Blockchain voting too risky, cybersecurity expert says

SAN FRANCISCO — The future of voting should not involve your cellphone, according to a leading cybersecurity expert.

In a first-of-its-kind pilot program, West Virginia will test blockchain encrypted mobile phone voting for members of the U.S. military. But Joe Hall, chief technologist and director of internet architecture at the Center for Democracy & Technology, warned that the plan presents a host of risks. 

“West Virginia has taken the ridiculous step of deciding that they’re going to not only vote on a mobile device, which in and of itself is just a bad idea, but use a blockchain mechanism, something associated with crypto-currency or bitcoin,” Hall told Grant Burningham, host of the Yahoo News podcast “Bots & Ballots.”

In a September interview with Burningham, venture capitalist Bradley Tusk argued that his foundation’s plan to test cellphone voting was a way to boost voter participation in the U.S. However, Hall believes the risks outweigh the possible benefits.

Photo-illustration: Yahoo News; photos: Getty Images, Joe Raedle/Getty Images

“They’re not the thing you want to use for voting in public elections for a few different reasons. One is you’re voting on the internet. You’re fundamentally sending electronic ballot information over the internet to some other system,” Hall said. “The phones we use, the desktop computers we use, the networks in between them, the servers on the other side, every single one of those things is fundamentally insecure.”

At the Center for Democracy & Technology, a nonprofit that fights for online civil rights, Hall has worked on projects ranging from helping computer scientists create unbiased algorithms to advocating for online privacy and freedom of expression. He believes that there’s already enough evidence to dismiss the idea that our technology is secure enough to experiment with casting ballots over cellphones.

Download or subscribe on iTunes: “Bots & Ballots” by Yahoo News

“People say, ‘Hey, I can bank online; why can’t I vote online?’ Banks have enormous budgets for fraud,” Hall said. “If 10 percent of your transactions go wrong or are fraudulently captured, you can buy insurance, you can make people whole, you can plan for that. If 10 percent of ballots disappear or are modified without detection before they end up somewhere, we can’t accept that whatsoever.”

Hall argues that any cryptographic system will eventually be vulnerable to hacking and that our current platforms will be vulnerable within a couple of decades.

“There will be quantum computers within 20 years — a pretty good estimation — that will be able to instantly get through most of the crypto we use right now,” Hall said.

If that happens, Hall said, virtually all online activities, including how a person votes, would be made transparent.

“To put this in perspective, I’ll say it would be really unfortunate if an overseas Marine cast a ballot and is really happy to cast a ballot in the 2018 midterm election in West Virginia using this app,” Hall said. “It would be really unfortunate if in 20 years you’d be able to walk up to that soldier and say, ‘Hey, is this how you voted in the 2018 midterms?’ That’s just unacceptable to me.”

_____

More “Bots & Ballots” episodes from Yahoo News: