[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Stop the internet voting bill
>Dear Senators and Representatives:
Please stop internet voting. It's a terrible idea.
While it may appear that "easy voting" is a good thing, "easy voting"
(internet voting, e-voting, DRE voting, etc.) are subject to easy vote
manipulation. Democracy demands that people have their votes counted
securely and transparently.
I am proud to be part of a movement known as the Paper Tigers. This is an
ad-hoc group of about a dozen voters here in Boulder from across the
political spectrum (I'm a Libertarian, for instance) made up of mostly
computer professionals (like Neal McBurnett) who are terrified of votes that
are electronically counted. We know just how easy it is to manipulate
anything electronically with just a few lines of code.
The Paper Tigers have come to the conclusion that -- at this time -- the
safest, cheapest, best auditable, and most reliable form of voting is to use
hand-counted paper ballots.
Let's not make vote fraud easier than it already is. Please stop this
terrible idea. Please stop internet voting.
Ralph Shnelvar
385 Fox Drive
Boulder, CO 80303
303-546-6125
P.S. To those who have been blind cc'd, please contact your representatives
and let them know that you are opposed to electronic voting.
On Sat, 4 Feb 2006 14:12:31 -0700, you wrote:
>Dear Senators and Representatives,
>
>I was shocked, after all the evidence and agreement we've gotten over
>the years about the problems of electronic ballots, to just hear that
>the Colorado Senate is pushing for internet voting. Please put a stop
>to this!
>
>I am a consultant to Internet2 on Internet security and
>authentication. I know how difficult the problems are and how bad the
>state of security is out there.
>
>Previous trials have been halted after it was demonstrated that given
>the current problems with security of computers and the Internet, any
>sort of internet voting is far too vulnerable to a plethora of
>problems. See for example this official report, which concludes
>that documents how easy it would be for any of a wide variety of
>people, foreign and domestic, to subvert an election that included
>any substantial amount of voting over the Internet:
>
> A Security Analysis of the Secure Electronic Registration and Voting
> Experiment (SERVE)
>
> http://servesecurityreport.org/
> ...
>
> [SERVE] has numerous other fundamental security problems that leave
> it vulnerable to a variety of well-known cyber attacks (insider
> attacks, denial of service attacks, spoofing, automated vote buying,
> viral attacks on voter PCs, etc.), any one of which could be
> catastrophic.
>
> Such attacks could occur on a large scale, and could be launched by
> anyone from a disaffected lone individual to a well-financed enemy
> agency outside the reach of U.S. law. These attacks could result in
> large-scale, selective voter disenfranchisement, and/or privacy
> violation, and/or vote buying and selling, and/or vote switching even
> to the extent of reversing the outcome of many elections at once,
> including the presidential election. With care in the design, some of
> the attacks could succeed and yet go completely undetected. Even if
> detected and neutralized, such attacks could have a devastating
> effect on public confidence in elections.
>
> Such attacks could occur on a large scale, and could be launched by
> anyone from a disaffected lone individual to a well-financed enemy
> agency outside the reach of U.S. law. These attacks could result in
> large-scale, selective voter disenfranchisement, and/or privacy
> violation, and/or vote buying and selling, and/or vote switching even
> to the extent of reversing the outcome of many elections at once,
> including the presidential election. With care in the design, some of
> the attacks could succeed and yet go completely undetected. Even if
> detected and neutralized, such attacks could have a devastating
> effect on public confidence in elections.
>
> It is impossible to estimate the probability of a successful
> cyber-attack (or multiple successful attacks) on any one
> election. But we show that the attacks we are most concerned about
> are quite easy to perpetrate. In some cases there are kits readily
> available on the Internet that could be modified or used directly for
> attacking an election. And we must consider the obvious fact that a
> U.S. general election offers one of the most tempting targets for
> cyber-attack in the history of the Internet, whether the attacker's
> motive is overtly political or simply self-aggrandizement.
>
> The vulnerabilities we describe cannot be fixed by design changes or
> bug fixes to SERVE. These vulnerabilities are fundamental in the
> architecture of the Internet and of the PC hardware and software that
> is ubiquitous today. They cannot all be eliminated for the
> foreseeable future without some unforeseen radical breakthrough. It
> is quite possible that they will not be eliminated without a
> wholesale redesign and replacement of much of the hardware and
> software security systems that are part of, or connected to, today's
> Internet.
>
>Please stop this bill.
>
>Thank you,
>
>Neal McBurnett http://bcn.boulder.co.us/~neal/
>Boulder CO
>303-494-6493
>Signed and/or sealed mail encouraged. GPG/PGP Keyid: 2C9EBA60