Aleksander Essex on Internet Voting in Canada

Aleksander Essex’s submission to the ERRE Special Committee on Electoral Reform is now available:

Some key areas of concern he identifies include:

  • Vote selling and Coercion
  • Phishing
  • Automation bias
  • Denial of Service
  • Client-side malware/spyware
  • Network attacks
  • Server penetration
  • Insider influence
  • State-level actors

He cites the recommendations in the 2015 Utah iVote Advisory Committee Report (PDF), specifically the call for public trials (white hat hacking) of any proposed Internet voting system. Here’s the relevant paragraph from the Utah report:

We recommend that Utah build requirements for an open, public trial for any proposed voting system. The requirements should clearly state the level of integrity and auditability that is required for acceptance along with the overall security and integrity goals for the system. Be aware that even with open, public penetration trials, an Internet voting system would still be subject to malware, phony voter, DDoS, phishing, and insider attacks. So we further recommend that any requirements for an Internet voting system address these concerns specifically and require that vendors satisfy them. In addition, Utah should strongly consider that source code for the entire voting system be made open source so that it can be subjected to review, build, and test by computing professionals not under the influence or supervision of the vendor.

For more about Aleksander Essex see my list of computer science experts

https://papervotecanada2.wordpress.com/2016/11/19/internet-voting-and-computer-security-expertise/#AleksanderEssex

One thought on “Aleksander Essex on Internet Voting in Canada

Comments are closed.