Security ex­perts ques­tion Mary­land’s on­line bal­lot sys­tem

Maryland Independent - - Community Forum - By ROB­BIE GREENSPAN

AN­NAPO­LIS, Mary­land — A new on­line bal­lot sys­tem and mark­ing tool could weaken Mary­land’s vot­ing security and make it the most vul­ner­a­ble state in the na­tion, ac­cord­ing to some cy­ber­se­cu­rity ex­perts.

On Sept. 14, the Mar yland State Board of Elec­tions voted 4-1 to cer­tify a new vot­ing sys­tem and mark­ing tool for on­line bal­lots.

The new sys­tem will al­low all Mary­land vot­ers the abil­ity to both make se­lec­tions on a com­puter and print ab­sen­tee bal­lots from home, and send them into the State Board of Elec­tions.

Nikki Charl­son, the deputy state ad­min­is­tra­tor of the Board of Elec­tions, said the sys­tem and tool are as se­cure as pos­si­ble.

“We are fol­low­ing all of the best prac­tices for IT sys­tems,” she said.

Ex­perts in cy­ber­se­cu­rity and com­puter science have pub­licly stated they be­lieve the po­ten­tial risks with the new method of vot­ing out­weigh the ben­e­fits.

While Mary­land vot­ers can still have ab­sen­tee bal­lots mailed or faxed to them, the new method al­lows any Mary­land reg­is­tered voter with ac­cess to the in­ter­net the abil­ity to re­quest and down­load a bal­lot. These can be marked on the com­puter, but the se­lec­tions are not recorded any­where ex­cept on the printed bal­lots them­selves.

All com­pleted ab­sen­tee bal­lots must be mailed to Mary­land elec­tion officials on or be­fore the day of the elec­tion in or­der to be counted.

Four of the five mem­bers of the Board of Elec­tions found the bal­lot de­liv­ery sys­tem and mark­ing tool to be se­cure enough for Mar yland vot­ers.

Pa­trick J. Ho­gan, a Demo­crat, the vice chair­man of the State Board of Elec­tions, ac­knowl­edged the risks, but voted to cer­tify the sys­tem and tool.

“There’s no guar­an­tees in life,” he said at a Board of Pub­lic Works meet­ing on Aug. 17. “We’ve had four security re­views done of this on­line bal­lot mark­ing tool and all have said it’s se­cure.”

Poorvi L. Vora, a pro­fes­sor of com­puter science at The Ge­orge Wash­ing­ton Univer­sity, said the security re­views are not de­fin­i­tive.

“You can do a test and not find any­thing wrong,” she said. “That does not mean it is se­cure.”

Kel­ley A. How­ells, a Repub­li­can, was the lone board mem­ber to vote against the ex­ten­sion of the sys­tem and mark­ing tool, say­ing she wanted to avoid un­nec­es­sar y com­plex­ity.

Four com­puter sci­en­tists from out­side the state, in­clud­ing Vora, put out a state­ment ad­dress­ing the po­ten­tial prob­lems with the ex­panded use of on­line bal­lots and the new mark­ing tool, specif­i­cally with voter ver­i­fi­ca­tion.

“There must be a se­cure method for au­then­ti­cat­ing voter trans­ac­tions that guar­an­tees that the re­li­ably iden­ti­fied voter, as op­posed to a bad ac­tor or piece of ma­li­cious soft­ware, is at the other end of the trans­ac­tion,” they said in a state­ment.

To pre­vent fraud, Mary­land vot­ers are re­quired to pro­vide the last four dig­its of their So­cial Security num­ber, their driver’s li­cense num­ber and the is­sue date of their li­cense plate or Mo­tor Ve­hi­cle Ad­min­is­tra­tion ID num­ber in or­der to ac­cess the bal­lot on their com­puter.

Re­becca Wil­son, the co-direc­tor of Save our Votes, a non­par­ti­san or­ga­ni­za­tion work­ing to in­crease voter security, spoke against the cer­ti­fi­ca­tion at the meet­ing on Sept. 14 and said it’s not se­cure enough. Peo­ple can ac­cess that in­for­ma­tion if they really want it, she said.

“Driver’s li­cense num­bers can be de­rived from an al­go­rithm,” she said.

Alan De Smet is a soft­ware en­gi­neer who created a web­site that can de­ter­mine driver’s li­cense num­bers in cer­tain states, par­tic­u­larly states that use an al­go­rithm to de­ter­mine the num­bers.

Us­ing his web­site, any­one with ac­cess to the In­ter­net can de­ter­mine most Mary­land driver’s li­cense num­bers with only a per­son’s full name and day and month of birth.

“My de­scrip­tion of the al­go­rithm it­self, in­clud­ing the source code to my soft­ware, is free speech,” he said. “That I make it avail­able to use on­line shouldn’t change any­thing.”

Buel C. Young, a spokesman for the Mo­tor Ve­hi­cle Ad­min­is­tra­tion, said the ad­min­is­tra­tion is aware the al­go­rithm is on­line.

“In the tech­no­log­i­cal age, there is al­ways go­ing to be some­one mak­ing ad­vance­ments to­ward repli­cat­ing in­for­ma­tion,” he said.

De Smet said the best so­lu­tion to im­prove Mary­land’s li­cense num­ber security is to as­sign driver’s li­cense num­bers in a mean­ing­less way.

“Any high-qual­ity ran­dom num­ber gen­er­a­tor would do the job,” he said. “Some­thing as sim­ple as as­sign­ing num­bers se­quen­tially would cer­tainly be bet­ter.”

Wil­son also said So­cial Security num­bers are not se­cure.

“The last four dig­its of the So­cial Security num­ber, you may as well con­sider those pub­lic be­cause of breaches of the fed­eral em­ploy­ees’ data­base, the Univer­sity of Mary­land [breach],” she said. “There have been large-scale com­pro­mises of So­cial Security num­bers in Mary­land which we know are on the black mar­ket.”

On Feb. 18, 2014, hack­ers stole more than 300,000 per­sonal records from the Univer­sity of Mary­land’s per­sonal in­for­ma­tion data­base.

The per­sonal data — in­clud­ing So­cial Security num­bers — of more than 22 mil­lion fed­eral em­ploy­ees, con­trac­tors, ap­pli­cants and fam­ily mem­bers was breached, likely start­ing in 2014, fed­eral officials an­nounced in 2015.

The four com­puter sci­en­tists said the li­cense is­sue date, the third ver­i­fi­ca­tion needed to ob­tain the on­line bal­lot, is ac­ces­si­ble to “tens of thou­sands of state em­ploy­ees and local law en­force­ment agen­cies.”

Charl­son said em­ploy­ees sign an agreement not to use in­for­ma­tion they have ac­cess to for any unau­tho­rized rea­son.

Ac­cord­ing to Bar­bara Si­mons, the chair of the Board of Di­rec­tors of Ver­i­fied Vot­ing, Mary­land is par­tic­u­larly vul­ner­a­ble to voter fraud.

Si­mons, one of the com­puter sci­en­tists who op­pos­ing the use of the on­line vot­ing sys­tem and mark­ing tool, said Mary­land has three main security risks: no sig­na­ture check of mail-in bal­lots is con­ducted; any cit­i­zen can re­quest an ab­sen­tee bal­lot with­out ex­cuse; and an ab­sen­tee bal­lot can be ob­tained and marked on­line.

“This com­bi­na­tion of fac­tors makes the Mary­land ab­sen­tee voter sys­tem the most in­se­cure in the coun­try,” she said.

While other states also use on­line bal­lots and mail-in vot­ing, Mary­land is the only one of those states that does not use sig­na­ture ver­i­fi­ca­tion.

The Gen­eral As­sem­bly, which meets in the spring, would have to vote on sig­na­ture ver­i­fi­ca­tion, so it will not be in place for the 2016 elec­tions, Charl­son ex­plained.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.