Election securityRisks of—and Solutions for -- Remote Voting

Published 12 June 2020

Delaware, West Virginia, and New Jersey have either deployed OmniBallot or plan to do so for fully online voting, also referred to as “electronic ballot return.” Other states including Colorado, Florida, Oregon, Ohio and Washington, the New York Times reports, use it to deliver blank ballots to registered voters who can mark them and return them by fax, email or mail. Election security researchers have found troubling vulnerabilities in OmniBallot.

The upcoming presidential election in the middle of a pandemic has many jurisdictions exploring new technologies. They’re not secure.

Election security researchers at the University of Michigan and MIT have found vulnerabilities in an internet voting and ballot delivery system either being used or planned for use in fourteen states. 

Their work is the first public, independent analysis of the security and privacy risks of Democracy Live’s OmniBallot system. In a recently released report, they outline security holes and offer recommendations for both election officials and voters. 

Delaware, West Virginia, and New Jersey have either deployed OmniBallot or plan to do so for fully online voting, also referred to as “electronic ballot return.” Other states including Colorado, Florida, Oregon, Ohio and Washington, the New York Times reports, use it to deliver blank ballots to registered voters who can mark them and return them by fax, email or mail. Neither of these uses are adequately secure, the researchers found. 

“OmniBallot’s design is overly simple, and ignores 30 years of research about building E2E-verifiable online voting. The voter’s identity and ballot choice are just sent to a server in Amazon’s cloud, which generates a ballot that officials can download. As a result, there’s no way for voters, officials, or Democracy Live to be sure votes aren’t modified,” J. Alex Halderman, professor of computer science and engineering at U-M and an author of the report, said in a Twitter thread

“There are important risks even when OmniBallot is used only for delivering blank ballots, including the risk that ballots could be misdirected or subtly manipulated in ways that cause them to be counted incorrectly.”

Michael Specter, a doctoral student at MIT who worked on the report with Halderman, says the team’s goal is “to provide election officials and citizens the information they need to ensure that elections are conducted securely.”

Michigan says that for individual voters, the researchers recommend these steps, as outlined in a blog post by MIT CSAIL:

·  Avoid using OmniBallot if possible. Either vote in person or request a mail-in absentee ballot. Mail-in ballots are a reasonably safe option, provided you check them for accuracy and adhere to all relevant deadlines.

·  If you can’t do that, your next-safest option is to use OmniBallot to download a blank ballot and print it, mark it by hand, and mail it back or drop it off. Always double-check that you’ve marked your ballot correctly, and confirm the mailing address with your local jurisdiction.