Slashdot Mirror
Net Voting in California
Myxx sent us an article from Yahoo that talks about online voting and the issues and recommendations reached by a panel in California. The summary is that they suggest waiting and seeing. Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.
I just participated in some test of an internet voting thing in my school. It was a national trial.
I think you make a wonderful point. I would like to point out that I had already thought of that issue. There is nothing that prevents people from still walking to a booth. My condition was based solely on the assumption that voting online would become so easy, people would think of it like they do when they change the channel on the remote. In order to prevent that, they have two choices. One, walk to a booth as they always have (make sure no one is left out). Two, make sure the people that are voting online, are casting an informed vote. I honestly don't see a problem with this. Furthermore, I would argue the online voting is the future. As such, I would support anything that help educate the voter. As it is, I suspect that there is a LOT more voting based on hearsay and second hand information than is realize.
The Federal and State governments have terrible track records implementing large computer systems. Specificly the new FAA system, California Dead-beat dad tracking, new welfare benefits system, new IRS system,... (I could go on). These systems are BILLIONS over budget, years late, and often don't work as specified. I have grave concerns about security. Stealing credit cards from CD-UNIVERSE is one thing, stealing an election is another. Just as peoples confidence in the security of web transactions is critical to the success of commerce on the web, people must have confidence that the election was not 'rigged'. Stolen credit cards in the news lately have made people nervous. How do you convince them that "Donald Duck" won't be their next President? We need an infrastruture of digital signatures, average people need to become confidant in them and learn how to protect them. We also need to develop more secure servers with more 'fail-safe' features so that an operator can't "forget" to turn security back on. We should take this one step at a time until we arrive where we want to go. This is not simply money put at risk by a few banks and venture capitalists, but rather the future of the nation.
if you were to do online voting, i would have thought that everybody would need to digitally sign their vote -- so you would have to provide a simple means to sign it (not pgp -sta -u BLAH myfile~1.txt), put it on the browser, and distribute / generate / manage the keys. smart cards are one answer, but they're a bit pricey for what we're trying to achieve here.
---
my opinions have nothing to do with my employer
Here at EvilCo, we offer on-line voting stations for the convenience of our employees. We will even send a manager along to help you with the system, and suggest what votes might allow you to continue your employment with EvilCo. Employees who wish even more convenience can simply escrow their voting credentials with our accounting and security department--- we'll take all the work out of voting for you, and give you a nice tasty $5 bonus!
It would be too hard to make sure one person got one vote. Now we have checks in place to make sure that only one person votes, and these don't even work that well. What happens when scripting makes things easier.
Online commerce dosn't care if I have more than one credit card, they don't even care if I order more than one item, they just want it paid for.
And if there is a question about the validity of the transaction, they just don't ship it.
What happens when I steal all my friends id's, and vote my conscience for them.
One of the largest attractions to the internet is the anonymity and pseudonimity of its users. We can't very well let fake people vote.
these problems will probably be solved, but they definitely aren't solved now.
So which side is spreading the most FUD nowdays? Microsoft or Linux advokiddies?
Who's spreading the vaunted security of vaporware that is hyped to be running our world as we speak?
Do we really need online voting? Is it *so* difficult to get to a voting both? People keep talking about making it easier to vote, but in my opinion the difficult part is educating yourself about the issues enough to make good use of it. For someone who has taken the time to learn about the issus, voting is no additional trouble.
My liability under a credit card transaction is fifty bucks. My liability under a bad government could be my freedom. Anyone who values commerce over freedom should move to China, where the government agrees with you.
Seriously, having someone crack Citibank or Netcom and steal a bunch of credit card number is a biiiig headache, but someone cracking the voting tallyer and stuffing the ballot.... and don't tell me how "secure" the system is. CSS was "secure". Clipper was "secure", SSH2 was "secure"... Need I continue?
I can't support online voting until this problem is addressed. Regardless of fixes to computer security flaws, how can we make sure votes are anonymous?
And it's not the anonymity of those who want to be anonymous which is a problem, it's the anonymity of those who would love to show others how they voted, because that's the only way you can sell your vote. The same problem exists with absentee ballots now, but the scale would increase significantly with online voting. And could there be potential to automate the vote-buying process?
Who cares ... about the voting I mean. Were there real choices ... but I ask you, what difference will there be if Gore or if Bush were to be elected ... other then 25 - 30 I.Q. points that is? ... But it would give the loser a fresh reason to demand a recount ... 'WE WAZ HACKED' And then we would have to put up with looking at the public quacks a bit longer.
The remaining problems I see are:
Stefan
(can't remember my slashdot nick/passwd, sorry)
Careful, it might empower the people and corruption might get voted out of office.
Security's not so hard. Having high availability and preventing people from voting multiple times at mutiple locations isn't a trivial problem. Making sure that people are anonymous isn't so easy either. The problem is much different from e-commerce. But just because it's a difficult problem doesn't mean it hasn't been solved (at least to some degree).
I can just see the next step: "Nortel Networks completes work on national internet voting system; CEO elected president with 1,000,000,000,000 votes"
Russ Nelson is absolutely correct. I mentioned the same argument against internet voting, too, when the internet voting issue came up some time last year.
Forget the technological issues. Assume they are perfectly resolved.
There is no way to assure that the voter isn't being coerced into casting a certain vote.
There is a reason that we use curtained voting booths and poll watchers. It is to prevent these social means of altering votes, rather than to prevent technical ones.
I understand why some people think internet voting is a great way to revolutionize democracy. I felt the same thing for a long time, too. Do not let the apparent elegance of voting from your home computer cloud your judgement, though... internet voting from the home is inherently flawed.
Before continuing, I should comment on absentee ballots. There is an outward similarity between absentee ballots and internet ballots, and I can not recall a big case where absentee ballots were coerced. Let me simply say that the absence of a documented attack exploiting a given security hole does not mean that the hole does not exist!
Actually, I am personally against mail in absentee ballots, too, since they may also be coerced. It probably hasn't become a problem because, in general, absentee ballots are only a small fraction of the votes case it most elections. (I believe one or two states have recently allowed wide spread mail-in voting, though.)
While I am opposed to voting over the net from home, I am not opposed to voting over the net from public polling places. In fact, if the polling places were wired to each other, it might allow a voter registered in Florida to vote from a booth in New Hampshire, removing some of the need for absentee ballots as an added bonus. This, I believe, is an excellent use of technology in voting.
The social issues surrounding voting can not (as far as I can see) be addressed by any implementation of internet voting from home. Internet voting is a dangerous idea. Please don't let your local legislatures implement it.
John Karcz
I'll be there.
MICK THE FIRST POST MASTAH
Since absentee ballots suffer from all the problems that electronic ballots suffer, should we eliminate those too?
You are quite correct that absentee ballots have the same basic problems as online voting, namely that they do not require anonymity, which is an essential property of any system of public voting. Without it, coercion and vote buying cannot be effectively prevented. Therefore, the simple answer to your question is of course, yes.
However, if only a small percentage of voters (say 5%) use absentee ballots, it is not such a serious problem, since only a minority of these voters will be engaged in electoral fraud, so the outcome is unlikely to be affected. Furthermore, since obtaining an absentee ballot is almost as much work as voting on election day, very few of those people who would sell their vote are likely to bother. However some previous posts have suggested that in certain states the number of absentee ballots is in the range of 30-40% of the total ballots cast, which clearly shows that the system is not being used as intended and should either be scrapped outright or seriously tightened up.
The primary reason that Internet voting is a more serious problem than absentee ballots is that one can expect it to be a popular alternative to the ballot box (whereas absentee ballots are not, generally), and the process is sure to be easier to use than absentee ballots (otherwise, why bother?) Once a large fraction of voters are using this balloting method, party machines are sure to develop the sophistication needed to manipulate outcomes by buying votes on a wide scale.
We don't need online polling. The regular polls work fine (if people would bother to use them), and electronic polling raises more questions than answers it solves.
And it's not the anonymity of those who want to be anonymous which is a problem, it's the anonymity of those who would love to show others how they voted, because that's the only way you can sell your vote.
Most intelligent post so far (and from another AC, no less). Easy vote-buying schemes are the FUNDAMENTAL problem with Internet voting, and are a problem which cannot be fixed through technology. Any proposal which allows voters to connect to the system in a private place (such as the home), rather than a scrutinized, public place (polling station) will have this problem, and it *IS* a serious enough problem that internet voting should be rejected as a means of deciding serious political questions such as the election of representatives. A democratic election system for public elections must not merely allow, but REQUIRE anonymity for it to be acceptable.
Of course, the Yahoo article completely misses this important point, along with a few others:
``The Internet has the potential to bring a record number of low propensity younger voters into the democratic process for the first time,'' California's Secretary of State Bill Jones said in a statement announcing the report.
Rubbish. Voter turnout in the U.S., Canada and Great Britain is low because the underlying voting method is so poor. Under the simple-minded plurality ("first-past-the-post") voting systems these countries use, most votes are wasted (that is, they have no effect on the outcome), so many people have little incentive to participate. Votes for minority parties are completely wasted, so people are forced to vote for broad, meaningless, "lesser-evil" coalitions (Democrats, Republicans) to have any hope that their vote will count in some vague way. In contrast, most other countries use some form of proportional representation, and have much higher voter turnout. Malta, for example uses one of the best systems of PR (the Single Transferrable Vote, or STV), and has probably the highest voter turnout in the world (recently greater than 95%, and rising!) Most parts of continental Europe use the slightly inferior Party List systems of PR, and also have good participation rates (better than 80%, generally). Tinkering with the technical mechanisms of voting (Internet vs. polling booth), rather than the underlying system of counting votes is simply rearranging the deck chairs on the Titanic.
If a voter knows that their vote is going to be wasted, due to how it is going to be counted, it makes absolutely no difference how easy you make it to cast votes -- the rational voter will do nothing anyway, and short of unobtrusive mind-reading techniques you will never get their opinion.
``Unfortunately, the threat of computer virus and other technological attacks on personal computers make Internet voting from the home or office an unsecure and unwise practice at this time.''
More rubbish. These are minor technical problems that *do* have technical solutions. Throwing these issues up as the "problem" of Internet voting merely creates a smokescreen for the *real* problems, which are conspicuously absent from the discussion. Publicising these problems simply makes it easier for the public to swallow the idea of Internet voting once these small technical problems are miraculously "solved" through technological advance. People should wise up and refuse to participate in this phony debate. For example:
``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said.
``The security techniques and technologies than we use are far more secure than those that are used to transfer millions of dollars out of bank accounts over the Internet today.''
This of course is probably true but irrelevant. Here we are invited to discuss whether or not the protocols used to transfer votes are sufficiently secure from tampering, without considering whether the votes themselves are meaningful, and if the votes are NOT meaningful, then the technicalities of collecting the votes are relatively unimportant. Why bother to create an elaborate, technologically sophisticated system to collect and process junk data, when we already have a simple paper-based system that can do the same thing? Internet voting is NOT a solution to the problem of low voter turnout. This problem is fundamentally a social one with political solutions that cannot be solved using technological quick fixes (I know, this is surely heresy on SlashDot!).
According to a poll by the Public Policy Institute of California, voters under age 24 were three times more likely to support the idea of e-voting than those aged over 65.
OK, so we can conclude that younger people who ARE going to vote are more likely to do so via the internet than older people, or support that as an option for voters, but the question they should have asked but apparently didn't is:
are YOU going to vote if Internet voting is available as an alternative to the polling booth?
I guess it's best not to ask the questions you don't want the answers to.
lest we return to the days of ballot stuffing and non-anonymous voting.
"Vote early, vote often!"
What people are forgetting here is that voting in California is rife with fraud already. The CA supreme court ruled it's an undue burden to ask voters for identification when they vote, so there are lots of irregularities in every election. I don't see how computer voting will change that.
--
Brian Fundakowski Feldman
Coerced votes are not unique to online voting. Absentee ballots have the same potential for coercion, for the same reasons, and it has turned out not to be too much of an issue. See the letters at the end of the last issue of Crypto-Gram here.
In short, absentee ballots account for as much as 35-50% of the vote in some elections, certainly enough to change the outcome of an election, and they continue to be used despite the possibility of coercion.
Of course, online voting has many, many other problems. I just don't think coercion is one of them.
Again: as long as home computers are an untrusted platform, any information coming out of them is suspect.
The Internet is NOT secure enough for billions of dollars worth of transactions; exploits are too regular an occurrence, and snake oil is too profitable (vendors are either glossing over vulnerabilities or trying to peddle crap technology). Cracking "Internet voting" (whatever that is this week) has the potential to cause even more damage than cracking business databases or financial transactions---the corruption of a society and its system of law, not just to Joe Smoe's Visa account.
Rev. Dr. Xenophon Fenderson, the Carbon(d)ated, KSC, DEATH, SubGenius, mhm21x16
I'm proud of my Northern Tibetian Heritage
I wonder how many billions of extra votes one could stuff the eletronic ballot boxes with?
Who want's to be the next president of the USA? Only $1 per vote (Special introductory offer).
Deleted
Digressing I think that we really need to look long and hard at good crypto solutions. Right now people can steal anything, and they do, from people's social security to my CC the other day on CD Universe. You can't make anything good without breaking a few things in the making, and people continually think that it has to be 100% or nothing when most of us live in an 80% (if that) world. I think there are only two main issues. How do we keep the transaction secure, and how do we know you are you. Solutions for these are wide ranging and I'm sure others are covering them well in these threads.
I'd like to see a faux voting for a year. I really want to see some official idea count on how many people would vote. Besides just thinking for us normal two legged healthy people, think of the handicap/disabled people that could vote. You can bring out a lot more of the populous if it were available.
We're not ostriches, so lets keep our heads out of the sand,
Malachi
"Life is all about strategy, mathematics and psychological perceptiveness."
I see no meat though.. he's afraid, and by rights so because who knows how much research went into the idea et al. I'd like to see a thurough summary done by him though.
Keep'n it real,
Malachi
"Life is all about strategy, mathematics and psychological perceptiveness."
What kind of mechanism is going to be there to prevent someone from swaying the election through some clever brute-force guessing of the relevant information from which the verification of uniqueness and identity is keyed? Are they going to restrict it to one vote per IP? That'll shut down nearly all voting behind a firewall or other masqueraded connection. Are they going to assign some kind of one time key to use along with their SSN or something? I don't think that these guys have or are willing to get the technological mojo to pull this thing off 100%, but then again, I still feel slightly unsafe at the nominal 128 bit encryption that current browsers offer.
XenoWolf
XenoWolf The Original - Since 1993
(Sorry for the double post... I accidentally posted as an AC.)
Russ Nelson is absolutely correct. I mentioned the same argument against internet voting, too, when the internet voting issue came up some time last year.
Forget the technological issues. Assume they are perfectly resolved.
There is no way to assure that the voter isn't being coerced into casting a certain vote.
There is a reason that we use curtained voting booths and poll watchers. It is to prevent these social means of altering votes, rather than to prevent technical ones.
I understand why some people think internet voting is a great way to revolutionize democracy. I felt the same thing for a long time, too. Do not let the apparent elegance of voting from your home computer cloud your judgement, though... internet voting from the home is inherently flawed.
Before continuing, I should comment on absentee ballots. There is an outward similarity between absentee ballots and internet ballots, and I can not recall a big case where absentee ballots were coerced. Let me simply say that the absence of a documented attack exploiting a given security hole does not mean that the hole does not exist!
Actually, I am personally against mail in absentee ballots, too, since they may also be coerced. It probably hasn't become a problem because, in general, absentee ballots are only a small fraction of the votes case it most elections. (I believe one or two states have recently allowed wide spread mail-in voting, though.)
While I am opposed to voting over the net from home, I am not opposed to voting over the net from public polling places. In fact, if the polling places were wired to each other, it might allow a voter registered in Florida to vote from a booth in New Hampshire, removing some of the need for absentee ballots as an added bonus. This, I believe, is an excellent use of technology in voting.
The social issues surrounding voting can not (as far as I can see) be addressed by any implementation of internet voting from home. Internet voting is a dangerous idea. Please don't let your local legislatures implement it.
John Karcz
The most common OS in the world isn't something I'd consider secure enough to cast online votes with. I mean can you imagine voting viruses taking over as many copies of Lose2000 as possible and casting votes one way or another.
It's not just making sure that the correct votes are cast, but htat those people who still don't bother (tsk... some people) don't have their votes appropriated.
At least with Wisconsin's laws. Wisconsin allows you to register at the polls on Election day, establishing residency can be done by just showing a lease or even a piece of mail. In Madison, most everyone lives within a mile or less of their polling place (I live about 300 feet from mine)
Voter turnout in my district is so heavy that they ran out of ballots in the last Congressional elections!
America will fight online voting for the same reason it will profess support for the family farm - going to the polls is part of our national identity. Sure, the future may be megafarms and evoting, but you can be damned sure a lot of us are going to fight it tooth and nail.
Just think of what might happen if voting was made easy for the masses. Why, people might start voting, and we can't have that, now can we?
All sarcasm aside, I think online voting is inevitable, but it will be interesting to see what entities drag their feet over this because they fear the kinds of change this would bring.
If you are permitted to vote on the internet for your cantadate, then their is a GREAT possability for abuse of the system, besides that, how do you know a ip address is realy inside that state, you dont....
The whole idea behind this is to allow THE SYSTEM to remain, and get BIGGER, which is what Americans do not want, exept for some jerks who currently hold presidentcy.
And how hard would it be to take that card, and make fake ones?
Immeadate loss of what remaining freedom americans hold.
Wow...all they need now is an internet toilet (don't they have that in Japan?)!
Too bad I don't live in CA.
-mark
-mark
If your computer says LINUX, run...computers can't talk! [unless you have text-speech software]
But it might not work that way. Consider: It's likely that the wealthy already do vote in large numbers/percentage, and their numbers can't be increased significantly. There's many studies that conclude the likelihood of voting is more or less proportional to wealth, after all. If that's the case then any measure that increases the number of voters, even a little, is likely to be more democratic in the sense that you mean.
My question is, do we want to further enfranchise those who don't care enough to go to the polls now?
J.
No, I'm not saying that at all. Consider this hypothetical situation.
What if the government were to pay for special employees whose job it was to go to the homes of rich retired men (but not women) and ask them for their votes. This sounds very undemocratic while making it easier for a certain segment to vote. Unless there was some kind of female backlash to counteract this policy (backlashes and protests being a whole different kind of evil), these rich old men would end up with a larger share of the vote.
It is undemocratic to make a special effort for certain segments of the population while not making a similar effort for others. Other issues notwithstanding, perhaps Internet voting would make sense if there were simultaneous outreach programs to those who aren't connected.
I heard an excellent argument against Internet voting on NPR yesterday. Because Internet voting makes it easier to vote, more people will probably vote. Because Internet users are generally wealthier, this means an even more disproportionate number of wealthy people will have a larger share of the vote. So it's kind of undemocratic to make voting easier for some people than others.
I had an uncle who lived in Chicago. He voted Republican until the day he died -- then he started voting Democrat.
</JOKE>
--
Unless you can't even find a "third party" candidate you could accept, of course.
--
Do I look like I speak for my employer?
and that is that there's no way to tell if an online vote is made under coercion, while it's fairly reasonable to assume that votes made in person are not (as the 'evil' party would have no way of knowing which way the vote was actually cast).
There is also the possibility of a loss of anonymity with online voting, as you could have 20 people in the room with you at the time or the protocol/whatever could be snooped if not done properly.
If they do this I hope they consult the more knowledgeable crypto people in the field and work out a solution everyone is happy with. Just because you CAN do it doesn't mean you SHOULD. Though I agree that it would get people voting more frequently.
If those kids can't bother to get off their asses and get out into their communities to vote, why should they even bother being involved in the political process at all?
I would say the internet is not really secure enough for the $billions in transactions either. How many more thousands of credit cards, etc. have to be stolen online to wake people up?
Do really dense people warp space more than others?
I thought a good number of articles on this site pointed out that e-commerce isn't nearly 100% safe. Voting is not one of those matters that should be taken lightly when it comes to security, lest we return to the days of ballot stuffing and non-anonymous voting.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
I agree with you. Though I would also like to note that if the vote counts differed significantly with the results of appropriately conducted polls, it could possibly indicate overall election-outcome fraud. So in that respect, we wouldn't _totally_ be in the dark when it comes to detection. But you are right, investigating election fraud and recovering from it would be a nightmare because of the lack of physical evidence. It's much easier to manipulate electronic materials rather than physical materials.
People are already comfortable using ATM because of its simplicity. Distribute an ATM card for every registered voters and will expire after voting. No need to install PCs, and votes will be legally counted if votes were made inside that state. No need to validate IP addresses.
"I think, therefore I am."
Philip Apostol
I heard this story on NPR yesterday (while stuck in snow and traffic - erg!) and they only briefly touched on the issue of voter apathy. 'Oh the internet will get all the 20-somethings to vote' was about the extent of it. While I will say that I don't vote as often as I could/should due to schedules/weather/PMS/etc., I believe that for the majority of my peers voter apathy rests with political distrust and disinterest. The public schools may require that you learn about the system but it's done in a very inefficient manner (I think I got a 'B' in 12th grade Government class, but ask me how a bill becomes law - ???).
What's needed is for the youth of this country to be shown, not told, how the government works. They have to believe that corruption is beatable. Right now, even I have a hard time believing that.
Technology shmecnology, online voting will happen. It's not a matter of when or even how. It's still an issue of voter apathy.
The Divine Creatrix in a Mortal Shell that stays Crunchy in Milk
The House Between - Original Sci-Fi Series
I thought of that, but it's pretty easy to find out someone's SSN, since it's used for just about everything. A PIN might work, but that also is easy to hack unless it's exceedingly long.
I would think that one of the main problems with internet-based voting is verification of the voter's identity. Right now, when I go to the voting booth, there are people there to check my ID and voter registration. On the internet, however, you pretty much have to depend on the voter registration by itself. Voter registration numbers are pretty much sequential, so it would be easy (currently) to write a hack and stuff the ballot box, so to speak. I think that before internet-based voting becomes a viable option, a whole new infrastructure will have to be created which supports identification in a more robust manner.
Well, caution is good. In a sense protecting the integrety of our electoral process is far more important than protecting financial transactions. I see nothing wrong with taking time in implementing electronic voting, especially in general elections.
In another sense, electronic voting may be what finally restores the electoral process to a more popular state. When I consider the number of people who never write letters, yet have become compulsive emailers, it seems a similar phenomenon may be in store for political invovlement.
Whether that, in the end, is a positive or negative effect (people wouldn't have to care enought to get out to the polls in order to be counted) is another issue entirely.
1. Then repeal motor-voter laws. It is not
necessary that all have an equal chance in
EVERY method, so long as it is plausible
(e.g. putting booths in subway maintenance
tunnels is NOT valid) for eligible voters
to vote.
2. Most voters don't spend much effort, anyway.
Fewer voters cite policy issues compared to
personality or physical appearance.
3. Legally, there's no stipulation that voting
be either easy or difficult so long as folks
can plausibly do it.
It doesn't really matter, anyway, as long as there's no separation of powers. For all practical purposes, the Executive has usurped much of Legislative authority; we now have presidential candidates talking about what executive orders they'd issue, after all. First, get a Congress that's willing and able to fight the Prez...
Only the dead have seen the end of war.
Still there are many advantages to online voting like: higher precentages of more educated people vote (remember, you can find out all sorts of things about the candidates online that you never hear from main stream news and you can get the opinion of importent groups like the ACLU) and people can vote more oftin since it is less hassel.
Personally, I think that online voting should require various amounts of platform information to be made available. Furthermore, I would want to require a random 3-4 question quiz on each canidate. This way, we are ensuring that more educated are voted. This would be a wonderful way of raising the bar for voting.
Ya, ya, how horrible that I would want people to educate themselves prior to voting instead of letting someone else do the thinking for them. Obviously this isn't fool proof, but I think it beats our existing system. Why would I want this? Well, imagine a day when everyone has a computer and online voting is the norm. As it is, people have to make an effort to go vote. This implies some level of civic responsibility. I don't want voting to be on the same level of thought as changing the channel on our remote controls. I want people to have to make an effort for society. I want people to vote for whom they think is best for the job and not because their brother's cousin's wife's uncle decided that this who they should vote for.
Throw in the fact that most browsers use 56-bit encryption, no host authentication and no user certificates, the level of trust you can put into who is sending the data is amazingly low.
Except, you made the assumption that online voting would be performed through your web browser and/or use the same security facilities that are used for online purchases. This is, of course, wrong. A better way to do it would be to send each person a serialized application when they register. Furthermore, this application would implement the "secure/anonymous" crypto-algos.
I've worked with ATMs, credit card systems (private lable and otherwise), debit systems, EBT, etc. None of these systems are designed to prevent fraud!!!! They are all designed for fraud detection and to create enough of a audit trail to catch the guilty. I don't think we want to follow this trend in voting. As such, obviously different technologies are required.
First off, since when are online financial transactions secure? And more importantly, is it *really* a good idea to vote using the Internet? Remember, we're talking about a medium where you can search for pages on having sex with goats while on fire, and the engine will return "specify type of goat"... Of course that's just my opinion, you could be wrong.
Study everything, you'll find something you can use - Jason Bourne
It is important to note that many of the elaborate procedures that have been implemented at polling stations were designed to prevent individuals from being able to sell their votes.
Specifically, individuals are constrained to vote in physical enclosures that provide them with the ability to cast their votes anonymously.
My biggest concern with online voting is not with individuals maliciously cracking the system. Rather I worry that it would become practical to purchase votes en-mass.
With an online voting system, it becomes possible for the local ward boss to watch people as they cast their votes. (In a worst case scenario, the boss provides a computer, individuals line up to vote, and are paid $25 dollars a head for making the "proper choice")
Look at the enormous amount of money that the candidates have been spending during the caucuses and the days leading up to the primaries. Candidates such as Forbes are rumored to be spending upwards of a 100 dollars per vote on this event. I'm willing to bet that it would be MUCH cheaper to bribe the populace directly.
Richard
If you scan through the California report, it's interesting to note that one of the "possible approaches to the problem of malicious software" which they list is security through obscurity (bottom of page, section titled 'Obscurity/complexity').
They speak of how "voting software may be kept secret prior to the election" so that "potential authors of attack software may not have enough time to develop and distribute it during the election window".
I'm not sure I'd count on that. Really motivated hackers/crackers can come up with stuff pretty darn quick.
The TechnoDemocracy Project was recently started to create open-source voting software. Open review of the TDP code should make it more secure than the closed-source/proprietary approach traditionally used & recommended by the California task force.
Voting through the Internet cannot yet replace physical voting, for all the reasons that others have noted; however, I don't see any reason why voting through the Internet cannot be introduced as an alternative to an absentee ballot. How is an absentee ballot any worse than an electronic ballot?
The security on an absentee ballot (at least where I live) involves registering as a voter in person and mailing a request for an absentee ballot, in response to which an absentee ballot is mailed to your house and your request is noted. In other words, next to none.
Is this any more secure than using public key cryptosystems to authenticate voters online? You have to initially verify that the person that has the private key is really the person that he claims to be, but once this initial step is carried out (which can be done at voter registration), what prevents secure absentee voting? This would make life much easier for citizens living abroad, in remote areas, etc.
Privacy, security, reliability, and public confidence cannot be provided any better by postal services than by strong encryption. As for anonymity, absentee ballots can't expect anonymity anyway. For those who write, "If people aren't sufficiently interested to physically visit the polls (or send in the form for a mail-in ballot if they cannot do so), they probably aren't sufficiently interested to educate themselves on the issues:" In that case, why not reestablish the poll tax or the literacy test? After all, if people aren't sufficiently interested to pay a poll tax or learn to read, they probably aren't sufficiently interested to educate themselves on the issue. Physical ballots are no more difficult to "lose" than electronic ballots. There are no measures against coerced or bribed voting in absentee ballots; why expect them in electronic ballots? As for those who do not have or do not want computers, I ask, "What about those who live too far from a poll booth and don't have any means of transportation? Should poll booths be eliminated?"
Since absentee ballots suffer from all the problems that electronic ballots suffer, should we eliminate those too?
Daniel J. Peng
Daniel J. Peng
The net may not be secure enough for voting, but we have to ask ourselves something very important. Do you really want to see banner ads for political canidates? My god, think of the pop-up windows, the pop-up windows! I'm sure you can imagine a scenario: Canidate X's popup pops up, then Canidate Y's pops up over X's and then Z's covers both Y and X. It would be worse than prOn sites!
The next remark is false. The previous remark is true.
So why are ALL governments dragging their heels on implementing this?
Well, the instant you have online voting, the next obvious question to ask is:
Hey, why don't we use this all the time, instead of just for elections?
Instant polling of the electorate's opinions would render large areas of Government redundant (or maybe obviously redundant *smiles*). Consider...
Ban abortion YES/NO
Invade Iraq YES/NO
The funniest aspect for me is wondering what the 4 million Sun readers in the UK would vote for. (For those who don't know, The Sun defines tabloid journalism in the UK).
If, and only if, evoting was ubiquitous, more polls could indeed be organised. But, while low response to polls is a problem already, more polls would decrease public interest even further (germans learned this through lots of plebiscites(?) in the Weimar Republic 1919-1933...)
Most people cant, or dont want to, stay up to date on all the topics raised in parliament, as they should have to, in order to place an optimal vote. However, many people are informed on certain topics that touch their interests enough. Some can even cover it all.
Divide up political topics into 10-20 categories, and over time I could name people whose opinion in one or more of those fields I would trust to the extent of having them vote for me in polls regarding this respective field of politics, adding weight to their vote by my confidence.
This way I could, with minimal effort (just being informed about "my own" field(s) and people I personally know), make sure that my vote is far better than it would be if I had to do it all myself.
It might be something to replace political parties, abolishing all the trouble associated with them.
Food for thought provided by
Kiwaiti
Member of the Legion Of Microsoft Haters
Despite being non-sensical (virus attacks?), this is well-taken. CmdrTaco brings up the point that $billions are floating around on Internet transactions, but voting is not done online. Even though it seems when you go to the polling place that security is _weak_, it still requires some hard-to-defeat methods that make widespread voting fraud hard (at the voter end-- counters can cheat all they want if there's no oversight).
The problem is that voting in elections is the basis for creating the infrastructure (contract law, the courts, determining and collecting taxes, etc...) that allows Internet transactions to be conducted. This is a sensitive process and any chance to undermine it (and how fast could a beowulf cluster on a bunch of those new weather computers fraudulently vote?) has to be avoided.
Much as I would love to vote online, I just don't think that we're there yet
My own thoughts are that the kind of online identification required to do online voting would destroy online anonymity. Any ID for this purpose would soon be exploited. Think not? Social Security numbers were specifically NOT for identification purposes. And look at them now. Everybody wants them. So, do you REALLY want to vote online?
"We apologize for the inconvenience."
As a brit - I cant really comment on the Calafornia issue but I think the idea behind online voting could be beneficial.
I agree wholeheartedly that the governmetn (be it our or yours) tend to take a " lets wait and see" point of view on things especially if its something that other people may understand better than they do ...
if the governemnt is keen on attracting people to online commerce (which I know the uk one has been pushing for) maybe a step forward and backing online voting would increase consumer confidence?
As long as the service was guaranteed to be secure I dont think people would have a problem with it.
Sometimes the only way to stay sane is to go a little crazy!
How many people do you see who should be allowed to vote, i.e. to determine the very future of our nation?
The answer is simple, ALL OF THEM.
Amendment XV
Section 1. The right of citizens of the United States to vote shall not be denied or abridged by the United States or by any state on account of race, color, or previous condition of servitude.
But our nation (the US, in my case, and most other modern nations) is founded on the fundamentally incorrect premise that every man's opinion is equally correct (i.e. it has an equal chance of being correct). This is demonstrably wrong.
What do you propose? A test? Some sort of credentials that you must acquire before you are qualified to vote? That's the ticket. Don't allow the uneducated to vote. Most of them are poor anyway. They don't count.
That's absolutely obscene. How long do you think that will last before the unhappy, unrepresented poor overthrow your elitist government?
cheers,
You make it sound as if the current system cannot be hacked.
From the article: ``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said.
cheers,
Putting effort into hacking e-commerce will get you some credit card numbers and therefore a bit of cash.
Putting effort into hacking electronic vote-stuffing can make you leader of the free world.
Do you still believe enough in net security?
Ken
Do we really want more easy democracy? I have thee problems with voting online... 1. What about those who do not have or want access to computers. It is necessary to give everyone an equal chance. 2. It should take effort to vote. You should care enough to change your voter registration each time you move and follow the elections enough to remember that it is election day. 3. We are not a democracy, we are a republic. A democracy comes down to what the majority says happens (mob rules). Luckily for the minority on any issue are rights have to be considered. If the majority decided that computer users should be killed, could it happen??? No because each individual has their civil rights protected. Voting is a responsibility. It should be available to everyone, but not easy for those that are whipped into action by a last minute media blitz. In my town whenever there is a school bond measure, the district polls the electorate for likely voters for the measures and pesters them into voting... Bringing them abesentee ballots and reminding them that it is time to vote. Online voting is just going to accelerate that process.
I pretty much agree with you on this one. Online voting would be *too* easy. Most people do not care about the real issues - they will just vote for who they have heard of (code for who the media likes the best). People who make the effort to go vote are the ones i want making the decisions.
However, you are incorrect on one point: the US is not founded on the premise that every man's opinion is equally correct. Back when this country was formed, you basically had to be a white male land-owner to be able to vote. Also, remember that the popular vote DOES NOT determine the president - it is the electoral college that does. Even the Founding Fathers didn't trust the general populus.
We have the technology to make this secure - it doesnt take a crypto genious to fuigure it out ... snail mail is used + truested for voting systems today (registration + absentee voting) ...
... but i for one think it is crucial that we get this happening for the sake of making democracy truely democratic, and socialism truely communal. It is the only way to do away with the effort invloved in getting people to centralised voting booths all on one day, and allowing us to have more frequent referendums. Lets change this f@#*ed up system and make the c%!$ts honest. ...
take what u want from that
Hopefully someone else has already said this while the article was being hit most
Business and voting can't heve the same standard.
It is one thing if someone steals a million
dollars and a different one if he forges a hundred
votes, because of the influence this can have in a
country's destiny and the actual restriction of
rights this means.
just my opinion,
rmstar
online voting is bad. very bad. it is the same thing as poll taxes and heavily complex registration procedures. it prevents the less priveleged from having an equal say in their representation.
rob, you have absolutely no right to post comments on the main page after the artice title. if you have a personal opinion on the article, post a comment, like we all do.
your sarcastic remark shows that you disregard the priveledge of owning computers that you and i share. i know you live in some praerie in middle america in a nice place with "cool" computers and an aibo, but not everyone has these things, yet everyone must be able to vote. please think about the impact your snide remarks will have upon your image as a logical human being.
-=tonyt=-
A billionare software maker convinces state/nation that internet voting is safe when done strictly through his product. Then come election day, there is a record amount write-ins on voting all strangely for that billionare software maker or someone of his choice.
Real men dump cores! Read my journal, I am neat.
Somebody back me up here! :-)
Yes, you have the power!!!!!
Ehem. I'm an incredibly cynical person, but also an incredibly optimistic person. That means that I am fully, depressingly aware of how much life sucks right now, but I honestly believe that we can do something about it. I worked on the Clean Elections Campaign here in Massachusetts, and we have a public financing law on the books and funded now. It can be done, you just have to work like crazy and not take setbacks lying down.
Get involved. If you think the system sucks, do something about it. Yeah, there are a bunch of powerful slugs sitting in their ooze and ruining our lives, but everyone needs a hobby. They can be voted out, they can be forced to pay attention to their responsibilities.
Oh yeah, and we need real citizen education in schools. Did you know that public schooling in america was originally meant to produce an educated voter base so that democracy could work? Now we act like the schools are there to either produce propper worker drones for big business or corrall troublemakers till they turn 17.
Just about every school has a debate club. How many actualy teach people how to listen to a debate?
...will work for Chick tracts...
Time period: Yes, the system will only be open for general population voting for about 48 hours. This is about the time it took people to hack the GCHQ cr/hacker test, but the Votation guys will be watching this system like hawks. I think they'll be able to handle the inevitable attack.
Availability of the system to the general public: Believe me, the Arizona Democratic Party is concerned about reaching core Democratic constituencies, many of whom do not even have access to computers, much less the internet (think about the residents of reservations, residents of poorer communities and minorities). The party is setting up more than 50 traditional polling places statewide with terminals that will conduct voting after the general public has had their chance to vote. Just as mail-in ballots reached out to those who were out of town or unable vote in person, I think this is an excellent way to reach out to younger voters, who still turn out less than any other demographic group.
Anonymity: This has always been a problem with voting. It is a special problem here - DNC rules say that only identified Democrats can cast a ballot. But, it's always been a problem! If you vote with a paper ballot or with a machine, you generally still have to come in and sign the vote register. Only then do you get your anonymous ballot. Voting by mail requires that the voter sign the flap of the envelope! Online, a series of verification checkbacks can be set up that result in a voter casting an anonymous ballot.
Vote fraud: Yes, this is a huge issue. The verification system set up is pretty extensive... The voter will receive a PIN in the mail. They'll have provide that PIN, along with other personal information required on Arizona's voter registration form to be validated to obtain a ballot. And I think the pieces are slowly coming together to prosecute fraud online. And to the people who noted e-commerce isn't 100% safe - there are always people who will try to vote illegally. This system is perhaps better equipped to stop them than some traditional hand-verification procedures. Papaer ballots are just as vulnerable to tampering.
Security: Ok, so now Votation has your verification information. At least they're one vendor, as opposed to having it scattered in the hands of hundreds of election officials statewide. And I think it's pretty much common knowledge that hacking an individual 128-bit-encrypted stream is pretty worthless compared to hacking the server that the votes are taken on. I would think relying on the browser's technology, and guarding the servers should put up a good defense. These Votation guys have conducted stockholder and union votes before, with no problems.
I'll probably get richly flamed for this post, but I think on-line voting is a valuable step in the future of the internet, the future of government and in the social well-being of the country.
==
"This is the nineties. You don't just go around punching people. You have to say something cool first."
i wonder if e-voting is a good thing, ppl tend to think second on the net, flames start up because of the lack of reality in cyberspace and the instantness of discourse
would e-voting be the same? one click and theres the vote for Adolf Hitler Jnr, opps i changed my mind... too late!
traditional media voting at least gives u a few seconds more to ponder the voting decision and if necessary rip up or spoil your slip
britney spears for prez!
This reminds me of a story my uncle told me. Twenty years ago he lived in the former Soviet Union and at the time, his town was experimenting with democratic-like processes like voting. The government announced that they would have a secret ballot vote for mayor. When my uncle showed up to vote, the voting official handed him an envelope. My uncle looked at it and asked why it was already sealed. The official replied, "Because it's a secret ballot, of course."
I wasn't really talking about kids - I'd have to agree with you on that. I meant people that feel intimidated by the process due to lack of education, money, whatever. Might be easier to vote if you just had to click on a button, after someone'd explained how.
Moot point, really, I think. Security, as above and below is the issue... And I know - If people are intimidated by voting, wouldn't they be intimidated by computers? *sigh*
-Noiz,
Socialist at Heart.
---------
---------
I'd kill for a Nobel Peace Prize.
Younger voters would definitely vote more readily if they didn't have to leave thier computer - And let's face it - so would a lot of other people. Going down to whereever place they've decided to put the polling station isn't fun (as in Canada, anyway, they seem to manage to place you at one that's *not* the closest possible), waiting in line isn't fun, and so on.
It would probably save alot of money in the long run - less polling stations needing to be staffed -
But for me, the interesting thought is - How many voters who don't vote and don't have net access would seek out a public terminal? Here, Employment Centres have free net access - I'd be interested to see how many people who are intimidated by the voting process would vote for the first time because this option is a friendlier one.
-Noiz,
Who apparently rambles before her first coffee.
---------
---------
I'd kill for a Nobel Peace Prize.
I live in the SF Bay Area...Contra Costa and Alameda counties are seriously considering doing something like this. Yes, there are security issues, but I think they can be resolved pretty easily...I have been doing some web security work and I think it could be done.
"I haven't lost my mind -- it's just backed up on tape somewhere."
there is no way that the net can be made secure enough for voting. I am baffled at the tendency of people to attempt to solve issues with hardware.
the issue is not that voting is hard to do. it's not hard to do. it doesn't take a lot of time. the issue is, people don't vote because they think it's a WASTE of time. they don't think it matters.
a voting booth is designed to make one's vote private. no one can see how you voted. you think this is possible on the internet? think again.
- "We've got to get these two together." - "I think that would be extraordinarily dangerous." -
Votation can blow hype all day, but the reality is that secure internet voting is impossible under any OS that lacks memory protection - such as Win9x, DOS, MacOS - because there's no way to prevent a malicious program (e.g., a virus) from stealing my vote. You can have google-bit key encryption and the most secure server in the world, but you can't keep malicious programs from reading and writing the memory of my voting program/browser to take control of my vote. On Windows NT, Linux, and other real operating systems, this is much less of a problem.
:)
/. for that matter!) The site hasn't launched yet, but it will rock when it does. Keep your browsers peeled.
There's still the issue raised by someone else above: you can't detect or prevent vote coercion when you're doing it remotely. Of course you can't do that with absentee ballots either, and coercion hasn't been a big problem (that I've heard of, anyway).
The intersection of democracy and the internet is a whole lot bigger than voting. Decreasing the cost of political communication strengthens and expands our democracy. To paraphrase a comment John Sununu made yesterday, "It's not about voting, it's about bitching." (This does not constitute an personal endorsement of John Sununu's political beliefs.
This is what Grassroots.com is all about (and
David Noha
Throw in the fact that most browsers use 56-bit encryption, no host authentication and no user certificates, the level of trust you can put into who is sending the data is amazingly low.
Add in the fact that server certificates are often granted with minimal (or no) real checks by the issuer, and voters can't be sure if they're sending to the real site or a hijacked one.
Add in the number of sites that clone title pages, to fool search engines, the ease with which crackers can break in & insert redirect tags, and the zero understanding most admins show of even the mose basic security issues, it's a wonder anyone trusts the network with so much as an e-mail, let alone major financial dealings or voting systems.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.
Well if that's not stupid little soundbite of attempted irony... There are some many reasons why not instituting online voting right now is a good idea. Actually, I can only think of one obvious pro why online voting would be good, and that is because it would increase voter participation.
Now let's enumerate why it's bad. First, did you ever stop to look at the demographics of American internet users? Three words: white, young, males (Just you like, and me, and everyone else here.) So by instituting internet voting, you're actually giving this sect increased democratic power, which is a really dumb idea because white males have the highest voter turnout anyways. If I were to consider any form of election reform, my top priority would be involving the underrepresented minorities more before I thought about sending a couple million extra white guys to elect some other white guy to become president. I know any non-felonius citizen is free to vote, but if internet voting does happen, you will have a much higher turnout rate of the aforementioned, and most people aren't going to care enough to compensate by turning out in the polls, especially not in the first election year. It's the whole "times are good, I've got my IPO and a quad-Athlon, who cares about politics" mentality.
Second, and most important, internet authentication is a joke. Honestly, I can't think of any system of verification out today that couldn't be cracked. Personal digital certs are great, until you find out that person's password, and then, voila, you're him. Now, think back to 1996, when the White House fundraising scandal broke. People went apeshit because foreign owned corporations were donating money to American political campaigns. Seemed pretty mundane to me. What child's play that is compared to the potential that lies here. Who needs to risk money on the chance that your guy might not be elected when you can just elect him yourself? Do you really think that it would be that hard for any first- or second- world country to cull their cracking resources and seamlessly throw a few million votes to this candidate or that one if ivoting (forgive me, typing sucks) were implemented today? Of course not. And that, friends, is a threat to national security, democracy, and our way of life ().
Biometric authentication, or anything close to reliable would be great, but those are all many years down the road. I think facts like that are what prompted the commission to say the same thing about voting online, and personally, I couldn't be happier with that decision.
--
I think there is a world market for maybe five personal web logs.
With 'hard copy voting', you have to go to some effort to make a significant difference to an election - you'd have to rig many voting booths, have physical access to the boxes, probably buy off the officials and vote counters ... etc
With online voting, you would only have to change a couple of numbers (assuming that you could hack past the security and get away undetected).
Unlikely that someone could hack past the security? Maybe, but there are enough stories in the media about stolen credit card numbers and hacked web sites for the general public to have a real fear about the security of online voting.
And to cast additional fear upon the populace, if it is 'easy' to hack the vote computer, it is even easier to change the whole result of the vote with a single click.
This may not be true in reality, but that is what the general public believe ... and try convinving them otherwise.
Nope. While systems may be ready to handle online voting, the public is not.
Well, unless you can ensure two things: non-repudiation (can't claim they didn't) and authenticity (they are who they say they are) online voting can't happen. Period. Just remember: Texas was the first to start using digital signatures as legally binding. =)
You need some way of ensuring that each registered voter votes once and only once, and that only registered voters vote. The obvious way to do that is to give each voter an identifying secret of whatever kind.
The problem is that the correspondance between the voter's electronic identities and their real identities has to be broken in some gauranteeable and visible way, or unscrupulous persons can use the same information thats needed for security to trace people's voting records.
you have to vote for someone. Your only option if you don't like any
of the candidates is to stay at home
Or you can write-in a vote. It's less convenient than punching out the little holes with the pin, but then a few minutes out of your life for the sake of democracy isn't such a big deal...
Recursive: Adj. See Recursive.
"The latest results in the race for the presidency show Al Gore with 20% of the vote, George W. Bush with 28%, Jesse Ventura with 3%, and someone named 'Hemos Sucks' with a whopping 49%..."
--
Mod up a post Rob doesn't like and you'll never mod again
11.0010010000111111011010101000100010000101101000
I have yet to see a viable solution to the ballot secrecy problem. Votation's site includes the following amusing assurance:
Why should I believe this?
Until someone can answer this question for me, I'm left wondering what problem online voting is a solution to.
Is it a cure for voter apathy? Of course not. Apathetic voters stay home because they don't think voting is important, not because they think it's too hard.
Does the current system make it hard to get to the polls? Preposterous. Most Americans live within walking distance of their polling place. True, physical disabilities may keep some people from the polls, but absentee balloting and free rides to the polls offered by both major parties and many other organizations are already available.
So just why is it that we're trying to create a whole new balloting infrastructure?
On the contrary, I assert that the only reason that we have gotten where we are today is the fact that so few have historically voted. Take a walk down a city street sometime and look around you. How many people do you see who should be allowed to vote, i.e. to determine the very future of our nation?
The common man is a fool. He is easily swayed by advertisements. He does not care about issues so much as he cares about bread and circuses. As long as the politicians keep him distracted he is happy. There's nothing wrong with this; not everyone needs to have control over the government not everyone needs to be in charge. But our nation (the US, in my case, and most other modern nations) is founded on the fundamentally incorrect premise that every man's opinion is equally correct (i.e. it has an equal chance of being correct). This is demonstrably wrong.
As for myself, I do not vote. I find the system of universal suffrage to be an insult to all, learned and unlearned. What this country needs is fewer, not more, voters. I also have no desire to be part of ruling class; I have no wish to be responsible for wars (even though I generallt support them), executions (even though I support capital punishment), imprisonments and the rest of the sordid business of governance. I wish merely to live my life under the rulers who have been set over me. In this country the rulers are all those who vote.
Mabey that's because voting is much, much, much more important that billions of dollars in financial transactions.
There are a lot of issues at stake with internet voting, and just because some people can make simple credit card purchases over the net doesn't mean something important like voting can just pop into existence without a lot of thought.
/.ers and any other rational person. It will require mailing a physical token to each registered voter who signs up for web-voting, at a minimum.
:-) That is why there is a physical voter list at each polling station and a requirement that the numbers balance with the number of ballots in the box.
/.ers are certain that data would be mis-used at some point, its guaranteed to be abused if money is involved.
:-)
There are issues with ensuring only registered voters get to cast votes. Any simple system (SS number and Drivers License number) would be trashed in an instant by
There are issues ensuring a registered voter only votes once, and their first vote stands. Vote early and vote often is humour everywhere outside of Chicago
Then there is the issue of anonymity. What happens if someone manages to collect a copy all the incoming votes, and can make a match between a vote and a person? It doesn't matter how strong the encryption is, at some point it has to be decrypted to be counted.
Lets say someone compiles a list of all the people who voted one way on an emotional issue like a new imigration law, or a business issue like insurance reform, and then sold that list to insurance companies, employers, or credit research companies. All
I think there will eventually be technical solutions to every one of the problems on the list, but it will take time to create good stable systems to withstand fraud and abuse. I agree that large scale internet voting should take a wait-and-see attitude, lets start with a few small municipal elections and thoroughly debug everything over a long period of time, then make it easier and easier to use before rolling it out.
the AC
Must hit submit now, there is a woman in the next office building doing a strip-tease, and a large crowd is forming around my desk. Who's got a digital camera when you need one?
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
"3. Ensure that those votes are truly anonymous."
Huh? Why? You need to be the exact opposite of that. You need to be identifyable. Not so the government can print in the papers "Joe Schmoe voted for a 'looser'", but so people can be accountable.
Wouldn't PKI be the perfect solution in this case? With their voter id card, give em their key, with which they can use to vote exactly once.
Jazilla.org - the Java Mozilla
It's 10 PM. Do you know if you're un-American?
Personally, I think that online voting should require various amounts of platform information to be made available. Furthermore, I would want to require a random 3-4 question quiz on each canidate. This way, we are ensuring that more educated are voted. This would be a wonderful way of raising the bar for voting.
This is probable not such a hot idea: The south used to require people to be able to read becuase they did not want blacks to vote. These were called Jim Crow Laws and were a very bad thing. It is really a tough choice: on one extream we have Oz where every moron is required to vote, but on the other extream we have places which descriminate. I feal comfortable with the gov. adding a technelogical option to voting which make voting easier for serton segments of the population, but not with telling serton segments they can not vote,
I think a good compramize that might fix many problems in america today would be: if your org. runs some kind of score card or votes guide and you can get enough signatures then you can be linked to from some the voting site. This would make doing candidate research easy.
Jeff
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
If you think about it, requirements 1 and 3 seem almost mutually exclusive. I know that there are algorithms that purport to be able to handle this in theory
:)
I think theree are really good algorithms anonymous authentication (we have anonymous curency system could do this job), but I doubt they will work through HTTP as it currently stands, so people would need to download a plugin.. which is not too difficult. There are also neet ideas like leting lots of independent groups countthe votes, i.e. your computer sends out the anonymous but authenticatable vote t hundreds of machines.
The only real problem for online voting is the poor control of the enviroment, i.e. your parents / spouce looking over your sholder to make shure you voted "correctly." This is a VERY big problem, but there are way to solve it.. including criminal penalties for menipulating someone else's vote like this and restrictng the voting to things like cell-phones, i.e. truely *personal* computers (note: those are crappy solutions). I guess you could say it is easy to be anonymous from big brother but not from your real big brother..
There is also some concern about viruses which hang out until voting time and then vote for specific parties/people. Still there are many advantages to online voting like: higher precentages of more educated people vote (remember, you can find out all sorts of things about the candidates online that you never hear from main stream news and you can get the opinion of importent groups like the ACLU) and people can vote more oftin since it is less hassel.
Jeff
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
> If you think that both major parties aren't
> worth voting for, such that you're considering
> not voting at all, why not find whichever
> minority party you most agree with and voting
> for them?
Well...at this stage in the game, about the
only "Party" that might come close to advocating
what I stand for would probably be the US
Socialist party or the "Labor Party". However,
they don't seem to be a "third party" with much
support.
At the heart tho, I have some severe philosophical
problems with "representative democracy".
The first being that it reduces the people's
involvment in government down to a popularity
contest, no more mature or meaningful than some
high school student body election. "Hair, Teeth,
smile" are the holy trinity of the political
scene.
Secondly it puts a small elite in power. People
who can be easily corrupted, and rewarded richly
for their corruption (even if it were illegal,
they could still take direct bribes through
more round about and covert channels)
Thirdly, and perhaps worst of all, it gives the
people a false sense of power. every election
year you hear people saying "Don't throw your vote
away" and that "We have the power", however no
REAl change ever comes of it.
All this sense of power serves to do is make
the poeople too complacent to revolt. It gives
them a feeling as if they can work through the
system for change, when in truth, the current
system is so dug in that it just isn't going
to happen.
If you have any doubt, listen to Jesse Venturas
story. When he ran for mayor, both the Democrats
and Republicans in his town joined forces against
him. They said that he was the worst thing that
could happen to the city, and painted him as
a clown.
After he got elected, both sides aproached him
seprately and asked him to join up with them.
No morals have these people. How many people
without the Unique mixture of fame and hard nose
personality could have got in against that
oposition? How many could have resisted the
temptation after getting in?
Sure, he makes for a symbol of hope. However, it
would take hundreds of men like him to cause even
the beginings of change.
In the end, all people lik ehim could acomplish
is short term gains. In the end, the system is
made to support corruption and traditional
politics. That I fear, is not fixable.
"I opened my eyes, and everything went dark again"
> Huh? Why? You need to be the exact opposite of
> that. You need to be identifyable. Not so the
> government can print in the papers "Joe Schmoe
> voted for a 'looser'", but so people can be
> accountable.
Accountable? um no
The idea is to have it be identifiable that
Only an identified person could have voted but
there should be NO way at all to deterime what
their vote was.
> Wouldn't PKI be the perfect solution in this
> case?
Actually... Applied Cryptography has a few
interesting protocols for Secure Anonymous
Voteing. Its interesting because (I don't have the
book with me here) it can provide a way to verify
that only allowed people can vote, and also make
sure that it is impossible to correlate votes
with individuals.
Personally I would be alot more interested if
instead of working on better ways of voteing,
the worked on ways to give you something
worthwhile to vote for.
When its a vote to decide WHICH corrupt
authoritarian asshole will be fucking me over
for at least the next 2-4 years, there is not
much incentive to vote at all.
Might as well let them decide by a best 2 out of
3 competition of Rock Paper Scissors, the result
would be the same.
"I opened my eyes, and everything went dark again"
It's actually secure enough for billions of dollars in transactions, huh? Gee, that's a news flash, if I ever did see one.
Sarcasm aside, it's easy to justify eCommerce over net voting. The potential for profits for eCom vastly outweigh any risks, in the minds of investors. They'll take the risk with eCom, and hope nothing happens. If something bad does happen, then they'll deal with it at that time.
This statement by CmdrTaco gives me the impression that he either has been living in seclusion for the past couple of weeks, or he just ignores the recent events with credit card number thefts.
I believe California is completely justified in taking this position, and would personally expect nothing less from any Gov't.
Voting is a much more serious issue. It's something where the risks definitely outweigh any benefits.
I just had to cancel my credit card because that schmuck in Russia stole the number and red flags went up all over. I don't think we want to be rushing into anything. Besides, the democratic process is supposed to be one of thought and rational decision, not convenience. Not everything needs to be as quick and easy as possible.
In Bruce Schneier's latest Cryptogram, he says online voting scares the hell out of him.
Nick
-- "It's a sad day for American capitalism when a man can't fly a midget on a kite over Central Park" - Jim Moran
Suggesting that we may have an election fraud problem in the good old can't-happen-here-or-at-least-not-these-days USA is a quick way of getting yourself branded a conspiracy nut, but this strikes me as the "innocent until proven guilty" attitude taken to an insane extreme.
I actually think that there are a lot of urban areas in the US with all sorts of election problems. For example, in the last mayoral election in San Francisco, there were a number of disturbing articles about how it's not even possible to check whether the people registered to vote are real people (e.g. if you find a dozen people registered using the address of a bar, you can't dismiss them out of hand, that really may be the closest thing to a stable address that they've got).
And a few years back there was an election that smelled really bad in a number of ways (there's no disagreement that there was some fraud going on, the only question is whether there was enough to swing the election): San Francisco Stadium Election
``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said
In the UK, we vote by placing crosses on pieces of paper. It may be old-fashioned (and our government are talking about changing it) but I think it has one enormous advantage: it's totally visible. As the count is made, representatives from all the political parties are present. They can see what's going on with their own eyes, verify it, and question it if necessary.
I regard this transparency as a basic democratic safeguard. One doesn't need to trust that the technology is working properly. The accuracy of the result is not in doubt (if it's close, it's recounted, several times if necessary).
(Besides, election night is much more fun as the results come in one-by-one through the small hours of the morning!)
11.0010010000111111011010101000100010000101101000
If internet voting is going to be anything like the deja.com polls, then whoever looks the best in a tight sports bra will win.
Online voting isn't yet ready for prime time. I agree that traditional security concerns can be met with existing encryption and security standards. What can't be guaranteed is that your vote will actually be received and counted.
With traditional votes as long as the roads are open and the weather isn't too bad people can make it out to a voting station. The total tally may be larger on nice days than during inclement weather but there will be a respectable cross section of the population who will make the effort to vote. If you make it to the station your vote will be counted.
Votes tend to have geographic biases which is why you have states or municipalities referred to as being 'traditionally democratic' or 'traditionally republican' etc. This could lead to a denial of service attack to alter the outcome of the election. Send out your armed contingent to keep voters from reaching the voting stations. For a variety of reasons this isn't done. It's illegal, frowned upon by the public, tends to get the government pointing its arms at you and so on.
With internet based voting the structure of the internet itself will guarantee that even though some number of voters are at the voting station (their personal computer in this case) but won't be heard during the final tally. Net congestion, ISP problems but we'll assume that their computer is actually working.
A denial of service attack against geographic regions is much easier though and much more anonymous. Just make sure that the traffic in a region is high enough to make voting difficult. Look for misconfigured machines that will allow an avalanche of pings to be sent with information at your local script kiddy database.
You can argue that not allowing online voting will stop some people from casting their vote. To that I say so what? If somebody can't make the effort to make it to the local vote station then they probably aren't concerned enough about what their vote represents to even have formed a real opinion. There are real circumstances such as illness but there is already vote by proxy to cover this.
When the internet has enough bandwidth and redundancy to conceal the effects of net congestion it will be time to look at internet voting for serious elections. Until then all its suited for is informal polls.
How do you detect coerced voting when you don't have poll watchers? The whole idea of the secret free vote goes down the drain. It's a damnfool idea, promulgated by damn fools. Shoot it down whenever you can.
-russ
Don't piss off The Angry Economist
I hate to admit it, but voting is different from financial transactions. The incentive for fraud is greater, and the system is less fault-tolerant because so few people vote. I am more knowledgeable about elections than I am a security guru, so take this w/ a grain of salt, but:
Software systems are much easier to crack than physical systems. At the risk of sounding like the french with their 'visual telegraph' alternative to telephones, there is a comfort in the fact that:
1. Tampering can be limited to people with physical access to the machine which is monitored by ordinary people. Political parties employ 'poll watchers', who are ordinary people who often aren't even politically active, to keep an eye on the machines during the elections process to watch for tampering.
2. If tampering DOES occur, the machine can be examined to determine who did it, and reveal physical evidence. It is much harder to determine that from a compromised system.
3. Financial transactions are time-dependent, whereas election info is useful for years. So I can sniff the encrypted packets today, and decrypt it with tomorrow's techniques.
Besides, I keep hearing from experts that our current systems for financial transaction are insecure and require major overhaul.
People are very passionate about politics-- just read the other posts! There are plenty of people who, given the means, would actively try to disable or disrupt an on-line election. Or try to distort the results. Or use tricky web page scripts to socially engineer a person into voting for other candidates. The point is, this is one of the most vulnerable things to tampering in the real world-- let alone online. We have to be very cautious before we implement it.
1. Only allow registered voters to vote.
2. Only allow voters to vote once.
3. Ensure that those votes are truly anonymous.
4. Ensure that all valid votes are accurately counted.
If you think about it, requirements 1 and 3 seem almost mutually exclusive. I know that there are algorithms that purport to be able to handle this in theory, but rolling on-line voting out to people that don't know how to program their VCR isn't going to be easy. Applied Cryptography by whats-his-name has a fairly good section on voting protocols.
Yup. The net is secure enough for billions of dollars of e-commerce, but not for voting. Here's why:
Fraud on the financial level is easy to detect--somebody is out their money. Someone either has their goods or has their money, and either they have both or they have neither. There's a long paper trail, with *individual* impact on only the two parties involved in the financial transaction.
Fraud on the voting level is so much different, it's scary. Your computer says, "Ah! Vote registered for Mr. Bob", that's it. You're out no money, you've lost nothing if your desktop has been secretly tampered with, there's no paper trail that you're going to have any reason to analyze because you're not going to know anything went wrong. Lets not forget, with nothing written down, there's no physical evidence of the original votes--how can one demand a recount when the servers store the votes? Once the data enters the server, all sorts of unique WORM/cascading signature/etc. methodologies can be applied, but it's gotta get there.
The most insidious part of all of this is that it's not simply the voter that loses out by a falsified vote, but society as a whole. Votes affect everyone; financial deals are limited to those directly transacting.
Maybe something like iButtons, or Amex's Blue might go along way towards increasing my faith in online voting. For now, I just don't think the tech is there for something so critical.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com