Superstorm Sandy washed and blew away some polling places and displaced thousands of residents in New York and New Jersey. New Jersey, in an effort to make sure every voice is heard, has enabled voting via email.
New York didn’t want to go with the email voting option because officials feel it might be vulnerable to fraud.
Writing in Norman’s “Security Exposed” blog, Norman’s vice president and GM Darin Andersen examines the problem of email voting.
Mr. Andersen writes that polling machines may have their own security problems but admits there hasn’t been reliable evidence of hacker interference in previous elections. However, Mr. Andersen is wary of email voting:
In light of a natural disaster, email voting seems like a fair solution, but unfortunately, today’s sophisticated malware is a real threat to voting processes. I urge affected New Jersey residents to opt for voting at an alternative polling location if they haven’t already submitted an absentee ballot. In the future, I believe that with strict regulations and the correct cyber defense measures in place, innovative internet-based voting could enable quicker and more convenient voting and ballot counting processes.
In worst-case scenarios any vote could be compromised. They could be changed via theoretical (but entirely doable) man-in-the-middle attacks, snatched by Mr. Andersen’s feared “sophisticated malware” if sent via email. Or voters could arrive at polling places to find machines just aren’t there. Casting a vote remains a big, national act of faith that the system will ultimately work.
At least voting machines aren’t accompanied by banner ads. Yet.