So You Want Digital Voting? Hackers Want It Even More
Since Russia (most likely) hacked our Presidential election in 2016, there's been talk of using cell phones for voting. Think again.
Kathleen Fisher is a Professor in and the Chair of the Computer Science Department at Tufts. Previously, she was a program manager at DARPA where she started and managed the HACMS and PPAML programs, a Consulting Faculty Member in the Computer Science Department at Stanford University, and a Principal Member of the Technical Staff at AT&T Labs Research. Kathleen's research focuses on advancing the theory and practice of programming languages and on applying ideas from the programming language community to the problem of ad hoc data management. The main thrust of her work has been in domain-specific languages to facilitate programming with massive amounts of ad hoc data. Recently, she has been exploring synergies between machine learning and programming languages and studying how to apply advances in programming languages to the problem of building more secure systems.
Kathleen is an ACM Fellow. She has served as Program Chair for OOPSLA ICFP, CUFP, and FOOL, and as General Chair for ICFP 2015. She is an Associate Editor for TOPLAS and a former editor of the Journal of Functional Programming. Kathleen is a past Chair of the ACM Special Interest Group in Programming Languages (SIGPLAN) and past Co-Chair of CRA's Committee on the Status of Women (CRA-W). Kathleen is a recipient of the SIGPLAN Distinguished Service Award. She is Vice Chair of DARPA's ISAT Study Group and a member of the Board of Trustees of Harvey Mudd College.
Kathleen Fisher: One of the reasons why computer security is so hard is because you have to get absolutely everything right in order to have a secure system. And there’s lots of different kinds of things you can get wrong. Everything from your software was buggy, your passwords were too weak, you published your passwords accidentally, your hardware was insecure, the user made a mistake and fell victim to a phishing attack and gave their credentials to a foreign agent or a bad guy. All of those things have to be done correctly in order to have a secure system.
It might seem tempting to think, you know, everybody has a cell phone so you could just use your cell phone to do voting like we do for American Idol or similar TV shows. It works for American Idol because nobody cares all that much who wins or doesn’t win.
If you get the wrong outcome some people will care, but it won’t affect sort of the future of the country, for example. It’s not sensible to use cell phones for voting for things that matter, national elections for example, because the software on a phone is enormous and very complicated, and so understanding that that code is correct and actually counting all of the votes appropriately would be a task that would be so complex as to be infeasible to do.
You could have the legitimate app that is designed to correctly count the votes for an election, but somebody could hack into that set of applications and plant bugs in a bunch of different cell phones so that the final results were not the actual intent, it didn’t actually capture the intent of all the voters.
So a system for voting that relies entirely on computers to do all of the voting will never be secure, because you’ll never have enough confidence that the code that was running on those computers correctly counted the votes as the person who voted intended. There’s always the chance that there were bugs or that a hacker came and changed the code or corrupted the code to make the result be what the hacker wanted instead of what the voters wanted.
So one of the things to know about how the U.S. election system works is that voting machines are the perview of states. So every state has their own process for deciding how what technology to use to count votes. And so it’s not, there’s not a monoculture where every single voting site has the same technology. It’s determined on the state-by-state basis.
So you have 50 different state authorities—at least —who are deciding what technology to use for that particular state, and there are different technologies in play. One of the technologies is just a touch screen where you go and you tap the choices that you want and it records it in a computer program. Ten states currently have that kind of technology, and from a cybersecurity perspective that technology is terrible, because what computers do is exactly what they’re told to do by the last person who loaded code onto the system.
I think people who don’t know very much about computers tend to think that computers do the “right thing.” But in fact they just do exactly what their told to do. So if they’re told to do the correct thing by a person who has the authority to tell them, then that’s great. But that’s often not what happens. The voting systems that just have the touch screen, there’s no way of auditing what happened retroactively. It’s just a question of “did the system actually count it correctly?” You don’t know. All you have at the end of the day is the collection of totals. So somebody could have replaced the code, hacked in and made it count in a slightly skewed way, in a very skewed way—You really have no way of telling. So that technology is bad. People pretty much know that technology is bad and it’s being phased out. So no one is trying to buy more of these machines at this point and they’re no longer being manufactured. So we’re trending in a good direction as far as that’s concerned.
A different kind of machine are the optical scanning machines where you fill out – it’s kind of like a Scantron form from elementary school where you fill out the multiple choice questions on the form and then the form is read electronically. And now the program that’s doing the reading has all the problems of the system that I talked about before where it is software that’s scanning and counting and could be buggy, could be corrupted by somebody who’s hacking in.
But you still have that paper record, so you can go back after the fact and audit to confirm that the report, that the total that was reported was actually correct and so that post facto auditing capability is really important. Most states use this technology now. Some states have in place an automatic auditing process, so independent of whether any candidate asks for an audit they go and pick some number of the voting districts and some number of the ballots and they check to make sure that the counting process was correct. I think probably the level of auditing isn’t sufficient. There needs to be broader auditing and more random auditing going on, but it’s definitely a step in the right direction.
The principle of the people who work in this area talk about is they want to make sure that they can guarantee the results are correct even if a nefarious person wrote the code that did the counting. So it has to work even if the software was completely buggy. And this optical scanning reading technology satisfies that characteristic.
Because even if the code that does the counting of the Scantron form is buggy they can go look at the physical forms and figure out that there was a mistake and correct it using different software.
So there’s an audibility capability that exists in that kind of technology that doesn’t exist if you have no paper trail. So I think at this point we kind of know how to do it from a technical point of view and the question is getting the states all to shift to that new kind of technology.
Since Russia (most likely) hacked our Presidential election in 2016, there's been talk of using cell phones for voting. That's not a good idea, says security expert Kathleen Fisher. Almost all available electronic methods are in some way able to be hacked: either the machine themselves or the program counting the votes at the end. It's quite a vicious conundrum that is leaving leaders in D.C. and Silicon Valley scratching their heads. Is the good ol' paper ballot our best option? It just might be.
Can sensitive coral reefs survive another human generation?
- Coral reefs may not be able to survive another human decade because of the environmental stress we have placed on them, says author David Wallace-Wells. He posits that without meaningful changes to policies, the trend of them dying out, even in light of recent advances, will continue.
- The World Wildlife Fund says that 60 percent of all vertebrate mammals have died since just 1970. On top of this, recent studies suggest that insect populations may have fallen by as much as 75 percent over the last few decades.
- If it were not for our oceans, the planet would probably be already several degrees warmer than it is today due to the emissions we've expelled into the atmosphere.
Malcolm Gladwell teaches "Get over yourself and get to work" for Big Think Edge.
- Learn to recognize failure and know the big difference between panicking and choking.
- At Big Think Edge, Malcolm Gladwell teaches how to check your inner critic and get clear on what failure is.
- Subscribe to Big Think Edge before we launch on March 30 to get 20% off monthly and annual memberships.
Michael Dowling, Northwell Health's CEO, believes we're entering the age of smart medicine.
- The United States health care system has much room for improvement, and big tech may be laying the foundation for those improvements.
- Technological progress in medicine is coming from two fronts: medical technology and information technology.
- As information technology develops, patients will become active participants in their health care, and value-based care may become a reality.
SMARTER FASTER trademarks owned by The Big Think, Inc. All rights reserved.