Slashdot Mirror
Absentee Ballots by Email?
tordia writes "Bruce Schneier has come out against a plan proposed by the Missouri Secretary of State, Matt Blunt. Blunt's proposal would allow "soldiers at remote duty stations or in combat areas cast their ballots with the help of e-mail." The plan arose when Jim Avery, a Missouri State Representative and National Guard soldier currently on active duty in Iraq, told Blunt that the fax machines required by the current Missouri absentee ballot law are rare, but most soldiers have access to computers.
A spokesman for the Secretary of State's office downplays the privacy and security considerations by saying, "If the soldier is uncomfortable with this process, he or she should not consider this option".
I agree with Bruce when he says "This is troubling"." Like many things, this is a wonderful idea in theory; it's just that darn implementation that things get...messy.
"If the soldier is uncomfortable with this process, he or she should not consider this option"
:(
.mil or gc.forces.ca email addys to people handing out Gmail invites, to prevent personal info being circulated that could lead down a dangerous path if the enemy decided to look them up. This has been largely difficult to reign in, but for the most part it's a fairly anonymous exchange. No worse than name, rank, serial number. And that's the idea. But if you have to fill out an absentee ballot in this email scheme, it would require much more personal info or it could be easily abused.
That's the worst excuse for bad security I have ever heard, and I think that if it was applied on all other systems, it would be a huge disaster. Look at the ATM for example. What if instead of a bank card, we shifted to an email scheme for withdrawing and depositing money? Email cheques are fairly secure but they have a password scheme and they don't rely soely on email. There's also no private information being transferred with an email cheque, just a link that requires a password over a secure connection. But what if we just made up email money and passed it around? Huge security flaw there. Take it one step further, why not add salt to the wound, by suggesting that if you don't like the insecure system, don't use it! Duh.
If soldiers send their private info over email, this also produces a security risk if the enemy gathers intel on soldiers to use against their families. Bad bad bad idea.
I'm one of the admins of Gmailforthetroops.com and we've had to let everyone know that we only want soldiers to privately provide their
The dangers of knowledge trigger emotional distress in human beings.
I'm sure many people will say this, but how secure can this be? Using email to vote? Heh, what if the enemy intercepts the emails and finds out that the soldiers want a new leader, how would this make them look?
Boxing Equipment Reviews
I run a few mailservers :). Every day the spammers and viruswriters come up with a new way to defeat whatever anti-spam and anti-virus measures I implement. It's a case of running as fast as we can to stay in the same place!
So maybe the spammers will decide who gets to be president this time, instead of the Supreme Court.
Seriously, after all the controversy over the heavily developed Diebold e-voting system, who comes out and says, "let's do it by email!".
If this refers to the SMTP/IMAP/POP3 email system then one wonders why such an insecure system would be considered.
With today's encryption technologies, it shouldn't be that big of a deal to do it securely, but suggesting to do this over standard email after all of the Diebold e-voting fear is rather bold.
give soldiers ability to send regular postal mail?
a week before Nov 2, simply gather up everyone's ballots (sealed in envelopes), then mail them back home. IIRC, this is what was done in 2000, and many other elections pre-fax machines.
Why is it that politicians seem to do everything in their power to undermine public
confidence in the election process? What's wrong with having miltary poll stations
in Iraq and then simply flying the ballot boxes back? Sure, it's more expensive
that e-mail but if the US government can spend billions to put a democracy in the middle east
surely a few million dollars could be set aside to insure integrity of the US vote.
Simon
Oh, I see. If you're worried about security, don't use the system. Right. So, what's to prevent someone from using this system for me in my name? Who decides which ballot is valid in the case of multiple submissions? I certainly hope someone rethinks this idea before it gets implemented. There is simply WAAAAAY too much potential for abuse.
-- Gargonia
Never play leapfrog with a unicorn.
Erm, the trick is to both have non-repudiation AND anonymity.
There already is a mechanism in place for soldiers and the like stationed overseas to vote. It's essentially an absentee ballot (not sure if it's the correct name).
These ballots have already been sent on their way to the folks in the field. There have been a few issues, I've heard, where the blank ballots have not gotten to their destination but that can be rectified by simply sending more blanks.
If the people in the field aren't capable of filling in a blank paper ballot what makes you think they can correctly send in an electronic ballot?
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
Let's say I am an employer, and I say "you'll get fired if you don't vote for candidate X". If the only methods of voting are by secret ballot, the voter is protected. Otherwise the voter might be forced or coerced into using the "optional" un-secret method. (And yes this has happened before!)
On top of that concern, we're using e-mail? I don't trust the e-mail system for anything important at all. Last semester we had to turn in our homework via e-mail in one of my classes, which I had qualms about. Lo and behold, at the end of the semester, two of my assignments didn't get counted by the professor. He insisted that the e-mail system was perfect. This idea, very bad.
I agree, there is a serious problem with the attitude of "if you think it's insecure, just don't use it". I've run into this same attitude with regards to touchscreen electronic voting machines. I have been told that if I don't trust the ES&S systems, I should just vote by absentee ballot. It doesn't matter if I use a known secure voting apparatus if the other people who are voting do not. It doesn't help that my vote gets counted accuratly if someone can add an arbitrary number of votes for the candidate of their choice.
Hypothetical Example:
1000 people eligible to vote.
600 actually vote:
200 use secure method. They vote 150 for candidate A, 50 for candidate B.
400 use insecure method. They vote 220 for candidate A, 180 for candidate B.
Total legitimate votes: 370 for A, 230 for B.
Now Mr. Vote-Hack adds 200 phantom votes for B, through the insecure method.
Did anyone's vote count, aside from Mr. Vote-Hack?
In some systems, unless the entire system is secure, securing parts of it doesn't really matter.
Here's an idea?
Just spend the money to setup private voting booths over there. Travel from company to company and allow our guys to vote.
Holy crap. These guys are overthere risking life and limb for "us" and we can't even find a way to allow them to vote?
Right or wrong... they are heros. They need to vote this election more than your average joe!
That's a false dichotomy. There's also snail mail.
Email is a lot easier to intercept than faxes. Faxes require physically tapping into the line. Email simply requires any ISP have any computer on their local network which the data passes through en-route from the military computer to the voting office be comprimised, *or* tapping into the lines.
And, it's not just a "not voting/voting with risk to your family" situation. It's a "someone who doesn't like the statistical balance of your unit's politics and launches a DDOS attack on you when you would normally be voting. Or its a case of someone phishing (what was it, 22% of all phish emails work?). Or a case of a worm whose sole task is, apon propogating, to send out a ballot voting for candidate X. Or a dozen other things.
I just invaded Grammar Czechoslovakia and duped Grammar Neville Chamberlain; now it's on to Grammar Poland.
You know, only the US (of developed Western democracies at least) makes such a big fricken' mess out of the whole voting process. Pieces of paper and ballot boxes actually work. They may be slower, they may be more expensive, but they WORK and they are transparent. They are scaleable and the hardware is cheap. Recounts are easy and verifiable.
Prediction: the US will be convulsed over the reliability and fairness of its elections procedures every four years for the forseeable future.
Countries using ballot papers and boxes will get their results a bit slower, but will not be convulsed.
As for the argument that e-voting makes it easier for people to vote, thus increasing democratic participation, all I can say is, if you care so little about your vote that you can't be bothered to leave the house to cast it (I"m assuming those who are housebound are catered for) you don't deserve to vote.
Sheesh. I have used up my 'fricken' quotient for today but it was worth it.
Some old technology is very good. Like the bicycle. When I worked in TV we used to bike tapes around rather than using the internet, because as our tech director used to say, "Never underestimate the bandwidth of a man on a motorbike".
I'm not wrong. You haven't thought about it hard enough.
A lot of us libertarians used to vote republican too. Funny how Bush and the neocons destroyed everything the Republican party once stood for - small government, stay out of business, etc; and turned it into a far bigger-spending-party (record deficits immediatlly after Clinton's record surplus) than even the democrats, and turned it into the party of the Church - and human rights bashing not only overseas but to gays (marriage) and minorities (patriot act) at home as well.
It'll feel wierd as a libertarian to vote for a democrat, but the republicans really changed the last couple years.
Is this even allowed according to the constitution?
Sure as long as you trust them it's a good thing, but just think ahead a bit will you?
I'm pretty sure that those people that have lived in a dictature are laughing their ass of just on the thought of including the DoD in the election.
(And don't try the "but the DoD allready handles the election". The difference is that with an old school voting system you have slighly more controll than with a email system with no paper-trail.)
Please, don't get caught up in all the media hype about soldiers in Iraq.
It's their job.
A hero is someone that is selfless in their pursuit of something to benefit people. For example the person that rescues someone from a burning house.
Some soldiers are heroes of course.
Each voter is issued a crypto-token, the private part of a public-private key pair. Of course, this cant be tied to a name to preserve anonymity. They vote electronically and all the votes are emailed at once in a big tarball. A hardcopy is printed of each vote (encrypted) in case you want to recount.
They can then verify the individual votes authenticity with the corresponding public keys.
It could be done.
I don't need no instructions to know how to rock!!!!
Why is it that Bruce Schneier is the only person that can speak intelligibly about security?
Bruce has a rare combination of the mental accuity required to be a security researcher and expert, and the ability to write well enough to be understood by large swaths of the population. A lot of security people will try to explain to the non-tech person that blocking ICMP will help to avoid DDoS attacks, but you have to keep SMTP open to allow e-mail, even though that will result in spam getting through but implementation of a Bayesian filter will help to mitigate that. Most managers' eyes will glaze over so much they could open a Krispy Kreme. Bruce can explain it in more simple terms: A properly configured firewall will reduce the chance of successful attacks, but there may be trade-offs, which can be discussed in detail at an appropriate time.
In most cases, you choice is "gifted security expert" or "gifted writer." In Bruce's case, the OR becomes AND.
You can never go home again... but I guess you can shop there.
If they could use PGP I'd have less a problem with it. You could scan the ballot and then encrypt the file to the state's public key and send it off. But you can still track the file to the sender so short of using anonymous remailers this still isn't private.
Slashdot, home of supporters of free software, free music, and free speech.Except for Moderators that disagree with you.
Here's an idea?
Just spend the money to setup private voting booths over there. Travel from company to company and allow our guys to vote.
The most dangerous thing you can do in Iraq right now is travel from company to company. I am all for making voting easy for the soldiers, but I would prefer a method that doesn't incur huge risks (if at all posible).
"I'll have a Guinness, no wait, make that a Coors Light" -Grad student I work with, who shall remain anonymous...
They need to vote more than the average joe? Why? All citizens are equal, right?!
After all, nobody's ever stolen a ballot box, stuffed a ballot box, altered a paper ballot, discarded a paper ballot, or anything at all like that.
If the US government can't manage to let the servicemen vote properly and get the votes back to America in time, maybe they shouldn't go to war. Period. Because other countries manage to do so.
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
Exactly. But even if they did, it would still be bad.
Now somebody can see who a particular individual voted for. If not by the signature, then by the from address on the email. Very anonymous, eh?
"Sooo, private Johnson, I see you voted for 'xxxx'...."
Very, very bad.
> no, yes, maybe (tagging beta)
Maybe you should vote...umm.. libertarian! If more people would, you wouldn't be throwing your vote away.
Probably so the process can't be automated. I can't write a form letter with 5000 copies, each with a different name and address if I am writing the letter by hand.
"[...]these guys are in a much better position to judge Bush's foreign policy and the situation in Iraq than a bunch of whiny asshats back home."
No, they're not. Historians, economists, and political science experts (among others) are the ones who can judge. What makes you think your average soldier has any clue what the long-term financial or political ramifications of foreign policy will be?
Oh, and don't assume I'm against the war or don't support the troops. I'm just suggesting you take a step back and think about what you're saying. True, most IT nerds aren't particularly qualified to judge, but neither are most soldiers.
G
Why can't they ever just say "We need a way for soldiers to easily cast an absentee ballot" and then let people who know what they are doing come up with the proper system?
This is a problem where I work as well.
Have Americans forgotten this?
Of course, we Canadians take election ballots very seriously. For example, it is illegal to eat your ballot. This upsets some people. (No, ballot eating has nothing to do with the topic at hand, I just wanted an excuse to post that.)
Uh - the people who think that at least Kerry has _some_ experience in the military, and who might therefore be a better Commander in Chief (as in - understanding when & where it is effective to use military force, and when & where it is appropriate to listen to your military commanders)?
Given the pattern of retaliation by this administration, such people are likely to keep their mouths shut, but I'm sure there's a few of them in there.
The instances you provided are certainly heroic, but they don't happen all the time. Riding around in a hummer on security detail or fixing fighter jets is not heroic. Dangerous, yes. Worthy of respect, yes.
The point is, a blanket statement that all men & women in the service are heroes is false. Heroic status is assigned on a case by case basis. Saying everyone in the armed forces is a hero waters down the meaning.
Anecdotes are a dime a dozen. Moreover, and as the previous poster replied, soldiers are not in the best position to judge the ramifications of the war (let alone realize they're not looking for any WMD)
The quickest way to become an atheist is to study the Bible thoroughly.
I can understand when people talk about how the US Military is protecting OTHERS, but unless you happen to live in the Middle East, I don't see how they're risking life and limb for "us". What do you mean by "right or wrong"??? I understand that their job is one with high risks and low pay, but that was their choice. To automatically label all soldiers heros in the cause of freedom assumes an awful lot. Is some heating and ventillating technician who enlisted a hero? Well, he's supporting the war effort, so maybe so, but then again I'm supporting it by working in the private sector and paying taxes. I guess as Americans we're all heroes.
Heroes who are so concerned about politics that we won't vote if it actually requires work.
Yay...
Good. So, we've covered the 'Secure' part of the equation. Now, how about the 'Ananomous' part? So that votes can't be paid for, because you can't tell how anyone voted?
'Sensible' is a curse word.
All the way? Yeah right! It'll make the first few hops on a military network, but after that it'll go onto the normal net backbones and filter down from ISP to ISP, all the way to the electoral office's ISP.
I just invaded Grammar Czechoslovakia and duped Grammar Neville Chamberlain; now it's on to Grammar Poland.
1.) The application has to get to the voter somehow. This is not as much of a problem as it once was, because one can email the town clerk and ask for it to be mailed, one's relatives can send it to you, or you can print it out from the Secretary of the State's web site.
2.) Once the application is filled out, it must be mailed back to the Town Clerk. Currently, the law allows one to fax the application to ensure the ballot goes out in a timely manner, but it must be mailed at the same time it is faxed. If the application is not received in the mail be the close of polls on election day, the ballot is rejected.
3.) When the Town Clerk receives the application, he prepares a ballot and mails it.
4.) Then I get to vote. And mail back the ballot. And hope that it's received in time.
That's a cycle of three or four mail trips across the world. Anybody overseas who wants to vote absentee needs to get going right now to make sure their votes are counted! Incidentally, look at the audit trail absentee balloting leaves in its wake: the completed application, an outer envelope for mailing, an inner envelope to ensure ballot secrecy, and the ballot itself. With the potential for mischief that absentee balloting presents, I am glad all this paperwork exists. However, in the interest of timeliness and of not disenfranchising remote voters, I think the application process, but not the voting itself, can be shortened by using email without sacrificing security. Imagine this process:
1.) The voter emails the town clerk with the required information and a digital signature.
2.) The clerk mails the ballot.
3.) The voter mails back the ballot.
That's two mail trips. That's still a wait, but the process is simpler, there's still an audit trail, the identity of the voter is still verifiable, and the ballot is on good old paper. Why can't states adopt a sensible, middle-ground process like this one? And why doesn't Missouri's chief elections official understand the importance of an auditable vote?
If you vote for a third party candidate, you're telling both of the existing two-party candidates that you do not trust them, and you signal why - maybe you don't think they're strong enough on civil liberties, or economic liberties (various libertarians), or perhaps you feel they're not environmentalist enough (Green), or that they do not provide enough protection for consumers (Nader), or perhaps that they're not religious enough (Constitutionalist), etc.
By voting third party candidate when you feel that neither party is remotely close to what you want, you at least indicate to them the direction they should be going in.
It doesn't always work, especially if the "third party campaign" is more of a vindictive wrecking campaign (as an example, Gore was very clearly an environmentalist, but thanks to Nader's "Green Party" campaign, Gore was kicked out and the Democrats lurched away, with no viable environmentalist candidates.) But if you seriously believe neither Republicans nor Democrats can be trusted enough on any serious issues, that they're both equally likely to undermine the principles you strongly believe in, a third party vote is exactly what you should be considering.
Of course, never write off the directly opposing party too. There have been times in the last thirty-forty years where one was better on civil liberties, and times the other has. I can't imagine Ashcroft or anyone else Bush is likely to appoint supporting the Miranda decision, but that target of right-wing hate Janet Reno did exactly that, in front of the Supreme Court. But there have been times when the shoe has been on the other foot.
You are not alone. This is not normal. None of this is normal.
Great. Then I'm sure he can't wait to get started in Sudan, Liberia, Uganda, Zimbabwe, Burma, North Korea, Cambodia, Kurdistan, Iran, Angola, Sri Lanka, Kashmir, Tibet, etc.
Oh yeah, and what about the indigenous tribes in the Amazon basin? Now which side to take, the tribes, whose ways of life are being destroyed by outsiders? Or the ranchers, who are exercising their right to capitalize on natural resources? Do we decide now, in a whingy asshat sort of way, or send in a few commando units and have them report back?
The current state of Iraq is not the end-all be-all of current US foreign policy reprecussions. Don't forget that groups like al Quaeda came into power as a direct result of US intervention. The treaties at the end of WWII led to the Israeli-Palestinian crisis (and all the associated Middle-East troubles). It's not today that matters most, but tomorrow. Oh, and how did voting get into this?
G