Slashdot Mirror
The Perils Of E-Voting
ozric99 writes: "
Voting in your pajamas is unsafe. So says the latest study published by the Voting Integrity Project, a non-partisan group based in Arlington, Va. that has openly attacked the Arizona Democratic Party's Internet primary election in March." As far as I can tell, this comes down to an authentication issue -- much the problems that certain voting wards have had in the past, e.g. the recently dead mysteriously arising from their graves and voting.
The goal of every conservatice should be to reduce spending. Some Republicans feel the best way to do it is to "starve the beast", by which I mean cut taxes so far that government is then forced to make some hard choices... there's not much pressure to reduce waste when the budget is running surplusses. What you need to keep in mind about modern conservatives (by which I mean fiscal conservatives) is that their agenda is not just less money taken out of your paycheck (although that is part of it), but also to reduce the size of the federal government, which has wrested too much power from the states, cities, and people.
Democrats, on the other hand, are no so much anti-tax cut as they are pro-spending. The honest ones, like Walter Mondale, were willing to admit that all of those nifty federal programs cost money, and that high taxes are needed for them.
For most of his two terms, Bill Clinton has been very moderate and very honest about the books. He has raised taxes a little (we are still way below the pre-Reagan socialistic days), and has introduced a few targeted spending hikes, but he has also signed more Republican budget bills into law than Reagan and Bush combined.
The fact that there is a political scrum over the current budget proposal comes as no suprise. Clinton probably proposed it while knowing it would be rejected, specifically to resurrect the "do nothing congress" label that has worked so well for Clinton/Gore in the past.
Information wants to be anthropomorphized.
This general problem has been discussed on several occasions in comp.risks. Here's an observation (from 1986) that may (still) be relevant:
[Traditional] systems appear to be
reasonably secure, but this is primarily due to effective vigilance (e.g.
poll watchers from each party). When enough of the "system" falls under the
effective control of a single organization then fraud becomes possible,
hence inevitable (e.g. Chicago under the Machine).
The "risk" involved in computerization of the ballot collection and counting
process is the centralization of much of the process under the control of a
single organization (hardware and software system). The challenge is to
assure that the resulting system is sufficiently distributed and subject to
routine checks so that the potential for fraud is not increased.
I decided that behaving ethically was the most nihilistic thing I could do. - Paul Pavel
Actually, electronic voting *is* unsafe.
t .html
I did my Master's work on this topic.
There are two major types of modern electronic voting schemes. The first type is based on the work of Fujioka, Okamoto, and Ohta (FOO). The second type is based on the work of Cramer (C).
For a good introduction to all of the problems associated with electronic voting, look up web publishings of Lorrie Cranor, who also developed a (FOO)-type scheme. A good link is http://www.ccrc.wustl.edu/~lorracks/sensus/hotlis
The major problems stem from trying to assure simultaneously that the election is tamper-proof, and that ballots are secret. This turns out to be very difficult. Even paper-ballot elections aren't really very good (e.g. Kennedy-Nixon presidential election, Chicago, "vote early, vote often"), but they have the virtue that to corrupt them an attacker must physically handle lots of pieces of paper in lots of different places.
(FOO)-type schemes try to use 'blind signatures' to let voters get a ballot using their real identities, then cast it using 'blinded' identities. However, blind signatures aren't perfect, and in particular schemes of this type let voters prove how they voted, which could lead to vote coercion or the selling of votes.
(C)-type schemes don't try to blind the identity of the voter. Instead, voters encrypt their ballots in a special manner, and submit them to a trusted group of individuals. This trusted group first combines all the encrypted ballots, then (by virtue of the special encryption) obtains the election result by decrypting the combination. Here, voters trust a relatively small group of officials not to collude to decrypt votes singly, thus revealing how each voter voted.
There is no clear solution to these problems, and the cutting edge is not 'good enough'. The election in Arizona did not use a type of scheme even as good as either of the ones I describe above. Instead, a private company is trusted to count and announce the results (BTW, it seems that nobody could prove that they did not invent the results they wanted), and to keep the identities of voters seperate from their votes (they have one database of voters vs. IDs, and another database of votes vs. IDs, and they swear that they won't cross-reference by ID).
Really, e-voting isn't ready for prime-time.
Really! If people cannot be bothered lifting their fat asses to go voting, why would making it easier be better? Would you rather have a lot of people voting randomly or for the person with the louder mouth? I don't.
I'll do it for cheesy poofs.
And the question no one asks in these cases, is "Why were those people still on the voting lists?" I know there's talk in some cities (in the USA) of people going into graveyards and writing down names to register, but here in Cambridge, we have a huge "inactive" voting list of dead or moved people who just are never removed. If you're good at reading upside down, you can look at the voting list as they're finding your name and notice three or four other people still registered at your address who are just not going to be removed, ever.
Ballot stuffing is not assumed to be a big problem in this down, but the bloated rolls still are. In the last municipal election, a citizens action group wanted to get a challenged question on the ballot. They were told they had to have signatures from X percent of Cambridge voters. But because the percentage came out of all registered voters, not just the active list (those who voted in the last election) some folks estimated that they were asking for more signatures than there were real cambridge voters!
So when people talk about the dead voting, they're not just talking about a lack of control at the polls or on line or whathaveyou. They're also really talking about a lazy election commission not keeping the rolls in shape.
-Kahuna Burger
...will work for Chick tracts...
At the beginning of this century, when the question of allowing women to vote arose, someone wrote in a newspaper that allowing them to vote was ridiculous because they will simply vote for the man with the best hat. Isn't that what electronic voting would be? People too lazy or uninterested to go voting would just browse the net, find the buttons for voting and will just vote for the candidate with the nicest button!
I'll do it for cheesy poofs.
I've seen dozens of stories around the whole "rising from the dead and voting" thing. Why are the dead always democrat? Don't republicians support dead rights? Is this a whole special interest group that republicians overlooked?
Finkployd
I found this report on their web server... don't bother looking for it because it seems to have disappeared. Huh.
"Insiders say that they decided to fix the problem after a person named "w3 r00ted ju! ph34r m3!!!" was elected Governer by a margin of 36,000 to 147. Police refuse to comment on the identity of this mysterious person; an anonymous source has stated that they are too busy due to those 147 people all having their credit card number stolen."
Friends don't let friends misuse the subjunctive.
We have all the technology available to make a safe electronic voting system. Voting is a really simple problem:
1 - You need to establish that the voter is who he says he is.
2 - You need to establish that the voter is allowed to vote.
3 - You need to establish that the organization taking the votes can be trusted.
4 - You need to be able to control that the all of the above is done fairly in a democratic way.
Obviously, in many countries the existing, old way of voting does not meet these criteria. In those countries the voting process would actually improve and be more fair if it were implemented properly.
So on to the solutions:
1) Authentication: this can be done in several ways. A basic start is that all the people who are allowed to vote are registered somewhere. This is currently not true in every countries. I recall several scenes of third world countries actually using paint to mark the people who had voted! Once you have a database of people allowed to vote, you can sent them an invitation to vote (in the Netherlands people receive a voting card that they have to bring when they vote). In an electronic system a public key approach could be used: each voter receives a private key and only he can use that key to vote, the public key is stored in the central registration database.
2) legal votes, if you have a central DB, it is trivial to set a flag once somebody has voted (storing the actual choice would damage integrity of the system). So only people who are allowed to vote, can vote and they can do it only once.
3) Trustworthyness. Obviously delegating the voting to a private company with a propietary system is inherently unsafe. Both the organization as the system must be open and subject to public reviews. This is however not a technical problem and applies to regular voting as well. In countries where this is not properly arranged you see dead people voting and unpopular politicians being reelected.
4) Control. In a democratic system, a democratically elected person (e.g. the president)should hold the end responsibility for the voting process. I.e. if somebody screws with the votes, he should be held responsible. Of course a president cannot personally check the system, but he can see to it that trusted organizations and people deal with the voting.
So, to conclude, a good democracy, already has the last two points taken care of and should have no problems moving towards an electronic voting system. I think it is a mistake to assume that the current traditional way of voting is safe, after all, who counts the votes? Who checks whether a vote is legal. Who checks whether the voting process is fair?
Jilles
Well i have a Modex based smart card. That actually stores on the microchip on the card how much money I have stored on the card.
:), makes it very difficult to track money. This has actually make it quite popular since drug dealers and porn merchants no longer have to carry about huge wads of bank notes. It's estimated that there are people out there that have over $100,000 on a single card in their pocket. Roll on free speech
When I purchase something from a mondex aware retailer (few and far between) they have a little machine which takes my card and their card and transfers the amount of money between them.
There is no connection required to the bank so this is an ideal system to use on buses & taxis (not that any actually DO use it).
The shopkeeper at the end of the week will take their mondex card to the bank and shift the cash off it into a real account.
The problem is that the algorithm as I understand it would be very easily compromised if it were known. I see no reason why you couldn't build machines which 'accidentally' doubled the money as you transferred it.
There are also further problems brought up by systems like this. Mondex itself is actually qutie accountable, but the system used in sweden, kashkortt (forgive my spelling
The Cure of the ills of Democracy is more Democracy.
Erlang Developer and podcaster
Of course, your wonderful ecosystem of politcal parties hasn't done you a whole lot of good, and it won't prevent the inevitable.
... i'm from duluth )
;-)
-JD
(PS: *cough cough* joke *hrmm* *cough*
Eggs crack when hitting the ground!
water is wet!
cats sleep in sunspots!
It's hardly newsworthy that electronic voting is full of perils. What *is* interesting is that anybody *doesn't* see why it's full of problems.
Also, he report doesn't go far enough. The secret ballot is a *very* big deal, and was instrumental in breaking some of the machines and company-controlled elections. Having noone in the booth with you, whether you like it or not, and no way for anyone to tell how you voted makes reprisals/vote-selling/preferences from voting impossible. Remote electronic voting is a direct assualt on the secret ballot, and a giant step backwards.
Look people, the Voting Integrity Project went to court to try and stop the internet primary, and lost. They tried arguing that the votes could be forged. So can real votes, and they're watching both intently. They tried arguing the Digital Divide. Wrong again, the court said, because the party took extensive steps to make sure the polling places were out in the rural areas, with several in each county. VIP tried to attack on a loss on anonymity, and lost again, because there is a double blind for ballots cast in polling places as well - in Arizona you sign in at the polling place, and they assign you a ballot number. The ballot is passed along, and later, if challenged, can be traced back to an individual voter. The electronic system worked similarly.
Being familiar with computers, I talked extensively with Arizona Democratic Party Chairman Mark Fleisher, Executive Director Cortland Coleman, consultants from Election.com, and state party lawyers. I expressed much concern about the setup because of the potential for DoS attack. They had actual humans sitting monitoring the severals round the clock, watching the votes tally up, looking for things symptomatic of a DoS attack, waiting to take action against it. You'll note that NO ATTACK OCCURRED.
Yes, I hammered them because their client software didn't support Macs - it was a Java error which tested out on some Macs, but not others. I'm a Mac user, and was denied the ability to vote from home on my G3. I was able to speak with a human at their tech support line without waiting on hold at 1:30 am in the morning who directed me to another location that I could vote from.
The long and short of it was that there were not really any major problems, no voting abnormalities, and turnout increased 622%. The electronic voting, combined with mail in voting and polling places, gave people more options to vote. regardless of the naysayers, I think it was a success and will likely be repeated soon. The "Voter Integrity Project" did not have a case then, and it doesn't now, either.
ObDisclaimer: I do not work for the Arizona Democratic Party, or election.com. I do not speak for my employer on this matter, and they have no position on the Arizona Democratic Party's electronic primary election. I am a lawyer, but there is no legal advice in this message for you. Before acting on anything in this message, please consult your own attorney.
==
"This is the nineties. You don't just go around punching people. You have to say something cool first."
This could be done by setting up something like an anonymizer service. Use two servers: one for the authentication, another for vote counting. Votes are sent, encrypted with the counter's public key, to the authentication server with the voter's digital sig. The authenticator checks to see if the sig is valid, if the person hasn't voted already, etc., then sends the vote on, still encrypted (since the authenticator doesn't have the counter's private key), to the counter. The counter verifies that the authenticator's signature is valid and logs the vote.
Simple. The authenticator doesn't know the contents of the vote, and the counter doesn't know who sent the vote.
Of course, you have to take it on faith that the authenticator and counter won't share data they shouldn't. But then, at the ballot box you have to take it on faith that they won't dust your ballot for fingerprints...
---
Zardoz has spoken!
Oper on the Nightstar
Actually, for this application you need higher anonimity standards than usual. For most applications, you do not need to be concerned about the user willfully giving up his anonymity. However, for voting, we must guarantee that the user cannot prove to a third party for which candidate he voted, even if we wanted. Indeed, if he could prove how he cast his vote, he could sell it, or cede to "mild" coercion.
With computer voting, proving how you voted is trivial: just let your buyer look over your shoulder as you cast your vote...or just give him your smartcard
Say no to software patents.
If the economy is humming, most people are happy most of the time and there's not much real difference between the candidates (or one of them doesn't scare the shit out of them due to negative ads), 50% turnout is actually pretty good. And despite your claim, the Presidential general election generally has the highest turnout.
Many other democracies have 90+% turnout, but what people forget is that these countries have stiff fines if people fail to vote. Try passing a law mandating a $100-250 fine for failure to vote here! (Besides, it would almost certainly be unconstitutional.)
Ironically, the highest turnout is in communist countries where every registered voter (who is also a member of the party) turns out to vote for the parties candidate. That, by itself, should tell you to take *any* number citing turnout percentages with a grain of salt.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
while I agree in theory, I don't think the "Rainbow Coalition" voters are any less informed that a person who got a Xtain Coalition "voter information guide" at their local church. Or the people who come out to the polls and vote straight party line. Its not that I think partyline voting is always evil - I just worry when they can do it just by looking at the ballot. My solution to uninformed voting would be to remove party affiliation from the ballot. If you want to vote party line, you should at least have to go to the trouble of finding out who your candidate is before you enter the voting booth.
-Kahuna Burger
...will work for Chick tracts...
Actually - another thought, you could construct an interesting system, so that people could propose important issues as a proposal, and other citizens could sign that proposal - and having enough signatures means that the proposal is put up for popular referedum. The political system could become more democratic, something like Switzerland where periodic referendums occur all the time.
At the end of the day, the government is just a body of people wielding power to try and keep society stable (even if they have their vested interests, as does everyone). Legislation and laws are in some respect rules for how people and systems should interact and operate. I am sure you could codify some of these into provable cryptographic systems - the process of popular refendum and votes could become widespread with informational technology, and provide better feedback and input to the people that often 'think' that they know who they are representing, but are often out of touch with the people. That's my idealistic view - you don't want to hear my cynical perspective suggesting that the government is not their for the people, but just for itself (perhaps in United States, you call that the 'realist' perspective?).
-- Matthew - matthew.gream@pobox.com, http://matthewgream.net
I think that you are making a naive assumption about what online voting would do to voting patterns, specifically that if the government allowed people to vote online, more people would vote, and those extra people would be a representative cross-sample of eligible voters. While I think the former assumption is probably true, the second doesn't seem to follow. In fact, there is ample direct evidence that people with Internet access aren't a representative cross-section, as Hank the Angry Drunken Dwarf is well aware =).
Seriously, the key to making voting fair is to make it, so far as possible, equally difficult for everybody to vote. Think about it: what if I took the richest fifth of the country and installed wireless secure voting antennas in their heads, so that they could vote just by thinking about it, and let the poorest four-fifths go to the polls normally. You would clearly expect the results to be unbiased towards the richest fifth? Naturally you would, because they will have close to 100% voter turn-out, whereas the poorer section will have the same voter turnout that they have always had (what are the figures for the last election? 20% or something like that?).
That is obviously undemocratic, and no sane politician would suggest implementing it. But, for some reason, when you change "wireless secure voting antenna" to "internet voting," people forget about it. But Internet access is still unevenly distributed across the economic scope of Americans, with the more wealthy spending far more time online per day than the less wealthy (think about it- what percent of people making over $100,000 a year have a computer with Internet access on their desks? What percent of people making $15,000 a year?). Online voting, even if implemented securely (which doesn't seem to be possible- security in voting means that you also have to be sure that nobody is buying votes, that the vote actually came from the person you think it is, not just their computer, and that a person votes only once, without at any point being able to link a person to a vote, authenticating that the person voting is eligible to vote, and a whole host of other problems that are not just a matter of finding a more secure crypto protocol) will actually tend away from democratic election and towards rule by people with easy ubiquitous internet access, which naturally are the IT professionals and not the grocery-store clerks.
In short, online voting is a bad idea that is impossible to implement anyway.
--
-jacob
-jacob
... and then the minority with rootkits can take advantage of the apathy of corporate software engineers.
DNA just wants to be free...
While the convenience of voting online seems kind of interesting, the potential for losing the anonymity that is a hallmark of our political process is scary. Obviously I would have to provide evidence of my identity, but I have to do that now. But voting by computer doesn't detach the identification process from the balloting process. I'm still using the very same connection that I authorized myself with to cast my vote. Now, those running the show would certainly take steps to keep the two processes separate, but clearly the potential for tracking votes by individuals is available, and if it's available, somebody at some point is going to try to take advantage of it.
Current "manual" polling decouples the process of identification from the process of voting. In fact, the next time you hit the polls, look at just how decoupled it is...you get your blank ballot and once it hits your hands, nobody at the polling place touches it again. You vote at a booth that is completely detached from the identification and registration tables. You place your sealed, anonymous ballot in a locked box along with hundreds of others.
What we have is a good system. It's truely anonymous. Yes, it's a little unweildy, but not only does it work, it works quite well. Now, I'm not paranoid, but I am very happy with the way our balloting system works, and I'd just as soon leave it alone.
=h=
One of the panels at CFP2K was about Internet voting. One of the most interesting comments made in that forum about the Arizona Primary was that people were having voting parties. That is, a bunch of people would go over to someone's house and infront of everyone, they would cast thier vote. Your ballot was no longer secret. Voter appathy is a very different problem from that of garaunteeing free and fair elections. After the novelty has worn off, voter appathy would be just as bad. Right now you have to go to a polling station, with Internet voting all you have to do is (my emphasis) hit a web site. This is still something active that the voter must do. The voter can still be just as busy, or forget, or be uninterested. Case in point, I've missed one online ieee election simply because I forgot about the notice I got in the mail (I put it in a safe place, so that I would remeber... doh!). The point is that the uninterested voter will remain uninterested no matter how easy you make it for him or her to vote. Sacrificing the integrity of the system to attempt to interest those who aren't is simply putting the cart before the horse.
We could all care less - I mean, yeah, I have an opinion... but will I go out and vote for it?
<flame>
The electoral system is, like any other process, garbage in, garbage out. You apparently are sufficiently pissed off at the garbage going in and out to talk about it, but not sufficiently pissed of about it to do something. This is because, you really aren't interested. Nothing matters enough to you to get involved. Or more precisely, you are comfortable enough in your life that getting involved is not high on your to do list. Public policy is exactly that, public. You (as member of the public) have to make your agenda heard, no one else will do it for you. So you cry, Technology will fix it, I will be heard not knowing what the problem really is. No, technology will break it. It will make it much harder for you to fix the problem (vote at work, under the watchfull eye of your employer, your job may depend on it), if you ever chose to get off your ass to fix it.
Stop belly aching, wahhhh... They're not listening to me, stand up for your self and set the agenda!
</flame>
--locust
adios karma
Nothing is stopping you in principle for weilding your Nerf Supermaxx, but you won't be able to do it enough times to affect the result of the ballot in a stastically significant way.
As others have already said, the risk with computer based voting is that if you can write nerf_supermaxx.java , to frig with the database, you can affect many more people than you can in person.
Here (San Mateo County, CA) we have paper ballots, machine-counted. The ballots are big mark-sensed sheets, like test forms. At the polling place, the voter checks in, poll-watchers from each party check them against the registered voter list, and the voter gets a serial-numbered ballot with a tear-off coupon bearing the serial number. The voter fills out the ballot using a heavy black pen. The ballot is then placed by the voter into the slot of the "ballot box", which resembles a portable dog kennel. The ballot box scans the ballot and drops it, neatly stacked, into the large translucent box below. At the end of the election, the box reports its results back to election HQ via modem, and the paper ballots in their sealed box go into storage in case there are any challenges. The paper ballots are sturdy enough that they can be recounted either by hand or by machine.
So results are available shortly after the polls close, and there's paper backup of everything. That's the way it should be. And it's a lot better than it was in several corrupt cities I've lived in.
I see your point there... however you slice it though change needs to be made.
Society as it stands right now is inept at dealing with the way or government operates. The way our government operates is inherently fsck'd to hell.
www.mp3.com/Undocumented
www.mp3.com/Undocumented
um, perhaps because fewer than 50% of computer users are script kiddies? (although some days I do wonder...)
... or are you using some definition of "minority" that's not in the dictionary?
DNA just wants to be free...
I am getting damn tired of this strawman argument.
Few people are concerned about the possibility more LIVE people will vote. To be sure, we often question the wisdom of pushing apathetic and ignorant citizens into the voting booth, but nobody disputes the right of the LIVING to vote.
What terrifies us is the ease with which DEAD people vote when you eliminate all human contact from the process. Ditto our pets, fictional characters, resident and illegal aliens, citizens living (and voting) in other jurisdictions, etc. Some of us are also concerned that, to keep the total ballots cast reasonable, that the votes from the DEAD will actually replace the votes from the living.
This problem *must* be honestly addressed - and solved - or we'll see a massive civil unrest when "hot button" issues are decided by narrow margins. It will only take a few cases of election fraud to undermine confidence in all elections, and where are you when people refuse to obey controversial laws because they believe - with reason - that these laws were passed via fraud?
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Here in the US, the extremists on the right are the Libertarian Party, and the Constitution Party. Extremists on the left include the Green Party, and visiting Canadians.
Most of the Democrats and Republicans are very mainstream, middle-of-the-road types, who only express rhetoric from one side or the other to rally support away from the minor parties.
(Canadians: Most of you are smart enough to tell that my negative comments about Canada are just jokes. I like Canada. As third-world nations go, it is one of my favorites. To those of you who can't seem to tell when I'm only kidding around: shut up, go back to your igloo, and keep lying to yourself about how much better the beer is up there.)
Information wants to be anthropomorphized.
I said, "Cramer (C)".
I think I meant to say, "Cohen (C)".
Sorry for the mix-up.
If you really believe you can trust a program just because you've read the source code, I strongly urge you to read Ken Thompson's article Reflections on Trusting Trust. In it, he shows that you can't trust any program on your system unless you wrote the assembler, linker, loader and compiler yourself. In machine code.
$ cat < /dev/mouse
If people can't be bothered to vote of their own accord, they shouldn't have a vote, since they likely have put no thought into their eventual choice. This is why I vigorously oppose movements like the Rainbow Coalition (Jesse Jackson and co.) who canvas neighborhoods to bring people out to vote.
Society would be better off if the people who have not researched their vote didn't get the opportunity to enter a ballot.
Currently, politicians get into office by NOT playing the middle.
In fact, roughly 60% of the electorate describes themselves as "centrist", and accordingly that is where both Bush and Gore have been trying to position themselves for the last four months. You may be confusing the primaries and general election. In the primaries GOP candidates especially are usually forced to play to the more conservative elements of the party because they tend to vote with far higher numbers than the general public; this is especially true when you've got scenarious like Pat Robertson telling all 2 million of the Christian Coalition which candidate to choose and watching them pretty much do it. There are a lot of huge conservative interest groups out there who can be motivated to turn out in force in the primaries, and because voter turnout in general is far lower in the primaries, they wield a lot of influence. Thus Bush was forced to into a very conservative position in the primaries - taking a hard line on abortion, coming out in favor of guns (NRA is another huge and vocal right wing interest group), and in general adopting most of the traditional GOP platform. McCain refused to do this on principle (and what a great, glorious man he is for that =] ) and lost.
This has been the dilemma of most Republican presidents - how to appear conservative enough to get the nod in the primaries and then moderate enough to win the general election. Dole was unable to do this, and lost because he was seen as too conservative. The ironic thing is that McCain would probably present a huge problem for Gore if he was the GOP candidate, because he appeals to 2 key blocks: disenfranchised voters and the center. Combined, they make a majority of the electorate, a majority which he would poll and probably win in November. However, he wasn't conservative enough to get the primary nod.
Now we see both candidates moving to court the center by moderating their stances - Bush especially. Bush established himself as a hard-line conservative not four months ago to get the primary vote, but right now he is trying to get into office by DEFINITELY playing the middle. The middle is where the votes are, which is why you will see Bush (and Gore too) tactfully moderating their platforms to make them palatable to the center:
Some of these programs are borderline social welfare, and if that's not a push towards the left, I don't know what is. This has all happened within the last three to four months, by the way - they are positions that he would have never dreamed of taking earlier in the year. So I'd say that, yes, he is courting the middle, because he knows that he, like all politicians, has to. That's how elections are won, my friend.
Al Gore has done basically the same thing - he initially took a turn hard left early on after the primaries, lost 10-15 points for it. He is waxing conservative on certain key issues now for obvious reason. I'm going to cut this long-winded post short, but suffice it to say that both the presidential candidates, and pretty much every other politician in America, will be courting the middle in the coming weeks.
As an aside, I've seen you "petrified and naked", Signal 11, and you look like a pretty young guy
With that in mind, I hope now you see the merits of this report, because it's right in a lot of areas. Contending that special interest groups control the general election is preposterous and a gross exaggeration. We had about 150 million people turn out in 1996. The idea that SIGs control all of them, or even a large number, is just dumb - obviously wrong. Please stop painting this as a case for "the man" holding us down - it's not. There are some valid concerns in the report, specifically that online voting should not get too widespread without a much better method of authentication. Think about if online voting were to proliferate, to the point where we were electing presidents with it. In an age where impovershed Russia has the ability to implant security bugs inside the wall of the top-level of the State department, how hard do you think it would be to hack into a computer and throw a couple million votes in a different direction, and then cover your tracks? Not very, especially not for a government with unlimited money and computing resources and personnel to throw at that problem. I'm just making this up, but you've got to see the danger here. I was not in favor of online voting in Arizona, and I'm not in favor of it spreading. Not only does it present an obvious security risk, but I think it's unfair and a bit undemocratic to make it so easy for a certain sect of voters (affluent, white males, who compose most of the Internet) to participate in elections, while still excluding people who have always been underrepresented. Maybe when everyone has Internet access, then we'll talk.
--
I think there is a world market for maybe five personal web logs.
The reason why those shenanigans don't work in a polling station is obviously that the clerk would object if two persons tried to sneak into the same voting booth...
Say no to software patents.
republic (r-pblk)
n. Abbr. rep., Rep., Repub.
b. A nation that has such a political order.
b. A nation that has such a political order.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Sorry, but this is just too transparent. Currently, politicians get into office by NOT playing the middle. Think about it - who's more likely to show up at the polls - the average apathetic american voter, or the rapid right-wing one? This is why groups like the Christian Coalition and the National Organization of Women (NOW) are so influential - they take a very small percentage of the voter population and make sure most of them vote. Combined with low voter turnout we have our current system of special interest groups essentially running the country. Our politicians aren't blind to this either - you'll note why the media makes such a big deal out of seemingly innane stuff -
For example, think about the current issues in the next election: abortion, gun control, crime, technology, or religion in schools. You'll note none of those are extremes likely shared by your peers. We could all care less - I mean, yeah, I have an opinion... but will I go out and vote for it?
And there you have it. Another report to quietly edge the people away from the truth.
Its all about money and power.
The Cure of the ills of Democracy is more Democracy.
Erlang Developer and podcaster
However, authentication is obviously a very big problem. Maybe once all uk citizens carry smart ID cards then we can start to consider doing this but so many other problems have to be overcome first.
What is there to stop an email worm virus from posting votes for candidate X?
Also we all know just how well secured most government servers are and i'm sure that they would never be hacked by terrorists or bored 12 year olds.
Then of course you have the problem of closed source and i'm sure a zillion other people will point out that you cant trust a system until it is fully open sourced... but then I would rather the smart cards in my pocket are closed and that the cash i have stored on them is safe (be it in a proprietory format or not).
Actually, that's more an argument against that system than in favor of it. Just replace give with sell and you've made possible the second most popular vote fraud (after death men voting): buying votes.
Indeed, protection from government pressure is not the only reason for anonymity. The other reason is that the voter cannot prove how he voted, and thus cannot sell his vote (because the buyer could never be sure whether the "goods" were delivered). In a digi-cash like system, buying votes becomes trivial: you just buy the unused tickets, and that's it.
Say no to software patents.
Here is a thought. How do you authenticate a voter online is a valid registered voter and then keep their vote anonymous? 1. Prove you are John Doe 2. Ok, so you proved it with a pki certificate 3. Go ahead and tell me your vote now. I promise I won't divulge your vote and it is anonymous Mr. John Doe... Pandora's box.
Mensah keeps turning me down... Why?
Here's a little politics continuum. You have left and right, and then you also have libertarian and authoritarian.
2 873
1 =1&p2=2&p3=2&p4=1&p5=2&e1=1&e2=1&e3=0&e4=0 &e5=0&pres=Ralph+Nader
http://www.self-gov.org/quiz.html?clicktrade=37
I think that absolute libertarianess borders on the irresponsible (it IS in our constitutional charter to provide for the wellfare of ALL citizens), while absolute authoritarianess obviously brings a whole bag of liberty infringements. Yes, I thought Harry Browne had a lot of intelligent things to say. Both Browne and Nader agree that the war on drugs has essentially turned into a war on the people. But I think the total laissez faire economic policy of the Libertarian party is completely irresponsible and reprehensible. So this leaves me dead center with respect to libertarianess vs. authoritarianess. That leaves me as a "Left-Liberal" and the acurate description:
"Left-Liberals prefer self-government in personal matters and central decision-making on economics. They want government to serve the disadvantaged in the name of fairness. Leftists tolerate social diversity, but work for economic equality."
Somebody called Nader a "wing-nut". I have no idea what they are talking about, and apparently they haven't spent much time listening to Nader. I am less pro-Green-party than I am pro-Nader. Of all places, we here on Slashdot, the internet community, should have realized by now the great force that megacorporations have, and the corruption they have brought to politics. Nader has been fighting this since the SIXTIES. This is nothing new. He is not some Johnny-come-lately jumping on the federal matching funds bandwagon. If you listen to him, you realize that this is a normal citizen, not some career politition. He takes this position reluctantly because no one else will. So I urge you, before commenting off the cuff how "wing-nut" a guy is, to actually listen to his ideas. Sure, perhaps the Green party has some kooks in it, I don't really know, but Nader is right on. There is not one thing this guy has uttered that I have not completely agreed with, which is so refreshing and surprising that I am going to donate to his campaign and vote for him. It's about time us "apathetic" silent majority get off our keisters and take back control of our country.
http://www.self-gov.org/cgi/sec.cgi?quiz=quiz&p
It's 10 PM. Do you know if you're un-American?
I voted naked with hot grits in my lap. I should be safe then right?
;)
(sorry, just can't help it
It's 10 PM. Do you know if you're un-American?
Demotek is a device to include an ultaviolet reader in the election box so that people still use paper but the calculation is electronic.
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
Well Mondex has some level of accountability. I dont have any particularly specific details since it's so closed source, although my friends and I believe that the cards save records of the past few transactions and probably shift these up to a central server the next time the card is placed in a bank machine.
At the point of sale it would be quite easy for a pseudo random id to be generated and then each card store it's own copy of that transaction for reference.
However it's this sort of accountability that destroys the free speech aspects of the system and which i'm opposed to.
As for finding a way to do away with the need for tracing I can only guess that the bank would have to issue something akin to a public key for each penny that got put into the system. The smart chips would have enough power to verify if a penny was a geniune one from the bank, but they wouldn't have the power to discover the banks public key.
However if something like distributed.net had a go at it then that could really cause serious problems.
The advantage of having to "physically" go to vote is that we deliberately stand up from a computer, a tv set or whatever and we go in a neutral looking place to get properly identified and to put a chosen piece of paper in a box.
E-Vote suppress all these and make voting as easy as randomly clicking links on the Internet.
If voting is a social act, then one should vote phisycally or not at all.
So, yes, I understand that it is technically interesting but IMHO this is not according to the original voting concept as invented millenia ago and this is and should stay a curiosity rather than a socially-obstructive way of life.
--
Trolling using another account since 2005.
...but this really isn't any different from any other form of voting. I can pretend to be a dead guy in person, or I can do it over the computer.
With a few minor differences. Once the system has been compromised, or a way to submit phony votes devised, computers make it very easy to do on a large scale. And if system security has been compromised, all bets are off. WRT voting in the flesh, the fact that you just can't hire enough homeless with fake IDs limits the amount of damage that can be done.
But most politicians aren't smart enough to use a computer.
Politicians (other than Al Gore) don't generally do their own dirty work. They hire consultants, and there's no reason to believe that it would change in this case.
---
---
"Go Metallica. Die RIAA." -- Linus Torvalds
If you don't trust them, take your ass to the polls physically.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Though I found the report to be a bit alarmist, it raises several valid points about concerns that many people are just used to coping with - viruses, hackers, security issues, corruption of data.
It's easy to take these things in stride because, simply, we're used to them - we apply a patch, run the antivirus, restore that corrupt file from backup, etc. Even the various problems we've seen at e-commerce sites are ones we get used to - bad interfaces, DDOS attacks, etc.
However, when you look at how these problems can affect important social/political operations (ie voting), it becomes apparent that one has to put in extra effort to deal with these "common" problems in these environments. What we "put up with" people will NOT risk in a political/social operation like voting.
It shows how far, at times, technology has to go and how far responsibility (accountability of the service providers) has to go before we can rely on the Internet for some of our political/social tasks reliably. The chance of some of these problems may occur could be rare, but the concern is not.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
Lets assume the slashdot poll is as secure as any vote for a president might be. Whats to stop me going to the office next door, pointing my Nerf Supermaxx 1500 at his head and getting him to vote for 'Hemos'?
Can I do that at a public voting station? No. Polling stations are public so that we can all see whats going on, and we have booths so that the individual has privacy. These two conditions seem essential to a fair and free vote. I dont see how they can be duplicated via the internet.
Baz
You sign a paper, proceed to a... what's this... booth! And the booth has a... curtain! One of the most important parts of voting is that it is private! How will this be ensured when voting is done from your home? What would prevent someone paying me or threatening me into voting for a particular candidate?
Currently, they have no way to ensure the desired vote takes place. What happens when I can do it from home?
--
People sacrificed their lives for the right to freely vote, and I think that this is a classic case of rampant technology perverting a process that has worked fine for years!
Attention all planets of the Solar Federation! We have assumed control! - Neil Peart
So if Internet voting becomes widespread, you could either click on your choice as your precinct captain / pastor / PHB looks on, or choose to vote in private (electronically or on paper). I don't want to find out how many people would end up picking the first option.
--
send all spam to theotherwhitemeat@ropine.com
There is a lot more progress to be made before online voting can become a reality. Authentication, verification, and privacy are all major issues.
But another interesting issue is platform support. Unless you support all platforms, online voting is not going to become reality. The fact that you would exclude people from a form of voting simply based upon their platform is not going to fly in court. Sure you can go out and physically vote, but in sparsly populated states (Montana, Arizona, etc.) this may be much harder and more time consuming than point, click, vote.
Consider the Arizona primary. The online voting allowed was Windows-only. This caused a stir (small, but still...) based on the fact that many people were locked out of voting because they choose not to use Windows.
This article discusses Arizona's online voting.
And this one talks about the disregard for all other platforms in the primary voting.
It's only when we've lost everything, that we are free to do anything...
True, although nothing prevents the government from providing publicly accessible voting computers.
Also the price of computers keeps dropping. Basically if you can own a TV, you can own a computer. You may not get the latest model though.
It's more a matter of education than a matter of economics. I recently read somewhere that about 15% of America actually can't read or write well enough to manage filling in forms and such. Evidently, these people are going to have problems when you put them behind a computer. Personally, I wouldn't really mind if those people didn't vote. Votes for friendly faces or empty promises never did any country any good.
Jilles
Given time, technology will supersede any reasonable fears e-voting may evoke ...
Technology has not yet advanced to the point where all reasonable fears can be laid to rest. Security is not yet easy enough to be idiot proof.
Hell, even with automobiles, if you were to add a feature to automatically lock the doors after a specified number of minutes, there would be a legion of morons who'd left their keys inside in just a few weeks.
I don't know what the answer is, everything that I can think of is "too easy" of a fix. We'll have to wait to see where the technology goes.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
Anonymity is the problem. Even if the system is 100% secure against unauthorized voting and ballot box stuffing, we still need a system that prevents the goverment or voting authority from tying votes to the voter.
Sure, there exist hypothetical systems for secure anonymous voting, but they are atrociously unscalable. See Schneier's book for the details on these schemes.
The problem boils down to "How do we ensure that only citizens vote, each only votes once, and still not be able to tell for whom they voted?"
Oh, and you want it scaleable????
This is very difficult.
On-line voting would allow a lot of people who do not regularly vote to vote. Currently (in US at least) a small percentage of people (I'll keep them nameless) basically control the voting in this country. Not through any weird conspiracy, but by virtue of actually getting out there and voting. So the minority that votes gets to control the majority that doesn't.
The "fear" in on-line voting would be that the status quo achieved by these people would be broken. No longer would they be able to control elections by simply taking advantage of the apathy of the masses.
Authentication is probably just an excuse to those who fight on-line voting to try to keep themselves and their interests in power.
Rosie_bhjp
A radio maverick jumps to internet only. The Future of Rock n Roll
On a slightly different note, perhaps the issue is not just 'proving' who you are.
Is there any requirement to be 'of sound mind'? Does it matter if people are too drunk too stand but able to vote with a mouse-click? What would happen if you turned up at a polling booth hammered out of your brain (but with your id etc) - would they let you vote?
How about if you turned up with someone else holding a gun to your head?
I wonder if for some applications (and I have no idea if voting is one of them) simply verifying who the person is (should that ever be reliably possible) might be insufficient.
Online banking? Transfer all my money into "Nasty Thug's Account" please. Yes, its me - here is my digital signature and biometric information.
At the moment ATMs have limits on how much cash you may retrieve, presumably to avoid this problem.
Any way around this?
An important feature of old-style voting is the inability of a voter to prove that he voted for or against a particular candidate. This makes it more difficult to buy or obtain votes through intimidation.
Mea navis aericumbens anguillis abundat
b) People who pay little or no attention to the real issues and put a tick in a box for someone with a few 'cool' policies
These are the people far less likely to vote.
Therefore, group A produces a fairly precise selection of who the "majority" of people feel will best run the country. Group B (if there even is a group B; most people do follow important issues in their own lives and vote accordingly) then produces a psuedo-random result. But this random result falls pretty fairly across all candidates altering the election very little.
It's only when we've lost everything, that we are free to do anything...
Without a doubt, the corruption element of on-line voting is the biggest single risk to making this work. I can't imagine this in a state with a powerful "political machine" in place. However, the issue here is around the overall security of the net, not just the voting process. Unless we can come up with some method of resolving the basic set of "Who am I" and "Don't watch what I'm doing" the general population will never find it a safe place. How many of you filed taxes on line (I did). How many of you used an ASP like online form (I didn't). I paid my money, used my wifes system and ran TurboTax. I ended up with a requirement that used a federal ID in the field, and validation on the other end, after processing. Voting is tough. Currently, the people who vote are outnumbered by those who don't vote. (And, of course, everybody _knows_ that SlashDot readers always vote ). I'm stuck in the middle on whether it is a good idea for more or less people actively voting. Of course we could go the route of Costa Rica. Everybody is _required_ to vote. All public establishments (Bars, etc) are not allowed to serve alcohol for the 3 days around the election. And, of course, Costa Rica has one of the highest literacy rate in the world, and no standing army. davemc
Open Source Ronin
its a commonly held fact that you need to capture only 10-15% of the total populations votes in order to be elected president.
Think about it. Not everyone is registered to vote. I think that its something like 50% right there.
Voter turn-out of registered voters is less than 50%.
That means that 25% of eligible voters are voting in presidential elections. So what do you need to win? 12.5% of eligible voters need to vote for you.
This is the principle that the "Christian Coalition" and the "Christian Right" are founded on. Yes, they are a very small minority, but they will all vote, and since they will all vote, they have power.
Ever notice that a lot of the pandering goes to older people? Wonder why? The senior citizens know the importance of voting, and vote.
If "we" are unhappy about the way things are going, "we" need to get all of "us" out to vote. There are enough of us to make a difference, and to be heard. If elected officials start fearing for their job security, our itches will be scratched.
We can change this country and its laws using the existing system, but the key is - we have to USE it.
So - if you are over 18, and an american citizen, I suggest that you go vote this year.
Thank you
... hi bingo
why should we have internet-based polls? i'm not seeing any phone-based polls, and i can't imagine what would make the internet "better" at this than the phone is...
i think internet-based registration would be cool. using the internet to publicize poll locations, provide registration forms, and even to allow the user to order an absentee ballot are all good ideas. but internet-based polls seem bone-headed to me, on so many levels...
Slashdot is jumping the shark. I'm just driving the boat.
I happen to think e-voting would be a great benefit, but MANY conditions need to be met first.
This list of conditions is far from inclusive however.
1. An accurate, encrypted out-of-band authentication method. Someone mentioned europes ID cards. screw that, someone will figure them out. Now, a cybernetic chip implanted would be a start. Although this could still be replicated, it can be made extremely difficult.
2. Independent, external verification on MULTIPLE levels. Ie verification ot the authentication processes, verification of the tallying processes, verification of the gathering processes.
Granted, there are a LOT of stupid people out there, but there are also a lot of smart ones. I would feel more comfortable making voting more accessable and putting the government BACK in the hands of THE PEOPLE, whether I agree with the masses or not. Right now people don't bother to go vote, because things are so bad they truly do not see the point. If you make voting easier, at least they may say their piece, and actually start some change.
Regardless of how much I dislike things, I feel that the next 10-20 years are going to bring major change to the worlds sciopolitical structure, and the internet is going to hold a big piece of that, like it or not.
www.mp3.com/Undocumented
www.mp3.com/Undocumented
Today letters were despatched to 80 million americans telling them that they were no longer eligible to vote. DoubleClick, who pioneering the banner ad, have built up sufficient banks of information on these individuals that the government has deemed it ineffiecient to ask people for thier own opinion.
A spokesperson for doubleclick said "We see this as the future, people no longer have to make up their own minds since our advanced profiling system builds up an electronic representation of their mind"
She continues "Soon people wont have to think for themselves, simple by the way they check their email in the office we will buy, ship and bill to them everything they need and want to enjoy thier lives"
In a bid to silence internet free-speech activists, doubleclick also took the unprecedented move of shipping out over 10,000 overclockable duron systems to individuals with disruptive profiles, estimating that the media hype will have died down by the time they install the supplied prerelease copy of 'Windows 2005 Next Generation+'.
Would a system of democracy through economic voting work, a system where what you pay for indirectly makes your viewpoint heard? Is it feasible to have police, fire, militia, etc. all managed by the people without a formal organization with sweeping powers to tax, legislate, imprison, etc.?
Quite an interesting idea. I think that Marx says that this is the final state of government, a return to a peaceful anarchy.
-Phredrick Dobbs
Emperor of the Universe
Grand and High Protector of Everything
-Phredrick Dobbs
Emperor of the Universe
Grand and High Protector of Everything
...electronic voting is a really difficult thing to pull off. Having been, in the past, the primary consultant with the Florida Department of State, Division of Elections, for their electronic voting tests and election-night return systems, I have been exposed to the wild fluctuations in traffic these sites are exposed to. The sites are hit by huge numbers...and the staff within the state agencies tend to be among the least-qualified to administer the technology capable of handling the traffic. The states act as though they are capable of monitoring their elections, but the amount of reliance that they must place on their consultants makes this task impossible for them to successfully complete. Their level of technical competence is just not up to the task.
I believe that there must be some amount of trial and error involved in putting together a successful online voting application. Some sites and some elections are going to be corrupted, and some bad things are going to happen. If the process can get through such an ordeal, we may one day have a workable voting system. The states will have to change their hiring procedures and pay scales before anything of the sort will ever be possible.
What'dya mean there's no BLINK tag!?
you really advocate limiting voting and decision making power into the hands of /fewer/ people?
/dictatorships/. We dont like those.
How few?
Limited by education? Limited by taking a test? Limited by what?
Some places have very limited democracies. They're called
Whats going on is a recurrence of what has happened when a new "class" has been empowered to vote in this country - the status quo is being challenge and is scared.
Online voting now better enables the people that were too lazy to go out and vote, but cared enough to compose rants on the internet.
It gives bite to our bark.
Arizona had its largest voter turnout in recent state history with internet voting. This scares the hell out of the politicians and those in control - they have an entirely new set of issues to deal with, because there are an entirely new demographic voting.
A very good example of increasing voter turnout causing unexpected results - Jesse Ventura - this is a state that had motor-voter registration, and Jesse managed to mobilize a large amount of disenchanted voters with common sense and straight talk.
/That/ is what this is about - losing control and predictability.
... hi bingo
The main issue at stake, at least from the article, seems to be the lack of openness and peer-review of the voting system. They didn't say that online voting is inherently insecure, but rather that Election.com seems to be relying on security by obscurity, and are not allowing any outside evaluation of the security model. I think we should definitely be supportive of online voting, but highly suspicious of a single company that wants to commandeer the process, without conforming to basic (at least in the OSS community) security standards.
Yeah, but that guy used the same phony personal info for each of his 30,000 votes. A simple find took care of him.
Besides, have you seen the _real_ All-Star balloting? They have stacks of ballots that you mark by punching out holes. Nobody checks to see whether you vote multiple times; even I've voted several times without any repercussions. Some simple machinery could be used to punch patterns of holes in thousands of ballots, should the need arise. The balloting is almost as silly as the All-Star game itself (and I consider myself to be a baseball fan, BTW).
Elections are different. I'm certain that people had to use some sort of unique identifier to vote exactly once. If they notice 30,000 votes coming from one person or one IP, with bogus info, then they'll throw those votes out no questions asked.
For more information, click here.
The protocol provides the following:
Only authorized voters vote. No forgeries.
Authorized voters vote at most once.
Voters remain anonymous with respect to their votes. While it is possible to determine who voted, it is not possible to determine what their vote was.
Voters can verify thier vote was counted.
Elections can be co-administered by parties with opposing interests (i.e. political parties), to prevent collusion.
The question in my mind is, does Election.com use a protocol which provides this level of security? And even if they do, why do they seem so opposed to independant security audits?
Security by obscurity... you know the rest.
-----
The only people who would vote would be those who care enough about their sufferage to not sell.
Unfortunately, I'm not as good of a writer as O'Rourke, so I doubt that any explanation of mine could do justice to how funny the column was. :/
Information wants to be anthropomorphized.
What do you mean, "voting in your pajamas is unsafe"?
I mean, are you saying that when you vote, you shouldn't wear pajamas? 'cause if I tried that, I think they'd kick me out of the polls! You need to wear *at least* pajamas to go anywhere in the US--it really isn't fair.
...or do you mean that if you only vote *in* your pajamas, then that isn't safe? Well, I don't see how you'd tally the votes, or even what you're calling *voting*, you sickos.
In conclusion, I must say that when I vote, I am often in my pajamas--if by voting you mean "Slashdot polls". And I haven't gotten injured yet, except when my mouse hand starts to hurt. (Yes, I mean my *mouse* hand! You sickos!!!)
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
Here in France we have a big problem: the mayor of Paris has been elected partly thanks to the vote of more than 3k dead people.
He and his wife are currently under investigation!
It sounds like a joke? Unfortunately, it is real!
So, even in the real world (tm), authentification of the voters is a big problem!
On the Internet, I fear that the authentification of the voters will remain a big problem for a loonng time, and this will prevent any serious voting on the Internet.
PS:
Just a question, are you really sure that in UK the system has not been abused?