Browse By

Americans Elect Internet Vote for President? Consider how it worked in DC 2010

Apart from the various considerations of political ideology, influence and process regarding Americans Elect, there’s the simple matter of technology. Americans Elect plans to use all-internet-voting to nominate a presidential candidate and to broker the selection of the actual president in an Electoral College showdown. Will a binding internet vote be pulled off with accuracy and without getting hacked? Or is online voting subject to tampering?

Internet votes can be pulled off. The city of Honolulu managed an internet election for neighborhood councils in 2009. Estonia is often mentioned by internet-voting advocates, although more than 98% of votes cast in Estonia’s 2005 e-vote were old-fashioned paper ballots, and Estonia is a small country that had 9,681 electronic votes to verify that year.

The scale is much larger and the stakes are much higher in an internet election for the President of the United States, the single most powerful position on the planet. And we’re not just talking about a vote to select an Americans Elect nominee, either. In its bylaws, Americans Elect makes plans to hold a second internet vote if the Americans Elect candidate doesn’t win an outright majority of electoral votes, but neither does the Republican or Democratic party candidate. This second vote would decide which major party candidate would receive the electoral votes of Americans Elect. That vote would decide the presidency. All Americans Elect needs to put itself in that position is Election Day victory in one of the fifty states.

So when we evaluate Americans Elect, we should pay close attention to the current state of internet voting. And as Jim Soper points out, recent excursions into internet voting are sobering. The city of Washington, DC planned to start offering an internet vote system for residents of DC living overseas; last fall it launched the enterprise with an invitation for experts to try and hack its security system. Within three days, J. Alex Halderman and a small team from the University of Michigan had won complete control of the DC internet voting system:

D.C. launched the public testbed server on Tuesday, September 28. On Wednesday afternoon, we began to exploit the problem we found to demonstrate a number of attacks:

  • We collected crucial secret data stored on the server, including the database username and password as well as the public key used to encrypt the ballots.
  • We modified all the ballots that had already been cast to contain write-in votes for candidates we selected. (Although the system encrypts voted ballots, we simply discarded the encrypted files and replaced them with different ones that we encrypted using the same key.) We also rigged the system to replace future votes in the same way.
  • We installed a back door that let us view any ballots that voters cast after our attack. This modification recorded the votes, in unencrypted form, together with the names of the voters who cast them, violating ballot secrecy.
  • To show that we had control of the server, we left a “calling card” on the system’s confirmation screen, which voters see after voting. After 15 seconds, the page plays the University of Michigan fight song.

Even though the DC voting system was equipped with surveillance measures to detect an online hack, surveillance alarms didn’t go off and DC didn’t know it had been hacked until, two days after Halderman’s team got in, people started calling in with reports about the Michigan fight song.

Halderman wasn’t the only one trying to hack into the system. Halderman got there first, but teams from the nations of Iran and China were also diligently working on a hack.

This is what went down in DC. What happens when the presidency is the prize? Americans Elect might be able to make it all work, but to win confidence it will have to affirmatively demonstrate that it can.

11 thoughts on “Americans Elect Internet Vote for President? Consider how it worked in DC 2010”

  1. Tom says:

    (from above) Americans Elect is a new internet-based, plutocrat-powered third party that could well be perfect for our new system of government. The party is now calling for delegates to help determine the issues around which the party’s candidates will be selected. In theory this allows Everybody to participate because You debate among yourselves to determine the party Platform and then You choose a presidential candidate from a pool “certified by an [I]ndependent [C]ommittee to meet a set of standard qualification criteria such as background checks.”

    Who chooses the Independent Committee? I dunno. Maybe another Independent Committee. Or God. Somebody centrist, in any event, so New Testament God rather than Rip Your Lungs Out On A Whim God.

  2. Don Kirk says:

    Mr. Cook,

    I understand from a previous post of yours, that Americans Elect is possibly in violation of federal election laws from its very inception by using a politics-prohibited non-profit corporation to raise sums of money for openly political purposes. What does Tom Friedman say about this possibility of grossly violating federal election laws, considering his gushing orgasmic column on Americans Elect in today’s N.Y. Times?

    Is the Kahlil Byrd who seems to be the behind-the-scenes fountainhead of Americans Elect the same Kahlil Byrd who has spent many years working ardently for Democratic Party politicians and candidates? If so, then how is American Elect not simply another end-run around the election laws to collect and spend vast sums for partisan politics without having to report to the legal authorities or demonstrate open transparency to the public?

    Are these people in Americans Elect simply a group of two or three ‘slick’ stockbrokers and Wall Street hedge fund managers trying to use the tax and election laws to “build their book” of billionaire clients, all in the name of ‘reforming’ the American political system?

    With my warmest regards,
    Don Kirk

    1. David M.J. Greenberg says:

      Dear Don ,

      I’m currently working to put Americans Elect on the ballot via signature gathering — I wonder if there is a source to confer with regarding stockbrokers and billionaire clients?

      1. Jim Cook says:


        You can try contacting Americans Elect itself at, but I wouldn’t hold my breath waiting for a response. I’ve been trying to initiate communication with Americans Elect for nearly a year, in person, by phone, by e-mail and by snail mail. I’ve not yet gotten a single response.

    2. Jim Cook says:

      Don, thanks for writing.

      I think the situation is more complicated than how you express it. Unfortunately, what stands as “the law” these days regarding campaign finance, corporations and disclosure is effectively what that IRS and FEC will let slide, and they’re letting a lot slide. It might be fairer to say that Americans Elect’s activity doesn’t appear to match the written regulations on 501c4 activity. And Kahlil Byrd was most recently working on behalf of Republican and independent candidates, making him not so much a partisan stalwart as an enigma.

  3. Fred Silverman says:

    Harnessing the Internet for elections operations is not just a logical direction (it’s there, so let’s use it), but an intelligent one (distributed, disparate communications, counting lots of discrete events, cost efficiency). Of course, the rub is in building it to work and be trustworthy. This needs tech approaches and skill far more typically found at IBM, Google, Amazon, MIT, Michigan and other cells of imagination and talent than at your local or state Board of Elections. I’d suggest (and expect not be the first) an Interstate Compact or NIST to fund a design competition for universities and corporations to create provable working systems? A prize to the winners. Certifiable systems for the states, counties and cities. Maybe even a tv documentary (Discovery? HBO?). Phase I is creating systems. Phase II is exposing them to cross community hack testing. Phase III is rating them for operational efficiency and effectiveness, implementation requirements, and voter features. Phase IV is the rubber chicken prize award dinner! Let the brainiacs help solve the problem instead of just show us we have it. One impediment to Internet utiization is that the Nation’s 10,000 boards of elections are not computer and network literate enough to correctly specify their own requirements. Another is the patchquilt of election law that has to be accomodated in any working system, let alone hardened security. And too few, or maybe none, of our computer and network geeks speak the essentially foreign, dialect-ridden language that is election operations. Internet game on? It could and should happen, but maybe not today.

    1. Jim S says:

      The brainiacs cannot keep out of Google, the CIA, the Pentagon, or banks, which loose billions every year but do not talk publicly about it. They have already said that no solution is even on the horizon ( ). You have 3 fundamental problems to start with.
      1) The Internet was designed from the bottom up to survive nuclear war, not hack attacks, which did not exist in the 60s. For it to be modestly secure, you would have to build a new Internet, from scratch, with security built into the foundation.
      2) There is currently no reasonable way to protect against insider threats. Nobody should trust any system built by communist Chinese, the Russian mafiosi, or Wall Street banksters. Even management will not be able to 100% control what the programmers are putting into the many layers of software involved. There is too much to check.
      3) Good engineering uses redundancy, and has recovery options. With our current elections, it’s paper. With paper ballots, we can check the count, and when something goes wrong, and it will, we can recount the paper. Internet voting has no software independent redundancy. As far as recovery is concerned, there is none. When the system fails, you have to hold a new election. In the US, this is not an option.

      1. Fred Silverman says:

        Thank you for your comments, Jim. Your history of the Internet is not just incomplete, but off base. The raw capability sought was that computer systems, despite entirely incompatible internal languages, needed to admit and control messaging and file transfers transparently, thus the term inter-networking, from which the contraction “internet” evolved. Packet switching, of course, was a fundamental security feature that provided some armageddon resistance. Once TCP/IP proved equal to both parts of the inter-networking challenge, security tools were added to encrypt the content of packets and put data caches behind firewalls to keep out intruders, or what we call hackers today. Is there still work to be done? Apparently. In fact, it is a constant requirement for anyone with anything of value to protect. Contrary to the many news stories everyone likes to cite about hacked sites, there are hardened implementations that exist and work using the Internet, just not in the news. Turning back to elections, the heart of a security model for internet use requires that traffic be both unalterable and better yet opaque in transit, verifiable at both origins and destinations, be fundamentally distributed, and for collection or counting nodes to be intruder resistant. Every system designer understands that an anti-hack effort is a constant requirement, not a singular design event, at no matter the level of the system. The idea that because you can’t build something that can never fail, Internet facilitated voting is impossible altogether is both a weak assumption and a weak conclusion, no matter how emphatically stated. If “never fail” was the criteria, we wouldn’t be able to vote at all, since no election system meets that test. We agree that a trustworthy Internet alternative hasn’t been done here in the US yet, though Switzerland is pretty happy with their Internet-based implementation. We seem to not agree that it will not or cannot happen. My original point is that we should encourage and facilitate experimentation and trial to get one or more good implementations. Saying no way never moves anything to a better place.

  4. William J. Kelleher, Ph.D. says:

    Hi Jim Cook! Dude, there is more to the story than what Mr. Soper says. Why are international banks and corporations so rich? In part because hackers cannot steal their money. Its always the same problem w/ the anti-Internet voting extremists — they BELIEVE, but they have to ignore contrary facts to do so. Security technology exists. Internet voting exists all over the world. Mark Crispin Miller invited Jim Soper to debate me on Internet voting, but where’s Jim? At,
    William J. Kelleher, Ph.D.
    YouTube: WJKPhD
    Twitter: wjkno1

    1. Jim Cook says:

      This episode was not simply noted by the individual Jim Soper. It was noted by multiple newspapers including the Washington Post and, if you’re interested in throwing around the letters ‘PhD,’ is a product of an exercise by scholars associated with Princeton University and the University of Michigan.

      Corporations and banks are hacked into all the time, although they like to keep it quiet because the news is so embarrassing and bad for business.

      See and and and and for some recent examples of hacked banks.

      Dude, PhD!

Leave a Reply

Your email address will not be published. Required fields are marked *

Psst... what kind of person doesn't support pacifism?

Fight the Republican beast!