So, you want to vote online. I understand you. I do.

Especially in times of raging pandemic, lockdowns, face mask and the whole shebang, voting should be made easier. Uber Eats easier. Revolut easier. But why it can’t be? Let me explain.

Table of contents

    Should vs Is

    I guess you sense what the real reason for this situation is. No system of online voting has proven to be secure. None. Well, almost no cyber system is totally secure in general, and voting systems have to be easily accessible to millions, in a short period of time, with no hiccups and with a high level of public trust in the system and the result it produces.

    This lack of security is, as multiple cybersecurity scientists would attest, basically established well in computer science. New fads, like blockchain, offer some hope for the future – just not the immediate one. We at Curiosum both tech specialists and product designers we face such challenges often, but here, scale and weight of responsibility is just that much larger. First, let us establish what are the key characteristics of voting processes that need to be maintained. Voting systems must provide:

    • Vote integrity. Rules of democracy are daringly simple. One person has one vote, only those who are eligible to vote can do so, and all of those votes are counted. The classic methods of ensuring this are burdensome, but reliable – government voter rolls and databases are authenticated with the identity of the voter before the ballot is cast.

    • Usability. UX designers love to brag about the diversity of user they take into consideration. But this system is the ultimate challenge. It must be simple and accessible to absolutely all, with, if possible, minimum deviation for special groups that would make logistics harder and slower. This makes using some authentication methods probably too burdensome for low-tech groups, like the elderly.

    • Secrecy. Your goddamn right as a citizen is to cast your ballot anonymously. In most paper ballot systems this is quite easy, as ballots go into an urn where the identity of the voter is no longer discernible. But your packets of data are usually traceable, bar the smartest of VPNs and encryption methods.

    • Transparency. There were many famous recounts that changed history – or didn’t. Elections must be possible to verify, when there is doubt regarding the outcome. Even if this process does not change the result, but ensures a heightened level of trust in that result. Crucially, transparency cannot be achieved at the cost of vote secrecy, which is an additional issue when designing digital voting systems.

    The real challenge

    Now, does the list above looks overwhelming? In each and every bullet point above, dozens of challenges await. Now let’s jump to the most technical aspect, which is cybersecurity. Experts agree that even if the best practices in cybersecurity are used and followed to the letter, a complete protection of cyber systems is not possible.

    The best case that online voting proponents are usually pointing to – which is Estonian internet voting system – has been retroactively found to be vulnerable to DDoS attacks. Moreover, a shell-injection attack was possible, using built-in administrative functions of the program. This was true despite a thorough, community-based audit of the system.

    What makes attacks more probable is the stakes. Voting decides fates of entire countries, their policies, it impacts the neighbouring countries and all industries. Shady interests may prevail. Democracy, as show in the recent example of Russian manipulation of the sentiments of American electorate, can be vulnerable to coordinated attacks even without outright changes to cast votes.

    Cybersecurity is... hard

    More specifically, what are the key technical threats that online voting must account for?

    • DDoS attacks. Such attacks can slow down the whole system or a key part of it, inducing crashes and delays thanks to massive traffic inflow.

    • Spoofing attacks. Voters can be redirected to fake websites with massive phishing campaigns – getting such emails, even if users recognize them correctly, already increases stress and distrust in the voting system. After all, would my granny pass this test of recognizing a legitimate website?

    • Security of voter's devices. Computers and mobile devices that voters use may already be riddled with malicious software. This can not only make voting impossible, but can also lead to a spread to the receiving end. Malware, viruses, trojans – you name it – those can be custom built to simply change a single data packet that contains our vote and make it invalid or different.

    • Server penetration. The election offices are sometimes decentralized, as is the case with multiple US state level voting systems. This increases the attack surface and, in many cases, just one remote breach may be enough to sow chaos on the administrative side of those systems.

    • Authentication attacks. Advanced adversaries can forge voter’s credentials and cast the vote instead.

    As with most cybersecurity challenges, the defender must protect everywhere – but attackers flow like water, to the easiest opening they can find. Having time, skills and resources that the election offices often spare, adversaries can truly wreak havoc on the elections, their integrity, and most importantly – trust in the electoral system itself.

    So far, the accounting is clear – online voting it is not worth the risk. We have tested current systems for decades, and in most democracies, those have been quite resilient. Developing adequately secure systems should very much be on our agenda, but until they prove themselves, go out there, and use paper and pen. And choose wisely!

    FAQ

    Why is online voting considered a bad idea?

    Online voting faces numerous security challenges including vote integrity, usability, secrecy, and transparency. These issues make it difficult to ensure a fair and secure voting process.

    What are the main challenges faced by online voting systems?

    Key challenges include cybersecurity threats like DDoS attacks, spoofing, security of voter's devices, server penetration, and authentication attacks. These complicate the maintenance of a secure and trustworthy voting environment.

    How does the lack of security in online voting systems affect their reliability?

    Due to inherent security weaknesses, online voting systems have not proven secure enough to ensure the integrity and anonymity of votes, leading to a lack of trust in the electoral process.

    What are the essential features a voting system must provide?

    A proper voting system should ensure vote integrity, usability, voter secrecy, and transparency to maintain democracy's fundamental principles.

    How does cybersecurity play into the feasibility of online voting?

    Cybersecurity is a significant challenge as attackers only need to find a single vulnerability, while defenders must secure every aspect of the system, making online voting risky and unreliable.

    Has there been any successful implementation of online voting?

    Although there have been attempts, such as Estonia's internet voting system, they have faced vulnerabilities like DDoS and shell-injection attacks, undermining their success.

    What is the stance of cybersecurity experts on online voting?

    Most experts agree that while advancements are being made, current online voting systems do not offer the security needed to protect against various cyber threats, making them unsuitable for official elections.

    Dawid Bartkowiak Marketing Specialist
    Dawid Bartkowiak Content Marketing Specialist

    Read more
    on #curiosum blog