Slashdot Mirror
VeriSign and Secure Internet Voting
Bucky Katt writes "VeriSign announced Monday that it will provide key components of a system designed to let Americans abroad cast absentee votes over the Internet."
← Back to Stories (view on slashdot.org)
So we won't have to have physical access to log in and change votes with MS Access and no password? For the love of God, when is the mainstream press going to pick up on this?!?!?!?
666-607: 6th floor apartment of the beast
So if you misspell the name of your candidate, Verisign will use its * wildcard to vote for its CEO automatically!
The USA is handing over democracy (in a small but growing way) to a no-vision for-profit firm that has a proven lack of ethics.
This is going to get worst before it gets better.
It's Christmas everyday with BitTorrent.
Verisign has pulled a suprise victory in the California recall election.
Yes, the algorithms for secure anonymous fraud-proof voting exist, but I don't think the implementations are up to the task yet - in particular, if they cannot be independently verified before, during and after the elections.
There's just too much potential for a fraud to justify dropping the good old pencil-in-the-number-of-your-candidate method.
And, for our next trick, we absolutely won't replace the electoral college with internet voting. Even if it were secure, it would take the power out of the hands of the elite and give it to the people.
However, wouldn't it be nice if we (the US, if you can forgive my inclusive pronoun) were a democracy instead of a republic? If internet voting is good for the goose, then shouldn't it be good for the gander? We just need to replace those old and moldy voting booths with shiny new internet-enabled booths.
Of course, as a programmer, I'll believe the voting scheme is "secure" when monkeys fly out of my butt.
As I recall, none of the absentee ballots made any difference in the 2000 presidential election.
Someone must have thought, "Lets let absentee voters vote electronically, we're just going to throw out their votes anyway!"
Nothing lost, nothing gained.
Fight or flight its all the same
Live to die another day
--Ryan
Naturally most /.ers are going to complain about this for various reasons generally involving security. However, this could be a good thing IF a GOOD system is actually developed (now or in the future). I for one would love to be able to vote from the comfort of my home/work/cafe without having to wait in lines. Overall voter turnout could be boosted.
Chances are though that this first pass will not be great, which will slow/stop future development due to cries of the public for and end to insecure online voting.
.. making people IN the country vote?
last vote less than 50% or something voted
what about fixing that problem first?
geez..
If a majority of eligible voters actually voted, would we even be bothering with all this crap about electronic voting?
Read the EFF's Fair Use FAQ
However, wouldn't it be nice if we (the US, if you can forgive my inclusive pronoun) were a democracy instead of a republic?
Absolutely not. The kind of democracy to which you refer is also known as "mob rule".
[sarcasm]
;-)
We have to love them them now. Put sitefinder behind us. Verisign is an American company helping America.
IF we complain about sitefinder being an abuse of power... the terrorists win.
BTW: heard those servers are going to be powered by SCO software
[/sarcasm]
a use for One Click(tm) technology here.
As I recall, some of the overseas ballots (mostly from military personnel, who tend to vote republican) were "misplaced" in the 2000 election in Florida. This was in a county with Democrats running the election. Now, were the election managers incompetent, or was it a conspiracy? I'd guess incompetent, but who knows. Now, if people can't figure out how to COUNT, what makes anyone think that they will be able to run an election electronically without screwing something up?
While I'm usually skeptical of Internet voting, I'm actually in favor of it in the limited case of American personnel overseas, because it is better than the current system. Presently, most absentee votes don't even get counted, unless the margin of victory is less than number of absentee ballots. While this is technically accurate and efficient, it kinda sucks to be one of those people who's vote is never even considered.
On the security side, I hope that VeriSign avoids Diebold's mistake (with electronic voting machines, which is different from Internet voting) and makes the source code and security procedures public for scrutiny.
How do you think things will get better? There are few if any local independent news papers because they have all been crushed by big coroprate owned national broadcasters and "news" services like MSNBC. The same people have made sure that individuals have a hard time publishing on the internet, so everyone has to go through providers or portals where they can be shut down. Now the loop is being closed with black box voting, which is impossible to audit. Even if you could tell people the truth, they won't be able to do anything about it.
Vote against this kind of thing NOW.
Friends don't help friends install M$ junk.
Now're going to become further dependant on Verisign? I understand this project has been in development well before Verisigns latest screw ups, but at this point, it would be rather foolhardy to become tied to Verisign and any software they make; they've proven they choose profiteering over everything else. So why put this sort of responsibility in their hands when history proves that they may abuse it?
"What can a thoughtful man hope for mankind on Earth, given the experience of the past million years? Nothing." -Bokonon
Here is an excerpt from an email notification you will get after using the Verisign absentee system in 2004: "Valued Voter, At VeriSign we care deeply about freedom, democracy, and your right to privacy. Due to this fact, we are informing you of a change to our privacy policy. Line 428 which formerly read:
"Verisign will in no circumstances share your personal or voting information with 3rd parties."
now reads:
"In some cases, Verisign may share personal and voting information on customers with Verisign partners. This is standard business practice, and will lead to a more enjoyable voting experience for our users. In addition, it represents Verisign's commitment to capitalism, which is the sole foundation the United States was built upon. God Bless these United States, fellow patriot."
While most users will enjoy the benefits of this sharing (like customized Donkey or Elephant themes on parter sites, or voting record targeted product newsletters), some may wish to opt out. If you wish to opt out, please send your request to:
U.S. Department Of Justice
c.o. Sec. John Ashcroft950 Pennsylvania Avenue, NW
Washington, DC 20530-0001
Please look out for infromation on new MyDemocracyBuilder features in the coming months, including our exciting new "AutoVote" system!
Sincerely,
Verisign Support "
"Life is life." --Laibach
If you don't touch in the exact center of the canidate's button, your vote is automatically redirected to the highest paying advertiser.
I guess it doesn't really matter though. Now your vote is just as unreliable as the canidates.
Verisign does not deserve to be a "trust company". This sitefinder issue is just the latest in a series of unethical moves by verisign, dating back at least the "godaddy domain expiration letter" scam.
The sooner we slay this beast, the better.... With that said, I recently found out about a heck of a deal "Everyone's Internet" is running: "$25 SSL certificates". It's obvious that as a reseller for GeoTrust and as a webspace provider for small biz, they know that a ton of Mom & Pop shops that would jump at one of these in a second, even if profits from online sales were small, because a "secure order" page is great for their image.
On the other side, I've been using GoDaddy for years.
Down with Verisign.... We don't need you anymore.
Notice that the article only talks about using Internet voting as an alternative to absentee voting for citizens abroad and only in U.S. government agencies where secure Internet-enables voting stations can be set up. This is good .
Internet voting on a large scale will never take place due to logistical [for lack of a better word] rather than technical reasons. Electoral law requires that your vote be made in a manner that is free from influence (intimidation or vote buying). This is controlled by ensuring that voting goes on in select locations where campaigning is not permitted. Even campaign posters within sight of a voting station must be taken down.
With Internet voting, essentially anyplace could be a voting station. I could set up a little voting party for my friends and let them vote on my computer. Don't mind that there is paraphernalia all around for my candidate, or that I'm looking over your shoulder. After the party, laptop and cell in hand, I could help all the little old ladies in my neighborhood vote too.
[Your sig here]
...courts in Florida appoint our Presidents, don't they ?
Tired of being "punished" by the Slashdot $rtbl since 2002. I'm now over at http://soylentnews.org/ .
Even better, if Verisign running your elections worries you, why not see if you can help the project. With a secure, trusted and freely available alternative, Verisign will find it more difficult to convince audit committees that their software is the best option.
actually, there has not been a single recount which actually showed Gore as having more votes. They've counted, counted, re-counted, and counted again and they still can't get the answer they want. Its a shame for them, but I think they just have to realize that Bush did win, even though he may have only won by a small margin.
How do people anywhere trust Verisign?
;-) ))
This company has a proven track record of bad security, unethical behaviour, and well.. I just don't get it, they are the main "TTP" of the web, and yet aren't worth anyone's trust really, then a Domain controller that abused it's power as such, and now they are going to run elections for Americans...
*/me shakes head in total astonishment*
Well... G'luck to ya guys. Here's hoping for once they'll maintain their ethics. (Or assign the project to Dilbert (for those who've seen that episode of Dilbert TV.
~ kjrose
In the UK I think the average voter turnout for the general elections is hovering around the 35% mark and falling.
This is a huge problem for a democracy IMHO. Considering we've fought 2 world wars for the right to determine who governs us, it's pathetic that a majority of people cannot be bothered to get off their arses and vote.
However, I have a confession. I'm one of the majority and ashamed of it. I always intend to vote, but when the time comes I always seem to have something important to do instead. If we had an easy electronic voting system then I for one would always cast my vote.
OTOH Do we really want to encourage EVERYONE to cast a vote? If there was no effort involved (like actually having to travel to vote) then would we be encouraging people with no real political views to vote 'just because they can' Maybe then the result of the election would be decided by the lazy jobless who had nothing better to do than vote?
This is purely bad principle. This is outsourcing voting. Elections should be handled as much as possible by regular people. Companies should provide paper, pencils, and maybe some refreshments.
Now I RTFA and I understand this is for military absentee ballots. But this will set precedence. Who will get the job next year? Don't you think the standards applied here will eventually be used for absentee ballots for State Department personnel? And then eventually the general public?
If the government is not capable on its own of running a fully electronic election, then they should not be doing it. Period. Forget the cost of alternative systems or even the impossibility. If the DOD cannot handle this internally (they should, they handle billions of dollars of secrets) then I think it is a step to far to outsource it.
"The sanctity of the vote can't be compromised nor can the integrity of the system be compromised"
Doesn't that line make you feel worried. At least they could say,"we have the best security and experience." But no, "the integrity of the system [can't] be compromised."
By making it brainlessly easy for someone to vote, are we not making it so the voter does not have to plan to vote. And if a person doesn't plan to vote, how informed is their choice going to be?
Many states have already implemented "motor voter" systems where folks don't even have to explicitly register to vote -- it's just attached to their drivers license registration. Literacy tests & poll taxes -- once of which helps ensure that the voter can read the ballot & the other further forces voters to plan to vote -- were thrown out long ago as infringements on the civil rights of unschooled procrastinators.
I believe whole-heartedly that the political establishment of the United States does not want voters to be informed or to pre-plan the act of voting. The reasons for this ought to be self-evident to those of us who are capable of reading a ballot or planning our activities more than 10 minutes into the future.
Turning briefly to "secure" online voting (so this comment stays "on topic"), maybe the Verisign system couldn't be decrypted but it would be very possible for a determined attacker to simply mangle the packets so the votes wouldn't count.
"Obviously, I'm not an IBM computer any more than I'm an ashtray" (Bob Dylan)
On that note, using Verisign's software, if you aren't sure who you want to vote, you can just put an asterisk after the first letter, and Verisign will choose whoever has the corresponding last name that paid them the most money!
http://mediagoblin.org/
The PM of Malaysia is quoted as saying the duty of the democracy is to better the majority. Strictly speaking, that is true in that form of government.
That is why I support the Republic form is government. Republic is representative rule, not majority rule. Each stakeholder in the US system should be represented. Arguments about the rights of any minority make sense only in a Republic. In a democracy, who cares about minorities? We all vote in self-interest, and majority rules.
To repeat an oft repeated quote, Democracy is three wolves and a sheep voting on whats for dinner.
Sarcasm and hyperbole are the final refuges for weak minds
The real supporters of electronic voting want such a system so they CAN rig it! Why do we use mechanical voting machines? Why do we use electronic ballot counters? Why do we NOT count ballots at the polling place before we haul them to the court house? All of that is done to make elections EASIER to rig. It sounds like it is safer but it really is just a shell game designed to hide the methods behind trickery. Ask any magician. You hide your tricks with distractions and illusions that are just the opposite of what is really happening.
Most people can't understand computers so they think "Well it MUST be good. This is sophisticated and I'm too stupid to understand this so it must be well designed." Many people have problems with computers but they almost always think that THEY are the problem (I don't know how to use this, I must be doing something wrong.) not that the software is written badly. The American public loves gadgetry and we equate that with goodness and safety. We think we can build a better car or a building that can take a hit from a 767 or a tamperproof election.
Slashdot, home of supporters of free software, free music, and free speech.Except for Moderators that disagree with you.
I live abroad and frankly, I'm just not quite prepared to trust my vote to the internet. I'll be sending my vote by mail and would encourage other expats to do the same.
I certainly don't trust Verisign. I think the first few elections using this technology should be limited to say, a few thousand votes so as not to have a significant impact on the results (of course, given what happened in Florida, a few thousand votes might have a significant impact). Maybe it would be even better to run the electronic voting at the same time, requiring mail-in ballots and compare the results and not count the electronic voting until it's proven itself. Mail-in ballots aren't anonymous votes, so it should be easy enough to compare.
Even then, I don't know that that would work. I'd eventually like to see secure internet voting, but I'm just not sure the implementations are there yet.
And I'm sure if you accidently select the wrong candidate, or mistakenly select multiple candidates; rather than get an error message, Verisign will redirect your vote to a candidate of their choice at candidatefinder.verisign.com.
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
you already are one; lets not forget how many presidents we have that WERE NOT ELECTED BY THE POPULAR VOTE this is probably one of hte main reasons we have such low voter turn out; becuase no one feels like their vote matters the gov't does wahtever the fuck it wants to do anyway; even the Nazi's had kangaroo courts we dont' even have those we just deport people outside the country for tortu err questioning... we live in neither a democracy nor a republic; this is an oligarchy (yes it could be spelled oilgarchy at the moment)
There is no political party at this address.
Did you mean?
We did find these similar political parties.
The Republican Party