From the London Guardian:
Computer security experts have warned that the 2013 Oscars ballot may be vulnerable to a variety of cyber attacks that could falsify the outcome but remain undetected, if the Academy of Motion Picture Arts and Sciences follows through on its decision to switch to internet voting for its members.
The Academy announced last week that it would be ditching its current vote-by-mail system and allowing its members to fill out electronic ballots from their home or office computers to make their choices for best picture and the other big Hollywood prizes, starting in 2013.
It announced a partnership with Everyone Counts, a California-based company which has developed software for internet elections from Australia to Florida, and which boasted it would incorporate "multiple layers of security" and "military-grade encryption techniques" to maintain its reputation for scrupulous honesty in respecting its members' voting preferences.
The ballot change will be a culture shock for an Academy voting community that tends to be older and more conservative: indeed, concerns are already surfacing as to whether all of the Academy voters even have email addresses.
But Everyone Counts' security claims have been met with deep scepticism by a computer scientist community which has grappled for years with the problem of making online elections fully verifiable while maintaining ballot secrecy – in other words, being rigorous about auditing the voting process, but still making sure nobody knows who voted for what. So far, nobody has demonstrated that such a thing is possible.
"Everybody would like there to be secure internet voting, but some very smart people have looked at the problem and can't figure out how to do it," said David Dill, a professor of computer science at Stanford University and founder of the election transparency group Verified Voting. "The problem arises as soon as you decouple the voter from the recorded vote. If someone casts a ballot for best actor A and the vote is recorded for best actor B, the voter has no way of knowing the ballot has been altered, and the auditor won't be able to see it either."
Dill and many other leading computer scientists have listed multiple potential vulnerabilities to internet systems making vote-tampering possible, including denial-of-service attacks, malware, and penetration of the server's security wall. He reacted with particular alarm to the notion that the Academy's more than 5,000 voters would cast their ballots from their own computers.
"The hardest problem is when you have malicious software on the machine where the vote is cast," he said. "If that's the user's home PC, that's a huge problem, because lots of people have undetected viruses on their machine. A lot of people are under the control of hackers in eastern Europe, or wherever, and don't even know it."
Three years ago – in the wake of a decision by the Democratic party to let overseas voters participate in its presidential primary via internet – Dill issued a formal statement outlining the problems with internet voting, and persuaded 30 of America's top computer scientists to sign it...
Dill said his concern about the arrangement went well beyond the integrity of the Academy Awards themselves. Rather, he worried about the publicity implications of an awards ceremony broadcast to tens of millions of people across America and around the world.
"I don't want this to set a precedent and give a PR push to internet voting generally," he said. "I don't want the message to be: they used it for the Academy Awards, so it's OK to use it to vote for the president."