Tech Talk iconTech Talk

Do the perceived benefits of online voting outweigh the risks?

The Security Challenges of Online Voting Have Not Gone Away

Online voting is sometimes heralded as a solution to all our election headaches. Proponents claim it eliminates hassle, provides better verification for voters and auditors, and may even increase voter turnout. In reality, it’s not a panacea, and certainly not ready for use in U.S. elections.

Recent events have illustrated the complex problem of voting in the presence of a state-level attacker, and online voting will make U.S. elections more vulnerable to foreign interference. In just the past year, we have seen Russian hackers exfiltrate information from the Democratic National Committee and probe voter databases for vulnerabilities, prompting the U.S. government to formally accuse Russia of hacking.

In light of those events, the U.S. Department of Homeland Security may soon classify voting systems as critical infrastructure, underscoring the significant cybersecurity risks facing American elections. Internet voting would paint an even more attractive target on the ballot box for Russian adversaries with a record of attempting to disrupt elections through online attacks.

In the face of such an adversary, the few online voting trials that have been carried out in the U.S. do not inspire confidence. In 2010, Washington, D.C. ran a pilot of an online voting system and invited security experts to try to breach the system. Hackers changed all the votes in fewer than 48 hours. The 2016 Utah GOP Caucus included an online voting option that was rife with procedural mistakes that prevented an estimated 10,000 Utahns from using the system.

Online voting has also been conducted during live elections in places like Estonia, Norway, and Australia. It is hard to know the degree of security attained in these elections, because vendors and officials have no incentive to disclose suspected breaches. However, independent researchers discovered vulnerabilities in both the 2015 New South Wales online election and in Estonia’s system in a 2013 study. Among the problems that were discovered: exploitable vulnerabilities in the connections between voters’ computers and election servers, as well as procedural and architectural weaknesses that could allow state-level attackers like Russia to manipulate entire elections.

Voting is an unusually difficult security problem, because officials must guarantee a correct result while simultaneously ensuring that voters’ choices remain private—and all without  being able to trust any individual participants to act impartially. Furthermore, the election has to produce a result on election day, and we cannot delay voting or rerun the election if the system comes under attack. These requirements mean that traditional online security techniques, like those used to protect banking and commerce, are insufficient for elections.

Today, the vast majority of secure Internet communication takes place using Transport Layer Security (TLS), a cryptographic protocol in which vulnerabilities continue to be found. Three times in the past two years, researchers uncovered TLS flaws that could compromise up to one-third of popular sites. If an online voting system were among the susceptible sites, attackers might be able to intercept votes, discover how individuals voted, prevent votes from being cast, or even change votes.

For another sobering example of what might go wrong with online voting, look no further than the Mirai botnet attack which just last month interrupted access to many of the Web’s most popular sites. Had the target been an online election, large portions of the country would have been unable to vote.

Even if the election servers and communication channels are secure, online elections rely critically on the security of the devices voters use to vote. That’s a problem, because up to 30 percent of computers in the U.S. are already infected with malicious software, and malware could prevent ballots from being transmitted or replace them with entirely different votes.

Beyond these obstacles, an online voting system needs to securely authenticate voters’ identities. In Estonia—a country less populous than 41 U.S. states—this is accomplished using cryptographic chips embedded in every citizen’s national ID card which they scan using a card reader that they can attach to their laptops. We have no similar infrastructure in the United States, and a significant number of eligible voters lack any form of government-issued identification.

Overcoming these security challenges remains an area of active research. Computer scientists have proposed promising techniques for securing online elections based on advanced cryptography. It would let voters confirm that their votes were properly counted, without indicating to anyone else exactly how they voted. However, no technique has yet been demonstrated to be both practical enough for use by real voters and sufficient to protect against a well-resourced nation-state. There even remains considerable controversy amongst security and privacy researchers about what it means for an online election to be secure.

Even ignoring the security risks, the benefits of Internet voting are less certain than was once believed. Evidence from Estonia—including 1.5 percent rise in overall voter turnout due to online voting—suggests that most voters would have cast ballots even without Internet voting. Internet voting seems to primarily make voting easier for those who vote already. What is certain is that online voting would make it easier for external players to tamper with elections.

In light of the uncertain benefits of voting online, it is crucial that we in the United States not rush to entrust our democracy to it. Some of the most difficult unsolved problems in computer security stand in the way: authenticating remote users, protecting home computers from malware, safeguarding online communication, preventing denial-of-service attacks, and protecting critical infrastructure from nation-state attackers. These challenges are among the most exciting and important in computer science and engineering—and many are striving to address them—but it may be decades, if ever, before they are solved to the level that we can vote online with confidence.

Robert Cunningham is chair of the IEEE Cybersecurity Initiative. Matthew Bernhard is a second-year computer science Ph.D student focused on security issues at the University of Michigan and tweets from @umbernhard J. Alex Halderman is a professor of computer science and engineering at the University of Michigan and director of Michigan's Center for Computer Security and Society.

Interior view of smart mailbox with hardware components

RFID + Camera + Lock = Smart Mailbox

A self-locking mailbox could someday flag down delivery drones and intelligently screen your driveway for intruders.

Columbus State University computer scientist Lydia Ray presented the technology, called the ADDSMART project, during a 20 October session at the annual IEEE Ubiquitous Computing, Electronics, and Mobile Communication Conference in New York City.

The project aims to achieve two goals: clearly marking addresses for autonomous vehicles, and reducing the energy and data storage costs of home surveillance systems. An early prototype mailbox attachment suggests that the trick, in both cases, may be radio-frequency identification.

Powered by an Arduino Yun processor, one component of the ADDSMART device controls a high-frequency 13.56-MHz RFID reader, USB camera, passive-infrared motion sensor, solenoid lock, and an onboard Wi-Fi module. The second component is an RFID tag. 

Ray came up with the idea when she saw an Amazon ad for drones delivering packages. She wondered how that would be possible, as some of her regular mail still arrives at the wrong address.

In the United States, Amazon and Google and startups such as the Reno, Nev.–based Flirtey, are trying delivery via drones. One of a drone’s challenges is to home in on its destination. But accurately identifying addresses with standard GPS alone is really difficult, Ray says, because GPS uses latitude and longitude. The GPS sensor is good for identifying a location—but an additional system is needed for pinpointing a precise address.

Some approaches for tackling the location problem include computer vision techniques with cameras. Ray points out that even identifying addresses with human vision can be hard. At her house, the address is written on the pavement and “is not easily identifiable.” Then, Google Street View, which updates infrequently at best, doesn’t show that her neighbor’s house recently changed colors; and it wouldn’t even work so well for finding an address at night.

With an RFID tag on a home’s mailbox and an RFID reader on a drone or car, Ray believes that the delivery process could become relatively easy. The drone would use GPS to navigate to an address and then confirm that the address is correct by checking the RFID tag.

Once Ray decided to attach an RFID tag to a mailbox, she realized that RFID can do more than flag down drones: it offers security, too. An RFID-reader-equipped system could store a list of “safe” RFID tags whose possessors would be able to pass by a home or open the mailbox unimpeded. 

Instead of a home surveillance system continuously checking for intruders, a video camera could save energy by starting to record only when an unrecognized vehicle or person passes the mailbox. The mailbox could also unlock when authorized users—such as a homeowner or mail carrier—arrive.

After soldering and wiring the necessary hardware for the smart mailbox and writing computer scripts for running commands, Ray and her student, Jonathan Ross Tew, tested the sensors indoors and outdoors. 

When the motion sensor detected a change in passive infrared radiation—a type of electromagnetic radiation given off by anything warmer than about -270°C—the USB camera took a picture. Computer scripts sent the picture via email to a recipient and uploaded it to Dropbox.

Also, when an RFID tag was in the RFID reader’s limited detection range, the system checked whether the tag was marked with the homeowner ID or postman ID. In either case, it would open the solenoid lock, but the postman tag also triggered an email alert.

Ray said the passive-infrared motion sensor the team used pretty much failed outdoors—there were 931 false positives out of 937 tries. Using a more expensive sensor could help, she said.

Future work includes testing the system under various conditions and investigating the total area of surveillance coverage, technical interference with nearby smart mailboxes (like this Kickstarter project, Mr. Postman), security, and privacy.

So how will smart mailboxes flag down drones in apartment and condo complexes with cluster mailboxes? Ray told IEEE Spectrum that each individual mailbox could have its own RFID tag with an apartment number or post box number for flagging down drones. As for the surveillance function, Ray says a monitoring system similar to the one used in the prototype could monitor the door of each apartment.

ZCash Will Be a Truly Anonymous Blockchain-Based Currency

Last Friday, I was in a van in Denver, Colorado with Zooko Wilcox the CEO of ZCash, a company that on 28 October will launch a new blockchain-based digital currency of the same name. On the floor next to me was a bunch of newly purchased computer equipment. I knew we were going to a hotel, but didn’t know where. I only knew that I’d be there for the next two days straight and that it would be my job to watch, ask questions, stave off sleep, and document as much as I possibly could.

That day began a cryptographic ceremony of sorts, one that will make or break a new digital currency. ZCash is identical to Bitcoin in a lot of ways. It’s founded on a digital ledger of transactions called a blockchain that exists on an army of computers that can be anywhere in the world. But it differs from Bitcoin in one critical way: It will be completely anonymous. Although privacy was a motivating factor for Bitcoin’s flock of early adopters, it doesn’t deliver the goods. For those who want to digitally replicate the experience of slipping on a ski mask and handing over an envelope of unmarked bills, ZCash is the new way to go. 

Read More
Illustration of a padlock

Which Path to IoT Security? Government Regulation, Third-Party Verification, or Market Forces

On Friday, a series of distributed denial-of-service attacks hit Dyn, a company that provides a form of traffic control for popular websites, and interrupted some users’ access to sites including Github, Twitter, and Netflix. Since then, it has become clear that these attacks were made possible by security vulnerabilities in millions of devices within the Internet of Things.

On Monday at the National Cyber Security Alliance’s Cybersecurity Summit in New York City, industry leaders from security firms, Internet service providers, and device manufacturers fretted over the implications. Panelists spoke about the existential dangers that companies in the fast-growing IoT sector face if they continue to fail to secure these devices and debated ways in which the industry can improve security within this ecosystem.

“Friday showed us that the genie is well out of the bottle at this point,” said Andrew Lee, CEO at security company ESET North America. “This should probably be the wake-up call to manufacturers to start taking this seriously.”

While it’s still not clear who executed Friday’s attacks, Dyn has announced that hackers orchestrated it across “tens of millions” of IP addresses gathered through Mirai, malware that scans the Internet for connected devices with weak security. The malware then enlists these devices into a massive global network called a botnet. Increasingly, hackers have used these networks to launch distributed denial-of-service attacks, in which they instruct many devices to send traffic to a target at once in order to overload its capacity and prevent real users from accessing a website or service.

Read More
A close-up image of a finger pushing a red key titled

What Is a Distributed Denial-of-Service Attack and How Did It Break Twitter?

On Friday, multiple distributed denial-of-service (DDoS) attacks hit the Internet services company Dyn. The cyberattack prevented many users on the U.S. East Coast from navigating to the most popular websites of Dyn customers, which include Twitter, Reddit, and Netflix.

Dyn detected the first attack at 7:10 a.m. Eastern time on Friday and restored normal service about two hours later. Then at 11:52 a.m. ET, Dyn began investigating a second attack. By 2:00 p.m., the company said it was still working to resolve “several attacks” at once.

The interruptions inconvenienced many Internet users, and the daily operation of Internet giants in entertainment, e-commerce, and social media. There still aren’t many details available about Dyn’s predicament, and the company did not immediately respond to an interview request. But we do know from Dyn’s posts that the first two assaults on its network were DDoS attacks. Its customers’ outages again show that major Internet companies remain vulnerable to this common hacker scheme—one that has plagued networks since 2000.

A denial-of-service attack aims to slow or stop users from accessing content or services by impeding the ability of a network or server to respond to their requests. The word “distributed” means that hackers executed the Dyn attacks by infecting and controlling a large network of computers called a botnet, rather than running it from a single machine that they own.

Hackers can assemble a botnet by spreading malware, which is often done by prompting unsuspecting users to click a link or download a file. That malware can be programmed to periodically check with a host computer owned by hackers for further instructions. To launch an attack, the hackers, or bot-herders, send a message through this “command and control” channel, prompting infected computers to send many requests for a particular website, server, or service all at once. Some of the biggest botnets in history have boasted 2 million computers, capable of sending up to 74 billion spam emails a day.

The sudden onslaught of requests quickly gobbles up all the network's bandwidth, disk space, or processing power. That means real users can’t get their requests through because the system is too busy trying to respond to all the bots. In the worst cases, a DDoS can crash a system, taking it completely offline.

Both of Friday’s attacks targeted Dyn’s Managed Domain Name System. Through this system, Dyn provides a routing service that translates Web addresses that users type into a browser, such as spectrum.ieee.org. Users who type in a Web address are first sent through a Dyn server that looks up the IP address for a server that hosts the content the user is trying to reach. The Dyn server passes this information on to the user's browser.

To disrupt this process, says Sanjay Goel, a professor of information technology at the State University of New York (SUNY) at Albany, the bot-herders probably sent tons of translation requests directly to Dyn’s servers by looking up the servers’ IP addresses. They could have also simply asked the bots to send requests for Amazon.com and Twitter.com to cause similar issues. Attacking a DNS or a content delivery provider such as Dyn or Akamai in this manner gives hackers the ability to interrupt many more companies than they could by directly attacking corporate servers, because several companies share Dyn's network.

In Dyn’s case, it has built its Managed DNS on an architecture called Anycast, in which any particular IP address for a server in its system can actually be routed through servers in more than a dozen data centers. So, if the IP address of one server is targeted, 10 others may still be able to handle the normal traffic while it's beseiged with bot requests. Art Manion, a technical manager at Carnegie Mellon University’s Software Engineering Institute, says this system should make Dyn more resilient to DDoS attacks, and the company has touted it as highly secure.

Dyn said on Friday in an update to its website that the first attack mainly impacted services in the “US East.” The Anycast network includes data centers in Washington, D.C., Miami, and Newark, N.J., as well as in Dallas and Chicago, though it’s not clear whether these locations were specifically targeted.    

Even in the affected region, only certain users experienced issues. One reason could be that other users' browsers had previously used Dyn to locate the specific server they needed to recover, say, Twitter.com. Because that information is now cached in their browsers, those users can bypass Dyn to fetch the desired content, so long as the servers that store Twitter’s website are still functioning.

Another reason for the inconsistent impacts could be that a common mechanism for handling DDoS attacks is to simply drop every fifth request from the queue in order to relieve the network of traffic. The result: Some requests from legitimate users wind up being dropped along with those from bots.

Once an attack begins, companies can bring backup servers online to manage the blizzard of requests. Victims can also work with Internet service providers to block the IP addresses of devices generating the most traffic, which means that they're likely part of the botnet. "You start blocking the different addresses where it's coming from, so depending on how massive the botnet is, it may take some time," says SUNY Albany's Goel.

Increasingly, bot-herders have recruited Internet of Things devices, which often have poor security, to their ranks. This allows them to launch ever more powerful attacks because of the sheer numbers of such devices. Two of the largest DDoS attacks on record have occurred within the past two months: first, a 620-gigabit-per-second attack targeting independent security reporter Brian Krebs of KrebsonSecurity.com, and then a 1,100-Gb/s siege on the French hosting company OVH.

Even with state-of-the-art protections and mitigation strategies, companies are limited by the amount of bandwidth they have to handle such sudden onslaughts. “Ultimately, Akamai has total x amount of bandwidth, and if the attacker is sending x-plus-10 traffic, the attacker still wins,” says Carnegie Mellon's Manion. “It mathematically favors whoever has more bandwidth or more traffic, and the attackers today can have more traffic.”

Dyn’s global network manages over 500 billion queries a month, so the culprits would have had to send many millions or even billions of requests simultaneously in order to stall it. Manion says that to prevent DDoS attacks, companies must address root causes such as poor IoT security, rather than scrambling to stop them once they’ve begun.

Stanford University Ising Machine

New Computer Combines Electronic Circuits with Light Pulses

Modern computers still lack the capability to find the best solution for the classic “traveling salesman” problem. Even finding approximate solutions is challenging. But finding the shortest traveling salesman route among many different cities is more than just an academic exercise. This class of problems lies at the heart of many real-world business challenges such as scheduling delivery truck routes or discovering new pharmaceutical drugs. 

Read More
Stanford computer science professor calls for greater ethnic and gender diversity in artificial intelligence

Computer Vision Leader Fei-Fei Li on Why AI Needs Diversity

As Fei-Fei Li sees it, this is a historical moment for civilization fueled by an artificial intelligence revolution. “I call everything leading up to the second decade of the twenty-first century AI in-vitro,” the Stanford computer science professor told the audience at last week’s White House Frontiers Conference. Heretofore, the technology was being fundamentally understood, formulated, and tested in labs. “At this point we’re going AI in-vivo,” she said. “AI is going to be deployed in society on every aspect of industrial and personal needs.”

It’s already around us in the form of Google searches, voice-recognition, and autonomous vehicles. Which makes this a critical time to talk about diversity.

The lack of diversity in AI is representative of  the state of computer science and the tech industry in general. In the United States, for example, women and ethnic minorities such as African-Americans and Latinos are especially underrepresented. Just 18 percent of computer science grads today are women, down from a peak of 37 percent in 1984, according to The American Association of University Women. The problem is worse in AI. At the Recode conference this summer, Margaret Mitchell, the only female researcher in Microsoft’s cognition group, called it “a sea of dudes.” 

But the need for diversity in AI is more than just a moral issue. There are three reasons why we should think deeply about increasing diversity in AI, Stanford’s Li says.

The first is simply practical economics. The current technical labor force is not large enough to handle the work that needs to be done in the fields of computing and AI. There isn’t much in the way of specific numbers on diversity in AI, but anecdotal evidence say they’d probably be dismal. Take, for instance, Stanford’s computer science department. AI has the smallest percentage of women undergrads, at least as compared to tracks like graphics or human-computer interaction, Li points out. Worldwide, the GDP from automation and machine learning is expected to rise. So it’s really important that more people study AI, and that they come from diverse backgrounds. “No matter what data we look at today, whether it’s from universities or companies, we lack diversity,” she says.

Another reason diversity should be emphasized is its impact on innovation and creativity. Research repeatedly shows that when people work in diverse groups, they come up with more ingenuous solutions. AI will impact many of our most critical problems, from urban sustainability and energy to healthcare and the needs of aging populations. “We need a diverse group of people to think about this,” she says.

Last, but certainly not the least, is justice and fairness. To teach computers how to identify images or recognize voices, you need massive data sets. Those data sets are made by computer scientists. And if you only have seas of (mostly white) dudes making those data sets, biases and unfairness inadvertently creep in. “Just type the word grandma in your favorite search engine and you’ll see the bias in pictures returned,” Li says. “You’ll see the race bias. If we’re not aware of the bias of data, we’re going to start creating really problematic issues.”

What can we do about this? Bring a humanistic mission statement to the field of AI, Li says. “AI is fundamentally an applied technology that’s going to serve our society,” she says. “Humanistic AI not only raises the awareness of the importance of the technology, it’s a really important way to attract diverse students, technologists and innovators to participate.”

How is artificial intelligence going to affect the world of work?

What AI Experts Say Smart Machines Will Do to Human Jobs

For centuries, technological innovation has created jobs and improved standards of living. Artificial intelligence might change that. For starters, AI-driven automation is not going to treat workers equally. A recent White House called Preparing for the Future of Artificial Intelligence acknowledges that AI could make low- and medium-skill jobs unnecessary, and widen the wage gap between lower- and higher-educated workers.

The good news is that policymakers and technology experts are thinking about this, and instituting plans aimed at avoiding the “Robots are going to take all of our jobs!” doomsday scenario. Academics and industry practitioners discussed AI’s job impact at the White House Frontiers Conference last week. And they were confident and optimistic about our ability to adapt.

“The best solutions are always going to come from minds and machines working together,” said Andrew McAfee, co-director of the MIT Initiative on the Digital Economy, and author of “The Second Machine Age.” But that balance of minds and machines won’t always be the same. In five years, that balance will be totally different in, say, customer service and driving.

The good news is that the U.S. economy is really good at creating new jobs once old ones get automated. As an example, McAfee pointed out that the year of peak manufacturing employment in the United States was 1979. Every year since, the number of people working in the industry has gone down even though output goes up. “Those people didn’t become unemployed and their families didn’t starve,” he said.

Read More
Panel on Best Practices in AI

Facebook, Microsoft, and IBM Leaders on Challenges for AI and Their AI Partnership

Late last month, Amazon, Facebook, Google, IBM, and Microsoft announced that they will create a non-profit organization called Partnership on Artificial Intelligence. At the White House Frontiers Conference held at Carnegie Mellon University today, thought leaders from these companies explained why AI has finally arrived and what challenges lie ahead. (Also read the White House’s report on the future of AI released yesterday.)

While AI research has been going on for more than 60 years, the technology is now at an inflection point, the panelists agreed. That has happened because of three things: faster, more powerful computers; critical computer science advances, mainly statistical machine learning and deep learning techniques; and the massive information available due to sensors and the Internet of Things.

Read More
Google's DeepMind lab gave deep learning software external memory to perform tasks such as navigating the London Underground map

Google's Deep Mind Gives AI a Memory Boost That Lets It Navigate London's Underground

Google’s DeepMind artificial intelligence lab does more than just develop computer programs capable of beating the world’s best human players in the ancient game of Go. The DeepMind unit has also been working on the next generation of deep learning software that combines the ability to recognize data patterns with the memory required to decipher more complex relationships within the data.

Read More
Advertisement

Tech Talk

IEEE Spectrum’s general technology blog, featuring news, analysis, and opinions about engineering, consumer electronics, and technology and society, from the editorial staff and freelance contributors.

Newsletter Sign Up

Sign up for the Tech Alert newsletter and receive ground-breaking technology and science news from IEEE Spectrum every Thursday.

Load More