Forgot your password?
typodupeerror
News

Net Voting in California 143

Posted by CmdrTaco
from the stuff-to-think-about dept.
Myxx sent us an article from Yahoo that talks about online voting and the issues and recommendations reached by a panel in California. The summary is that they suggest waiting and seeing. Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.
This discussion has been archived. No new comments can be posted.

Net Voting in California

Comments Filter:
  • by Anonymous Coward
    And it's not the anonymity of those who want to be anonymous which is a problem, it's the anonymity of those who would love to show others how they voted, because that's the only way you can sell your vote.

    Most intelligent post so far (and from another AC, no less). Easy vote-buying schemes are the FUNDAMENTAL problem with Internet voting, and are a problem which cannot be fixed through technology. Any proposal which allows voters to connect to the system in a private place (such as the home), rather than a scrutinized, public place (polling station) will have this problem, and it *IS* a serious enough problem that internet voting should be rejected as a means of deciding serious political questions such as the election of representatives. A democratic election system for public elections must not merely allow, but REQUIRE anonymity for it to be acceptable.

    Of course, the Yahoo article completely misses this important point, along with a few others:

    ``The Internet has the potential to bring a record number of low propensity younger voters into the democratic process for the first time,'' California's Secretary of State Bill Jones said in a statement announcing the report.

    Rubbish. Voter turnout in the U.S., Canada and Great Britain is low because the underlying voting method is so poor. Under the simple-minded plurality ("first-past-the-post") voting systems these countries use, most votes are wasted (that is, they have no effect on the outcome), so many people have little incentive to participate. Votes for minority parties are completely wasted, so people are forced to vote for broad, meaningless, "lesser-evil" coalitions (Democrats, Republicans) to have any hope that their vote will count in some vague way. In contrast, most other countries use some form of proportional representation, and have much higher voter turnout. Malta, for example uses one of the best systems of PR (the Single Transferrable Vote, or STV), and has probably the highest voter turnout in the world (recently greater than 95%, and rising!) Most parts of continental Europe use the slightly inferior Party List systems of PR, and also have good participation rates (better than 80%, generally). Tinkering with the technical mechanisms of voting (Internet vs. polling booth), rather than the underlying system of counting votes is simply rearranging the deck chairs on the Titanic.

    If a voter knows that their vote is going to be wasted, due to how it is going to be counted, it makes absolutely no difference how easy you make it to cast votes -- the rational voter will do nothing anyway, and short of unobtrusive mind-reading techniques you will never get their opinion.

    ``Unfortunately, the threat of computer virus and other technological attacks on personal computers make Internet voting from the home or office an unsecure and unwise practice at this time.''

    More rubbish. These are minor technical problems that *do* have technical solutions. Throwing these issues up as the "problem" of Internet voting merely creates a smokescreen for the *real* problems, which are conspicuously absent from the discussion. Publicising these problems simply makes it easier for the public to swallow the idea of Internet voting once these small technical problems are miraculously "solved" through technological advance. People should wise up and refuse to participate in this phony debate. For example:

    ``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said.

    ``The security techniques and technologies than we use are far more secure than those that are used to transfer millions of dollars out of bank accounts over the Internet today.''


    This of course is probably true but irrelevant. Here we are invited to discuss whether or not the protocols used to transfer votes are sufficiently secure from tampering, without considering whether the votes themselves are meaningful, and if the votes are NOT meaningful, then the technicalities of collecting the votes are relatively unimportant. Why bother to create an elaborate, technologically sophisticated system to collect and process junk data, when we already have a simple paper-based system that can do the same thing? Internet voting is NOT a solution to the problem of low voter turnout. This problem is fundamentally a social one with political solutions that cannot be solved using technological quick fixes (I know, this is surely heresy on SlashDot!).

    According to a poll by the Public Policy Institute of California, voters under age 24 were three times more likely to support the idea of e-voting than those aged over 65.

    OK, so we can conclude that younger people who ARE going to vote are more likely to do so via the internet than older people, or support that as an option for voters, but the question they should have asked but apparently didn't is:

    are YOU going to vote if Internet voting is available as an alternative to the polling booth?

    I guess it's best not to ask the questions you don't want the answers to.
  • by Anonymous Coward
    lest we return to the days of ballot stuffing and non-anonymous voting.

    "Vote early, vote often!"
  • by Anonymous Coward
    What people are forgetting here is that voting in California is rife with fraud already. The CA supreme court ruled it's an undue burden to ask voters for identification when they vote, so there are lots of irregularities in every election. I don't see how computer voting will change that.
  • You could always read his book, which explains this kind of thing in quite a bit of detail.

    --

  • How do you detect coerced voting when you don't have poll watchers? The whole idea of the secret free vote goes down the drain.

    Coerced votes are not unique to online voting. Absentee ballots have the same potential for coercion, for the same reasons, and it has turned out not to be too much of an issue. See the letters at the end of the last issue of Crypto-Gram here [counterpane.com].

    In short, absentee ballots account for as much as 35-50% of the vote in some elections, certainly enough to change the outcome of an election, and they continue to be used despite the possibility of coercion.

    Of course, online voting has many, many other problems. I just don't think coercion is one of them.

  • As a general rule of security, anything that occurs on an untrusted platform produces untrustable results. Apply this to online voting, and you can conclude that online voting may never work. If the clients are millions of home computers, set up by people who don't know anything about security, no amount of nifty cryptography will make the vote packet that the computer sends to the vote server trusted.

    Again: as long as home computers are an untrusted platform, any information coming out of them is suspect.

  • The Internet is NOT secure enough for billions of dollars worth of transactions; exploits are too regular an occurrence, and snake oil is too profitable (vendors are either glossing over vulnerabilities or trying to peddle crap technology). Cracking "Internet voting" (whatever that is this week) has the potential to cause even more damage than cracking business databases or financial transactions---the corruption of a society and its system of law, not just to Joe Smoe's Visa account.


    Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
  • I wonder how many billions of extra votes one could stuff the eletronic ballot boxes with?

    Who want's to be the next president of the USA? Only $1 per vote (Special introductory offer).

  • I think some people forget that Voting would only have a limited access window. So a hacker or those being malicious would have to work very hard very fast on a very tight system. Is this to say it cannot be done, of course not, there is always that six year old who got a decoder in the cracker jack box and wants to show his stuff off.

    Digressing I think that we really need to look long and hard at good crypto solutions. Right now people can steal anything, and they do, from people's social security to my CC the other day on CD Universe. You can't make anything good without breaking a few things in the making, and people continually think that it has to be 100% or nothing when most of us live in an 80% (if that) world. I think there are only two main issues. How do we keep the transaction secure, and how do we know you are you. Solutions for these are wide ranging and I'm sure others are covering them well in these threads.

    I'd like to see a faux voting for a year. I really want to see some official idea count on how many people would vote. Besides just thinking for us normal two legged healthy people, think of the handicap/disabled people that could vote. You can bring out a lot more of the populous if it were available.

    We're not ostriches, so lets keep our heads out of the sand,
    Malachi

  • "You can vote via the Internet in the Arizona Democratic primary. Does anyone other than me think this is terrifying?"

    I see no meat though.. he's afraid, and by rights so because who knows how much research went into the idea et al. I'd like to see a thurough summary done by him though.

    Keep'n it real,
    Malachi

  • What kind of mechanism is going to be there to prevent someone from swaying the election through some clever brute-force guessing of the relevant information from which the verification of uniqueness and identity is keyed? Are they going to restrict it to one vote per IP? That'll shut down nearly all voting behind a firewall or other masqueraded connection. Are they going to assign some kind of one time key to use along with their SSN or something? I don't think that these guys have or are willing to get the technological mojo to pull this thing off 100%, but then again, I still feel slightly unsafe at the nominal 128 bit encryption that current browsers offer.

    XenoWolf
  • (Sorry for the double post... I accidentally posted as an AC.)

    Russ Nelson is absolutely correct. I mentioned the same argument against internet voting, too, when the internet voting issue came up some time last year.

    Forget the technological issues. Assume they are perfectly resolved.

    There is no way to assure that the voter isn't being coerced into casting a certain vote.

    There is a reason that we use curtained voting booths and poll watchers. It is to prevent these social means of altering votes, rather than to prevent technical ones.

    I understand why some people think internet voting is a great way to revolutionize democracy. I felt the same thing for a long time, too. Do not let the apparent elegance of voting from your home computer cloud your judgement, though... internet voting from the home is inherently flawed.

    Before continuing, I should comment on absentee ballots. There is an outward similarity between absentee ballots and internet ballots, and I can not recall a big case where absentee ballots were coerced. Let me simply say that the absence of a documented attack exploiting a given security hole does not mean that the hole does not exist!

    Actually, I am personally against mail in absentee ballots, too, since they may also be coerced. It probably hasn't become a problem because, in general, absentee ballots are only a small fraction of the votes case it most elections. (I believe one or two states have recently allowed wide spread mail-in voting, though.)

    While I am opposed to voting over the net from home, I am not opposed to voting over the net from public polling places. In fact, if the polling places were wired to each other, it might allow a voter registered in Florida to vote from a booth in New Hampshire, removing some of the need for absentee ballots as an added bonus. This, I believe, is an excellent use of technology in voting.

    The social issues surrounding voting can not (as far as I can see) be addressed by any implementation of internet voting from home. Internet voting is a dangerous idea. Please don't let your local legislatures implement it.

    John Karcz
  • The most common OS in the world isn't something I'd consider secure enough to cast online votes with. I mean can you imagine voting viruses taking over as many copies of Lose2000 as possible and casting votes one way or another.

    It's not just making sure that the correct votes are cast, but htat those people who still don't bother (tsk... some people) don't have their votes appropriated.
  • At least with Wisconsin's laws. Wisconsin allows you to register at the polls on Election day, establishing residency can be done by just showing a lease or even a piece of mail. In Madison, most everyone lives within a mile or less of their polling place (I live about 300 feet from mine)
    Voter turnout in my district is so heavy that they ran out of ballots in the last Congressional elections!

    America will fight online voting for the same reason it will profess support for the family farm - going to the polls is part of our national identity. Sure, the future may be megafarms and evoting, but you can be damned sure a lot of us are going to fight it tooth and nail.
  • Just think of what might happen if voting was made easy for the masses. Why, people might start voting, and we can't have that, now can we?

    All sarcasm aside, I think online voting is inevitable, but it will be interesting to see what entities drag their feet over this because they fear the kinds of change this would bring.
  • If you are permitted to vote on the internet for your cantadate, then their is a GREAT possability for abuse of the system, besides that, how do you know a ip address is realy inside that state, you dont....

    The whole idea behind this is to allow THE SYSTEM to remain, and get BIGGER, which is what Americans do not want, exept for some jerks who currently hold presidentcy.

  • And how hard would it be to take that card, and make fake ones?
  • Immeadate loss of what remaining freedom americans hold.
  • by marks (12185)
    Wow...all they need now is an internet toilet (don't they have that in Japan?)!

    Too bad I don't live in CA.

    -mark
  • But it might not work that way. Consider: It's likely that the wealthy already do vote in large numbers/percentage, and their numbers can't be increased significantly. There's many studies that conclude the likelihood of voting is more or less proportional to wealth, after all. If that's the case then any measure that increases the number of voters, even a little, is likely to be more democratic in the sense that you mean.

    My question is, do we want to further enfranchise those who don't care enough to go to the polls now?

    J.
  • No, I'm not saying that at all. Consider this hypothetical situation.

    What if the government were to pay for special employees whose job it was to go to the homes of rich retired men (but not women) and ask them for their votes. This sounds very undemocratic while making it easier for a certain segment to vote. Unless there was some kind of female backlash to counteract this policy (backlashes and protests being a whole different kind of evil), these rich old men would end up with a larger share of the vote.

    It is undemocratic to make a special effort for certain segments of the population while not making a similar effort for others. Other issues notwithstanding, perhaps Internet voting would make sense if there were simultaneous outreach programs to those who aren't connected.
  • I heard an excellent argument against Internet voting on NPR yesterday. Because Internet voting makes it easier to vote, more people will probably vote. Because Internet users are generally wealthier, this means an even more disproportionate number of wealthy people will have a larger share of the vote. So it's kind of undemocratic to make voting easier for some people than others.
  • You just said what's hard about voting - "You go to your local polling station." Some days, I don't even want to get out of bed. :) With Internet voting, you can vote in your pajamas.
  • <JOKE>
    I had an uncle who lived in Chicago. He voted Republican until the day he died -- then he started voting Democrat.
    </JOKE>

    --
  • If you think that both major parties aren't worth voting for, such that you're considering not voting at all, why not find whichever minority party you most agree with and voting for them? If you're going to "throw your vote away" anyway, throw it in a direction that says something, no matter how faintly.

    Unless you can't even find a "third party" candidate you could accept, of course.

  • and that is that there's no way to tell if an online vote is made under coercion, while it's fairly reasonable to assume that votes made in person are not (as the 'evil' party would have no way of knowing which way the vote was actually cast).

    There is also the possibility of a loss of anonymity with online voting, as you could have 20 people in the room with you at the time or the protocol/whatever could be snooped if not done properly.

    If they do this I hope they consult the more knowledgeable crypto people in the field and work out a solution everyone is happy with. Just because you CAN do it doesn't mean you SHOULD. Though I agree that it would get people voting more frequently.

  • If those kids can't bother to get off their asses and get out into their communities to vote, why should they even bother being involved in the political process at all?
  • by D3 (31029)
    I would say the internet is not really secure enough for the $billions in transactions either. How many more thousands of credit cards, etc. have to be stolen online to wake people up?

  • I thought a good number of articles on this site pointed out that e-commerce isn't nearly 100% safe. Voting is not one of those matters that should be taken lightly when it comes to security, lest we return to the days of ballot stuffing and non-anonymous voting.
  • I agree with you. Though I would also like to note that if the vote counts differed significantly with the results of appropriately conducted polls, it could possibly indicate overall election-outcome fraud. So in that respect, we wouldn't _totally_ be in the dark when it comes to detection. But you are right, investigating election fraud and recovering from it would be a nightmare because of the lack of physical evidence. It's much easier to manipulate electronic materials rather than physical materials.
  • People are already comfortable using ATM because of its simplicity. Distribute an ATM card for every registered voters and will expire after voting. No need to install PCs, and votes will be legally counted if votes were made inside that state. No need to validate IP addresses.

    "I think, therefore I am."
    Philip Apostol
  • No. I was thinking of using ATM's infrastructure but not connected to bank's financial systems. Let's say a dedicated machine for voting only.
  • I heard this story on NPR yesterday (while stuck in snow and traffic - erg!) and they only briefly touched on the issue of voter apathy. 'Oh the internet will get all the 20-somethings to vote' was about the extent of it. While I will say that I don't vote as often as I could/should due to schedules/weather/PMS/etc., I believe that for the majority of my peers voter apathy rests with political distrust and disinterest. The public schools may require that you learn about the system but it's done in a very inefficient manner (I think I got a 'B' in 12th grade Government class, but ask me how a bill becomes law - ???).
    What's needed is for the youth of this country to be shown, not told, how the government works. They have to believe that corruption is beatable. Right now, even I have a hard time believing that.
    Technology shmecnology, online voting will happen. It's not a matter of when or even how. It's still an issue of voter apathy.

    The Divine Creatrix in a Mortal Shell that stays Crunchy in Milk
  • Well, maybe I am a bit naive about the depth and permanence of corruption, but doesn't anyone think that lobbyists and special interest groups can be rooted out? Bribes and favors aside, John Q. Voters still outnumber Rich Ass Charities. If we vote in government pay cuts and flat rate tax laws, they have to enact them. We hold the power, my point was that we've just lost sight of it.
    Somebody back me up here! :-)

    The Divine Creatrix in a Mortal Shell that stays Crunchy in Milk
  • I thought of that, but it's pretty easy to find out someone's SSN, since it's used for just about everything. A PIN might work, but that also is easy to hack unless it's exceedingly long.
  • I would think that one of the main problems with internet-based voting is verification of the voter's identity. Right now, when I go to the voting booth, there are people there to check my ID and voter registration. On the internet, however, you pretty much have to depend on the voter registration by itself. Voter registration numbers are pretty much sequential, so it would be easy (currently) to write a hack and stuff the ballot box, so to speak. I think that before internet-based voting becomes a viable option, a whole new infrastructure will have to be created which supports identification in a more robust manner.
  • One of the goals is to reduce cost. Voting stations basically need to be maintained and housed for probably some 363 days out of a year. Oregon is at the forefront of all mail voting because it is cheaper. I think an ATM based system would require some heavy lifting programming wise, and not be as cost effective. Matt
  • There would like not be a limited time window as a result of the growing trend of absentee voting. On the West Coast you have about a month to vote. Given that this lengthens campaigns' media buys, thus making them more expensive, and in turn making it more difficult for challengers, it is unlikely that the trend towards longer voting periods would be stopped.

    Matt
  • Well, caution is good. In a sense protecting the integrety of our electoral process is far more important than protecting financial transactions. I see nothing wrong with taking time in implementing electronic voting, especially in general elections.

    In another sense, electronic voting may be what finally restores the electoral process to a more popular state. When I consider the number of people who never write letters, yet have become compulsive emailers, it seems a similar phenomenon may be in store for political invovlement.

    Whether that, in the end, is a positive or negative effect (people wouldn't have to care enought to get out to the polls in order to be counted) is another issue entirely.
  • 1. Then repeal motor-voter laws. It is not
    necessary that all have an equal chance in
    EVERY method, so long as it is plausible
    (e.g. putting booths in subway maintenance
    tunnels is NOT valid) for eligible voters
    to vote.

    2. Most voters don't spend much effort, anyway.
    Fewer voters cite policy issues compared to
    personality or physical appearance.

    3. Legally, there's no stipulation that voting
    be either easy or difficult so long as folks
    can plausibly do it.

    It doesn't really matter, anyway, as long as there's no separation of powers. For all practical purposes, the Executive has usurped much of Legislative authority; we now have presidential candidates talking about what executive orders they'd issue, after all. First, get a Congress that's willing and able to fight the Prez...
  • Still there are many advantages to online voting like: higher precentages of more educated people vote (remember, you can find out all sorts of things about the candidates online that you never hear from main stream news and you can get the opinion of importent groups like the ACLU) and people can vote more oftin since it is less hassel.

    Personally, I think that online voting should require various amounts of platform information to be made available. Furthermore, I would want to require a random 3-4 question quiz on each canidate. This way, we are ensuring that more educated are voted. This would be a wonderful way of raising the bar for voting.

    Ya, ya, how horrible that I would want people to educate themselves prior to voting instead of letting someone else do the thinking for them. Obviously this isn't fool proof, but I think it beats our existing system. Why would I want this? Well, imagine a day when everyone has a computer and online voting is the norm. As it is, people have to make an effort to go vote. This implies some level of civic responsibility. I don't want voting to be on the same level of thought as changing the channel on our remote controls. I want people to have to make an effort for society. I want people to vote for whom they think is best for the job and not because their brother's cousin's wife's uncle decided that this who they should vote for.

  • Throw in the fact that most browsers use 56-bit encryption, no host authentication and no user certificates, the level of trust you can put into who is sending the data is amazingly low.

    Except, you made the assumption that online voting would be performed through your web browser and/or use the same security facilities that are used for online purchases. This is, of course, wrong. A better way to do it would be to send each person a serialized application when they register. Furthermore, this application would implement the "secure/anonymous" crypto-algos.

    I've worked with ATMs, credit card systems (private lable and otherwise), debit systems, EBT, etc. None of these systems are designed to prevent fraud!!!! They are all designed for fraud detection and to create enough of a audit trail to catch the guilty. I don't think we want to follow this trend in voting. As such, obviously different technologies are required.

  • First off, since when are online financial transactions secure? And more importantly, is it *really* a good idea to vote using the Internet? Remember, we're talking about a medium where you can search for pages on having sex with goats while on fire, and the engine will return "specify type of goat"... Of course that's just my opinion, you could be wrong.
  • Uh right, once we all switch to Redhat Kleenex, the world will magically transform into a better place where all software works and oops! X just locked up.

    So which side is spreading the most FUD nowdays? Microsoft or Linux advokiddies?
  • It is important to note that many of the elaborate procedures that have been implemented at polling stations were designed to prevent individuals from being able to sell their votes.

    Specifically, individuals are constrained to vote in physical enclosures that provide them with the ability to cast their votes anonymously.

    My biggest concern with online voting is not with individuals maliciously cracking the system. Rather I worry that it would become practical to purchase votes en-mass.

    With an online voting system, it becomes possible for the local ward boss to watch people as they cast their votes. (In a worst case scenario, the boss provides a computer, individuals line up to vote, and are paid $25 dollars a head for making the "proper choice")

    Look at the enormous amount of money that the candidates have been spending during the caucuses and the days leading up to the primaries. Candidates such as Forbes are rumored to be spending upwards of a 100 dollars per vote on this event. I'm willing to bet that it would be MUCH cheaper to bribe the populace directly.

    Richard

  • If you scan through the California report [ca.gov], it's interesting to note that one of the "possible approaches to the problem of malicious software" which they list is security through obscurity [ca.gov] (bottom of page, section titled 'Obscurity/complexity').

    They speak of how "voting software may be kept secret prior to the election" so that "potential authors of attack software may not have enough time to develop and distribute it during the election window".

    I'm not sure I'd count on that. Really motivated hackers/crackers can come up with stuff pretty darn quick.

  • The TechnoDemocracy Project [technodemocracy.org] was recently started to create open-source voting software. Open review of the TDP code should make it more secure than the closed-source/proprietary approach traditionally used & recommended by the California task force.
  • Voting through the Internet cannot yet replace physical voting, for all the reasons that others have noted; however, I don't see any reason why voting through the Internet cannot be introduced as an alternative to an absentee ballot. How is an absentee ballot any worse than an electronic ballot?

    The security on an absentee ballot (at least where I live) involves registering as a voter in person and mailing a request for an absentee ballot, in response to which an absentee ballot is mailed to your house and your request is noted. In other words, next to none.

    Is this any more secure than using public key cryptosystems to authenticate voters online? You have to initially verify that the person that has the private key is really the person that he claims to be, but once this initial step is carried out (which can be done at voter registration), what prevents secure absentee voting? This would make life much easier for citizens living abroad, in remote areas, etc.

    Privacy, security, reliability, and public confidence cannot be provided any better by postal services than by strong encryption. As for anonymity, absentee ballots can't expect anonymity anyway. For those who write, "If people aren't sufficiently interested to physically visit the polls (or send in the form for a mail-in ballot if they cannot do so), they probably aren't sufficiently interested to educate themselves on the issues:" In that case, why not reestablish the poll tax or the literacy test? After all, if people aren't sufficiently interested to pay a poll tax or learn to read, they probably aren't sufficiently interested to educate themselves on the issue. Physical ballots are no more difficult to "lose" than electronic ballots. There are no measures against coerced or bribed voting in absentee ballots; why expect them in electronic ballots? As for those who do not have or do not want computers, I ask, "What about those who live too far from a poll booth and don't have any means of transportation? Should poll booths be eliminated?"

    Since absentee ballots suffer from all the problems that electronic ballots suffer, should we eliminate those too?

    Daniel J. Peng [mailto]

  • The net may not be secure enough for voting, but we have to ask ourselves something very important. Do you really want to see banner ads for political canidates? My god, think of the pop-up windows, the pop-up windows! I'm sure you can imagine a scenario: Canidate X's popup pops up, then Canidate Y's pops up over X's and then Z's covers both Y and X. It would be worse than prOn sites!
  • OK. So there are a number of issues with Internet voting, as noted in other posts here. But they are not impossible to overcome (IMHO).

    So why are ALL governments dragging their heels on implementing this?

    Well, the instant you have online voting, the next obvious question to ask is:

    Hey, why don't we use this all the time, instead of just for elections?

    Instant polling of the electorate's opinions would render large areas of Government redundant (or maybe obviously redundant *smiles*). Consider...

    Ban abortion YES/NO

    Invade Iraq YES/NO

    The funniest aspect for me is wondering what the 4 million Sun readers in the UK would vote for. (For those who don't know, The Sun defines tabloid journalism in the UK).

  • Why, having stated that voting is accessible enough for all those interested, should evoting be introduced?

    If, and only if, evoting was ubiquitous, more polls could indeed be organised. But, while low response to polls is a problem already, more polls would decrease public interest even further (germans learned this through lots of plebiscites(?) in the Weimar Republic 1919-1933...)

    Most people cant, or dont want to, stay up to date on all the topics raised in parliament, as they should have to, in order to place an optimal vote. However, many people are informed on certain topics that touch their interests enough. Some can even cover it all.

    Divide up political topics into 10-20 categories, and over time I could name people whose opinion in one or more of those fields I would trust to the extent of having them vote for me in polls regarding this respective field of politics, adding weight to their vote by my confidence.

    This way I could, with minimal effort (just being informed about "my own" field(s) and people I personally know), make sure that my vote is far better than it would be if I had to do it all myself.

    It might be something to replace political parties, abolishing all the trouble associated with them.

    Food for thought provided by

    Kiwaiti

  • ``Unfortunately, the threat of computer virus and other technological attacks on personal computers make Internet voting from the home or office an unsecure and unwise practice at this time.''

    Despite being non-sensical (virus attacks?), this is well-taken. CmdrTaco brings up the point that $billions are floating around on Internet transactions, but voting is not done online. Even though it seems when you go to the polling place that security is _weak_, it still requires some hard-to-defeat methods that make widespread voting fraud hard (at the voter end-- counters can cheat all they want if there's no oversight).

    The problem is that voting in elections is the basis for creating the infrastructure (contract law, the courts, determining and collecting taxes, etc...) that allows Internet transactions to be conducted. This is a sensitive process and any chance to undermine it (and how fast could a beowulf cluster on a bunch of those new weather computers fraudulently vote?) has to be avoided.

    Much as I would love to vote online, I just don't think that we're there yet

  • C'mon people. You're not voting anonymously now. Ever hear of voter registration? Naturally, there isn't supposed to be a link between that piece of paper and your name, but you do declare (supposedly for statistical purposes) your party of choice. A vote is not a private thing. Think about it. First, you must publicly register. Then, you must go to a public place of voting to actually vote. I agree that your individual choices aren't supposed to be attached to your name, but there's no such thing as truly anonymous voting.

    My own thoughts are that the kind of online identification required to do online voting would destroy online anonymity. Any ID for this purpose would soon be exploited. Think not? Social Security numbers were specifically NOT for identification purposes. And look at them now. Everybody wants them. So, do you REALLY want to vote online?

  • As a brit - I cant really comment on the Calafornia issue but I think the idea behind online voting could be beneficial.

    I agree wholeheartedly that the governmetn (be it our or yours) tend to take a " lets wait and see" point of view on things especially if its something that other people may understand better than they do ...

    if the governemnt is keen on attracting people to online commerce (which I know the uk one has been pushing for) maybe a step forward and backing online voting would increase consumer confidence?

    As long as the service was guaranteed to be secure I dont think people would have a problem with it.

  • Sounds like NPR didn't read the report and is working towards a media frenzy.

    While urging short-term caution, the California task force, which included election officials and data security experts, said the longer-term outlook for e-voting was good, and that Internet voting could prove particularly attractive to 18-24 year olds, one group of potential voters with a poor turnout at the polls.

    Call me cynical, but I don't believe for a second that the politicians want anything to do with a system that increases voter turnout.

    Online voting can give us a true democracy with no need for representatives (that don't represent us). We can vote for ourselves! Close the House! Close the Senate! Shut down the Electoral College!

    Oh, it's unconstitutional? Of course it is. The founding fathers never saw this coming.

    cheers,

  • How many people do you see who should be allowed to vote, i.e. to determine the very future of our nation?

    The answer is simple, ALL OF THEM.

    Amendment XV
    Section 1. The right of citizens of the United States to vote shall not be denied or abridged by the United States or by any state on account of race, color, or previous condition of servitude.

    But our nation (the US, in my case, and most other modern nations) is founded on the fundamentally incorrect premise that every man's opinion is equally correct (i.e. it has an equal chance of being correct). This is demonstrably wrong.

    What do you propose? A test? Some sort of credentials that you must acquire before you are qualified to vote? That's the ticket. Don't allow the uneducated to vote. Most of them are poor anyway. They don't count.

    That's absolutely obscene. How long do you think that will last before the unhappy, unrepresented poor overthrow your elitist government?

    cheers,

  • You make it sound as if the current system cannot be hacked.

    From the article: ``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said.

    cheers,

  • People always put more effort into things when there's more at stake.

    Putting effort into hacking e-commerce will get you some credit card numbers and therefore a bit of cash.

    Putting effort into hacking electronic vote-stuffing can make you leader of the free world.

    Do you still believe enough in net security?

    Ken

  • Do we really want more easy democracy? I have thee problems with voting online... 1. What about those who do not have or want access to computers. It is necessary to give everyone an equal chance. 2. It should take effort to vote. You should care enough to change your voter registration each time you move and follow the elections enough to remember that it is election day. 3. We are not a democracy, we are a republic. A democracy comes down to what the majority says happens (mob rules). Luckily for the minority on any issue are rights have to be considered. If the majority decided that computer users should be killed, could it happen??? No because each individual has their civil rights protected. Voting is a responsibility. It should be available to everyone, but not easy for those that are whipped into action by a last minute media blitz. In my town whenever there is a school bond measure, the district polls the electorate for likely voters for the measures and pesters them into voting... Bringing them abesentee ballots and reminding them that it is time to vote. Online voting is just going to accelerate that process.
  • I pretty much agree with you on this one. Online voting would be *too* easy. Most people do not care about the real issues - they will just vote for who they have heard of (code for who the media likes the best). People who make the effort to go vote are the ones i want making the decisions.

    However, you are incorrect on one point: the US is not founded on the premise that every man's opinion is equally correct. Back when this country was formed, you basically had to be a white male land-owner to be able to vote. Also, remember that the popular vote DOES NOT determine the president - it is the electoral college that does. Even the Founding Fathers didn't trust the general populus.
  • We have the technology to make this secure - it doesnt take a crypto genious to fuigure it out ... snail mail is used + truested for voting systems today (registration + absentee voting) ...

    take what u want from that ... but i for one think it is crucial that we get this happening for the sake of making democracy truely democratic, and socialism truely communal. It is the only way to do away with the effort invloved in getting people to centralised voting booths all on one day, and allowing us to have more frequent referendums. Lets change this f@#*ed up system and make the c%!$ts honest.
    Hopefully someone else has already said this while the article was being hit most ...
  • Business and voting can't heve the same standard.
    It is one thing if someone steals a million
    dollars and a different one if he forges a hundred
    votes, because of the influence this can have in a
    country's destiny and the actual restriction of
    rights this means.

    just my opinion,

    rmstar
  • online voting is bad. very bad. it is the same thing as poll taxes and heavily complex registration procedures. it prevents the less priveleged from having an equal say in their representation.

    rob, you have absolutely no right to post comments on the main page after the artice title. if you have a personal opinion on the article, post a comment, like we all do.

    your sarcastic remark shows that you disregard the priveledge of owning computers that you and i share. i know you live in some praerie in middle america in a nice place with "cool" computers and an aibo, but not everyone has these things, yet everyone must be able to vote. please think about the impact your snide remarks will have upon your image as a logical human being.


  • ...The Internet isn't secure enough for diddly. I've been checking out securityfocus.com, and it's frightening how many systems get broken into, how many servers are insecure, etc.

    Throw in the fact that most browsers use 56-bit encryption, no host authentication and no user certificates, the level of trust you can put into who is sending the data is amazingly low.

    Add in the fact that server certificates are often granted with minimal (or no) real checks by the issuer, and voters can't be sure if they're sending to the real site or a hijacked one.

    Add in the number of sites that clone title pages, to fool search engines, the ease with which crackers can break in & insert redirect tags, and the zero understanding most admins show of even the mose basic security issues, it's a wonder anyone trusts the network with so much as an e-mail, let alone major financial dealings or voting systems.

  • Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.

    Well if that's not stupid little soundbite of attempted irony... There are some many reasons why not instituting online voting right now is a good idea. Actually, I can only think of one obvious pro why online voting would be good, and that is because it would increase voter participation.

    Now let's enumerate why it's bad. First, did you ever stop to look at the demographics of American internet users? Three words: white, young, males (Just you like, and me, and everyone else here.) So by instituting internet voting, you're actually giving this sect increased democratic power, which is a really dumb idea because white males have the highest voter turnout anyways. If I were to consider any form of election reform, my top priority would be involving the underrepresented minorities more before I thought about sending a couple million extra white guys to elect some other white guy to become president. I know any non-felonius citizen is free to vote, but if internet voting does happen, you will have a much higher turnout rate of the aforementioned, and most people aren't going to care enough to compensate by turning out in the polls, especially not in the first election year. It's the whole "times are good, I've got my IPO and a quad-Athlon, who cares about politics" mentality.

    Second, and most important, internet authentication is a joke. Honestly, I can't think of any system of verification out today that couldn't be cracked. Personal digital certs are great, until you find out that person's password, and then, voila, you're him. Now, think back to 1996, when the White House fundraising scandal broke. People went apeshit because foreign owned corporations were donating money to American political campaigns. Seemed pretty mundane to me. What child's play that is compared to the potential that lies here. Who needs to risk money on the chance that your guy might not be elected when you can just elect him yourself? Do you really think that it would be that hard for any first- or second- world country to cull their cracking resources and seamlessly throw a few million votes to this candidate or that one if ivoting (forgive me, typing sucks) were implemented today? Of course not. And that, friends, is a threat to national security, democracy, and our way of life ().

    Biometric authentication, or anything close to reliable would be great, but those are all many years down the road. I think facts like that are what prompted the commission to say the same thing about voting online, and personally, I couldn't be happier with that decision.

    --
  • I think one of the biggest problems of online voting is that there will be a strong perception that it is too easy to alter the results.

    With 'hard copy voting', you have to go to some effort to make a significant difference to an election - you'd have to rig many voting booths, have physical access to the boxes, probably buy off the officials and vote counters ... etc

    With online voting, you would only have to change a couple of numbers (assuming that you could hack past the security and get away undetected).

    Unlikely that someone could hack past the security? Maybe, but there are enough stories in the media about stolen credit card numbers and hacked web sites for the general public to have a real fear about the security of online voting.

    And to cast additional fear upon the populace, if it is 'easy' to hack the vote computer, it is even easier to change the whole result of the vote with a single click.

    This may not be true in reality, but that is what the general public believe ... and try convinving them otherwise.

    Nope. While systems may be ready to handle online voting, the public is not.

  • by Signal 11 (7608)
    Well, unless you can ensure two things: non-repudiation (can't claim they didn't) and authenticity (they are who they say they are) online voting can't happen. Period. Just remember: Texas was the first to start using digital signatures as legally binding. =)
  • You need some way of ensuring that each registered voter votes once and only once, and that only registered voters vote. The obvious way to do that is to give each voter an identifying secret of whatever kind.

    The problem is that the correspondance between the voter's electronic identities and their real identities has to be broken in some gauranteeable and visible way, or unscrupulous persons can use the same information thats needed for security to trace people's voting records.
  • There's also a difference between banks setting up software to secure their own (and their customers') money, and the gov't farming out a contract to the lowest bidder -- say, some group of losers with freshly-printed MS certs -- to set up a "secure" voting system.

    The worse thing that can happen to a bank is for their customers to lose confidence in how safe their funds are. But I think most people -- at least in the US -- have already lost confidence in the gov't, so it's not like the gov't would care as much about that risk.

    "Wait and see" sounds like a good idea to me.

    Besides, if people aren't sufficiently motivated to get off their butts and go somewhere to vote, I'm not sure I'd want them to vote.

  • you have to vote for someone. Your only option if you don't like any
    of the candidates is to stay at home


    Or you can write-in a vote. It's less convenient than punching out the little holes with the pin, but then a few minutes out of your life for the sake of democracy isn't such a big deal...
  • They have to believe that
    corruption is beatable. Right now, even I have a hard time believing that.


    rent "All the President's Men". Ironically, the reason so many people are distrustful of government, while also being the single greatest example of how -- no matter how powerful you think you are -- your dirty laundry will eventually be aired.
  • "The latest results in the race for the presidency show Al Gore with 20% of the vote, George W. Bush with 28%, Jesse Ventura with 3%, and someone named 'Hemos Sucks' with a whopping 49%..."
  • When the internet has enough bandwidth and redundancy to conceal the effects of net congestion it will be time to look at internet voting for serious elections. Until then all its suited for is informal polls.
    Like, was your shirt inspected [slashdot.org] by #16, #7 or your mom, you mean?
  • I have yet to see a viable solution to the ballot secrecy problem. Votation's site includes the following amusing assurance:

    You are now free to vote anonymously for the candidate of your choice. We cannot track you back and view your vote!

    Why should I believe this?

    Until someone can answer this question for me, I'm left wondering what problem online voting is a solution to.

    Is it a cure for voter apathy? Of course not. Apathetic voters stay home because they don't think voting is important, not because they think it's too hard.

    Does the current system make it hard to get to the polls? Preposterous. Most Americans live within walking distance of their polling place. True, physical disabilities may keep some people from the polls, but absentee balloting and free rides to the polls offered by both major parties and many other organizations are already available.

    So just why is it that we're trying to create a whole new balloting infrastructure?

  • The fundamental assumptions of the supporters of online voting are several. First is the idea that if voting is made easier more will vote. This is not necessarily true, but we can let that slide for the moment. The greater problem is the unsupported assumption that more people voting is a good thing.

    On the contrary, I assert that the only reason that we have gotten where we are today is the fact that so few have historically voted. Take a walk down a city street sometime and look around you. How many people do you see who should be allowed to vote, i.e. to determine the very future of our nation?

    The common man is a fool. He is easily swayed by advertisements. He does not care about issues so much as he cares about bread and circuses. As long as the politicians keep him distracted he is happy. There's nothing wrong with this; not everyone needs to have control over the government not everyone needs to be in charge. But our nation (the US, in my case, and most other modern nations) is founded on the fundamentally incorrect premise that every man's opinion is equally correct (i.e. it has an equal chance of being correct). This is demonstrably wrong.

    As for myself, I do not vote. I find the system of universal suffrage to be an insult to all, learned and unlearned. What this country needs is fewer, not more, voters. I also have no desire to be part of ruling class; I have no wish to be responsible for wars (even though I generallt support them), executions (even though I support capital punishment), imprisonments and the rest of the sordid business of governance. I wish merely to live my life under the rulers who have been set over me. In this country the rulers are all those who vote.


  • Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.


    Mabey that's because voting is much, much, much more important that billions of dollars in financial transactions.
  • I heard an excellent argument against Internet voting on NPR yesterday. Because Internet voting makes it easier to vote, more people will probably vote. Because Internet users are generally wealthier, this means an even more disproportionate number of wealthy people will have a larger share of the vote. So it's kind of undemocratic to make voting easier for some people than others.

    This isn't a very convincing argument -- after all, the current voting arrangements make it considerably easier for non-workers than for regular 9-5 types. (Somehow, I doubt that NPR spent any time complaining about that....)

    The really strong arguments against Internet voting are:

    Privacy: How do you prevent people from watching over the voter's shoulder? Political machines could even arrange parties with goodies and Net terminals -- perhaps it would be illegal to tell you how to vote, but there would be obvious pressures.

    Security: Other messages here have commented on this problem.

    Public Confidence: This is related to the previous issue. As long as the Internet has security holes, people are going to wonder about a Votescam scenario [copi.com] every time an election "upset" occurs.

    Civic Engagement: Let's face it, the chance that your vote will decide any election above the dog-catcher level is about equal to your chances of winning the lottery. The excersize is more symoblic than substantive, and clicking a mouse just doesn't cut it for most people.

    Voter Standards: If people aren't sufficiently interested to physically visit the polls (or send in the form for a mail-in ballot if they cannot do so), they probably aren't sufficiently interested to educate themselves on the issues.
    /.

  • There are a lot of issues at stake with internet voting, and just because some people can make simple credit card purchases over the net doesn't mean something important like voting can just pop into existence without a lot of thought.

    There are issues with ensuring only registered voters get to cast votes. Any simple system (SS number and Drivers License number) would be trashed in an instant by /.ers and any other rational person. It will require mailing a physical token to each registered voter who signs up for web-voting, at a minimum.

    There are issues ensuring a registered voter only votes once, and their first vote stands. Vote early and vote often is humour everywhere outside of Chicago :-) That is why there is a physical voter list at each polling station and a requirement that the numbers balance with the number of ballots in the box.

    Then there is the issue of anonymity. What happens if someone manages to collect a copy all the incoming votes, and can make a match between a vote and a person? It doesn't matter how strong the encryption is, at some point it has to be decrypted to be counted.
    Lets say someone compiles a list of all the people who voted one way on an emotional issue like a new imigration law, or a business issue like insurance reform, and then sold that list to insurance companies, employers, or credit research companies. All /.ers are certain that data would be mis-used at some point, its guaranteed to be abused if money is involved.

    I think there will eventually be technical solutions to every one of the problems on the list, but it will take time to create good stable systems to withstand fraud and abuse. I agree that large scale internet voting should take a wait-and-see attitude, lets start with a few small municipal elections and thoroughly debug everything over a long period of time, then make it easier and easier to use before rolling it out.

    the AC

    Must hit submit now, there is a woman in the next office building doing a strip-tease, and a large crowd is forming around my desk. Who's got a digital camera when you need one? :-)
  • Ladies and Gentlemen, the next president of the United States is:

    Hemos the Hamster

    who just beat out Hank, the Angry, Drunken Dwarf, by 1.2% of the vote

    Bwahahahahahahahaha

    Ok, someone has to get back to work now :-)

    the AC
    There's never enough moderator points around for all the good humourous posts
  • "The problem is that the correspondance between the voter's electronic identities and their real
    identities has to be broken in some gauranteeable and visible way, or unscrupulous persons can
    use the same information thats needed for security to trace people's voting records."

    Why? What "unscrupulous persons" besides the government even has access to that info? It's not like the government is selling voting info. But yes, I agree that it is probably best that even the government /not/ know who voted for what.

    Jazilla.org - the Java Mozilla [sourceforge.net]
  • "3. Ensure that those votes are truly anonymous."

    Huh? Why? You need to be the exact opposite of that. You need to be identifyable. Not so the government can print in the papers "Joe Schmoe voted for a 'looser'", but so people can be accountable.

    Wouldn't PKI be the perfect solution in this case? With their voter id card, give em their key, with which they can use to vote exactly once.

    Jazilla.org - the Java Mozilla [sourceforge.net]
  • Personally, I think that online voting should require various amounts of platform information to be made available. Furthermore, I would want to require a random 3-4 question quiz on each canidate. This way, we are ensuring that more educated are voted. This would be a wonderful way of raising the bar for voting.

    This is probable not such a hot idea: The south used to require people to be able to read becuase they did not want blacks to vote. These were called Jim Crow Laws and were a very bad thing. It is really a tough choice: on one extream we have Oz where every moron is required to vote, but on the other extream we have places which descriminate. I feal comfortable with the gov. adding a technelogical option to voting which make voting easier for serton segments of the population, but not with telling serton segments they can not vote,

    I think a good compramize that might fix many problems in america today would be: if your org. runs some kind of score card or votes guide and you can get enough signatures then you can be linked to from some the voting site. This would make doing candidate research easy.

    Jeff
  • If you think about it, requirements 1 and 3 seem almost mutually exclusive. I know that there are algorithms that purport to be able to handle this in theory

    I think theree are really good algorithms anonymous authentication (we have anonymous curency system could do this job), but I doubt they will work through HTTP as it currently stands, so people would need to download a plugin.. which is not too difficult. There are also neet ideas like leting lots of independent groups countthe votes, i.e. your computer sends out the anonymous but authenticatable vote t hundreds of machines.

    The only real problem for online voting is the poor control of the enviroment, i.e. your parents / spouce looking over your sholder to make shure you voted "correctly." This is a VERY big problem, but there are way to solve it.. including criminal penalties for menipulating someone else's vote like this and restrictng the voting to things like cell-phones, i.e. truely *personal* computers (note: those are crappy solutions). I guess you could say it is easy to be anonymous from big brother but not from your real big brother.. :)

    There is also some concern about viruses which hang out until voting time and then vote for specific parties/people. Still there are many advantages to online voting like: higher precentages of more educated people vote (remember, you can find out all sorts of things about the candidates online that you never hear from main stream news and you can get the opinion of importent groups like the ACLU) and people can vote more oftin since it is less hassel.

    Jeff
  • > If you think that both major parties aren't
    > worth voting for, such that you're considering
    > not voting at all, why not find whichever
    > minority party you most agree with and voting
    > for them?

    Well...at this stage in the game, about the
    only "Party" that might come close to advocating
    what I stand for would probably be the US
    Socialist party or the "Labor Party". However,
    they don't seem to be a "third party" with much
    support.

    At the heart tho, I have some severe philosophical
    problems with "representative democracy".

    The first being that it reduces the people's
    involvment in government down to a popularity
    contest, no more mature or meaningful than some
    high school student body election. "Hair, Teeth,
    smile" are the holy trinity of the political
    scene.

    Secondly it puts a small elite in power. People
    who can be easily corrupted, and rewarded richly
    for their corruption (even if it were illegal,
    they could still take direct bribes through
    more round about and covert channels)

    Thirdly, and perhaps worst of all, it gives the
    people a false sense of power. every election
    year you hear people saying "Don't throw your vote
    away" and that "We have the power", however no
    REAl change ever comes of it.

    All this sense of power serves to do is make
    the poeople too complacent to revolt. It gives
    them a feeling as if they can work through the
    system for change, when in truth, the current
    system is so dug in that it just isn't going
    to happen.

    If you have any doubt, listen to Jesse Venturas
    story. When he ran for mayor, both the Democrats
    and Republicans in his town joined forces against
    him. They said that he was the worst thing that
    could happen to the city, and painted him as
    a clown.

    After he got elected, both sides aproached him
    seprately and asked him to join up with them.
    No morals have these people. How many people
    without the Unique mixture of fame and hard nose
    personality could have got in against that
    oposition? How many could have resisted the
    temptation after getting in?

    Sure, he makes for a symbol of hope. However, it
    would take hundreds of men like him to cause even
    the beginings of change.

    In the end, all people lik ehim could acomplish
    is short term gains. In the end, the system is
    made to support corruption and traditional
    politics. That I fear, is not fixable.
  • > Huh? Why? You need to be the exact opposite of
    > that. You need to be identifyable. Not so the
    > government can print in the papers "Joe Schmoe
    > voted for a 'looser'", but so people can be
    > accountable.

    Accountable? um no
    The idea is to have it be identifiable that
    Only an identified person could have voted but
    there should be NO way at all to deterime what
    their vote was.

    > Wouldn't PKI be the perfect solution in this
    > case?

    Actually... Applied Cryptography has a few
    interesting protocols for Secure Anonymous
    Voteing. Its interesting because (I don't have the
    book with me here) it can provide a way to verify
    that only allowed people can vote, and also make
    sure that it is impossible to correlate votes
    with individuals.

    Personally I would be alot more interested if
    instead of working on better ways of voteing,
    the worked on ways to give you something
    worthwhile to vote for.

    When its a vote to decide WHICH corrupt
    authoritarian asshole will be fucking me over
    for at least the next 2-4 years, there is not
    much incentive to vote at all.

    Might as well let them decide by a best 2 out of
    3 competition of Rock Paper Scissors, the result
    would be the same.
  • > What's needed is for the youth of this country
    > to be shown, not told, how the government
    > works. They have to believe that corruption is
    > beatable. Right now, even I have a hard time
    > believing that.

    Well...why should we teach that "Corruption is
    beatable". IS it more important to teach things
    that make you feel good about the system rather
    than the truth?

    Personally, I do not think corruption is beatable.
    I AM apathetic about voteing. I have never in my
    life voted. I will never vote an individual into
    office (I do plan to vote for a certain voter
    ballot initiative in my state....but thats a
    differnt matter..I will not vote for a candidate
    into office).

    As long as the system is being setup, and
    trampling upon my rights as an individual, and
    forcing me to pay them money, why should I care
    who is doing it?

    All voteing boils down to is deciding whose
    bank acount the special interest money goes into.
  • It's actually secure enough for billions of dollars in transactions, huh? Gee, that's a news flash, if I ever did see one.

    Sarcasm aside, it's easy to justify eCommerce over net voting. The potential for profits for eCom vastly outweigh any risks, in the minds of investors. They'll take the risk with eCom, and hope nothing happens. If something bad does happen, then they'll deal with it at that time.

    This statement by CmdrTaco gives me the impression that he either has been living in seclusion for the past couple of weeks, or he just ignores the recent events with credit card number thefts.

    I believe California is completely justified in taking this position, and would personally expect nothing less from any Gov't.

    Voting is a much more serious issue. It's something where the risks definitely outweigh any benefits.

  • The main danger would be Students would't have to leave their bedrooms to vote, thus they might actually bother and then we could be in a whole world of pain.
  • I just had to cancel my credit card because that schmuck in Russia stole the number and red flags went up all over. I don't think we want to be rushing into anything. Besides, the democratic process is supposed to be one of thought and rational decision, not convenience. Not everything needs to be as quick and easy as possible.
  • by Anonymous Coward on Wednesday January 19, 2000 @05:25AM (#1359083)
    In Bruce Schneier's latest Cryptogram [counterpane.com], he says online voting scares the hell out of him.
  • by nstrug (1741) on Wednesday January 19, 2000 @05:49AM (#1359084) Homepage
    Another advantage of paper voting is that you can spoil your ballot in order to register your disgust with all the candidates. With the mechanised voting systems in the US, you have to vote for someone. Your only option if you don't like any of the candidates is to stay at home, and be classed as apathetic. Voter turnout in the US is the lowest of any democracy and this is usually attributed to apathy, but I wonder if it would be higher if Americans had the option of spoiling their ballots and registering their disapproval of all the candidates. This could easily be rectified by having a 'non of the above' option on the voting machine (or the internet voting page.)

    Nick

  • When people discuss the potential for fraud in new computerized voting systems, they always seem to make the assumption that the current voting systems are perfect and free of fraud.

    Suggesting that we may have an election fraud problem in the good old can't-happen-here-or-at-least-not-these-days USA is a quick way of getting yourself branded a conspiracy nut, but this strikes me as the "innocent until proven guilty" attitude taken to an insane extreme.

    I actually think that there are a lot of urban areas in the US with all sorts of election problems. For example, in the last mayoral election in San Francisco, there were a number of disturbing articles about how it's not even possible to check whether the people registered to vote are real people (e.g. if you find a dozen people registered using the address of a bar, you can't dismiss them out of hand, that really may be the closest thing to a stable address that they've got).

    And a few years back there was an election that smelled really bad in a number of ways (there's no disagreement that there was some fraud going on, the only question is whether there was enough to swing the election): San Francisco Stadium Election [brasscheck.com]

    ``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said

    And maybe that's the real reason that they've decided to "go slow".

  • by Stephen (20676) on Wednesday January 19, 2000 @05:42AM (#1359086) Homepage
    Americans, who are used to electronic voting, will probably think I'm mad here, and that I am about to destroy all my credibility as a geek. But I don't like voting by computers at all, let alone over the internet.

    In the UK, we vote by placing crosses on pieces of paper. It may be old-fashioned (and our government are talking about changing it) but I think it has one enormous advantage: it's totally visible. As the count is made, representatives from all the political parties are present. They can see what's going on with their own eyes, verify it, and question it if necessary.

    I regard this transparency as a basic democratic safeguard. One doesn't need to trust that the technology is working properly. The accuracy of the result is not in doubt (if it's close, it's recounted, several times if necessary).

    (Besides, election night is much more fun as the results come in one-by-one through the small hours of the morning!)

  • by Junks Jerzey (54586) on Wednesday January 19, 2000 @05:45AM (#1359087)
    If internet voting is going to be anything like the deja.com polls, then whoever looks the best in a tight sports bra will win.
  • by TheCarp (96830) <sjc@@@carpanet...net> on Wednesday January 19, 2000 @01:03PM (#1359088) Homepage
    Hmmm voters with the power?

    How would you vote in these changes?

    MANY states do not allow ballot initives. Federal
    level certainly doesn't. This means of course that
    you have to vote in someone who will do it.

    The problem is, you have to vote in enough
    people who will do it. Anyone voted in will
    immediatly be aproached by the other side with
    reasons to change their mind.

    What else? well the "Rich Ass People" control the
    mass media. They have the ability to pipe their
    political views into hundreds of millions of
    homes at any time they please.

    It is in their best interest to opose the changes
    you talk of...and of course to make you "feel"
    like you have the power. Voter apathy is what
    "They" want.

    Unfortunaly...it is deserved. The current system
    is so encroached that I fear nothing short of
    revolution will fix it. Im just waiting for more
    people to realize this.
  • by substrate (2628) on Wednesday January 19, 2000 @05:50AM (#1359089)
    Online voting isn't yet ready for prime time. I agree that traditional security concerns can be met with existing encryption and security standards. What can't be guaranteed is that your vote will actually be received and counted.

    With traditional votes as long as the roads are open and the weather isn't too bad people can make it out to a voting station. The total tally may be larger on nice days than during inclement weather but there will be a respectable cross section of the population who will make the effort to vote. If you make it to the station your vote will be counted.

    Votes tend to have geographic biases which is why you have states or municipalities referred to as being 'traditionally democratic' or 'traditionally republican' etc. This could lead to a denial of service attack to alter the outcome of the election. Send out your armed contingent to keep voters from reaching the voting stations. For a variety of reasons this isn't done. It's illegal, frowned upon by the public, tends to get the government pointing its arms at you and so on.

    With internet based voting the structure of the internet itself will guarantee that even though some number of voters are at the voting station (their personal computer in this case) but won't be heard during the final tally. Net congestion, ISP problems but we'll assume that their computer is actually working.

    A denial of service attack against geographic regions is much easier though and much more anonymous. Just make sure that the traffic in a region is high enough to make voting difficult. Look for misconfigured machines that will allow an avalanche of pings to be sent with information at your local script kiddy database.

    You can argue that not allowing online voting will stop some people from casting their vote. To that I say so what? If somebody can't make the effort to make it to the local vote station then they probably aren't concerned enough about what their vote represents to even have formed a real opinion. There are real circumstances such as illness but there is already vote by proxy to cover this.

    When the internet has enough bandwidth and redundancy to conceal the effects of net congestion it will be time to look at internet voting for serious elections. Until then all its suited for is informal polls.
  • by Russ Nelson (33911) <slashdot@russnelson.com> on Wednesday January 19, 2000 @05:39AM (#1359090) Homepage
    How do you detect coerced voting when you don't have poll watchers? The whole idea of the secret free vote goes down the drain. It's a damnfool idea, promulgated by damn fools. Shoot it down whenever you can.
    -russ
  • by Wellspring (111524) on Wednesday January 19, 2000 @05:38AM (#1359091)

    I hate to admit it, but voting is different from financial transactions. The incentive for fraud is greater, and the system is less fault-tolerant because so few people vote. I am more knowledgeable about elections than I am a security guru, so take this w/ a grain of salt, but:

    Software systems are much easier to crack than physical systems. At the risk of sounding like the french with their 'visual telegraph' alternative to telephones, there is a comfort in the fact that:

    1. Tampering can be limited to people with physical access to the machine which is monitored by ordinary people. Political parties employ 'poll watchers', who are ordinary people who often aren't even politically active, to keep an eye on the machines during the elections process to watch for tampering.

    2. If tampering DOES occur, the machine can be examined to determine who did it, and reveal physical evidence. It is much harder to determine that from a compromised system.

    3. Financial transactions are time-dependent, whereas election info is useful for years. So I can sniff the encrypted packets today, and decrypt it with tomorrow's techniques.

    Besides, I keep hearing from experts that our current systems for financial transaction are insecure and require major overhaul.

    People are very passionate about politics-- just read the other posts! There are plenty of people who, given the means, would actively try to disable or disrupt an on-line election. Or try to distort the results. Or use tricky web page scripts to socially engineer a person into voting for other candidates. The point is, this is one of the most vulnerable things to tampering in the real world-- let alone online. We have to be very cautious before we implement it.

  • by beff (135968) on Wednesday January 19, 2000 @05:29AM (#1359092) Homepage
    I haven't read the full Californian report, but I can understand from a security perspective why going slow would be a good idea. Online voting is much more complicated than online shopping. A good online voting system will have to:

    1. Only allow registered voters to vote.

    2. Only allow voters to vote once.

    3. Ensure that those votes are truly anonymous.

    4. Ensure that all valid votes are accurately counted.

    If you think about it, requirements 1 and 3 seem almost mutually exclusive. I know that there are algorithms that purport to be able to handle this in theory, but rolling on-line voting out to people that don't know how to program their VCR isn't going to be easy. Applied Cryptography by whats-his-name has a fairly good section on voting protocols.

  • by Effugas (2378) on Wednesday January 19, 2000 @05:30AM (#1359093) Homepage
    Yup. The net is secure enough for billions of dollars of e-commerce, but not for voting. Here's why:

    Fraud on the financial level is easy to detect--somebody is out their money. Someone either has their goods or has their money, and either they have both or they have neither. There's a long paper trail, with *individual* impact on only the two parties involved in the financial transaction.

    Fraud on the voting level is so much different, it's scary. Your computer says, "Ah! Vote registered for Mr. Bob", that's it. You're out no money, you've lost nothing if your desktop has been secretly tampered with, there's no paper trail that you're going to have any reason to analyze because you're not going to know anything went wrong. Lets not forget, with nothing written down, there's no physical evidence of the original votes--how can one demand a recount when the servers store the votes? Once the data enters the server, all sorts of unique WORM/cascading signature/etc. methodologies can be applied, but it's gotta get there.

    The most insidious part of all of this is that it's not simply the voter that loses out by a falsified vote, but society as a whole. Votes affect everyone; financial deals are limited to those directly transacting.

    Maybe something like iButtons, or Amex's Blue might go along way towards increasing my faith in online voting. For now, I just don't think the tech is there for something so critical.

    Yours Truly,

    Dan Kaminsky
    DoxPara Research
    http://www.doxpara.com

1: No code table for op: ++post

Working...