E-Voting Remains Insecure

A computer scientist recommends the paper ballot.

Nov. 27, 2018

To the Editor:

Re "An Election Grid Rife With Flaws Shows Them All" (front page, Nov. 18):

Despite the sense of security provided by some new technologies, e-voting remains a vulnerability in our election process. Computer scientists have maintained this position for a decade.

Existing security vulnerabilities associated with e-voting include installing malware, server penetration, denial-of-service attacks and disruption attacks, not to mention the continuing challenge to authenticate e-voters reliably.

Hackers can easily intercept data from an e-ballot en route to an election office and are able to change votes without a trace. Email ballots add risk to the election office, as attachments from unknown senders may contain malware.

Existing e-voting technologies force voters to give up the right to a secret ballot. Tampering with a mailed paper ballot, while a crime, affects one ballot. Once a hacker is able to infect a computer owned by a voter, or by the election offices, there is potential for large-scale, devastating electoral disruption.

We cannot secure online voting with today’s technology. Paper ballots remain the best method for maintaining election security.

Jeremy Epstein
Fairfax, Va.
The writer is vice chairman of the U.S. Technology Policy Council at the Association for Computing Machinery.

A version of this article appears in the print edition of the Nov. 28, 2018 issue of The New York Times, on Page A26 of the New York edition with the headline: "E-Voting Is Insecure," and online at https://www.nytimes.com/2018/11/27/opinion/letters/voting-hackers.html.

ACM USTPC Expresses Concerns about Online Voting

ACM's US Technology Policy Committee (USTPC) is joining with organzations including the National Election Defense Coalition, R Street Institute, and Common Cause to release a report citing concerns on the security of internet and email voting. The report cites the increasing impact of cyberattacks on ballots in transit; malware on the voter’s computer/device; voter authentication; server attacks; and more. Recommendations include a return to paper ballots and other "low-tech" measures.