But Halderman, along with a team of researchers, easily broke into the system, and showed how they could modify and replace marked ballots in the system. The researchers even tweaked the system so that voters would be greeted with the University of Michigan fight song when they landed on the vote confirmation page.
The election officials in charge of such systems do not have the technical expertise or the resources needed to detect or protect their systems against such attacks, Jefferson said. "The kind of attack that Halderman did can be repeated any where at any time," with little response, he said.
In addition, Web-based voting systems are vulnerable to the same security threats that face other websites. These threats include DNS routing attacks, man-in-the middle attacks and denial-of-service attacks and can prevent voters from casting their ballots. The client systems that eligible voters use to cast their ballots are equally vulnerable, Jefferson said. Numerous attacks are possible where a voter might case a ballot and have no way of knowing whether the ballot was intercepted, modified or cast at all.
Electronic voting systems of the sort proposed for use in this year's general elections do not provide anywhere near the auditability provided by paper votes, he said. While there are mechanisms to ensure that the same voter does not cast multiple ballots, there is nothing to prove that a ballot was cast in the manner that the voter intended, he said.
"Once you put ink on paper, you can't change it without that change being easily detectable," Jefferson said. "Paper is indelible. People can see it, track it and read it." He noted that the only country with an Internet voting system comparable to the U.S. is Estonia. Other countries have tried e-voting technology and have either gone back to paper voting or are reconsidering it, he said.
"What we are asking every state, every jurisdiction to do is not use Internet voting," Jefferson said. "It is OK to transmit blank ballots over the Internet" to overseas and absentee voters he said, but not ballots that have been filled in.
Susannah Goodman, director of the election reform project at the watchdog group Common Cause, said states that are moving ahead with Internet voting plans would do well to look at states such as New York and California which have said they will not adopt such measures,because of security concerns.
"Knowing what we know, it is not a verifiable form of voting. It is not a safe form of voting," she said.
Sign up for Computerworld eNewsletters.