Net Voting in California

Myxx sent us an article from Yahoo that talks about online voting and the issues and recommendations reached by a panel in California. The summary is that they suggest waiting and seeing. Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.

Couldn't Agree More

[Effugas]

Yup. The net is secure enough for billions of dollars of e-commerce, but not for voting. Here's why:

Fraud on the financial level is easy to detect--somebody is out their money. Someone either has their goods or has their money, and either they have both or they have neither. There's a long paper trail, with *individual* impact on only the two parties involved in the financial transaction.

Fraud on the voting level is so much different, it's scary. Your computer says, "Ah! Vote registered for Mr. Bob", that's it. You're out no money, you've lost nothing if your desktop has been secretly tampered with, there's no paper trail that you're going to have any reason to analyze because you're not going to know anything went wrong. Lets not forget, with nothing written down, there's no physical evidence of the original votes--how can one demand a recount when the servers store the votes? Once the data enters the server, all sorts of unique WORM/cascading signature/etc. methodologies can be applied, but it's gotta get there.

The most insidious part of all of this is that it's not simply the voter that loses out by a falsified vote, but society as a whole. Votes affect everyone; financial deals are limited to those directly transacting.

Maybe something like iButtons, or Amex's Blue might go along way towards increasing my faith in online voting. For now, I just don't think the tech is there for something so critical.

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com