Although many people are attached at the hip to their laptops, few are conversant in software coding and even fewer are familiar with heavy encryption.
Combine computers with the intricacies of elections, and that leaves only a handful of specialists worldwide who can claim to understand online voting.
Questions about e-voting were raised after the NDP leadership convention was disrupted by a cyber attack.
Not all of them have been answered satisfactorily, say software experts, despite reassurances from Scytl, the software company that handled the NDP election process, and from Halifax Regional Municipality, which has committed to use the company’s services in October’s municipal election.
"Multibillion-dollar (software developers) like Windows, you know, Microsoft . . . can’t have their software bug-free. So I don’t think Scytl is able to do that," said Daniel Sokolov, a Halifax information technology expert.
Sokolov has examined several European elections that used e-voting and found at least three with troubling results.
One problem with online voting software is its complexity, he said, explaining no municipality could hope to vet hundreds of thousands of lines of computer code.
"It’s a farce. It’s a joke," said Sokolov. "You need a big team of people to do that, and it’ll take years."
Other problems include the challenge of auditing votes and vote tallies after the fact, the risk posed by cyber attacks and — perhaps the biggest issue — the difficulty of ensuring secret ballots, said Sokolov and other computer experts who spoke to The Chronicle Herald.
Some of these concerns have been tackled by Halifax Regional Municipality more thoroughly than critics imagine, said municipal clerk Cathy Mellett, who noted that 25 per cent of voters chose to vote electronically in the 2008 municipal election.
Mellett said the city will use a third-party auditor, most likely Ernst &Young, which will hire software experts to look over Scytl’s code.
Mellett said the city is committed to Scytl, after it successfully completed a 60-day testing window earlier this month.
Mellett also listed two other safeguards designed to ensure Scytl’s soundness.
First, although it does not open its coding to the public, citing trade secrets, it has opened it a few times to clients for advanced examination, said Mellett.
Second, many other governments and government bodies around the world have inspected and certified Scytl’s systems using different processes, she said.
Scytl is the biggest e-voting provider in the world, with around 70 per cent of market share.
Two experiments with Scytl software that went badly— in Austria and Finland — shouldn’t be compared with Halifax’s contract, said Scytl’s general manager in Canada, Susan Crutchlow.
In both cases, election authorities bought only the coding, and not the full-service package that Scytl offers. That includes sending voter notifications ahead of time and running all other aspects of the vote.
Other parts of those elections were mismanaged, said Crutchlow, leading the results in at least one instance to be thrown out.
HRM never considered buying only part of the package, said Mellett.
"This is a very specialized service," she said. "We want to engage with the best in the world to provide those services, rather than try to run them in-house."
Scytl’s agreement with the NDP didn’t include bandwidth provisions, which, in big enough quantities, would have allowed the party to sustain the organized attempt to jam the lines.
Crutchlow said Scytl is looking at what can be done to prevent similar problems in the future.
Perhaps the most troublesome aspect of e-voting is that it is next to impossible to ensure voters stay anonymous, say those familiar with keeping electronic information secret.
Like some kind of ancient fable, the encryption key to the HRM election will be divided into three parts, with each part given to a different person. All three will have to come together to start or stop the election — though Mellett says even those three key holders won’t be able to see voter names and choices.
While encryption techniques are getting better, decryption is also advancing, allowing for the possibility that someone could unlock information about past votes.
"Even a few years down the road, it’s nobody’s business who voted for what," said Sokolov.
Mellett said one thing she can’t ensure is the pace of technology or when voting information could be decrypted.
"Who knows? It’s not available today."
Original Article
Source: the chronicle herald
Author: SELENA ROSS
Combine computers with the intricacies of elections, and that leaves only a handful of specialists worldwide who can claim to understand online voting.
Questions about e-voting were raised after the NDP leadership convention was disrupted by a cyber attack.
Not all of them have been answered satisfactorily, say software experts, despite reassurances from Scytl, the software company that handled the NDP election process, and from Halifax Regional Municipality, which has committed to use the company’s services in October’s municipal election.
"Multibillion-dollar (software developers) like Windows, you know, Microsoft . . . can’t have their software bug-free. So I don’t think Scytl is able to do that," said Daniel Sokolov, a Halifax information technology expert.
Sokolov has examined several European elections that used e-voting and found at least three with troubling results.
One problem with online voting software is its complexity, he said, explaining no municipality could hope to vet hundreds of thousands of lines of computer code.
"It’s a farce. It’s a joke," said Sokolov. "You need a big team of people to do that, and it’ll take years."
Other problems include the challenge of auditing votes and vote tallies after the fact, the risk posed by cyber attacks and — perhaps the biggest issue — the difficulty of ensuring secret ballots, said Sokolov and other computer experts who spoke to The Chronicle Herald.
Some of these concerns have been tackled by Halifax Regional Municipality more thoroughly than critics imagine, said municipal clerk Cathy Mellett, who noted that 25 per cent of voters chose to vote electronically in the 2008 municipal election.
Mellett said the city will use a third-party auditor, most likely Ernst &Young, which will hire software experts to look over Scytl’s code.
Mellett said the city is committed to Scytl, after it successfully completed a 60-day testing window earlier this month.
Mellett also listed two other safeguards designed to ensure Scytl’s soundness.
First, although it does not open its coding to the public, citing trade secrets, it has opened it a few times to clients for advanced examination, said Mellett.
Second, many other governments and government bodies around the world have inspected and certified Scytl’s systems using different processes, she said.
Scytl is the biggest e-voting provider in the world, with around 70 per cent of market share.
Two experiments with Scytl software that went badly— in Austria and Finland — shouldn’t be compared with Halifax’s contract, said Scytl’s general manager in Canada, Susan Crutchlow.
In both cases, election authorities bought only the coding, and not the full-service package that Scytl offers. That includes sending voter notifications ahead of time and running all other aspects of the vote.
Other parts of those elections were mismanaged, said Crutchlow, leading the results in at least one instance to be thrown out.
HRM never considered buying only part of the package, said Mellett.
"This is a very specialized service," she said. "We want to engage with the best in the world to provide those services, rather than try to run them in-house."
Scytl’s agreement with the NDP didn’t include bandwidth provisions, which, in big enough quantities, would have allowed the party to sustain the organized attempt to jam the lines.
Crutchlow said Scytl is looking at what can be done to prevent similar problems in the future.
Perhaps the most troublesome aspect of e-voting is that it is next to impossible to ensure voters stay anonymous, say those familiar with keeping electronic information secret.
Like some kind of ancient fable, the encryption key to the HRM election will be divided into three parts, with each part given to a different person. All three will have to come together to start or stop the election — though Mellett says even those three key holders won’t be able to see voter names and choices.
While encryption techniques are getting better, decryption is also advancing, allowing for the possibility that someone could unlock information about past votes.
"Even a few years down the road, it’s nobody’s business who voted for what," said Sokolov.
Mellett said one thing she can’t ensure is the pace of technology or when voting information could be decrypted.
"Who knows? It’s not available today."
Original Article
Source: the chronicle herald
Author: SELENA ROSS
No comments:
Post a Comment