Steve Stigall, a CIA cybersecurity expert, suggested that Hugo Chavez fixed a 2004 election recount. He also argued that most electronic voting isn’t secure:
Stigall said that voting equipment connected to the Internet could be hacked, and machines that weren’t connected could be compromised wirelessly. Eleven U.S. states have banned or limited wireless capability in voting equipment, but Stigall said that election officials didn’t always know it when wireless cards were embedded in their machines.
While Stigall said that he wasn’t speaking for the CIA and wouldn’t address U.S. voting systems, his presentation appeared to undercut calls by some U.S. politicians to shift to Internet balloting, at least for military personnel and other American citizens living overseas. Stigall said that most Web-based ballot systems had proved to be insecure.
Does someone think “vote by mail” is secure?
On the other hand, software security is my day job and, well, the mind boggles. Nobody knows everything that is in a general-purpose OS (and this includes Linux, not just MacOS or Windows). And “open to the web”? Shudder.
Voting has a really interesting set of requirements. One of the trickiest ones (to me) is that the voter is not allowed to get a permanent record of his vote (to prevent easy verifiable vote buying), but should be able to have some assurance that his vote didn’t disappear.