FROM RISKS 31.97: Date: Tue, 9 Jun 2020 10:29:39 PDT From: "Peter G. Neumann" <neumann@CSL.SRI.COM <mailto:neumann@CSL.SRI.COM>> Subject: Democracy Live Internet voting: unsurprisingly insecure, and surprisingly insecure (Specter and Halderman, with Andrew Appel's comments via PGN) A new report by Michael Specter (MIT) and Alex Halderman (U. of Michigan) <https://internetpolicy.mit.edu/wp-content/uploads/2020/06/OmniBallot.pdf <https://internetpolicy.mit.edu/wp-content/uploads/2020/06/OmniBallot.pdf>> demonstrates that the OmniBallot Internet voting system from Democracy Live <https://democracylive.com/ <https://democracylive.com/>> is fatally insecure. That by itself is not surprising, as *no known technology* could make it secure. What is surprising is all the /unexpected/ insecurities that Democracy Live crammed into OmniBallot -- and the way that Democracy Live skims so much of the voter's private information. https://freedom-to-tinker.com/2020/06/08/democracy-live-internet-voting-unsu... <https://freedom-to-tinker.com/2020/06/08/democracy-live-internet-voting-unsu...> Andrew Appel <appel@princeton.edu <mailto:appel@princeton.edu>> has posted an extremely relevant article in Freedom-to-Tinker: https://freedom-to-tinker.com/author/appel/ <https://freedom-to-tinker.com/author/appel/> The OmniBallot Internet voting system from Democracy Live finds surprising new ways to be insecure, in addition to the usual (severe, fatal) insecurities common to all Internet voting systems. There's a very clear scientific consensus that ``the Internet should not be used for the return of marked ballots'' because ``no known technology guarantees the secrecy, security, and verifiability of a marked ballot transmitted over the Internet.'' That's from the National Academies 2018 consensus study report <https://doi.org/10.17226/25120 <https://doi.org/10.17226/25120>>, consistent with the May 2020 recommendations from the U.S. EAC/NIST/FBI/CISA. <http://s3.amazonaws.com/ftt-uploads/wp-content/uploads/2020/06/07210015/Fina... <http://s3.amazonaws.com/ftt-uploads/wp-content/uploads/2020/06/07210015/Final_-Risk_Management_for_Electronic-Ballot_05082020-1.pdf>> [Please read the entire paper and Andrew's commentary. They are very revealing, and devastating for those persons who believe that Internet voting can be made secure. Every known attempt seems to have been easily defeated: Washington DC 2010, Estonia 2014, Australia 2015, Scytl in Switzerland 2019, Voatz in West Virginia 2020, OmniBallot now. Insiders at any of four private companies (Democracy Live, Google, Amazon, Cloudflare), or any hackers who manage to hack into these companies, can steal votes: Democracy Live doesn't run its own servers. PGN-excerpted] FROM the US Government Accountability Office: Facial Recognition Technology: Privacy and Accuracy Issues Related to Commercial Uses GAO-20-522: Published: Jul 13, 2020. Publicly Released: Aug 11, 2020. https://www.gao.gov/products/GAO-20-522?utm_campaign=usgao_email&utm_content... Facial Recognition: CBP and TSA are Taking Steps to Implement Programs, but CBP Should Address Privacy and System Performance Issues GAO-20-568: Published: Sep 2, 2020. Publicly Released: Sep 2, 2020. https://www.gao.gov/products/GAO-20-568?utm_campaign=usgao_email&utm_content... Dott. Diego Latella - Senior Researcher CNR-ISTI, Via Moruzzi 1, 56124 Pisa, Italy (http:www.isti.cnr.it) FM&&T Lab. (http://fmt.isti.cnr.it) http://www.isti.cnr.it/People/D.Latella - ph: +390506212982, mob: +39 348 8283101, fax: +390506212040 =================== The quest for a war-free world has a basic purpose: survival. But if in the process we learn how to achieve it by love rather than by fear, by kindness rather than compulsion; if in the process we learn how to combine the essential with the enjoyable, the expedient with the benevolent, the practical with the beautiful, this will be an extra incentive to embark on this great task. Above all, remember your humanity. -- Sir Joseph Rotblat