Slashdot Mirror
Canada To Adopt On-Line Voting?
belmolis writes "Here in Canada we have an old-fashioned paper ballot voting system that by all accounts works very well. We get results quickly and without fraud. Nonetheless, Elections Canada wants to test on-line voting. From the article: 'The head of the agency in charge of federal elections says it's time to modernize Canada's elections, including testing online voting and ending a ban on publishing early election results.' Is it worth trying to fix a system that isn't broken?"
Malicious code is the least of the problems with online voting.
It becomes almost trivial to buy/extort votes.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Hell, didn't anyone learn anything from online banking? It can NOT be made secure. Why? Inherently. Because you would have to trust a machine that is not under your control, as the voting agency: The user's computer. And there is no way to verify that his vote is actually his decision. And I'm not even talking about the guy with the gun pointing at his head telling him how to vote.
Here's a scenario that happened in reality a while ago with online banking. Anyone with half a brain should be easily able to tell how to apply it to online voting. We might have to get someone to explain it to a politician, though.
A piece of malware existed (and still exists), that was developed as a reply to the one time pad banks handed out. Since intercepting and using the user's credentials was useless in such an environment, what they did was to manipulate the user's browser to make the user do the malicious transaction himself. What happened was, essentially, this: The malware manipulated (through a BHO) the input and the reply from the bank. The user entered, e.g. that he wanted to transmit 100 bucks to pay his electricity bill. The malware sent that he wants to send 1000 bucks to a mule. The bank replied that those 1000 bucks will be sent to the mule, which the browser displayed as 100 bucks to electronic provider, asking for the OTP-key. The user, thinking he's paying his bill (and everything he saw reflected this) entered the key.
There is NO way the bank (or, in turn, the election committee) could somehow see that the input was manipulated. And in this case, at least it could be seen on the bank statement. How do you expect to at least NOTICE that your vote was altered in a secret ballot?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I cannot see how on-line voting can possibly stand up against the demand for a secret ballot.
If everyone is allowed to vote in their own home then there is no way to guaranty that the ballot is secret. How can you make sure that no one is shoulder-surfing? Or worse, shoulder-surfing with a big stick? With home (on-line) voting bribing and/or threatening voters becomes trivial and we don't want that!
On-line voting sounds like fun, but it doesn't work.
Malicious code is the least of the problems with online voting.
Even though there are more obvious problems, I believe that the freedom to study and test the system is essential to any democratic voting system.
Why should people in BC have more information to vote with than those in the Atlantic provinces? No. No ballot box should be opened until all the polling locations have closed.
When our name is on the back of your car, we're behind you all the way!
In Canada ballot counting is done under the supervision of representatives from all of the candidates, The ballots themselves are also kept for possible later re-counting if there is any question at all about the validity of the results.
That is a far cry from an online system where that would be almost impossible.
Well, no. It's pretty trivial to design a paper ballot system so that it's both fast to count and easy to monitor.
Open the voting place to public. Bring in the ballot box, open it, show that there's nothing inside, and seal it. Commence the voting. After voting ends, count the votes right there, in the voting place, in full view of everyone who wishes to watch - and, since this is the New Tens, also videotape it and upload the tape as well as the numbers. Next, tell the numbers to the regional center, which adds all the subtotals to get its own, again in full view of everyone and with the numbers uploaded on the Internet. Continue with as many layers of the hierarchy as needed, and you should get the final results overnight, and there is no part of this process which couldn't be watched over by anyone who wants.
Contrast this with computers, where it's just plain impossible to know what they're doing unless you already trust them, there are numerous examples of bugs going unnoticed in security-critical code for years, and actual real-life voting machines making complete mockery of security. Not to mention there's a huge incentive to hack them.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
That is presuming that a legitimate person is trying to access the legitimate site and perform the voting in a straightforward manner with good intent only voting once per election. There are so many other factors involved where identity can't be proven or other aspects that to me it boggles the mind that anybody would even consider on-line voting for anything critical.
I just wrote a long-ass comment explaining how the Canadian General Elections are monitored by candidates representatives, but the cert for yro.slashdot.org changed and I lost my work.
No, a digital system does NOT have potential to be more secure than the current system for General Elections in Canada. There is no counting office. Ballots are counted on the spot.
Canada does not use fancy mechanical systems with chads. Voters are provided with pencils and put marks in a circle. It's simple and effective, and Canada gets voting results far faster than the US (and before you cite population size differences, the Elections Canada model would take the same amount of time even if you had 10x as many ridings). It's one single system and organization that handles federal voting for the entire country.
The key metric in the credibility of an electoral system is what is the maximum amount of fraud that can be committed with a small number of people. The paper ballot system is a remarkable piece of engineering when you stop and think about it: you have to be physically present to vote and the physical ballot is accounted for at all times, making ballot stuffing difficult to pull off on a large scale by a small number of people. The observation and counting of votes is distributed, likewise limiting the scope of an fraud.
In any electronic system, the vote moves through countless devices that could be corrupted internally or externally. Any attempt to identify fraud using statistical deviation from polling numbers now trusts the pollsters (whose numbers were wildly skewed in the final days of the last election) as much as the actual vote.
In any centralized counting system, is going to be IT team that the nation has to have absolute trust in: their intregrity, their flawless execution and their ability to detect any tampering.
Note that tampering not only covers changing the results and ballot stuffing, but also removing the veil of annonymity. In an increasingly polarized environment, being flagged in party's database as an enemy voter could easily come to affect how your career prospects in government and how you are treated by a beaurocracy
Finally, its not enough that the election is not tampered with, it needs to be provably tamper-free. It's not enough for the chief electoral officer to be satisfied with the results, the public needs to be confident that for systematic tampering to have occurred that it required a conspiracy too large to realisticly remain secret.