Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems

from the and-he-should-know dept

Techdirt has been worried by problems of e-voting systems for a long time now. Before, that was just one of our quaint interests, but over the last few months, the issue of e-voting, and how secure it is from hacking, specifically hacking by foreign powers, has become a rather hot topic. It's great that the world has finally caught up with Techdirt, and realized that e-voting is not just some neat technology, and now sees that democracy itself is at play. The downside is that because the stakes are so high, the level of noise is too, and it's really hard to work out how worried we should be about recent allegations, and what's the best thing to do on the e-voting front.

What we really need is someone distant from the current US debate, and yet with a great deal of knowledge of how foreign intelligence services hack into computer systems. Maybe someone like Sir John Sawers, former head of MI6, the UK's CIA. Here's what he said recently to the BBC on the subject of e-voting:

"Bizarrely the stubby pencil and piece of paper that you put your cross on in the ballot box is actually much more secure than anything which is electronic."

And added:

"The more things that go online, the more susceptible you are to cyber attacks."

Since MI6 has probably been involved in quite a few of those attacks, Sir John speaks with a certain authority. He also has a good analysis of why there is this constant push for e-voting, even though security experts are pretty unanimous in their warnings of the dangers:

"The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices."

That also goes some way to explaining the naivety of most people when it comes to the Internet of Things. Many people just "expect" everything to be digital and online and linked to its own app, even when it's just a hair brush.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: cybersecurity, e-voting, evoting, john sawers, mi6, security, uk

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    The Wanderer (profile), 9 Jan 2017 @ 7:53pm

    Re: Re: Re: Re: been bitching about voting systems...

    What "hidden script" are you talking about?

    I'm working from the assumption that the ballots have been recorded in a data file, and I'm writing a program which will read in the contents of that data file. Nothing other than what is in the data file is available.

    That seems like a valid assumption, because if the data isn't recorded into a file rather than being stored in memory, there's no way to get it off the voting machine where the vote was tabulated to begin with.

    Once the ballots are in the data file, if the hidden record of their original order isn't stored there, it's lost - and if it _is_ stored there, it's visible to whatever program I'm writing, and my program is capable of storing whatever values it wants in that field when it writes out a shuffled version of the file.

    (Yes, the original file still exists, but it can be deleted.)

    If you're arguing "we can't trust that what the computer says it's doing / recording is what it's really doing/recording", that's an argument for open-source, community- and professionally-audited voting-system software - but it doesn't support the idea that it's impossible to make a computer shuffle votes into a storage order that has nothing to do with the order in which they came in. (It's even trivially possible to design a program which would store them in random order in the first place.)

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.