When did 'network' become 'run over the internet'?
Don't ask ME... you're the one that said it, not me. I don't care if the network is public or private, they're both vulnerable to DoS attacks. Denial of Service could include someone snipping the wires, kicking out a power cord, climbing a telephone pole to fuck with the copper, or messing with a satellite dish.
I swear to god, Slashdot is just chock full of... eh, I don't even wanna get started on it.
urely point 2 is what happens whereever a paper ballot is cast. Basically a check is made during official counting to make sure people have not cast their vote more than once.
You are mistaken; that is not what happens at all. You can only cast your ballot at your local polling station because that is the only place that has your registration information. Once you register to vote at the desk, they mark you as "voted" and they won't let you come back. If you went to another polling station, they wouldn't have your registration information so you can't vote. One voter, one vote.
I fully appreciate the issues of e-voting but there are compromises already made in national elections so one should take those into account before saying it can't be done.
But evoting would only add new compromises without solving any of the old ones.
Many countries, such as the UK and New Zealand, also already compromise on voter anonymity. Legislation allows election officials to trace a fraudulent vote and remove it from the count.
Those countries are not the United States. There is a longstanding assumption that the concepts of liberty underlying the US Constitution include the right to a free, anonymous electoral process. I am truly sorry that such freedom does not exist in the UK or New Zealand.
then you are trusting the distribution authority (government, probably) to destroy the association of token->voter after the tokens are distributed. This is no different than having the machines store an encrypted ballot and tie it to a token and have the tally function destroy the tokens after resolving duplicates.
Compare these trust issues with our current "only vote at your designated poll site" system. You simply can't vote twice right now, and thats the way it should stay.
Local storage on the kiosks should be encrypted with a public key, for which the corresponding private key is stored at the central server.
That may be a good method of authentication and security but it does nothing to solve the problem I outline above, which has nothing to do with security and everything to do with privacy.
The author of this paper, Dr. Rubin, taught a class at Johns Hopkins University this past spring called Security and Privacy in Computing. I was lucky enough to be in this class. The semester-long project was to design and implement a prototype electronic voting system that solved the problem of "remote poll sites". Basically, the State of Washington had commissioned Dr. Rubin to deliver a system whereby a voter could cast his vote at ANY voting station in the state, and not have to go to his specific poll site. This sounded great: you wouldn't have to lose a day of work so you could vote at the local high school... you could vote at the little kiosk near your office.
Unfortunately the idea doesn't work. The reason is that you would need every kiosk (or polling station) to be connected to some sort of network in realtime in order to retrieve ballots, cast votes, and update voter status. The problem with this is that you have now created a network that is vulerable to DoS attacks. It wouldn't matter how you structured your network for performance... the minute someone snips a wire at any given kiosk, you have two choices: 1) make that kiosk unavailable for voting 2) still accept votes at that kiosk, but cast them provisionally.
#1 is dangerous because now I could cut the wires at EVERY kiosk I could find (or packet the network, or whatever) and bring the election to a halt.
#2 is dangerous because the more kiosks I bring down, the more ballots will be cast in which the voterID (which reveals his name, etc) is tied to the ballot. Loss of voter anonymity is unacceptable in American democracy.
So what happens if you just leave all the kiosks offline and give them all a copy of the master voter registration db? Now you've opened yourself up to voter fraud: you could go from kiosk to kiosk, casting multiple ballots as yourself. If you stuck with voter anonymity, and each of those ballots were cast anonymously, how would the final tallying system know that you cast duplicate ballots? How would it know which to throw out?
I'm told Dr. Rubin's grant from the State of Washington was eventually rescinded, I suspect because there's no good way to solve this problem, as well as a few others which I will not go into detail about here.
If companies would be less greedy and not charge as much for services maybe people would want to buy things instead of stealing them
Yeah well if the Queen had balls, she'd be king. Companies are out to make money -- it's what they do. You think DTV was started for the common good of mankind?
I agree completely. I went to ski academy (SMS in Vermont) and raced for 6 years. On straight skis, much of your energy is spent pressurizing the downhill ski to perform the carved turn. On parabolics, you just don't have to work as hard to carve a turn.
The downside is that race courses have changed too. GS and SG courses are now turnier and tighter. And because parabolics let you carve a turn even while your body does all the wrong things, my guess is that young racers find themselves crashing on fallaway turns as they lean into the hill (on a straight ski, leaning into the hill would mean your ski won't turn; on parabolics you can turn anyways).
When I was younger (ages 9 thru 15), I was a ski racer. Now, anyone who's owned a pair of ski boots knows that if they're front-entry, they have little vent in the toe area. The vent is stoppered up with rubber.
I don't know if technology has improved or if maybe I'm just hardened to it, but I no longer have to do something that we ALL did back then: put a big piece of duct tape over the vent. On a cold day, it would keep your foot warmer. On a rainy day, it would keep water from seeping into your boot. It worked especially well on boots made by Lange.
The problem, of course, was having a big roll of duct tape around. One day, my young self turned to my dad and asked, "hey dad, wouldn't it be a good idea to run a little stand near the lodge of a ski resort that sold little 8" lengths of duct tape?" Dad just smiled and shook his head, but I really thought it would be a good idea!
If the database connection is lost, you failsafe to voter-id marked ballots, as you say.
We thought about this solution and decided it was a disaster waiting to happen. If someone wants to compromise the election, the path is laid out for them: all they have to do is take down the internet connection at the central location (or take down the individual pollsite connections) and whalla! Every ballot of marked with the voter-ID. This is a worst-case scenario, but that's how you have to think about these things.
This is not a problem currently, since only provisional ballots and absentee ballots are marked with the voter identification info right now (and in most states, those ballots aren't even counted unless the election is close enough after counting all other ballots).
... between "evoting" and "internet voting". Internet voting is probably not going to happen because of the high possibility of fraud and denial of service.
The first wave of evoting is supposed to be "remote pollsite voting", which COULD cure some voter apathy. Remote poll-site voting makes it so a voter isn't tied to his home polling station. He doesn't have to go to the high school in his town on election day. He could go to any polling station in the state, identify himself, and the system would pull up his ballot and he could vote and go back to work without taking a day off. A lot of voter apathy is caused by people saying "I have to commute an hour to work every day, but I have to vote at the high school in my town. I just can't miss another day at work... screw voting." Remote pollsite voting would let that guy vote on his lunch break.
The NSF and the Caltech/MIT study agree this is the way to go.
I believe it's impossible to maintain voter anonymity with this setup, and I outline that point in this Slashdot post.
1. whats to stop someone from voting twice? if someone votes twice, how would you know which votes to throw out of the final count?
2. receipts are hotly-contested, but the general consensus is often that they are a Bad Thing as they lead to voter coercian by 3rd parties like organized crime. ("Did you vote the way I told you to? Let me see that receipt.")
In Florida each voting place has a list of people who are registered to vote there. The list also contains a notation that the person requested and received an absentee ballot.
My original post was about how we were assigned to complete the task purpoted by the NSF and others, which is "remote poll-site voting". Remote poll-site voting is supposed to utilize the internet or cryptographic techniques to free voters of being tied to a certain poll site. So if you live in White Plains but work in Manhattan, you could still go to work on Election Day and vote a couple blocks from work.
However we have found it's impossible to accomplish without creating big privacy issues in the worst-case attacks.
You're missing the point. The task was to use electronic voting to ACHIEVE remote poll-site voting, as a way of improving upon the current system where you are tied to a home district.
The NSF, Caltech/MIT, and California papers all concluded that remote poll-site voting was possible now, but none of them offered implementation details or tackled the privacy problem I outline in my original post.
I am in a class in which our final project is to design a remote pollsite e-voting system. We read a bunch of definitive papers, including those by Caltech/MIT, the California Electronic Voting Task Force, and the National Science Foundation.
First off, every source believes that there should be a paper trail as a backup. This is good.
Second off, every source believes remote internet voting is too insecure to be feasible at this time.
Third off, my team's research shows it is impossible to have 'remote poll-site voting', in which a voter can cast his ballot at any station or kiosk in the county or state, while protecting voter anonymity and without relying on an always-up internet connection at each poll-site.. The crux of the problem is this: you can't update a voter's record in a central voter registration database (to change him to "VOTED" or something) without the polling stations being connected to that database over the internet , or phone lines, or some kind of link. So instead, you would give each polling station its own copy of the voter registration database. But that means if someone tries to vote twice (once each at two different polling stations), the only way to ensure that both votes are not counted is to associate the ballot with the voter-ID..
At this point, it becomes a matter of trusting the government. Even if the ballot that is associated with the voter-ID is encrypted, do you trust the government not to decrypt those ballots before duplicate votes have been resolved and the voter-IDs have been stripped off? Even if the voting system was open source, do you trust the government to not use a forked version that *doesn't* respect your privacy?
Another scenario is to set up secure links (internet w/ IPSec, or private phone circuits, or satellite...) from the polling stations so you *can* update the central voter database in real-time. All of a sudden, the entire voting system is subject to denial of service attacks. People would climb poles to cut wires, etc. And if your system was designed to be "failsafe", so that voters could still cast a ballot even if the link was down, you'd be back at the voter anonymity problem mentionend above: those failsafe ballots would essentially be the equivilent of modern-day "provisional ballots", in which your name and identifying information are written right on the front of the envelope.
I don't see a cryptographic solution to the problem, as such solutions seem to involve the government holding all the keys.
The professor of the class is a brilliant man, and he admitted to me that this is a fundamental problem and that he was, in fact, hoping a solution might come out of his assigning it to a bunch of students with fresh perspectives.
There's also another set of freshman dorms elsewhere on campus that have roads surrounding them, including several parking lots. But since those are private roads owned by Hopkins (instead of being a city street like 34th), there's no way a terrorist would go up there... that would be tresspassing and terrorists don't tresspass!
You can also drive straight up to most academic buildings.
The Johns Hopkins University here in Baltimore, MD views itself as a potential "soft target" for terrorists, due to its being a high-profile educational institution.
Presumably this was done to pre-emptively quell the fears of parents who might think JHU wasn't doing enough to keep their kids safe. Nevermind that the side streets allow terrorists equal access to the dorms, that the freshman dorms probably aren't high on Osama's list of Baltimore targets, and that the number of people in the world who knew Hopkins was anything but a hospital can be counted on one hand.
Otherwise a harmless gesture of stupidity, aside from the fact that 34th Street is a free parking zone with about 20 spaces. Its closing has created a major parking shortage in the entire University area. For those of us that actually have to deal with it on a daily basis, this is more than just whining- this is a true inconvenience.
Slashdot Mirror
When did 'network' become 'run over the internet'?
... eh, I don't even wanna get started on it.
Don't ask ME... you're the one that said it, not me. I don't care if the network is public or private, they're both vulnerable to DoS attacks. Denial of Service could include someone snipping the wires, kicking out a power cord, climbing a telephone pole to fuck with the copper, or messing with a satellite dish.
I swear to god, Slashdot is just chock full of
urely point 2 is what happens whereever a paper ballot is cast. Basically a check is made during official counting to make sure people have not cast their vote more than once.
You are mistaken; that is not what happens at all. You can only cast your ballot at your local polling station because that is the only place that has your registration information. Once you register to vote at the desk, they mark you as "voted" and they won't let you come back. If you went to another polling station, they wouldn't have your registration information so you can't vote. One voter, one vote.
I fully appreciate the issues of e-voting but there are compromises already made in national elections so one should take those into account before saying it can't be done.
But evoting would only add new compromises without solving any of the old ones.
Many countries, such as the UK and New Zealand, also already compromise on voter anonymity. Legislation allows election officials to trace a fraudulent vote and remove it from the count.
Those countries are not the United States. There is a longstanding assumption that the concepts of liberty underlying the US Constitution include the right to a free, anonymous electoral process. I am truly sorry that such freedom does not exist in the UK or New Zealand.
then you are trusting the distribution authority (government, probably) to destroy the association of token->voter after the tokens are distributed. This is no different than having the machines store an encrypted ballot and tie it to a token and have the tally function destroy the tokens after resolving duplicates.
Compare these trust issues with our current "only vote at your designated poll site" system. You simply can't vote twice right now, and thats the way it should stay.
Local storage on the kiosks should be encrypted with a public key, for which the corresponding private key is stored at the central server.
That may be a good method of authentication and security but it does nothing to solve the problem I outline above, which has nothing to do with security and everything to do with privacy.
The author of this paper, Dr. Rubin, taught a class at Johns Hopkins University this past spring called Security and Privacy in Computing. I was lucky enough to be in this class. The semester-long project was to design and implement a prototype electronic voting system that solved the problem of "remote poll sites". Basically, the State of Washington had commissioned Dr. Rubin to deliver a system whereby a voter could cast his vote at ANY voting station in the state, and not have to go to his specific poll site. This sounded great: you wouldn't have to lose a day of work so you could vote at the local high school... you could vote at the little kiosk near your office.
9 144
1 851
Unfortunately the idea doesn't work. The reason is that you would need every kiosk (or polling station) to be connected to some sort of network in realtime in order to retrieve ballots, cast votes, and update voter status. The problem with this is that you have now created a network that is vulerable to DoS attacks. It wouldn't matter how you structured your network for performance... the minute someone snips a wire at any given kiosk, you have two choices:
1) make that kiosk unavailable for voting
2) still accept votes at that kiosk, but cast them provisionally.
#1 is dangerous because now I could cut the wires at EVERY kiosk I could find (or packet the network, or whatever) and bring the election to a halt.
#2 is dangerous because the more kiosks I bring down, the more ballots will be cast in which the voterID (which reveals his name, etc) is tied to the ballot. Loss of voter anonymity is unacceptable in American democracy.
So what happens if you just leave all the kiosks offline and give them all a copy of the master voter registration db? Now you've opened yourself up to voter fraud: you could go from kiosk to kiosk, casting multiple ballots as yourself. If you stuck with voter anonymity, and each of those ballots were cast anonymously, how would the final tallying system know that you cast duplicate ballots? How would it know which to throw out?
I'm told Dr. Rubin's grant from the State of Washington was eventually rescinded, I suspect because there's no good way to solve this problem, as well as a few others which I will not go into detail about here.
I have described this problem in the following other Slashdot posts:
http://slashdot.org/comments.pl?sid=61340&cid=576
http://slashdot.org/comments.pl?sid=61875&cid=580
Try actually researching the subject and you'll realize there are terrible privacy concerns with the very idea of electronic voting.
he technology is coming where they just run a vacuum all around a crime scene and the computer will match up everyone who shed a skin flake there.
You basically just described the opening scene from The Unreconstructed M, by Philip K. Dick.
Maybe if you had balls, you'd be king, too.
Nah, I liked the way I said it better.
If companies would be less greedy and not charge as much for services maybe people would want to buy things instead of stealing them
Yeah well if the Queen had balls, she'd be king. Companies are out to make money -- it's what they do. You think DTV was started for the common good of mankind?
I agree completely. I went to ski academy (SMS in Vermont) and raced for 6 years. On straight skis, much of your energy is spent pressurizing the downhill ski to perform the carved turn. On parabolics, you just don't have to work as hard to carve a turn.
The downside is that race courses have changed too. GS and SG courses are now turnier and tighter. And because parabolics let you carve a turn even while your body does all the wrong things, my guess is that young racers find themselves crashing on fallaway turns as they lean into the hill (on a straight ski, leaning into the hill would mean your ski won't turn; on parabolics you can turn anyways).
When I was younger (ages 9 thru 15), I was a ski racer. Now, anyone who's owned a pair of ski boots knows that if they're front-entry, they have little vent in the toe area. The vent is stoppered up with rubber.
I don't know if technology has improved or if maybe I'm just hardened to it, but I no longer have to do something that we ALL did back then: put a big piece of duct tape over the vent. On a cold day, it would keep your foot warmer. On a rainy day, it would keep water from seeping into your boot. It worked especially well on boots made by Lange.
The problem, of course, was having a big roll of duct tape around. One day, my young self turned to my dad and asked, "hey dad, wouldn't it be a good idea to run a little stand near the lodge of a ski resort that sold little 8" lengths of duct tape?" Dad just smiled and shook his head, but I really thought it would be a good idea!
If the database connection is lost, you failsafe to voter-id marked ballots, as you say.
We thought about this solution and decided it was a disaster waiting to happen. If someone wants to compromise the election, the path is laid out for them: all they have to do is take down the internet connection at the central location (or take down the individual pollsite connections) and whalla! Every ballot of marked with the voter-ID. This is a worst-case scenario, but that's how you have to think about these things.
This is not a problem currently, since only provisional ballots and absentee ballots are marked with the voter identification info right now (and in most states, those ballots aren't even counted unless the election is close enough after counting all other ballots).
... between "evoting" and "internet voting". Internet voting is probably not going to happen because of the high possibility of fraud and denial of service.
The first wave of evoting is supposed to be "remote pollsite voting", which COULD cure some voter apathy. Remote poll-site voting makes it so a voter isn't tied to his home polling station. He doesn't have to go to the high school in his town on election day. He could go to any polling station in the state, identify himself, and the system would pull up his ballot and he could vote and go back to work without taking a day off. A lot of voter apathy is caused by people saying "I have to commute an hour to work every day, but I have to vote at the high school in my town. I just can't miss another day at work... screw voting." Remote pollsite voting would let that guy vote on his lunch break.
The NSF and the Caltech/MIT study agree this is the way to go.
I believe it's impossible to maintain voter anonymity with this setup, and I outline that point in this Slashdot post.
Would that include LAW FIRMS ?
two problems with that:
1. whats to stop someone from voting twice? if someone votes twice, how would you know which votes to throw out of the final count?
2. receipts are hotly-contested, but the general consensus is often that they are a Bad Thing as they lead to voter coercian by 3rd parties like organized crime. ("Did you vote the way I told you to? Let me see that receipt.")
In Florida each voting place has a list of people who are registered to vote there. The list also contains a notation that the person requested and received an absentee ballot.
My original post was about how we were assigned to complete the task purpoted by the NSF and others, which is "remote poll-site voting". Remote poll-site voting is supposed to utilize the internet or cryptographic techniques to free voters of being tied to a certain poll site. So if you live in White Plains but work in Manhattan, you could still go to work on Election Day and vote a couple blocks from work.
However we have found it's impossible to accomplish without creating big privacy issues in the worst-case attacks.
You're missing the point. The task was to use electronic voting to ACHIEVE remote poll-site voting, as a way of improving upon the current system where you are tied to a home district.
The NSF, Caltech/MIT, and California papers all concluded that remote poll-site voting was possible now, but none of them offered implementation details or tackled the privacy problem I outline in my original post.
I am in a class in which our final project is to design a remote pollsite e-voting system. We read a bunch of definitive papers, including those by Caltech/MIT, the California Electronic Voting Task Force, and the National Science Foundation.
First off, every source believes that there should be a paper trail as a backup. This is good.
Second off, every source believes remote internet voting is too insecure to be feasible at this time.
Third off, my team's research shows it is impossible to have 'remote poll-site voting', in which a voter can cast his ballot at any station or kiosk in the county or state, while protecting voter anonymity and without relying on an always-up internet connection at each poll-site.. The crux of the problem is this: you can't update a voter's record in a central voter registration database (to change him to "VOTED" or something) without the polling stations being connected to that database over the internet , or phone lines, or some kind of link. So instead, you would give each polling station its own copy of the voter registration database. But that means if someone tries to vote twice (once each at two different polling stations), the only way to ensure that both votes are not counted is to associate the ballot with the voter-ID..
At this point, it becomes a matter of trusting the government. Even if the ballot that is associated with the voter-ID is encrypted, do you trust the government not to decrypt those ballots before duplicate votes have been resolved and the voter-IDs have been stripped off? Even if the voting system was open source, do you trust the government to not use a forked version that *doesn't* respect your privacy?
Another scenario is to set up secure links (internet w/ IPSec, or private phone circuits, or satellite...) from the polling stations so you *can* update the central voter database in real-time. All of a sudden, the entire voting system is subject to denial of service attacks. People would climb poles to cut wires, etc. And if your system was designed to be "failsafe", so that voters could still cast a ballot even if the link was down, you'd be back at the voter anonymity problem mentionend above: those failsafe ballots would essentially be the equivilent of modern-day "provisional ballots", in which your name and identifying information are written right on the front of the envelope.
I don't see a cryptographic solution to the problem, as such solutions seem to involve the government holding all the keys.
The professor of the class is a brilliant man, and he admitted to me that this is a fundamental problem and that he was, in fact, hoping a solution might come out of his assigning it to a bunch of students with fresh perspectives.
There's also another set of freshman dorms elsewhere on campus that have roads surrounding them, including several parking lots. But since those are private roads owned by Hopkins (instead of being a city street like 34th), there's no way a terrorist would go up there... that would be tresspassing and terrorists don't tresspass!
You can also drive straight up to most academic buildings.
The Johns Hopkins University here in Baltimore, MD views itself as a potential "soft target" for terrorists, due to its being a high-profile educational institution.
Since February, Hopkins has had a van parked in front of 34th street to keep terrorists from blowing up the freshman dorms with a car bomb.
Presumably this was done to pre-emptively quell the fears of parents who might think JHU wasn't doing enough to keep their kids safe. Nevermind that the side streets allow terrorists equal access to the dorms, that the freshman dorms probably aren't high on Osama's list of Baltimore targets, and that the number of people in the world who knew Hopkins was anything but a hospital can be counted on one hand.
Otherwise a harmless gesture of stupidity, aside from the fact that 34th Street is a free parking zone with about 20 spaces. Its closing has created a major parking shortage in the entire University area. For those of us that actually have to deal with it on a daily basis, this is more than just whining- this is a true inconvenience.
Stupid.
that link is unusable since it includes the information from your session. it returns a "your session has timed out" error.
Interestingly enough, Douglas N. Adams (DNA) of Hitchhikers' Guide fame, was also born in 1952 (March, not April).
Library of Congress guy: "We will now hear from the community delegate from the Slashdot.org website..."
sl4sHd0TT3r: In Soviet Russia, the MILLENIUM copyrights YOU!
LoC guy: ?
sh4sHd0TT3r: goatse.cx!
LoC guy: ~whimper~
sh4sHd0TT3r: IANAL, but the DMCA's bad mmkay?
Seriously, some people here have very poor reading comprehension.
As I already admitted, I didn't read the article at all. Doesn't quite fall under "reading comprehension" if you ask me.
This particular Winegard model is pretty low-profile... just 15" high. Not sure how high the ones in this story are; I'm too busy/lazy to check :)