Researcher has no confidence in online voting

SAN JOSE, Calif.—Although voting problems marred the 2000 presidential election, an online alternative is not viable, according to the principal researcher for AT&T Labs, a multinational research organization.Computers can have a place in the election process, Avi Rubin told security professionals at the RSA Conference 2002, hosted by RSA Security Inc. of Bedford, Mass. But he warned against going completely digital. “I don’t want a computer to be counting things as the only record we have,” Rubin said. The vulnerabilities of computer and network systems are too widespread and the threats of manipulation too great to ensure fair elections, he said.“There is no such thing as bugfree software,” Rubin said. “Electronic systems are expected to fail at times.” And, he added, “Every step of the way it is reasonable to assume a resourceful and very motivated adversary.” Given such shortcomings, he said, the public would not consider the elections fair.Rubin participated in a workshop on electronic voting hosted by the National Science Foundation in October 2000—a month before the contested presidential election. The participants concluded at the time that the dominant Microsoft Windows-Intel platform was inadequate for voting machines and that the Internet was an inadequate polling infrastructure.Rubin said he worries about vendor promotion of electronic voting because the level of assurance needed in both software and hardware in every step of voting and counting has never been achieved on a wide scale.“Such an audit of hardware and software is not common and is considered very difficult, if not impossible,” he said.Ironically, the standardized nationwide voting system that many people have called for could become the worst danger, he said, because it would set up a single point of failure. Current voting systems in different jurisdictions have different flaws, so it is very difficult to exploit a single flaw to change an election. But that would not be true for a single flaw in a nationwide system, Rubin said.