IT experts urge E-stonia to drop Internet voting

May 13, 2014
A woman sits on February 28, 2011 in Tallinn in front of a computer to vote in the Estonian general election

A team of global IT experts on Tuesday urged cyber-savvy Estonia to drop electronic voting from this month's European elections, saying they had identified major security risks.

"Estonia's Internet voting system blindly trusts the election servers and the voters' computers," said US computer scientist J. Alex Halderman, a co-author of the report released Tuesday.

"Either of these would be an attractive target for state-level attackers, such as Russia."

But the Estonian electoral commission said it regularly updates the e-voting system.

"We have carried out public test votings and we have given experts a chance to attack the test system, which is similar to the real e-voting system," commission spokeswoman Kristi Kirsberg told AFP.

"We are convinced the system is safe," she said, less than two weeks before the May 25 elections to the European parliament.

Estonian Internet expert Linnar Viik added that the country's six e-votes to date have gone off without any security incidents.

"The possible attacks are under control and attacks just can't happen," the Estonian IT College lecturer told AFP.

Dubbed E-stonia, the ex-Soviet Baltic nation of just 1.3 million people has made a name for itself for being a trailblazer in technology, notably pioneered e-voting in 2005 and playing host to NATO's cyber defence centre.

Other countries including France and the United States have also experimented with voting by mouseclick.

At the last European parliament vote, in 2009, around 58,000 Estonians—or 15 percent of turnout—went online for the ballot.

But the six IT experts now warn that the system's operational security is lax, transparency measures are insufficient and the software design is vulnerable to cyber attacks.

They came to the conclusion after observing Estonian e-voting operations at last year's municipal elections, then carrying out a analysis and laboratory testing.

"We never thought we'd see as many problems and vulnerabilities as we did," said report co-author Jason Kitcat, an adviser for the Open Rights Group that defends Internet freedoms.

"We feel duty-bound to make the public aware of those problems."

The report can be found at:

Explore further: Smartphone-based voting technology may lead to fewer user errors

add to favorites email to friend print save as pdf

Related Stories

Estonia says Europe overreacted to US cyber spying

Jul 11, 2013

Europeans have overreacted to allegations that the United States had been snooping on them and vacuuming up huge amounts of phone and Internet data, cyber-savvy Estonia said in an interview published Thursday.

As e-voting comes of age, security fears mount

Oct 24, 2010

New technologies allowing voters to cast ballots via the Internet or other electronic means are catching on in the United States and elsewhere, even as fears mount about security of the systems.

NATO launches exercise to beef up cyber defence

Mar 26, 2012

NATO's Tallinn-based cyber defence centre on Monday launched a three-day exercise involving European IT and legal experts in a bid to beef up cyber defence skills through gaming.

Recommended for you

Facebook dressed down over 'real names' policy

Sep 17, 2014

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

Sep 17, 2014

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

User comments : 0