I’m begging here: elections officials should be proactively asking for help from security researchers in calls like this.

Analysis should be done, and the system should be public before announcing adoption.

Doing it this way forces bad press that I don’t want to give. It’s bad for democracy.

In any case this system should have been published before a launch was announced.

If I take a look and find vulnerabilities, will Alaska stop the deployment? Can they? Or would doing so cause too much harm and reputational risk?

Second, for elections, an attacker’s goal might be different than just causing a secret change in outcome

Perhaps it’s stopping a certain population from voting.

Or the goal may be causing chaos and weakening trust. E.g. What would happen if the system were just knocked offline on Election Day?

The article also quotes, unchallenged, Estonia’s election director: “can you compromise it in such a way that the monitoring you’ve got in place wouldn’t detect it”

First, vulns often would not have been detectable. Whatever this system is, it’s likely got flaws. Most deployed systems do.

I am aware of no advances in “cloud technology” that fix inherent problems in internet voting.

“Paper backups” also fail to fix much of anything—a malicious or broken into system can ignore the voter’s selections and print whatever it wants.

This includes Estonia’s system, as quoted in the article.

estoniaevoting.org

Time and again, Internet voting in practice has been shown to introduce significant vulnerabilities in elections.

To my count, there have been five systems piloted in real world elections.

Once researchers examined them, all have had significant flaws that would overturn the election.

“Security experts say that while nothing on the internet can be completely impenetrable from hacking, advances in cloud-based technology, as well as linking mobile voting to a paper backup system, could help alleviate some of the concerns”

This is incorrect, and no security expert was quoted.

“We use the UK form “factorise” here in place of the US variants “factorize” or “factor” in order to avoid the 40%
tariff on the US term.”

“...We refer to an abacus as “an abacus” rather than a digital computer, despite the fact that it relies on digital manipulation to effect its computations. Finally, we refer to a dog as “a dog” because even the most strenuous mental gymnastics can’t really make it sound like it’s a computer.”

Hey all!

This research is from my group at Georgia Tech, our paper with technical details is here: mikespecter.com/assets/pdf/t...

Oh, and subsequent reporting in the verge, with comments from @evacide.bsky.social

www.theverge.com/news/787836/...

Thanks Sarah!

Here’s a link to the full paper!
mikespecter.com/assets/pdf/t...

Thanks!

BTW, the lead author is Akshaya Kumar, a fantastic PhD student at GT: akumar805.github.io

Excellent article! Also, for those interested in the nerdy details, check out the paper here:

bsky.app/profile/did:...

- Tile's servers can track all users at all times, acting as a mass surveillance network
- Tile's anti-theft mode turns off stalking alerts, which is itself easily circumvented
- Tile's design makes it possible for RF adversaries to stalk users

Full paper: mikespecter.com/assets/pdf/t...