France Abandons Plans for Internet Voting

Some good election security news for a change: France is dropping its plans for remote Internet voting, because it's concerned about hacking.

Posted on March 15, 2017 at 6:20 AM • 18 Comments

Comments

Bavo De RidderMarch 15, 2017 6:56 AM

Hacking is one concern, but I think the inability to guarantee that people can vote freely is a more pressing concern. With Internet voting I am afraid that some people will be forced to cast a specific vote with someone standing behind them to verify.

SeanMarch 15, 2017 7:01 AM

I think the French are free to vote what they want. Their concern is more likely to be free to think what they want.

WmMarch 15, 2017 7:12 AM

If the democrats ever get back in control, internet voting will be a high priority. What better way is there to control and throw an election.

AnuraMarch 15, 2017 7:48 AM

@Wm

If Republicans say it, it must be true! Who needs evidence?

Seriously, though, as you demonstrate the way to control an election is to control the information. Drown your opponents in a sea of accusations and claims, and then make them defend themselves, while never admitting your own mistakes. Unfortunately for Republicans, now they are flailing in the wind as their leadership in Congress is showing that in the last 8 years their entire focus was on winning the next election, and they have absolutely no workable ideas - something Republican voters didn't demand, because the media kept them obsessing over the slow drip of leaks of cherry-picked emails.

TatütataMarch 15, 2017 8:11 AM


The French prior experience with electronic internal party primary elections for selecting leaders or candidates didn't go very well. I won't bother looking up links, but in short, the various exercises, left and right, were downright laughable.

The voting procedure works a bit differently than elsewhere. Instead of making marks on a ballot prepared by an electoral authority, candidates make available their own ballots bulletins available at the poll. The elector shows his permanent voter card, picks several ballots, and retires to a booth to insert one of them into an envelope (and throw the other ones away), and returns to insert it into a transparent urn. The ritual expression "a voté!" is then uttered by the election monitor.

Opening the envelopes is probably the most labor intensive part of the process.

Meanwhile in Germany, there is a good old fashioned scandal involving a conservative federal MP who had falsified paper-based documents to get selected as the party's candidate in a well-to-do Berlin electoral district. The shenanigans could carry a jail sentence.

CzernoMarch 15, 2017 8:48 AM

Actually, electronic vote thru the internet was envisionned only for voters residing abroad, outside of metropolitan France and the French territories worldwide, possibly far from a French diplomatic post.

The possibility has been abandoned, officially because of the concerns over fraud/hacking, in reality though also because of some political "calculus" based on the results of secret simulations inside the competent Ministry...

Wally FlyeMarch 15, 2017 8:51 AM

In the USA it's been shown the presidential election turns on the vote of a very small number of counties.

"How 8 key counties voted in the presidential race"
http://www.usatoday.com/story/news/politics/elections/2016/11/09/key-counties-presidential-election-donald-trump-hillary-clinton/93534440/

"25 battleground counties to watch"

http://www.politico.com/story/2016/08/battleground-226780

Thus an attack would need not be at the national level, or even all of the key counties, just the right ones to make it work.

The concerns include not only criminals but various nation states with an interest in the result. Of course the opposing party has an interest, various insiders and disgruntled staff.

These days there are many attack vectors including the internet, but also corrupted hardware and software pre-programmed to create a credible result. Also, wireless attacks. And of course crude but physical attack (could snipping a resistor or wire here or there change things, so that no one would notice?).

My impression is/was like with so many new technologies securing voting machines was and still is an afterthought. I recall one recent machine was based on an outdated version of Windows XP.

Last, but not least, please let's not forget... DIEBOLD!

"Diebold Indicted: Its spectre still haunts Ohio elections"

http://columbusfreepress.com/article/diebold-indicted-its-spectre-still-haunts-ohio-elections

~Tammany Hall boss William Marcy Tweed:
"As long as I count the votes, what are you going to do about it?"

Clive RobinsonMarch 15, 2017 9:07 AM

@ Wm,

If the democrats ever get back in control, internet voting will be a high priority. What better way is there to control and throw an election

The last time I looked how to "get at Voting machines" by "crossing the air gap", most of the voting machine companies were backing the GOP one way or another.

Do you seriously think that if there was a way to control the voting machines that the manufactures GOP funding seniors would let the Democrats control it?

PeteMarch 15, 2017 9:27 AM

Voting needs to NOT be available over the internet. Anything connected could be compromised or DDoS'd.

Votes need to be validated by the voter and audit-able outside the voting machine. Anything less leads to either real fraud or perceived fraud.

I would be happy to speed up voting by printing out my unique ballot with votes at home and only having to drop off the paper at the polling places, assuming my identity is verified at that time.

Where I live, we can vote by snail-mail for any reason, in advance. Just need to request a ballot about 30 days prior to the election. It works well.

ClouzeauMarch 15, 2017 11:30 AM

Bruce Schneier posts a story related to voting security in France, and within 4 comments the thread turns into an American-centric Democrat vs. Republican flame war.

ModeratorMarch 15, 2017 12:01 PM

@Wm, please refrain from further trolling. @All, please limit conversation on U.S. partisan politics, it tends to lower the quality of discussion.


readerMarch 15, 2017 12:38 PM

Bruce, if you thought your internet routing might already be fucked, how would you check? Is there anything like skype's comm test, for the web, that doesn't require installing an app?

Clive RobinsonMarch 15, 2017 5:53 PM

@ reader,

if you thought your internet routing might already be fxxked, how would you check?

The simple answer is that presently you can not do it reliably.

The old way was to use a very short time to live, such that a node would send back an error message saying the TTL had expired. The info in the error message and the IP address (or reverse lookup) would be displayed.

However if I control a node (gateway, bridge, router) upstream of you I can send back anything I like to you and you would not know.

The obvious way around this would be for nodes to each have a PK cert and you to use an appropriate protocol. The problem is it would break the existing protocol (which was a cludge to start off with).

albertMarch 16, 2017 1:00 PM

Vive la France!
Deutchland uber alles!*

Around here, rejection of computerized voting might be considered Conservative, even Ludditian, given our headlong rush to computerize -everything-, damn the torpedoes, full speed ahead.

Not so. Fully computerized, Internetized voting is a x_National Committees wetdream. The present system isn't 'working'. Must get those pesky critics and complainers under control.

Nice to see Diebold indicted. The Wheels of Justice turn slowly, but they turn.

@Clive,
Voting machine contracts are worth ten$ of million$. Could that be the primary motivation? Discuss among your multiple-personalities.

------
* Being half German and half French, I reserve the right to my obsessive-compulsive-paranoid-schizophrenic mental state.
. .. . .. --- ....

Clive RobinsonMarch 16, 2017 5:37 PM

@ Albert,

Being half German and half French, I reserve the right to...

Shovel the coal for the "Full Steam Ahead" for dodgems with the torpedoes?

Yes those voting machine contracts are very lucrative, especially when you consider that the average voting cycle is once every couple of years for local/national representatives. So they'll get used once then be out of guarenty, twice before patches stop and by the third time will be obsolete technology with no spares available... Thus a new buying cycle...

ShavedMyWhiskersMarch 21, 2017 10:29 AM

France may know more than they are telling.

As others have noted elections today swing on tiny deltas.
As others have noted elections are difficult to audit.
As others have noted connected systems are difficult to secure.
As others have noted privacy of the ballot is lost in audit systems.

France does have a large enough population of "newcomers" that
concerns about fraud from within or involving these groups seems
to be an issue.

France has been invaded and has cultural awareness of invasion
and war.

And WP reminds me: France has one official language, the French language. The French government does not regulate the choice of language in publications by individuals, but the use of French is required by law in commercial and workplace communications.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.