Some election officials are considering a method to allow voters to cast their votes via email. Hypothetically, this would allow voters to more easily cast their ballots and allow voters who are unable to make it to the polls (disabled or out-of-the-country, for example) to participate in the election process. Some cyber-security experts; however, believe this opens the door to wide-spread ballot tampering.
When you download a file—like a ballot—or send an email—such as a vote—your data flows through many untrusted computer systems. For example, your ballot can be intercepted on the way to you, viruses on your computer can manipulate your vote without your knowledge, or your vote can be modified while on its return trip to the government. Any of these attacks can change the outcome of an entire election, since the hacker can control ballot distribution, vote choice, and ballot submission.
Check out the detailed whitepaper by Galois, Inc. for a technical explanation of the security vulnerabilities and potential remediation strategies.
IT Audit and Security Considerations
Considering the mammoth variety of technical hardware types, firmware, and internet connections utilized to send email it seems impossible to allow voters to securely vote via email. Is there really a way to ensure that millions of users have secure routers or email accounts? Probably not.
Instead, perhaps we can treat voting like accessing personal health records. Verify identity, establish secure connections, and build it all on a highly-secure infrastructure. Thoughts?