Communications - October 2012

sionals have an obligation to explain these risks.

Pilot projects are routinely declared successes, regardless of any problems encountered. However, it is dangerous to draw conclusions from a “ successful” Internet voting pilot project. There is little reason to attack a small pilot project, and a malicious player might refrain from attacking a major election until the new technology is entrenched. Having claimed success, independent of proof of the accuracy of the pilot project, Internet-voting vendors and enthusiasts routinely push to extend Internet voting to a broader group of voters, thereby seriously undermining election security. Computer professionals must object to pilot projects that do not plan for an assessment of the integrity of the election and a public reporting of any dis-crepancies encountered.

Unlike legitimate computer-security experts, malicious attackers are not likely to publicize their attacks, just as credit-card thieves do not openly advertise their thefts. When election officials and policymakers ask for proof that a voting system has been attacked, it is important to keep in mind that detecting well-devised attacks is inherently difficult. The burden of proof that a voting system has not been attacked should fall on those making the claim, not the other way around.

Ultimately, the balance between the integrity of election technology on the one hand and convenience on the other is both a public-policy and a technological issue. Decision makers must be warned of all the risks in order to craft wise policy.

Acknowledgment

We are grateful to the referees who provided us with excellent recommendations.

References

1. adida, b. Panelist remarks at panel on Internet voting. Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (san Francisco, aug. 9, 2011); http://www.usenix.org/events/evtwote11/stream/ benaloh_panel/ index.html

2. bowden, M. the enemy within. The Atlantic (June 2010); http://www.theatlantic.com/magazine/ archive/2010/06/the-enemy-within/8098/

3. CbC news. Computer vandal delays leadership vote (Jan. 25, 2003); http://www.cbc.ca/news/ story/2003/01/25/ ndp_delay030125.html

4. Claburn, t. Microsoft Finds u.s. leads In botnets. Information Week (oct. 14, 2010); http://www. informationweek.com/security/vulnerabilities/ microsoft-finds-us-leads-in-botnets/227800051

5. degregorio, P. UOCAVA Voting Scoping Strategy. Washington secretary of state Public record, Jan. 18, 2009; http://www.votersunite.org/info/Wa-Prr-scopingstrategy.pdf

6. district of Columbia and halderman, J.a. thank you to voters (hacked ballot acknowledgment with Michigan fight song); https://jhalderm.com/pub/dc/thanks/

7. dunn, J.e. trojan attacks credit cards of 15 u.s. banks.

Techworld (July 14, 2010).

8. estehghari, s. and desmedt, y. exploiting the client vulnerabilities in Internet e-voting systems: hacking helios 2.0 as an example. 2010 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections ( Washington d.C., aug. 9, 2010); http:// static.usenix.org/events/evtwote10/tech/full_papers/ estehghari.pdf

9. FbI. FBI, Slovenian and Spanish Police Arrest Mariposo Botnet Creator, Operators. Press release, July 28, 2010; http://www.fbi.gov/news/pressrel/ press-releases/fbi-slovenian-and-spanish-police-arrest-maripora-botnet-creator-operators/

10. Fisher, d. new service helps attackers get Zeus botnet off the ground. Threatpost (Jan. 10, 2011); http:// threatpost.com/en_us/blogs/new-service-helps- attackers-get-zeus-botnet-ground-011011

11. Ford, g.r. and Carter, J. To Assure Pride and Confidence in the Electoral Process. national Commission on Federal election reform, aug. 2001; http://fl1.findlaw.com/news.findlaw.com/hdocs/docs/ election2000/electionreformrpt0801.pdf

12. the h security. Antivirus Protection Worse than a Year Ago. heise Media, u.k., dec. 20, 2007; http://www.h- online.com/security/news/item/antivirus-protection- worse-than-a-year-ago-735697.html

13. hayden, M. hackers force Internet users to learn self defense. PBS NewsHour (aug. 11, 2010); http:// www.pbs.org/newshour/bb/science/Jul.-dec10/ cyber_08-11.html

14. head, W. hackers use Wikipedia to spread malware. I T News for Australian Business (nov. 6, 2006); http:// www.itnews.com.au/news/67796,hackers-use- wikipedia-to-spread-malware.aspx

15. helios. http://heliosvoting.org/

16. Infosecurity. McCartney site serves up Zeus malware. InfoSecurity (apr. 8, 2009); http://www.infosecurity- us.com/view/1178/mccartney-site-serves-up-zeus- malware/

17. Jefferson d. email voting: a national security threat in government elections. VerifiedVoting blog (June 2011); http:/ blog.verifiedvoting.org/2011/06/20/1375

18. Jefferson, d., rubin, a.b., simons, b., and Wagner, d. a Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE), Jan. 20, 2004; http:// servesecurityreport.org/

19. kanan, k., rees, J., and spafford, e. Unsecured Economies: Protecting Vital Information. technical report. Mcafee, Inc., santa Clara, Ca, Feb. 2009; resources.mcafee.com/content/ naunsecuredeconomiesreport

20. keizer, g. Zeus botnet gang targets Charles schwab accounts. Computerworld (oct. 16, 2010); http://www. computerworld.com/s/article/9191479/Zeus_botnet_ gang_targets_Charles_schwab_accounts

21. kirk, J. Comodo hacker claims credit for diginotar attack. Computerworld (sept. 2011); http://www. computerworld.com/s/article/9219739/Comodo_ hacker_claims_credit_for_diginotar_attack

22. kItV. Voting drops 83 percent in all-digital election. honolulu, May 2009; http://www.kitv.com/ politics/19573770/ detail.html

23. kurtz, g. operation ‘aurora’ hit google, others. Mcafee security Insights blog, Jan. 10, 2010; http://blogs. mcafee.com/corporate/cto/operation-aurora-hit-google-others

24. leyden, J. uk cybercops cuff 19 Zeus banking trojan suspects. The Register (sept. 29, 2010); www. theregister.co.uk/2010/09/29/zeus_cybercrime_ arrests/

25. M86 security. M86 Security Labs Discovers Customers of Global Financial Institution Hit by Cybercrime. Press release, london, u.k., aug. 10, 2010; http:// www.marketwire.com/press-release/m86-security- labs-discovers-customers-global-financial-institution- hit-cybercrime-1302266.htm

26. Mahoney, M.r. Comment on Pilot Project Testing and
Certification. eaC, Washington, d. C., apr. 2010; http://
www.eac.gov/assets/1/assetManager/Martha%20
Mahoney%20-%20Comment%20on%20Pilot% 20
Project%20testing%20and%20Certification.pdf
businesscenter/article/157909/feds_to_shore_up_
net_security.html

Barbara Simons ( simons@acm.org) is a retired IbM research staff member, board Chair of Verified Voting, and former aCM President. Douglas W. Jones ( jones@cs.uiowa.edu) is an associate professor in the department of Computer science of the university of Iowa in Iowa City.