloh_panel/ index.html
2. bowden, M. the enemy within. The Atlantic (June
2010); http://www.theatlantic.com/magazine/
archive/2010/06/the-enemy-within/8098/
3. CbC news. Computer vandal delays leadership
vote (Jan. 25, 2003); http://www.cbc.ca/news/
story/2003/01/25/ ndp_delay030125.html
4. Claburn, t. Microsoft Finds u.s. leads In botnets.
Information Week (oct. 14, 2010); http://www.
informationweek.com/security/vulnerabilities/
microsoft-finds-us-leads-in-botnets/227800051
5. degregorio, P. UOCAVA Voting Scoping Strategy.
Washington secretary of state Public record, Jan.
18, 2009; http://www.votersunite.org/info/Wa-Prr-scopingstrategy.pdf
6. district of Columbia and halderman, J.a. thank you to
voters (hacked ballot acknowledgment with Michigan
fight song); https://jhalderm.com/pub/dc/thanks/
7. dunn, J.e. trojan attacks credit cards of 15 u.s. banks.
Techworld (July 14, 2010).
8. estehghari, s. and desmedt, y. exploiting the client
vulnerabilities in Internet e-voting systems: hacking
helios 2.0 as an example. 2010 Electronic Voting
Technology Workshop/Workshop on Trustworthy
Elections ( Washington d.C., aug. 9, 2010); http://
static.usenix.org/events/evtwote10/tech/full_papers/
estehghari.pdf
9. FbI. FBI, Slovenian and Spanish Police Arrest
Mariposo Botnet Creator, Operators. Press release,
July 28, 2010; http://www.fbi.gov/news/pressrel/
press-releases/fbi-slovenian-and-spanish-police-arrest-maripora-botnet-creator-operators/
10. Fisher, d. new service helps attackers get Zeus botnet
off the ground. Threatpost (Jan. 10, 2011); http://
threatpost.com/en_us/blogs/new-service-helps-
attackers-get-zeus-botnet-ground-011011
11. Ford, g.r. and Carter, J. To Assure Pride and
Confidence in the Electoral Process. national
Commission on Federal election reform, aug. 2001;
http://fl1.findlaw.com/news.findlaw.com/hdocs/docs/
election2000/electionreformrpt0801.pdf
12. the h security. Antivirus Protection Worse than a Year
Ago. heise Media, u.k., dec. 20, 2007; http://www.h-
online.com/security/news/item/antivirus-protection-
worse-than-a-year-ago-735697.html
13. hayden, M. hackers force Internet users to learn
self defense. PBS NewsHour (aug. 11, 2010); http://
www.pbs.org/newshour/bb/science/Jul.-dec10/
cyber_08-11.html
14. head, W. hackers use Wikipedia to spread malware.
I T News for Australian Business (nov. 6, 2006); http://
www.itnews.com.au/news/67796,hackers-use-
wikipedia-to-spread-malware.aspx
15. helios. http://heliosvoting.org/
16. Infosecurity. McCartney site serves up Zeus malware.
InfoSecurity (apr. 8, 2009); http://www.infosecurity-
us.com/view/1178/mccartney-site-serves-up-zeus-
malware/
17. Jefferson d. email voting: a national security threat in
government elections. VerifiedVoting blog (June 2011);
http:/ blog.verifiedvoting.org/2011/06/20/1375
18. Jefferson, d., rubin, a.b., simons, b., and Wagner, d. a
Security Analysis of the Secure Electronic Registration
and Voting Experiment (SERVE), Jan. 20, 2004; http://
servesecurityreport.org/
19. kanan, k., rees, J., and spafford, e. Unsecured
Economies: Protecting Vital Information.
technical report. Mcafee, Inc., santa Clara,
Ca, Feb. 2009; resources.mcafee.com/content/
naunsecuredeconomiesreport
20. keizer, g. Zeus botnet gang targets Charles schwab
accounts. Computerworld (oct. 16, 2010); http://www.
computerworld.com/s/article/9191479/Zeus_botnet_
gang_targets_Charles_schwab_accounts
21. kirk, J. Comodo hacker claims credit for diginotar
attack. Computerworld (sept. 2011); http://www.
computerworld.com/s/article/9219739/Comodo_
hacker_claims_credit_for_diginotar_attack
22. kItV. Voting drops 83 percent in all-digital
election. honolulu, May 2009; http://www.kitv.com/
politics/19573770/ detail.html
23. kurtz, g. operation ‘aurora’ hit google, others. Mcafee
security Insights blog, Jan. 10, 2010; http://blogs.
mcafee.com/corporate/cto/operation-aurora-hit-google-others
24. leyden, J. uk cybercops cuff 19 Zeus banking
trojan suspects. The Register (sept. 29, 2010); www.
theregister.co.uk/2010/09/29/zeus_cybercrime_
arrests/
25. M86 security. M86 Security Labs Discovers Customers
of Global Financial Institution Hit by Cybercrime.
Press release, london, u.k., aug. 10, 2010; http://
www.marketwire.com/press-release/m86-security-
labs-discovers-customers-global-financial-institution-
hit-cybercrime-1302266.htm
26. Mahoney, M.r. Comment on Pilot Project Testing and
Certification. eaC, Washington, d. C., apr. 2010; http://
www.eac.gov/assets/1/assetManager/Martha%20
Mahoney%20-%20Comment%20on%20Pilot% 20
Project%20testing%20and%20Certification.pdf
businesscenter/article/157909/feds_to_shore_up_
net_security.html
Barbara Simons ( simons@acm.org) is a retired IbM
research staff member, board Chair of Verified Voting, and
former aCM President.
Douglas W. Jones ( jones@cs.uiowa.edu) is an associate
professor in the department of Computer science of the
university of Iowa in Iowa City.