Avi Rubin Has Some Optimistic Words About E-Voting 231
An anonymous reader writes "For more than a decade, Aviel "Avi" Rubin, a professor of computer science at Johns Hopkins University in the US and an e-voting activist, has been a vocal critic of e-voting systems. In this interview Rubin talks about the recent US presidential primary election cycle and his thoughts on e-voting going into the November US elections."
The problem (Score:3, Interesting)
I can understand why people hate e-voting - it's susceptible to attack and/or manipulation, there's privacy concerns, etc. etc.
But I have to wonder, is it really all that different to paper voting? If someone wants to rig an election, they'll do it no matter what system you use.
I can't imagine it's significantly harder to rig a paper election than an electronic one.
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:3, Informative)
Re: (Score:3, Informative)
Good idea, in theory. In practice, the mitm is inside the client's PC. It's not someone outside the PC. And since encryption/decryption happens inside the PC, it's trivial to put the mitm before en- and after decryption.
I would attack the interface between user and program and present the user an interface that he cannot distinguish from the real interface.
Re: (Score:2)
A secure voting system, in the sense that every person can keep their vote a secret AND check that their vote has not been tampered with, requires every person to have a public/private key pair. It will be years, maybe decades, maybe never, before we start getting those kind of IDs.
Re:The problem (Score:5, Insightful)
It's a lot more effort and you have a paper trail. With a machine all you have to do is rig the counter.
Re: (Score:2)
Re:The problem (Score:5, Insightful)
"Because it's so hard to simply rig the final result of counting"
Actually, yes, that is hard when you have observers and counters of all political colours involved. Compared to a hack or a fix in firmware of a whole set of machines that renders the fraud very hard to detect, yes, it's very hard to get the complicity of thousands of people from different parts of the political spectrum.
Re: (Score:2)
Re: (Score:2, Interesting)
Eh, no.
I'm going to need a citation on that. Cross party vote rigging in the UK or US is not something that's even been mooted as far as I'm aware.
Whilst the political classes do constantly fuck the people over, having two or more groups of power hungry asshats tends to keep them honest, or at least keeps them at each others' throats watching for the other(s) to screw up.
Re: (Score:3, Interesting)
I don't know about you, but personally I've never once bothered to see the actual paper trail of an election and like many others simply opted to trust whatever the news told me the result was.
It's not so much that you will check the paper trail (though you could if you wanted), it's that the other side(s) can. If the Democrat Joe Snobbypant goes into the election with a 10 point advantage in the polls, and his opponent, the honorable Bob Crabbypanys, wins by half a percent, you can bet Joe is looking for a hand count. The reverse is also true. There are a finite number of people running in any given election and most of them have the influence to both ask for and get a look at the paper trail
Re: (Score:2)
What nonsense. You never heard of stuffing a ballot box?
Re: (Score:2)
Of course I've heard of stuffing the ballot box. That doesn't mean that such a thing is easier to achieve than, say, a biased company making closed source voting machines putting in a bit of code to ensure that their guy gets a better proportion of the vote than he would otherwise.
Stuffing the ballot box these days would require cross-party cooperation by observers and counters. Pretty unlikely, IMHO.
Re: (Score:2)
>>Stuffing the ballot box these days would require cross-party cooperation by observers and counters.
No it wouldn't. I've worked polling places. Observers aren't looking at everything all at the same time. And once the paper is in there you can't tell which ballots are legit and which aren't.
You're notion of corrupt code in a closed source system is flat-out paranoid speculation, but there's a long history of ballot tampering at the precinct and it's easy to see how it could work.
Re:The problem (Score:5, Insightful)
When you succeed in manipulating a ballot box, you have manipulated exactly one ballot box with a good chance of being catched in the process, if you try the same with electronic voting machines you can manipulate dozens, hundreds or even thousands at once without anybody having a chance of noticing anything.
Re: (Score:3, Insightful)
Observers aren't looking at everything all at the same time.
True. But, to rig an e-vote, you can affect multiple voting locations (changing 10 votes in a hundred precincts looks less suspicious than changing 1 precinct by a thousand votes) with a single attack. To achieve a similar affect with ballot-stuffing, you'd need to stuff ballots in multiple locations, thereby increasing the chance that an observer will spot you.
Not to mention that ballot stuffing can be detected after the fact: "Why do we have an electoral roll of 5000 people, and 6000 votes?". For an
Re: (Score:2)
In the US, you could have 60% of the ballots "faked" and still come up under the electorial roll. Gotta love those turnouts... do you guys really love freedom as much as you say you do?
Re: (Score:2)
Re: (Score:2)
Uhm... it's the same here in my precinct.
It's those crazy people that believe that any goofball should be able to walk into a room and vote without ANY ID here in the US that should be blamed.
I'm sorry... getting an ID card is not a big hurdle.
Re:The problem (Score:5, Informative)
I have been a "presiding judge" and let me tell you that where are multiple people watching what's going on all the time.
Which means that while manipulating paper-ballot systems is possible, it is by no means easy. Furthermore, paper ballot systems are intrinsically decentralized: To manipulate an election, one would need to manipulate the ballot boxes in multiple precincts, requiring the cooperation, or at least failure to observe suspicious activity by a much larger number of insiders.
Compare that to the implicit centralization of counting that occurs when a given county or state purchases its voting machines from a single vendor. A far smaller number of bad actors is required to do real damage with evoting systems, and worse yet, it's essentially impossible to recognize easter-egg or other malicious code, particularly with respect to proprietary systems.
This being slashdot, I assume you are already aware of the essential impossibility of detecting malicious easter eggs through classical black-box system testing techniques. Given that the proprietary vendors consider their code to be a State Secret (IMHO out of embarrassment over how piss-poor it tends to be given its criticality to democratic decisionmaking), black box testing is all the boards of election and their independent testers can use.
Consider further that boards of elections and secretaries of state have very limited time, funding to and technical skill to validate hardware and software systems that the vendors really don't want pried open for a look-see.
Re: (Score:2, Insightful)
When the presidential election keeps coming down to one state or one district it doesnt take many extra votes to win the whole election. Also, I dont really know how the hand counting works on paper ballots. From what I have seen on TV it looks like a group of people just counting and tallying. If you are a supporter of one side or the other I think that it would be pretty
Re: (Score:2)
Re:The problem (Score:5, Insightful)
"Just make it available online"
And open it up to being hacked even more readily?
"so everyone can log in and check how/whether his/her vote is counted (after the elections)"
So that thugs/corporate masters/Mugabe can sit people down and check they voted 'correctly'?
"Paper trail is no easier to check. "
Yes it is, because the trail is there. With "Push button, increment counter" machines it's a different story.
"Do you propose to check all the votesheets manually?"
What do you think happens in a recount when the vote is contested?
"I think it's infeasible, you will need a computer anyway"
How do you think we did it before the rise of computers?
Re: (Score:3, Insightful)
Personally, I don't see why individuals should be having secret votes. Should our elected officials be making secret votes? No, so why should anyone else? People always talk about thugs and corporate masters... if a thug tries to bully you into voting the way they say, you refuse. If they try to behave violently afterward, they go to jail. No different from any other thug.
As for corporate masters, well, if we had a good and proper voting system, a real democracy with involved citizens, maybe we could s
Re: (Score:3, Insightful)
Personally, I don't see why individuals should be having secret votes.
And that's because ...
People always talk about thugs and corporate masters... if a thug tries to bully you into voting the way they say, you refuse. If they try to behave violently afterward, they go to jail. No different from any other thug.
Re: (Score:2)
Re:The problem (Score:4, Interesting)
If you want self-determination, you need courage. It doesn't come free. Personally, I'd rather die standing in front of a mob screaming bloody murder with a weapon in my hands than be ruled in this way.
As it stands, I don't work for bosses whose politics I don't like. I quit. Always have, always will. If I don't like what a group is doing, I don't give them one iota of my strength. In the absence of a system that grants any individual real political power, sometimes the best a person can do is refuse to be of any help.
Americans have always been such a bunch of hypocritical cowards. Joseph McCarthy didn't teach you anything, and the rest of the world is still dealing with your failure to take responsibility for your country.
Re: (Score:2)
"Americans have always been such a bunch of hypocritical cowards."
No, it's just a fact that when you open up a system to be abused like this it'll be taken over by gangs and cabals of the powerful to the detriment of the weak.
I'm glad you think you'd go down fighting, that's up to you. Personally my life is the most important thing to me and I wouldn't. And that is how the system goes into rapid decline.
Transparency in voting is a BAD thing.
Re: (Score:2)
If you want self-determination, you need courage. It doesn't come free. Personally, I'd rather die standing in front of a mob screaming bloody murder with a weapon in my hands than be ruled in this way.
Your courage is commendable, however misplaced. I am willing to die for a lot of things, but consider such an action as a last resort. Fortunately, anonymous and non-verifiable voting allows me to reserve that sacrifice for something more important than the freedom to vote how I choose without pressure, whil
Re: (Score:2)
No, actually, it doesn't. You live under an illusion. One day, you will see that for yourself.
Re: (Score:2)
I'm all in favor of courage and self-determination, but you're kidding yourself if you think that open ballots would ever work. There are a couple problems with what you're saying.
First, the perceived value of a single vote is usually much smaller than that of people's lives or well-being (or those of their families), even when that vote could swing the whole election. So once you open up the ballots it's very effective to *add* intimidation and harassment, which can be hard to catch or stop through legal m
Secret ballot (Score:2)
If they try to behave violently afterward, they go to jail. No different from any other thug.
No. If they try to behave violently afterward, you call the police. The commissioner of police, however, is from the ruling party you voted against. The cops are too busy and the D.A. doesn't think it's in the public interest to press charges.
This is more of an issue with votes than anything else because we vote for control of the system that stops thugs. Therefore, elected officials have the power to keep their thu
Re: (Score:3, Insightful)
This is one of the reasons the current system was set up the way it was, where you do not leave the ballot box with anything. This was an issue in the past, and one that I would rather n
Re: (Score:3, Insightful)
If you work for someone like that, and you don't quit once you realize the character of the man you're empowering with your efforts, you deserve to get your ass kicked. You're just making
Re: (Score:2)
If you work for someone like that, and you don't quit once you realize the character of the man you're empowering with your efforts
Did you occur to you that not everyone has the ability to walk away from a job because the boss is a dickhead? It's not all that easy for many people (particularly in this economy) to find another one and if you have a family then you aren't just worrying about your own mouth to feed.....
Re: (Score:2)
And if you have the ability to "personally" check how one's vote counted, then your boss has the ability to "personally" check how you voted. If you have a private username or something that only you know, but your boss knows you have it, it is very easy to set up a "show me how you voted or you lose your job" scenario.
There are systems where this is impossible. A simple system goes like this: You fill out _three_ voting forms. In these three forms, you have to give one vote to each candidate, and two votes for the candidate you actually want to elect. After the forms are submitted, you pick _one_ that is printed out and given to you as a receipt, including a random identification number. If your boss wants you to vote for candidate X, you can show him the receipt with a vote for X and you can still vote any way you like.
Re: (Score:2)
Umm, if that system is known, then all your oppressor has to do is take your receipt and check online.
Look, it's like DRM, if you have *any* way to verify your vote then so does the local gang that are under the protection of the local ruling party.
Re: (Score:2, Insightful)
It's not just jobs.
It's fingers, toes, legs...
Unofficial vote "verifying" is a key method in the arsenal of corrupt dictators the world over and throughout history. It's been happening in Zimbabwe in the last few weeks.
Anonymity is the only defence, and that means no "log on and check" system.
Re: (Score:2)
The key advantage of e-voting would be an ability to personally check how one's vote is counted.
That's the largest DISadvantage to e-voting. Period. Since you already quoted and dismissed the poster who tried to make the same point, I can only assume you are one of the most stupid people to ever exist, or you're a politician.
Re: (Score:2)
And if you think your boss would be the only one interested then you're a fool. There are all sorts of social and physical pressures that can be put on people when there is a way, even by force, to find out how they voted.
Maybe the cheif of police is best friends with your local congressman, he could make your life very difficult unless you "voluntarily" show him how you voted.
This scheme would be a terrible weakness in a democratic nation.
Re:The problem (Score:5, Insightful)
Re: (Score:3, Insightful)
The sole benefit of electronic voting is that the voting machine can prevent voter error by disallowing over-votes and warning against (but obviously still allowing) under-votes, and can provide a record free of any ambiguities (no "hanging chads"). If the machine simply printed out the votes that the voter cast in plain language on a slip of paper that the voter then folded and dropped into a ballot box on the way out the door, that would be fine. The voter could verify for himself that the paper record wa
Re: (Score:2, Informative)
I think the main problem with the system as it stands now is that with some e-voting systems that are set up poorly you cannot tell if rigging or similar has occured. In a paper system if all else fails you can still go back and re count everything.
An electronic system would allow, not just the finally result to be manipulated but the original data to be changed. You couldn't even tell if there had been any rigging.
E-voting is a lot better than postal votes though, they may increase voter turn out and allo
Re: (Score:2)
E-voting is a lot better than postal votes though, they may increase voter turn out and allow the bed bound etc to vote
A system for the bed bound already existed and still exists. It's called an absentee ballot. You vote in the comfort of where ever you want and mail it in.
Re: (Score:2)
Re: (Score:3, Interesting)
Re:It isn't any different (Score:5, Insightful)
As much as I love the idea of executing anyone who attempts to rig an election (For exactly the reasons you specified), what better way would there be to get rid of the opposition than to frame them for rigging the election?
That way, you not only discredit them for years to come, you actually permanently remove their opposition and are left with a very one-sided governmental system.
Re: (Score:2)
America does not have a 2-party system. We have a one-party system with 2 faces designed to appeal to most voters. It doesn't really matter whether a Republican or Democrat is elected to any one position -- the same people still have control. If we had term limits for Congress, we might get a real multi-party system. As it stands, it's literally impossible.
Re: (Score:2)
Violence never solves anything (Score:3, Interesting)
I guess you missed the part in school about how violence begets violence and it never solves anything, only creates new problems.
I was sick that day. But here are some things I learned after I got better:
1. How the Romans dealt with Carthage, and after the Third Punic War were never bothered by the Carthaginians again.
2. The 30 years war and how Catholics and Protestants stopped killing each other over religion afterwards.
3. How Cromwell [wikipedia.org] and the threat of a repeat performance caused the Glorious Revolution [wikipedia.org]
Re: (Score:2)
Elections were rigged, but in the majority of cases the thing that was rigged was the selection of who voted, not the ballots or ballot boxes.
When an election is based on paper ballot systems, it's far easier to manipulate an election using other means. For example, the number of dead people voting in such places as Chicago, etc.
The introduction of electronic voting brings in a brand new method of vote rigging, which is the content of the systems themselves.
So my counterargument is simple: "Oh great. With e
It's a matter of scale (Score:2)
In a sufficiently small election (say, a local election in a municipality of a few thousand people), you're right, there's not much difference. From the viewpoint of the required set of skills, it may even be easier to rig a paper-based election: just get one or two people in the right place, whip up a batch of fake ballots, and you're ready to go—no 1337 skillz needed.
On the other hand, when you're talking national or other large-scale elections, things flip around. With a paper ballot, you have to
Re: (Score:2)
Well, in the general case, the advantage of paper elections is that the attack vectors are by and large known and understood, and can be defended against fairly well. Neither scenario is foolproof, but there's an established body of best practice surrounding paper ballots that just isn't there yet for the electronic ones.
In the specific case of the current crop of electronic voting machines, a number of vulnerabilit
Re: (Score:2)
You gotta be kidding.
A major difference between electronic and paper ballots is in the probability that an attempt to change the outcome will be detected. To change one database can be done by one person, by remote access or even in advance, and leaves no physical evidence at all. To change hundreds of thousands of pieces of paper requires multiple people, with physical access, hours of time, and leaves lots of physical evidence.
The second difference is in the security model. Providing verified secu
Re: (Score:2)
I can't imagine it's significantly harder to rig a paper election than an electronic one.
It is a matter of cost and risk.
It costs a lot less to hire one black hat to compromise thousands of voting machines than to print up a lot of counterfeit ballots and get them put into play. With the voting machines in use in 2000 and 2004, the risk of getting caught was minimal since the security of the machines before the elections was inadequate and audit trails were non-existent.
So for that period, there was a strong business case for rigging elections. The cost benefit ratio was very favorable. And
Re: (Score:2)
But I have to wonder, is it really all that different to paper voting? If someone wants to rig an election, they'll do it no matter what system you use.
Yes, it's almost completely different to rig a paper election.
Say you want to stuff ballots. First of all, you need to print extra ballots to stuff in the box. Then, you need people to fill them out. You need them to fill them out within a short amount of time, and have them all look a little different, in case there is an investigation later. ( i.e. you can't have 1,000 ballots with the same handwriting). That creates a pool of co-conspirators and witnesses, since you need a threshold of manpower to comm
It is harder to rig (Score:2)
You might be able to make it harder to fake by adding a lot of complexity but that brings us to the most important bit of elections that many people miss:
Elections don't just have to be fair, they have to be _seen_ as fair.
Don't
Re: (Score:2)
I can understand why people hate e-voting - it's susceptible to attack and/or manipulation, there's privacy concerns, etc. etc.
But I have to wonder, is it really all that different to paper voting? If someone wants to rig an election, they'll do it no matter what system you use.
I can't imagine it's significantly harder to rig a paper election than an electronic one.
I wrote this reply many years ago (with a correction to a researcher's name in a follow-up post):
http://slashdot.org/comments.pl?sid=6507&cid=940549 [slashdot.org]
That was for totally electronic voting. I think all the points remain valid today. Schemes that use electronic machines at polling places seem feasible if they make correct use of paper audit trails (easily verified by the voter, and also by officials as needed for recounts or statistical verification of electronic results).
I should note that many of the s
Re: (Score:2)
Yes it can be. Let me illustrate in a simple parallel why.
Two words: Online banking.
ID theft for online banking scams is a big market today. It is impossible for a bank to determine whether the order issued from their customer's PC was issued by the customer or some trojan residing inside the computer. That's the first big problem: You can NOT verify that the person you think transfered (or voted) is really the person that did. You can now start to create the most elaborate system to verify what is being en
Optimism for a broken system? (Score:3, Interesting)
He says, in the next sentence: "Yeah, I'm much more optimistic than I was a few years ago."
That doesn't make sense. The system is broken, he says, and then he says he is "optimistic". Is optimism the right word for a system that is not working, even after all these years? Should we be optimistic when a broken system is less obviously broken?
Re: (Score:2)
Re: (Score:2)
The system is broken but less intractably broken than a few years ago.
Prof. Rubin sees increasing awareness of the necessity of auditing by secretaries of state. For example, the secretary of the state of Ohio has just begun the processor implementing much better audit procedures than before.
There's still plenty of improving to do, though.
Re: (Score:2)
That doesn't make sense. The system is broken, he says, and then he says he is "optimistic". Is optimism the right word for a system that is not working, even after all these years? Should we be optimistic when a broken system is less obviously broken?
This is classic Geek thinking. Yes, the system as it is is broken. But now, the users are aware. I remember after the Florida recounts of 2000, everyone was clamoring for electronic voting machines, so we never have to deal with this kind of election dispute again. A few uberGeeks raised concerns on the internet, and nobody but slashdot readers paid any heed. Now, after shenanigans all over the place with this crazy voting machines, nobody is clamoring for voting machines. In fact, they're clamoring for *pa
The problem with the voting system... (Score:5, Insightful)
...is the voters.
Modern voters have grown up in a society that is expert at manipulating peoples will. Through control of the education system, advertising and mild censorship in the name of 'decency', most of the people voting today have been molded into being good, compliant voters who will never oppose the status quo.
Most people aren't strong enough to question their programming. Most simply slip into one pigeon hole or another and lap up the media viewpoints assigned to that pigeon hole (all framed so as to allow the basic principles of society to remain unquestioned)
Meanwhile, the environment dies, human beings starve and sicken in ever greater numbers, and carefully nurtured greed is all that consumes western man.
Re: (Score:2)
The voters and the candidates. Barak Obama couldn't even wait to become president before selling out on telecom immunity.
Re: (Score:2)
One potential solution (not without it's own problems of course) is to make another pigeon hole. If you accept that humans are beings with a group mentality, it starts to make sense to reason with them on a group basis. Instead of appealing to them on an individual basis, appeal to them using their built in methods of group communication.
We see this every day. You've got teenagers thinking that gangster rap is cool because the marketing machine of the music industry moved in. New collectives come and go
Re: (Score:2)
The modding system shouldn't be used to promote the moderator's opinions.
I could be strongly against his comments and still consider them informative or interesting.
In this case, I consider the post dogmatic and not very original while I agree with it. However I can't mod anyway because I've already discussed in this and other parts of this thread.
Re: (Score:2)
You're an optimist.
Behind
I like this part OTFA, i think it's the way to go. (Score:2, Interesting)
"The National Institute of Standards and Technology [NIST] identified what I think is a breakthrough property in an e-voting machine, which is the idea of making it software-independent. That means designing voting systems where a software failure does not have any possible impact on the accuracy and integrity of the election.
If you start out with the goal of designing something to be software-independent, which is a different mind-set from designing something without that requirement, you design it very, v
Re:I like this part OTFA, i think it's the way to (Score:2)
Why the hell would you bother with a seperate scanner?
Isn't that just introducing complexity and potential for massive amounts more errors?
Re: (Score:2)
Except you're introducing a computer scanning/OCR stage when most people have trouble making a hole in a piece of paper.
Re: (Score:2)
I would take a step back. Let the machine that prints out the ballot also keep the count, but have the paper be the legally binding declaration of the voter's intent. The only time you need to go to the paper ballots is when a recount is required / demanded.
As for the accuracy of the OCR, it's absolutely necessary that the printed piece of paper be verifiable by the voter before he deposits it in the ballot box, so barcodes are unacceptable. And it's not the same thing as OCRing Moby Dick. The OCR simply ne
The basic premise (Score:5, Insightful)
I don't understand why is that even educated people miss the point. The whole fucking point of an election is that it has to be transparent and auditable. By transparent and auditable we don't mean to an electrical engineer and a computer scientist, but to a sane adult citizen!
How would you go on about auditing a voting machine, even if the design is open? You'd have to either trust a government or civilian organization to do the auditing or do the auditing yourself, requiring months if not years to verify the design and then verify that the machine you got in the voting district behaves like it is designed to behave! This raises the verifiability bar many orders of magnitude above simple pen and paper.
Remember, during an election, citizens and groups of society are in _conflict_. You can't trust* the government, you can't trust individual groups. What makes or breaks democracy is whether you, as a citizen, can verify independently at least the transparency of your local voting station, because if you can, you can be reasonably certain that other people will do the same in their respective areas and that the general elections are not rigged!
* Remember, democracy has to start somewhere. If you trust the government to conduct the voting process, then you're placing the means of controlling the government's composition in the hand of itself. The risk and temptation is just too high to do that. One thing that should not be government responsibility, but more of a civic duty is voting. In the absense of that, the bare minimum is to let the government conduct the elections, but at least verify it! When the government both runs the elections and through government is the only way to verify the transparency of an election, then that's not democratic anymore.
Re: (Score:3, Interesting)
How would you go on about auditing a voting machine, even if the design is open?
Uh, who gives a shit if you're not allowed to perform the audit anyway? A completely legitimate recount of paper ballots was halted by the supremes in a clear display of partisanship. We can't even recount paper ballots in this country, what difference does it make if you have a paper trail with your electronic voting or not? They're never going to actually verify your vote, and if they did, they wouldn't care what the result was.
I would feel more optimistic if I thought the ballots actually meant something
Re: (Score:2)
Ballots would mean something if people wouldn't just give up and accept defeat. (Sometimes I wonder whether all the french bashing with the "white flag and surrender" isn't just really a projection of one's mental state to others for certain US citizens...)
Re: (Score:2)
So your solution is to just give up on democracy because "they'll never let you do that" anyway?
Well, not exactly.
My point is that when your system is broken due to voting fraud, you can't fix the system by voting.
I didn't say we should do nothing. Only that the poll box is no longer going to help us.
Time to move on to the next box...
Re: (Score:2)
That's entirely correct. What the US needs is more people who can get above the level of petty politics and willing to be active in protesting, activism,...
Re: (Score:2)
"What the US needs is more people who can get above the level of petty politics and willing to be active in protesting, activism,..."
Good luck with that, you filthy, counter-culture, unrealistic, pot-smoking hippie.
Not my opinions, but I think you'll find most people will write you off as a smelly peacenik if you start protesting stuff. They have been well trained in this respect.
Vote selling issue (Score:2)
Re: (Score:2)
One issue I rarely see address is that e-voting is susceptible to vote selling.
This is a trivially solved problem; you give the voter a piece of paper which can be used to verify their vote when combined with voting records, but which is not sufficient to prove you voted one way or another on its own.
We've been doing this kind of thing in cryptography for a long time, it's nothing new.
You are a shill or an ignoranus.
Re: (Score:2)
Hi. You didn't read his post, or didn't understand it enough to post something vaguely related to it. Try again.
Re: (Score:2)
Re: (Score:2)
"This is a trivially solved problem; you give the voter a piece of paper which can be used to verify their vote when combined with voting records, but which is not sufficient to prove you voted one way or another on its own."
If the voter has a way to verify how they voted, then so does the third party, which makes the voter subject to bribery or extortion.
"We've been doing this kind of thing in cryptography for a long time, it's nothing new."
It seems a lot like DRM to me.
Vote Selling Issues Indeed! (Score:2)
Actually, this is an issue I see raised quite a lot; so much so that sets me to wondering: what's wrong with selling your vote? More to the point - what's so wrong with potentially being able to do so that's worse than one party being able to disenfranchise you wholesale, and leaving you with no possible way to prove it?
Because, personally, I'm coming to the opinion that I'd sooner see a small trade in black-market votes, with
Re: (Score:2)
Prohibitions on vote-selling made more sense in eras when factory owners ran for office and basically pressured their workers to vote for them by paying them a pittance for their vote. It was already illegal to threaten someone into voting for you, so they engaged in this sort of vote-buying to cover it up.
That's basically why many of these laws exist, though fully anonymous voting would render the point sort of moot. Of course, if people are given a slip of paper that states how they voted, it becomes un-m
Re: (Score:2)
People come in and vote under the watchful eye of a guy who tells them if they vote the right way, they get the money.
How to stop that? Give them even more money if they turn the guy in. Maybe something like 100 times what they can prove was paid.
One e-voting system for you (Score:4, Interesting)
I really don't get why it's seen as so hard. Here, I'll make one up for you right now; this process would run for every voter. Each vote is not linked to the individual, so the vote remains secret, but is simple to trace:
- "Please enter a 6 digit random number" = X
- "Please enter your vote" = V
- INSERT INTO Votes SHA1HASH( X || Now() ), V
- "Here is a printout summarising your vote. The long number
may be used at a later date to confirm that your vote was
correctly recorded"
Now - how hard was that? Then you supply a website were the voter enters the long number and it shows me my vote. If what shows on the website is not equal to what I thought I voted for any significant number of people, then vote rigging has occurred.
There are a whole load of variations, but the principle would be the same in all. The voter can confirm that their vote was correctly recorded independently. The vote is stored using a secret number that is supplied/known only to the voter.
Re: (Score:2)
For instance, in your system, imagine Cousin Vinnie demanding your long voter number, or someone loosely affiliated with the candidates paying you to show you've voted the right way. Because you're using SHA1, collisions won't happen, and so you can't just give someone else's voter number to bluff your way out of it. If you were to use something that could collide, then you'd have to deal with the collisions themse
Re: (Score:2)
I think you've missed the point. I mentioned SHA1 so you've focussed on that. The actual mechanics of the system aren't important - and it doesn't matter how opaque those mechanics are. It might require 100 PhDs to design - who cares? The point is that by making it possible to for the voter to confirm their own vote (or some independent party if you don't want voters to have the hash to prevent your vote selling concern) the system can be as arcane as you like but it is verifiable because both ends must
Re: (Score:2)
If you make it possible for the voter to confirm their own vote then you make it possible for people to be forced to show who they voted for in order to keep their job/car/fingers. We do not want this.
Re: (Score:2)
Then you supply a website were the voter enters the long number and it shows me my vote.
... which gives me the possibility to sell my vote, because I can, at a later time, prove to someone else what I voted.
That is not what you want...
Re: (Score:2)
What has vote selling got to do with anything? That's just as possible with paper votes.
Don't want the dodgy vote buyer to be able to verify my vote - don't give people the hash as I described - just keep it on a piece of paper in the voting booth.
This is missing the point - what I am saying is that it is trivial to make an e-voting system that can be end-to-end verified, with as much (if not more because of the option of letting the voter verify themselves) certainty than a paper system.
Re: (Score:2)
What has vote selling got to do with anything? That's just as possible with paper votes.
Only if you would be allowed to take your ballot with you outside the voting office.
Don't want the dodgy vote buyer to be able to verify my vote - don't give people the hash as I described - just keep it on a piece of paper in the voting booth.
And what use has it then?
The hashing you propose makes it possible to check the vote only to the original voter.
Once he leaves his hashed vote behind, no one can check anymore.
This is missing the point - what I am saying is that it is trivial to make an e-voting system that can be end-to-end verified, with as much (if not more because of the option of letting the voter verify themselves) certainty than a paper system.
Then, propose that the vote is printed out in clear text, verified by the voter, and put in the ballot box.
Hashing the vote as you propose does not give any benefits, as far as I can tell.
If you still see advantages in hashing, please elucidate.
Re: (Score:2)
Now - how hard was that?
Get Jay Leno to go out and ask random people on the street to give a 6-digit random number. You'll have your answer.
Re: (Score:2)
Then you supply a website were the voter enters the long number and it shows me my vote.
I don't understand precisely what you're saying, but if you can look up your vote after the election, then you're subject to intimidation ( Boss: "So you took off early to vote yesterday? Step in to my office and let's have a look..." ), or you can sell your vote ( "See Mr. Quimby? I voted for your brother. Now will you give me that raise?" ). So, if you can look up your vote in any manner after the election, it's not a secret ballot.
Optimistic? (Score:2)
Why e-voting? (Score:2)
All it really seems to bring us is a lack of transparency and an unnecessary addition of complexity. Keep it simple, keep it transparent, keep it verifiable. It is much harder to stuff thousands of precincts around the country
Re: (Score:2)
Fancy touch screens? Who cares?
Those "Fancy touch screens" prevent over-votes and unintentional under-votes, and they make the record of the voter's intent unambiguous (no "hanging chads"). Eliminating voter error makes for a better election, since it more faithfully reflects the will of the individual voter, and hence, the electorate.
You can keep it transparent and verifiable while using technology to make it easier for the voter.
Yes, it is conceivable that the person ticking the vote box for them may tick the wrong one on purpose, but even if that happens every single time it affects maybe 10-15 votes per precinct?
Florida. 2000. QED.
Re: (Score:2)
Those of us in the election advocacy world are close to your suggestion, differing only in the voter checking process: We advocate strongly against ballot-checking outside the precinct, due to the well-known phenomena of vote-buying and extortion.
But you are right on in suggesting that the voter should be able to see his/her ballot, live on paper, before submitting it to the election for counting. This would be a perfect use of electronic systems: Print Ballots.
The voter can validate or invalidate the ballo