No matter the strongest admonitions against it, for years, by virtually all computer science and security experts to offer an opinion on it --- ya know, the folks who actually know how this stuff works, or doesn't --- proponents of Internet Voting are relentless in their advocacy. Kind of how the proponents of polling place e-voting used to tell us that such schemes were tamper-proof, error-free and much more secure than paper.
No matter how many Internet Voting schemes fall flat on their face (voter participation plummeted 83% when Honolulu tried it), get entirely hacked (even by computers in Iran and China) or are taken down by a 10,000 computer denial of service attack (but that was in Canada, so no biggie, right?), some seem to care so little about transparent, oversee-able democracy and self-governance, that they are willing to risk entire elections and the verifiable votes of the citizenry in order to carry out such dangerous and ill-considered adventures.
And so, yet again, with all of those warnings ignored, we find another online election has been wholly compromised --- and now cancelled --- after it was discovered that a business school student hacked into it and stole hundreds of passwords and IDs, so that he could fix the results of the election...
Last month, California State San Marcos student Matt Weaver was arrested, according to the North County Times, "on suspicion of election fraud, unlawful access to a computer or database, and 10 counts of identity theft," on the final day of a four-day Internet Voting election for student government. Weaver was running for President of the student body.
The 23-year old third-year business major was reportedly arrested and jailed on March 15, when Campus police "found him at a school computer and in possession of a device that can be used to steal computer passwords."
He was set free on $50,000 bail and has yet to be charged, but for some reason, unlike in most non-school elections, the FBI seems to care about this one...
"We are looking into it," said FBI Special Agent Darrel Foxworth. "I can't say exactly what we are looking at, but given the facts and circumstances that have been reported to us, it appears there may be violations of federal laws."
Foxworth declined to say why the incident has captured the attention of federal investigators.
The compromised online accounts of 700 CSSM students --- used for signing up for classes "as well as to vote in Associated Students Inc. elections" --- have now been locked down, the victims warned, and the election, which will now start from scratch, has been rescheduled for next month.
One hint as to why the FBI may be interested in the case is found in an article covering the incident by Sandy Fitzgerald at Mobiledia, appropriately headlined "Why Online Voting Isn't So Safe".
The article explains that "Federal authorities are also examining Weaver's activities to decide if such hacking may interfere with state or national elections."
That's nice of them.
In the meantime, Fitzgerald warns, while this case was unusual, it's hardly unheard of as "students' privacy at other campuses and high schools had also been compromised" recently...
In another incident, this one discovered last year at Santa Clara University, "A hacker tapped into an academic records database ... and changed the grades of about 60 current and former students."
The unauthorized access went on for more than a year before officials ever noticed, after which, "SCU began reviewing tens of thousands of student records going back to 2000 and found that grades had been modified, in some cases changed from F's to A's."
But, of course, that could never happen in an Online Election, right? And, even if it did, we'd probably find out about it...a year or ten later.
At one point, FBI agents reportedly had identified a suspect in the SCU grade-changing case, a 25-year old electrical engineering student at the University. After three agents visited his home, according to Matt Liebowitz of SecurityNewsDaily, the suspect, Mark Loiseau, made light of the incident, describing the visit on Twitter "like something off of primetime tv! Right down to the dialogue. They even banged on my door instead of ringing."
"The best part was when one of the agents was like 'we just want the truth,'" Loiseau described in another tweet, "& my roommate was like 'YOU CAN'T HANDLE THE TRUTH!' True story."
Speaking of being unable to handle the truth, we're quite certain that Internet Voting proponents --- particularly the private corporations who stand to make millions if not billions off such schemes, and the elected officials and former election officials they have bought to help their dream (democracy's nightmare) come true --- will pay little mind to what happened last month at California State San Marcos.
They'll simply continue to ignore the experts and tell the public that such a thing could never happen with their Internet Voting schemes which employ "secure" "military grade encryption" or some such bullshit, and the media will dutifully repeat it and ignore all other concerns. Because, after all, the 'younger generation does everything online and they're used to online elections!' They certainly are.
Other than that, Internet Voting remains a great idea. It's just democracy, after all. What could possibly go wrong?