A “major security hole” that could allow an attacker to read or change someone’s vote has been discovered in the New South Wales online iVote platform, security experts say.

The iVote system allows people to lodge their votes for Saturday’s state election online, instead of visiting a physical polling station.

It aims to make voting easier for the disabled or for people who live long distances from polling booths.

However computer security researchers said they found a critical issue and alerted the NSW Electoral Commission on Friday afternoon.

The commission said the problem was fixed over the weekend and it expected 200,000 people would use the system in the lead up to the election.

“We’ve been told repeatedly that votes are perfectly secret and the whole system is secure and it can’t be tampered with and so on, and we’ve shown very clearly than that’s not true – that these votes are not secret and they can be tampered with,” Ms Teague said.

She said the attack could allow another person to either read, or even manipulate a vote, before it was sent to the electoral commission’s servers.

“The analogue would be pulling someone’s postal vote envelope out of the post, pulling out their vote and finding out how they intended to vote and then putting a different ballot in instead,” Ms Teague said.

“The point of course with the electronic equivalent is that an attacker wouldn’t necessarily need to be in New South Wales to do this and they could potentially do this in an automated way to a very, very large number of votes.”

Ms Teague said the voter would be unaware their vote had been changed.

We have long detailed the madness of Internet Voting. Among our coverage, we’ve documented a number of disastrous attempts at Internet Voting systems and the many dangers they pose to security and oversight, as well as the warnings against them by computer science and security experts, and Election Integrity experts.

One need only look back to Washington D.C.’s disastrous experiment in Internet Voting, which almost went live in 2010 for overseas and military voters. The plans to use the system were scrapped at the last minute after it was hacked and completely taken over by “white hat hackers” (University of Michigan computer students and their professor), who had gained such total command of the system in mere hours that they were not only able to change every vote already cast on it during a mock election, but inserted a script into the system to change all future votes invisibly as well. They even modified all of the system’s main passwords to thwart similar attempts to hack the system that they discovered to be ongoing by computers from both Iran and China.

There have been many other disasters in Internet Voting — from a 2012 online Canadian election attacked by some 10,000 computers, to a 2012 CA State University student body election that was hacked by one of the candidates in order to gain control of an annual salary and the student government’s $300,000 budget, to this year’s embarrassment by the Academy of Motion Picture Arts and Sciences which attempted to use Internet Voting for the first time this year, to disturbing and questionable effect.

The non-partisan election integrity group, VerifiedVoting.org posted a “Statement on the Dangers of Internet Voting in Public Elections,” signed by nearly a dozen top computer science and security experts with backgrounds in electronic voting systems. The letter explains that “Cyber security experts at the National Institute of Standards and Technology and the Department of Homeland Security have warned that current Internet voting technologies should not be deployed in public elections,” as they “cannot be properly protected and may be subject to undetectable alteration.”