Feeds

FIPR highlights e-voting risks

Trojan horses, proxy votes

  • alert
  • submit to reddit

SANS - Survey on application security programs

Electronic voting systems such as those being trialled in today's local government elections could lead to major problems and undermine public confidence in the electoral process, an UK Internet think-tank warns.

The UK government plans to introduce e-voting in the general election after next. Byt the Foundation for Information Policy Research (FIPR) says it is vital for the democratic process that this is done securely and in a way that commands the trust of the voters.

FIPR points out that election integrity can be assured only if e-voting machines produce a paper audit trail which can be verified by voters and later by election scrutineers.

It says this is not the case when votes are cast via SMS from mobiles or from insecure home PCs, as in the trials taking place in 18 local authorities during today's local elections.

According to the FIPR, voting machines must be placed squarely under the control of local election officials, who have a better chance of ensuring they are free from viruses or other malicious software which could monitor and corrupt votes.

Without such precautions, it will be impossible to prove afterwards that an election was carried out correctly, the FIPR claims.

If problems occur, levels of public mistrust could make Florida voters' worries about "hanging chad" look trivial.

FIPR director Dr Ian Brown said: "The only safe way to allow electronic voting is through machines controlled by election officials that produce an auditable paper trail. Anything else is an invitation for fraud to hackers and virus writers around the world, and could destroy public confidence in our elections."

FIPR chair Dr Ross Anderson comments: "It's always a bad idea to look for technical fixes to social problems. Election turnout would be increased if citizens were convinced their vote would make a difference. Simply computerising the current system is unlikely to achieve this."

Every new system can be expected to display teething troubles. E-voting is no exception to this rule.

Reg reader Joe Otten wanted to vote in person at a polling station in Sheffield. When he tried to vote at the polling station closest to his place of work he was told "he couldn't vote there because they couldn't connect their computer up".

Joe had to drive 10 minutes to an alternative polling station, where he was successfully able to cast his vote. ®

Related Stories

E-voting could cure voter apathy
Malvern votes against evoting
E-voting: another UK Government gimmick?
Govt unveils plans for eDemocracy
Sheffield gets the e-vote

External Links

FIPR's e-democracy pages
Another critique of e-voting, from Stanford University Web site

3 Big data security analytics techniques

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.