Slashdot Mirror
Prof. J. Alex Halderman Tells Us Why Internet-Based Voting Is a Bad Idea (Video)
On March 2, 2012, Timothy wrote about University of Michigan Professor J. Alex Halderman and his contention that there is no way to have secure voting over the Internet using current technology. In this video, Alex explains what he meant and tells us about an experiment (that some might call a prank) he and his students did back in 2010, when they (legally) hacked a Washington D.C. online voting pilot project. This is, of course, a "professional driver on closed course; do not attempt" kind of thing. If you mess with voting software without permission, you might suddenly find the FBI coming through your door at 4 a.m., so please don't do it.
No, it's a good idea with bad implementations, and little chance of those implementations improving. Using it for an actual election of consequence at this point would be bad. Let's not assume that everything that doesn't work in the foreseeable future is inherently bad, okay?
You do not have a moral or legal right to do absolutely anything you want.
Why is Internet-based voting required anyway? Surely this is a great idea to get those basement dwellers out of the house at least once every four years. There are already systems in place to allow those confined to their homes due to medical circumstances to participate in their democracy. Whether it's done tomorrow or in 30 years time, people will still find ways to break the system. Net result? A colossal waste of money over something that is already in place and works as well as can be expected.
Is it really a bad idea? This is just the opinion of some researchers, so why don't we vote on it online and see?
I'd argue that it's a fundamentally bad idea, for reasons which have absolutely nothing to do with technology.
It's very simple: If you go to a polling place, you are in a situation where you can be observed by poll workers, who will notice things like somebody standing over your shoulder with either a gun or $10 to get you to vote the way that somebody wants you to. Whereas if you can vote anywhere, it's quite possible for an organization to do those sorts of things.
The same arguments also apply to voting by mail, or over the phone, or absentee ballots. For instance, it was not uncommon for political parties to stop by my grandmother's nursing home to help the residents vote, helpfully filling it out for the voter (including checking the boxes for their preferred candidates).
I am officially gone from
While I'm on this subject, who came up with the idea of sending 25 armed agents and a small tank to get some geek out of their basement?
https://en.wikipedia.org/wiki/SWAT#History
Heck, for some of these guys you could just write a note, 'report to jail tomorrow and drop your computer off on the way there' and they would do it.
Paramilitary police is not about arresting people, it is about keeping the population terrified of the government. The point is to show people that the government can send a tactical team into any home at any time, so that people will be afraid to take a stand against the government.
Palm trees and 8
I like them. I trust them. They are their own record. And, if you like, you can spoil them.
In Canada, we have our ballots counted within hours of the polls closing. And you can go back and re-count them if necessary.
Keep it simple!
I've got a bad attitude and karma to burn. Go ahead. Mod me down.
I've always thought the whole issue is pretty clear. Internet voting can never be any more secure than it's weakest link...the end users browser/computer/device. In other words it can never be secure. As far as I'm concerned it's a total non-starter for this reason.
The assumption is always that paper ballot voting is secure. Electronic fraud is somehow more important than paper ballot fraud. President Kennedy wasn't even a legitimate President according to some due to paper ballot fraud and they have a good case. See the "Controversies" section of the Wikipedia article on the 1960 election: http://en.wikipedia.org/wiki/United_States_presidential_election,_1960. No, the whole controversy over the safety of voting is just a reason not to do what is required by a belief in Democracy and what is absolutely necessary in a period of time which illustrates the obsolescence of the old system. The Macroparasites have taken control of our system of government and true electronic democracy is the only way we will get power back into our hands. As for the safety of electronic voting, let me say this: It is safe to do internet banking; it is safe to transfer trillions of dollars of assets around the world daily; but it is somehow not safe to cast a single vote electronically . I don't believe that is the truth. And those who argue against electronic Democracy are merely the familiars of the Macroparasites.
E Proelio Veritas.
Don't forget profit and courtroom drama.
Profit is obvious. Courtroom drama is the perp must be guilty because the cops felt like sending 25 cops in riot gear and smashed all the house windows... If the cops just called his lawyer and asked him to talk, he must not be an absolutely guilty supercriminal.
Had a SWAT callout 5 houses to the west of mine some months ago... parole violator got drunk (thats a no no for a multi-time DUI guy) went to friends house, passed out alcohol intoxication. Friend owns a deer hunting rifle and was dumb enough to tell the cops looking for the drunk about it, so we get full swat team callout, smash all the windows and stick cameras in, including one of those tossed ball camera things. Streets blocked off, TV news told BS story about man barricaded in house with gun so we've got newsies crawiling everywhere. The cops got to do the judge jury executioner thing by tasing an semi-conscious drunk guy. This is all OK because "we're tough on crime in this rich suburban city". Lots of people made a lot of money, and the parole violator is back in a for profit prison again, the families (especially children like mine) were terrified, so its all good all around. Seriously SWAT doesn't mean anything anymore.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
So, I live in DC.
The result quoted in the summary, that DC didn't manage to pull off a secure electronic vote, shouldn't be interpreted as a condemnation of e-voting, for the simple reason that this city couldn't manage to find the exit to a paper bag with a map and GPS. The incompetence around here is hilarious: there's a reason everyone working for the government lives in either Maryland or northern Virginia, since being in DC itself just means you get to hear sirens 24/7.
Everyone's heard of Marion Barry, the crack-smoking mayor? Turns out they elected him mayor again right away when he got out of prison. He mismanaged the city finances so badly that Bill Clinton cut him off from a lot of his authority, and he flounced* from the mayorship -- and got elected to the City Council. Since then he's gone eight years without paying income taxes, driven drunk, and embezzled money. Now he wants to run for mayor again.
The guy is a complete scumbag. The Washington Post said "To understand Washington, you have to understand Marion Barry."
*Flounce: To leave after a post (on the internet) where you proclaim yourself a martyr, with great drama
Even the current system isn't correct. The Republican Party holds voting accuracy as near sacred as part of their party talking points. Take a look at how they handled a primary season where they should have absolute control over the rules:
* Iowa went from Romney to Santorum, though a statistical tie, because someone mistyped a 2 as 22: http://www.usnews.com/news/articles/2012/01/18/rick-santorum-might-have-actually-won-the-iowa-caucuses
* Maine almost didn't even count a whole county: http://abcnews.go.com/blogs/politics/2012/02/maines-miscount-one-county-might-be-included-after-saturday/
* Nobody can seem to make up their minds on what to do about Florida. It is supposed to be, normally, a winner take all state. It moved its primary up and got sanctioned by the party by having its delegates cut in-half. Also, it may or may not be proportional. We'll find out in August: http://www.miamiherald.com/2012/01/26/2610390/fight-looms-over-fla-delegates.html
* Missouri has two elections this year. The first doesn't county, but everyone is assuming it will. The one that was held already was state mandated, but the state Republicans, not wanting to lose half their delegates, have decided that one won't count. They'll have a second one that will really count. Note : http://www.huffingtonpost.com/2012/02/07/missouri-primary-2012-explained_n_1257817.html
* She was allowed to vote once it was all sorted out, but an 84-year-old was initially told she was dead when she appeared at the polls: http://boston.cbslocal.com/2012/03/07/84-year-old-fall-river-woman-tries-to-vote-told-shes-dead/
My apologies to any Republicans I offended with these results. I only used these examples as they are near immediate in time scale.
The current voting system is full of flaws. It has been full of flaws. It will likely remain full of flaws. No need to worry about hackers mucking up an election when a typo can swing an election, and never have gotten caught if someone didn't post an image to FaceBook. So I don't see on-line voting as some type of corrupting influence on a pristine system.
The problem I see here is in the oversight. Considering it took two days for Washington D.C. to notice, I would say the real problem was not so much that the system got hacked, but D.C. didn't care enough about the election to monitor it as it was going on. The same lackluster oversight could still swing *cough*Iowa*cough* a close election.
by Anonymous Coward: I, for one, welcome the shift from car analogies to pizza analogies. um.. overlords?
Another bad idea: video as a SlashDot post. Seriously - we're too busy to watch this. Get it down to a paragraph we can scan while we're waiting for something to connect, something to compile or a minion to find an answer for us and maybe.
What problem are they attempting to solve?
The whole idea of having traceable pieces of paper, physical manifestations of the intentions of actual voters, has served us well. Anybody can see it. Anybody can understand how it works. Anybody can observe the process in action. These are good things.
The only issue I have is proportional representation, or the lack thereof. We've had a couple of referenda on the subject here in B.C., both of which have been defeated by massive FUD campaigns.
...laura
Right now in Canada there is a big "Robocall" scandal where one party automatically called tens of thousands of people affiliated to other parties to tell them that their polling station had moved. The people would either say, "Too far" or not find the non-existent poll and not vote. This proves that there are Canadians who are motivated, funded, and capable to mess with an election using electronic means. What the hell chance do any electronic voting systems have?
Here in Halifax the morons have voting over the phone and are thinking about online municipal voting. They say it increases "Voter participation" basically they are sick of people not giving a crap about their self importance and think that throwing democracy in the toilet is the way to go.
This has political ramifications beyond the obvious, the bad people will always win, scenario. Even if the system was theoretically 100% secure I would never trust any party elected electronically. Thus my confidence in their right to be in power would be zero. What impact would this have on people abiding by laws, paying taxes, and other civic relationships. Take Greece as an example of where this has broken down. People there don't pay taxes because nobody else pays taxes. If you are fool enough to want to pay taxes you will find yourself sucked dry because the system is so screwed up that it has now adapted to the fact that people will cheat 100% of the time.
On top of all that the government insists on keeping these proprietary systems as secret as possible. Every single time the systems have been handed to security researchers they have torn them to shreds.
The only electronic voting that I would like to see is a polling system where you go in, pick your stuff and the computer prints out the results on a ballot you put into the machine. You can then look over your ballot and see that all is good. Worse case if there is a power outage or whatnot you could fill the ballot in by hand. Then you put the ballot into a ballot box which is the primary record of the election. This way the computer is more auditing the election. You would get instant poll results subject to verification by counting. I have worked at a polling station and it is often the first time for everyone so I can see a situation where people might mess up. The computer would not override them but if the computer strongly disagreed (ballot box stuffing) then everything would now be carefully scrutinized. Also the benefits to an electronic voting system of this nature is that it allows for complicated ballots to be filled out correctly. No hanging chads.
The list of major hacks on major companies is just too long. Most companies hope for the best with security and more design for the eventuality that they will be hacked and thus look to quickly mitigate the damage through good backups and whatnot. It turned out that Nortel's computer system was completely pwned for over 10 years. If Google has been hacked by the Chinese then no company in the world can claim to have a secure voting system, full stop.
One last problem is that if one party wins an election through fraud, proving that they are evil, they will now be able to structure the system so that they always win from then on. Thus good government is dead the instant a party wins through electronic fraud as the only party who could beat them would have to be more evil.