Despite Internet insecurity, remote electronic voting still wor

SAN JOSE, Calif. -- Despite a Pentagon project criticized this week as dangerously vulnerable to hackers and terrorists, reliable Internet voting from overseas still could be workable, computer scientists agree.

But a secure system would not be ready for this year's presidential election, they say.

Under the Pentagon project, up to 100,000 people from Arkansas, Florida, Hawaii, North Carolina, South Carolina, Utah and Washington -- most of them U.S. service personnel -- will be eligible to vote abroad in November.

They can vote from any old cybercafe, as long as it has the right operating system and browser.

Many prominent computer experts believe the current system is irresponsible. They say rigorous precautions and security improvements, including properly trained poll workers and dedicated terminals at U.S. embassies or military bases, are needed to make Internet voting as fraud-resistant as the physical ballot box.

The U.S. military says it's willing to make significant changes to its system, known as SERVE, including installation of computer kiosks at U.S. bases and the use of data encryption.

But it won't implement changes until after a detailed analysis of this year's election results.

"We don't have blinders on," said Defense Department spokesman Glenn Flood. "Congress told us to take a look at using Internet technology to prevent the mishaps of regular snail mail for absentee voters. ... We're glad to have feedback and make modifications."

Report to Congress

A 10-member peer review board will interview SERVE participants after they vote, and report to Congress next year. If successful, SERVE -- an acronym for Secure Electronic Registration and Voting Experiment -- could be adapted domestically to help boost turnout among other disenfranchised groups, ranging from the elderly to college students.

Meg McLaughlin, president of Reston, Va.-based Accenture eDemocracy Services, which developed SERVE, said the system replicates in a Web browser the look and feel of digital voting systems in thousands of precincts. A final confirmation page allows changes but does not allow the voter to print out a record.

Critics say the system fails in its overarching reliance on the Internet, which they contend exposes elections to hackers, cyberterrorists, power outages, downed telephone lines, computer viruses and software bugs.

They're recommending a system that would let pre-registered voters log onto dedicated terminals at military bases or consulates for ballots from home counties. Trained elections officials would maintain software and machines. Only voters with approved military IDs or SERVE-authorized IDs could log in.

Never connected to the Internet, kiosks would receive software and voter databases on disks delivered by certified mail. Voters would print and sign ballots and mail them back their registrar.

Ballots could be sent electronically to firewall-protected computers with broadband connections, saving weeks or months it takes for mail in remote Afghanistan or Arctic research stations.

Even the four prominent computer experts who issued a blistering analysis of SERVE on Wednesday, saying the system should be scrapped, acknowledged that the Internet is too convenient and popular to ignore as a voting medium -- particularly for military personnel.

Nearly one in three overseas soldiers registered to vote in the 2000 presidential election didn't receive ballots in time. About one in five said they didn't register because they found the mail-in process daunting, according to Pentagon research.

Since Wednesday, hundreds of programmers in online chat groups have posted recommendations to make the Internet a more secure voting medium. Many worried that the $22 million Pentagon experiment, which began in the summer of 2002, was a rushed attempt at avoiding dangling chads and other shortcomings of the mostly analog 2000 presidential election.

"I believe that eventually the Internet is going to be the way to go," said David J. Farber, computer science and public policy professor at Carnegie Mellon University. "But we're going to have to invest in making it happen."

Some experts suggest installing biometric devices -- including optical or finger scans -- or smart card readers to gain access to dedicated voting terminals abroad. But proponents of SERVE say such steps are unnecessary.

The vast majority of overseas voters are military personnel and their relatives, and they must present numerous forms of identification to access to computers on battleships or bases.

------

On the Net

Security report: www.servesecurityreport.org

The official SERVE program site: www.serveusa.gov/public/aca.aspx