Oh man, that's fucked up! You ruined it... Now I'll have to wait until version 5 comes out to make that lame joke again. I don't mean any disrespect, I just don't like people barking orders at me.;)
Fire Fox Four, sounds like a cheesy name for a new Charlies-Angels-kinda-group... But seriously, the new browser looks good with some nice new technologies for web developers and hopefully some better speed for the users... For other waiting: we can expect the beta in June, and the RC in October with a release within a month, so FFF should land this fall.
You know exactly what this is about. Have you also seen the comments that 'revenue is not profit', such a negative Wall street attitude. The first thing I thought was: 'wow, so consumers now spend millions on open source hardware', it just means the market is there and is growing so it's a great thing... Figuring out how to make a good profit is well understood business practice and easily achievable if there is a demand so it's hardly the most interesting question...
Thanks for the link to the article I will read up on the subject.
I understand from my programmer perspective that there is no way any computer can ever be trusted fully (it could have been tampered with), so I understand where the idea comes from that this design is flawed... But not the whole problem needs to be provable in software... You have to make *some* assumption, for starters that the software of the device has not been tampered with... I'm fairly sure they can put the software on a CD and let a committee of computer scientists verify the content of the disc prior to installing it into the system so it's also a matter of proper procedure and trust in the elections committee.
Your argument against verifiability can be mitigated by publishing the full list of codes and votes, you can validate you vote if you kept the code... Only problem is any time you can check your vote someone can force you to prove you voted 'right', so it's a bit of a conflict there...
Interesting post, but you misunderstood me. I am looking for the possibility of an interesting technical solution, but the only response I get is that it's not possible for several reasons, most of which human factors. I focus on problems with the current sytem to illustrate the fact that both paper voting and e-voting have problems. Please understand I have faith in the current system of voting but understand the margin for error is present in every system, and instead of an absolutist discussion of 'why something will never work' I am more interested in what it would take to make it work within an acceptable margin of error.
The only personal motivation I have is an interest in the technical ramifications (as well as maybe the prospect of being able to vote without making time). I am fairly convinced that in 50 years people will look back at papervoting as combersome and fraud-sensitive... it might even be half that time if people stop ranting it's ridiculous for even suggesting it, but yeah you know how that'll turn out.
Please try not to be astounded to much... it's bad or your health...;)
You are right, there is a very clear distinction... and you illustrated it elegantly with your post.
But it leaves me wondering about a definition of a democratic culture. Even true democracies often have 'legitemate' means to keep the ruling party in charge (like how the voting works in the UK, the disadvantage lies at the smaller opposition parties, this election this gave both the large parties over 10% of total extra seats, no polling booth fraud could easily achieve this level of result). It makes me wonder what is more/less democratic, the people who allow thugs to undermine democracy, or the people who allow their politicians to make/defend existing laws which undermine democracy.
If any serious attempt is ever made *all* the issues raised should be taken seriously and addressed, so any problem thigh might arise should not go ignored. But I get the feeling that for a techie-site there is a strangely high amount of no-can-do people here... You just assume it's not possible no matter what you do.
I claim it is possible, and any issue can be addressed. No solution will ever be perfect, but if it works good enough that you can verify that the will of the people has been represented with 99% accuracy it's a success in my book.
I know that any system can also be foiled if people are in a position to do so. It's not magic, but it can be a whole of a lot more open, cheaper, secure and fraud-resistant.
And come on, even fucking soda brands can print unique codes inside bottlecaps which can be used anonymously online to win or buy shit. And lotteries work too... if any system with unique anonymous codes would be so breakable why is it in widespread use without widespread fraud?
Rather obvious yeah, so because it's not obvious to you immediately it does not happen in western countries? Look at the following list of the many means of fraud and tell me they are not used in so called 'true democracies': http://en.wikipedia.org/wiki/Election_fraud
And here are some examples to the contrary:
Netherlands - last election there were people instructing others how to vote in the booth (which was strangely allowed by officials present) and they counted over 100 mystery extra votes (this was in a district where is was a very close call so this could make a difference), no action was taken.
United Kingdom - last election hundreds of people were denied right to vote at the polling booths (more people turned up than planned so they just told them to walk away), no action was taken.
United States - several elections with blatant fraud: 'numerous statistical analysis showed discrepancy in the number of votes Bush received"', no action was taken (in fact Bush was allowed to rule unquestioned twice).
Information about the free Chlamydia test can be found here: https://www.chlamydiatest.nl/. The problem is it's the first time they do this and only works by invite now... If you live in Amsterdam, Rotterdam or Limburg and are between 16-29 you will be invited to participate. I do not know when other regions and ages will be able to participate...
Self tests are also available at some pharmacies, but please note the following warning: http://www.gezond.amsterdam.nl/Infectieziekten--hygine/SOA--HIV/Zelftesten
We currently have a flawed system which relies on perfect cooperation of thousands of individuals each one of which can influence the voting process without us knowing it. This has lead to voting fraud not only in third world countries with 'broken election laws' but in all western nations (at least on some local level). The advantage of this system is fraud on a large scale requires the involvement of hundreds of people (but in no way is it made impossible).
Now examine the new system which relies on technology. There is a single point of failure, and if that fails you should to be able to detect it. Massive fraud can never occur without detection. The voting is divided over millions of locations instead of hundreds, increasing the points where people could theoretically be coerced by a factor of 5 to the point that you would need a conspirator for each person in the country to influence them... And face it, a guy who would be coerced by his wife at home would also vote 'her' party in the polling booth, don't act like shit does not happen.
You say 99,9% of the people won't know if they can trust the system, but you need to trust some people's intention to honestly host a democratic election. However you look at it you need to trust someone, and I think trusting a system that works with a central authority that can be checked for fraud before, during and after elections is easier to trust than an organisation where practically anyone can register to sit at the ballot booth and influence the voters...
You made an interestion observation of the technical goal in your response: 'provable anonymity with provable integrity and verifiability of the results'. This is tough, but I say at least anonymity and verifiability can be realized. You claim this solution is not yet here, but I'm pretty sure a system can be hooked to the web for a single simple task without exposing vulnerabilities if you filter all incoming data strictly. You now have a technical solution for the problem, but you still need to trust the people that organize the election, this is a basic premisse for any election. The third part you mentioned, the integrity of the system, is dependent on the people that organize the election. Of course scientists can conceive a solution to this problem that just works great, but if all the people that organize the election decide the outcome up front no solution will ever help this... But it can make it harder for them to get away with it... If you have perfect verifiability you can guarantee the integrity.
P.S. you wrote: 'can the online server write to the disk or not? If it can, then it can mess with all its content, that's all'... This is overly simplistic. If you create a standalone machine with a single task of collecting incoming votes and each incoming vote can consist only of the X character long code followed by a Y character long candidate code so only valid votes are sent. The system then looks up the code and records the vote with it, but won't allow you to vote again. This can even be enforced physically with WORM: http://en.wikipedia.org/wiki/Write_Once_Read_Many
Informative post! But shouldn't the number of EVM's be either 1 million or 100 million? The site mentions 10.25 lahk = 10.25 * 100000, but I'm afraid the dot is a bit ambiguous here... Or is the dot a decimal sign in both this number and yours (in which case I see you're perfectly correct)? I hate those fucking digit group separators, they always confuse international exchange of information.
What stops people from selling their vote and going to the polling booth to vote? And how do you think it's a good idea to just have a few points where people go to vote, it makes it *very* easy for people to disrupt, influence or plainly destroy votes there. Someone in this thread already pointed out practices like this: http://en.wikipedia.org/wiki/Booth_capturing. To my knowledge polling stations are responsible for all irregularities with voting up until now and most of these irregularities can be prevented with proper implemented transparent e-voting. There are only a few issues that remain, but these are issues that also affect polling stations so I discard your objections because you can equally state that:
As long as you allow voting only at designated polling stations, you can exclude neither voting under duress nor vote selling. I think this latter statement applies even more, but that might be because all of the fraud and irregularities up till now have happened in this fashion.
People seem to associate unique with traceability, but this is not necessarily the case... There are plenty of techniques to create a one-time code that isn't linked to you personally and can't be traced back (aside from ISPs timing site queries and comparing to vote cast times, but even scenario's like that can be prevented as long as you account for it). You have made a valid point so this should be accounted for, as any possible problem with the system. But you can't honestly tell me you're so paranoid about this that you now vote with gloves on because they might trace the fingerprints on the ballot?
Perhaps you could even publish a list of all the one time keys and the associated votes, this way you can double check your vote was counted while remaining anonymous. Only problem there is the unique key needs to be disposed for you to remain anonymous... but I guess you could instruct people to do so after casting their vote (if they wish to remain anonymous). But then you could also use this system the other way around, you could keep the unique key in a safe to prove later on that you did not vote for the 'wrong' guy. If you are ever accused of voting for a nazi party you can disprove it with hard evidence. You have to remember that people are paranoid about different things, for some it is terrible if people find out what they voted, for others it would be terrible to be accused of having voted bad... I say fuck both these paranoid attitudes since in a perfect world you could say what you vote and it would not matter, but people should always be able to remain anonymous to safeguard democratic principles... but anonymity could also be a personal choice.
It's a good solution, that's exactly why you should always be able to vote in a booth... But do you really think there aren't millions of voters that vote what someone told them to vote already? I think when people can vote where they want they can specifically avoid pressure from shady individuals. A re-vote is an interesting solution since it could both be used to increase and decrease security, I wonder how it worked out for the Estonians (they had a couple hundres re-votes, but why?).
With great power comes great responsibility, and with great responsibility comes great punishment if you (willingly) fuck up.
This is as it should be, the problem is today most politicians just use their power for their own gains, do not accept any responsibility, and sure as hell are never punished... I do not advocate punishing politicians for mistakes otherwise you would never become a politician anymore, but I would like to see strict rules regarding corruption and that anyone ever caught betraying the people's trust and can never be trusted with any kind of power again... In my opinion this could even extend to the corporate world, since corrupt politicians seem to be able to find a spot in power there as soon as they exit politics (probably part of the payoff of being corrupt).
You promote the death penalty in a situation where it is even more despicable then usual, especially since anyone can see the clear option to cheat by getting your opponent eliminated. Each election has some irregularities (and I assume most are not sanctioned by the candidates themselves) so it would be far too easy to cheat for the other guy while collecting 'evidence'.
Please understand that I think the undermining of the democratic process is a crime which should carry a special sentence, but more along the lines that you can't run for office for X years (like any felon I believe). But the problem is always the same: the cheater won and is now in charge.
I think the only way to guarantee a cheater free process is by completely making every step of the process transparent. Coincidentally it's the technology currently used to cheat that can be put to use to prevent it. The only problem is there is always one or more black-box-systems between the voter and the results, so there is no way to guarantee it unless we remove every black-box step. Here is my solution to make the process as open as possible:
- Generate a unique key per voter and store on a single offline drive.
- Print voter registration cards with each key used once (we know every voter can vote exactly once).
- Generate a strong encryption certificate that is only valid around election day for HTTPS use.
- Voters can choose to vote at home (but they need a separate online ID) or at a registered voting location (and show their ID), but the process is the same.
- To vote at home you can use the supplied voting live-CD or use your own (it's recommended instead of your default OS), or use the kiosks supplied at voting locations.
- The voting consists of going to the voting website, verifying the origin of the site and after that select a candidate and enter the key to store the vote.
- These votes are stored on the same 'offline' drive that is currently online only with a serial cable connected to the webserver.
- The drive containing the votes as well as the server(s) that serves the website are on public display and the code is all opened to public scrutiny.
- The server should be behind a firewall that specifically looks for any and all attacks (it should be fairly easy if you tightly define only the packets that may get trough), if there is any reason to doubt the results because of a possible breach we will know.
- The results as well as the timeline of the votes is made public from the start, when the voting closes the results are known *immediately*.
Before talking about how insecure the web is please note that this problem is known and well understood, so we have know what to harden the system against attacks... The current voting solutions are much worse in my opinion since there are attack vectors too, but we do not know how many and how bad, and even worse: we have no idea how often these are already exploited. But we do know for a fact that paper elections have been rigged (despite the rules), electronic voting machines have been tampered with and even something as simple as denying people the right to vote (sending people away who stand in line for hours). These non-tech exploits are used regularly and should not be forgotten... I'd say a web-voting is the lesser of two possible evils. Especially since the technical requirements of such a system are known. If fucking soda companies can print unique codes on the inside of the bottles and phone operators use codes for prepaid cards i'd say we should be able to make it work for something important.
I posit that for every argument against such a system slashdot's finest geeks will come up with a solution...
We already have home tests here in the Netherlands. I work in the building above the STD testing facilities in Amsterdam, and every day there is a line of people wanting to get checked... not only because they think they've got something, but people are starting to get checked regularly, it isn't taboo here anymore. But especially to increase the test rate of younger people you can get a test kit at home now. I also received the letter for the Chlamydia check recently, when you answer they send you a test kit so you don't have to come stand in line at the clinic.
I know for a fact that a test that is anonymous, works easy and checks for all STDs would become very popular fast, especially because the government would probably hand them out to all high risk groups...
That's just another great example to vote Pirate Party... I actually put down my autograph for the Pirate Party in the Netherlands last week, we now have enough people that support us so we will participate in our country's next elections on the 9th of June. This is happening globally as you can see on the nice map here: http://en.wikipedia.org/wiki/Pirate_Parties_International
Wow... foretold by St. Paul himself! He was after all known for his prophetic vision of 'later times'... Funny how especially Paul's revelations are quoted ad-infinitum that the 'end is near' because of X which remotely resembles a symbolic verse Y, while a passage like this which is a quite literal instruction and can't be explained a million and one way is overlooked.
History shows it often to be the case, like England breaking with The Church, and the later conflict in northern Ireland was political... religion was used as a political tool there by some groups to force a hard line split where there otherwise would be a huge political middle ground. When religion starts getting involved any conflict usually becomes much more absolutist.
Slashdot Mirror
Oh man, that's fucked up! You ruined it... Now I'll have to wait until version 5 comes out to make that lame joke again. ;)
I don't mean any disrespect, I just don't like people barking orders at me.
Fire Fox Four, sounds like a cheesy name for a new Charlies-Angels-kinda-group... But seriously, the new browser looks good with some nice new technologies for web developers and hopefully some better speed for the users... For other waiting: we can expect the beta in June, and the RC in October with a release within a month, so FFF should land this fall.
You know exactly what this is about. Have you also seen the comments that 'revenue is not profit', such a negative Wall street attitude. The first thing I thought was: 'wow, so consumers now spend millions on open source hardware', it just means the market is there and is growing so it's a great thing... Figuring out how to make a good profit is well understood business practice and easily achievable if there is a demand so it's hardly the most interesting question...
Cheers for the democratization of technology!
Thanks for the link to the article I will read up on the subject.
I understand from my programmer perspective that there is no way any computer can ever be trusted fully (it could have been tampered with), so I understand where the idea comes from that this design is flawed... But not the whole problem needs to be provable in software... You have to make *some* assumption, for starters that the software of the device has not been tampered with... I'm fairly sure they can put the software on a CD and let a committee of computer scientists verify the content of the disc prior to installing it into the system so it's also a matter of proper procedure and trust in the elections committee.
Your argument against verifiability can be mitigated by publishing the full list of codes and votes, you can validate you vote if you kept the code... Only problem is any time you can check your vote someone can force you to prove you voted 'right', so it's a bit of a conflict there...
Interesting post, but you misunderstood me. I am looking for the possibility of an interesting technical solution, but the only response I get is that it's not possible for several reasons, most of which human factors. I focus on problems with the current sytem to illustrate the fact that both paper voting and e-voting have problems. Please understand I have faith in the current system of voting but understand the margin for error is present in every system, and instead of an absolutist discussion of 'why something will never work' I am more interested in what it would take to make it work within an acceptable margin of error.
;)
The only personal motivation I have is an interest in the technical ramifications (as well as maybe the prospect of being able to vote without making time). I am fairly convinced that in 50 years people will look back at papervoting as combersome and fraud-sensitive... it might even be half that time if people stop ranting it's ridiculous for even suggesting it, but yeah you know how that'll turn out.
Please try not to be astounded to much... it's bad or your health...
You are right, there is a very clear distinction... and you illustrated it elegantly with your post.
But it leaves me wondering about a definition of a democratic culture. Even true democracies often have 'legitemate' means to keep the ruling party in charge (like how the voting works in the UK, the disadvantage lies at the smaller opposition parties, this election this gave both the large parties over 10% of total extra seats, no polling booth fraud could easily achieve this level of result). It makes me wonder what is more/less democratic, the people who allow thugs to undermine democracy, or the people who allow their politicians to make/defend existing laws which undermine democracy.
Thanks again for this interesting discussion.
If any serious attempt is ever made *all* the issues raised should be taken seriously and addressed, so any problem thigh might arise should not go ignored. But I get the feeling that for a techie-site there is a strangely high amount of no-can-do people here... You just assume it's not possible no matter what you do.
I claim it is possible, and any issue can be addressed. No solution will ever be perfect, but if it works good enough that you can verify that the will of the people has been represented with 99% accuracy it's a success in my book.
I know that any system can also be foiled if people are in a position to do so. It's not magic, but it can be a whole of a lot more open, cheaper, secure and fraud-resistant.
And come on, even fucking soda brands can print unique codes inside bottlecaps which can be used anonymously online to win or buy shit. And lotteries work too... if any system with unique anonymous codes would be so breakable why is it in widespread use without widespread fraud?
Rather obvious yeah, so because it's not obvious to you immediately it does not happen in western countries? Look at the following list of the many means of fraud and tell me they are not used in so called 'true democracies': http://en.wikipedia.org/wiki/Election_fraud
And here are some examples to the contrary:
Netherlands - last election there were people instructing others how to vote in the booth (which was strangely allowed by officials present) and they counted over 100 mystery extra votes (this was in a district where is was a very close call so this could make a difference), no action was taken.
United Kingdom - last election hundreds of people were denied right to vote at the polling booths (more people turned up than planned so they just told them to walk away), no action was taken.
United States - several elections with blatant fraud: 'numerous statistical analysis showed discrepancy in the number of votes Bush received"', no action was taken (in fact Bush was allowed to rule unquestioned twice).
Information about the free Chlamydia test can be found here: https://www.chlamydiatest.nl/. The problem is it's the first time they do this and only works by invite now... If you live in Amsterdam, Rotterdam or Limburg and are between 16-29 you will be invited to participate. I do not know when other regions and ages will be able to participate...
Self tests are also available at some pharmacies, but please note the following warning: http://www.gezond.amsterdam.nl/Infectieziekten--hygine/SOA--HIV/Zelftesten
We currently have a flawed system which relies on perfect cooperation of thousands of individuals each one of which can influence the voting process without us knowing it. This has lead to voting fraud not only in third world countries with 'broken election laws' but in all western nations (at least on some local level). The advantage of this system is fraud on a large scale requires the involvement of hundreds of people (but in no way is it made impossible).
Now examine the new system which relies on technology. There is a single point of failure, and if that fails you should to be able to detect it. Massive fraud can never occur without detection. The voting is divided over millions of locations instead of hundreds, increasing the points where people could theoretically be coerced by a factor of 5 to the point that you would need a conspirator for each person in the country to influence them... And face it, a guy who would be coerced by his wife at home would also vote 'her' party in the polling booth, don't act like shit does not happen.
You say 99,9% of the people won't know if they can trust the system, but you need to trust some people's intention to honestly host a democratic election. However you look at it you need to trust someone, and I think trusting a system that works with a central authority that can be checked for fraud before, during and after elections is easier to trust than an organisation where practically anyone can register to sit at the ballot booth and influence the voters...
You made an interestion observation of the technical goal in your response: 'provable anonymity with provable integrity and verifiability of the results'. This is tough, but I say at least anonymity and verifiability can be realized. You claim this solution is not yet here, but I'm pretty sure a system can be hooked to the web for a single simple task without exposing vulnerabilities if you filter all incoming data strictly. You now have a technical solution for the problem, but you still need to trust the people that organize the election, this is a basic premisse for any election. The third part you mentioned, the integrity of the system, is dependent on the people that organize the election. Of course scientists can conceive a solution to this problem that just works great, but if all the people that organize the election decide the outcome up front no solution will ever help this... But it can make it harder for them to get away with it... If you have perfect verifiability you can guarantee the integrity.
P.S. you wrote: 'can the online server write to the disk or not? If it can, then it can mess with all its content, that's all'... This is overly simplistic. If you create a standalone machine with a single task of collecting incoming votes and each incoming vote can consist only of the X character long code followed by a Y character long candidate code so only valid votes are sent. The system then looks up the code and records the vote with it, but won't allow you to vote again. This can even be enforced physically with WORM: http://en.wikipedia.org/wiki/Write_Once_Read_Many
Informative post! But shouldn't the number of EVM's be either 1 million or 100 million? The site mentions 10.25 lahk = 10.25 * 100000, but I'm afraid the dot is a bit ambiguous here... Or is the dot a decimal sign in both this number and yours (in which case I see you're perfectly correct)? I hate those fucking digit group separators, they always confuse international exchange of information.
One word you missed: live-CD
What stops people from selling their vote and going to the polling booth to vote? And how do you think it's a good idea to just have a few points where people go to vote, it makes it *very* easy for people to disrupt, influence or plainly destroy votes there. Someone in this thread already pointed out practices like this: http://en.wikipedia.org/wiki/Booth_capturing. To my knowledge polling stations are responsible for all irregularities with voting up until now and most of these irregularities can be prevented with proper implemented transparent e-voting. There are only a few issues that remain, but these are issues that also affect polling stations so I discard your objections because you can equally state that:
As long as you allow voting only at designated polling stations, you can exclude neither voting under duress nor vote selling.
I think this latter statement applies even more, but that might be because all of the fraud and irregularities up till now have happened in this fashion.
People seem to associate unique with traceability, but this is not necessarily the case... There are plenty of techniques to create a one-time code that isn't linked to you personally and can't be traced back (aside from ISPs timing site queries and comparing to vote cast times, but even scenario's like that can be prevented as long as you account for it). You have made a valid point so this should be accounted for, as any possible problem with the system. But you can't honestly tell me you're so paranoid about this that you now vote with gloves on because they might trace the fingerprints on the ballot?
Perhaps you could even publish a list of all the one time keys and the associated votes, this way you can double check your vote was counted while remaining anonymous. Only problem there is the unique key needs to be disposed for you to remain anonymous... but I guess you could instruct people to do so after casting their vote (if they wish to remain anonymous). But then you could also use this system the other way around, you could keep the unique key in a safe to prove later on that you did not vote for the 'wrong' guy. If you are ever accused of voting for a nazi party you can disprove it with hard evidence. You have to remember that people are paranoid about different things, for some it is terrible if people find out what they voted, for others it would be terrible to be accused of having voted bad... I say fuck both these paranoid attitudes since in a perfect world you could say what you vote and it would not matter, but people should always be able to remain anonymous to safeguard democratic principles... but anonymity could also be a personal choice.
It's a good solution, that's exactly why you should always be able to vote in a booth... But do you really think there aren't millions of voters that vote what someone told them to vote already? I think when people can vote where they want they can specifically avoid pressure from shady individuals. A re-vote is an interesting solution since it could both be used to increase and decrease security, I wonder how it worked out for the Estonians (they had a couple hundres re-votes, but why?).
Hear, hear.
Booth capturing? Do you mean Lincoln could have been re-elected if they just captured Booth by hitting him on the head with a wrench? http://en.wikipedia.org/wiki/John_Wilkes_Booth
With great power comes great responsibility, and with great responsibility comes great punishment if you (willingly) fuck up.
This is as it should be, the problem is today most politicians just use their power for their own gains, do not accept any responsibility, and sure as hell are never punished... I do not advocate punishing politicians for mistakes otherwise you would never become a politician anymore, but I would like to see strict rules regarding corruption and that anyone ever caught betraying the people's trust and can never be trusted with any kind of power again... In my opinion this could even extend to the corporate world, since corrupt politicians seem to be able to find a spot in power there as soon as they exit politics (probably part of the payoff of being corrupt).
You promote the death penalty in a situation where it is even more despicable then usual, especially since anyone can see the clear option to cheat by getting your opponent eliminated. Each election has some irregularities (and I assume most are not sanctioned by the candidates themselves) so it would be far too easy to cheat for the other guy while collecting 'evidence'.
Please understand that I think the undermining of the democratic process is a crime which should carry a special sentence, but more along the lines that you can't run for office for X years (like any felon I believe). But the problem is always the same: the cheater won and is now in charge.
I think the only way to guarantee a cheater free process is by completely making every step of the process transparent. Coincidentally it's the technology currently used to cheat that can be put to use to prevent it. The only problem is there is always one or more black-box-systems between the voter and the results, so there is no way to guarantee it unless we remove every black-box step. Here is my solution to make the process as open as possible:
- Generate a unique key per voter and store on a single offline drive.
- Print voter registration cards with each key used once (we know every voter can vote exactly once).
- Generate a strong encryption certificate that is only valid around election day for HTTPS use.
- Voters can choose to vote at home (but they need a separate online ID) or at a registered voting location (and show their ID), but the process is the same.
- To vote at home you can use the supplied voting live-CD or use your own (it's recommended instead of your default OS), or use the kiosks supplied at voting locations.
- The voting consists of going to the voting website, verifying the origin of the site and after that select a candidate and enter the key to store the vote.
- These votes are stored on the same 'offline' drive that is currently online only with a serial cable connected to the webserver.
- The drive containing the votes as well as the server(s) that serves the website are on public display and the code is all opened to public scrutiny.
- The server should be behind a firewall that specifically looks for any and all attacks (it should be fairly easy if you tightly define only the packets that may get trough), if there is any reason to doubt the results because of a possible breach we will know.
- The results as well as the timeline of the votes is made public from the start, when the voting closes the results are known *immediately*.
Before talking about how insecure the web is please note that this problem is known and well understood, so we have know what to harden the system against attacks... The current voting solutions are much worse in my opinion since there are attack vectors too, but we do not know how many and how bad, and even worse: we have no idea how often these are already exploited. But we do know for a fact that paper elections have been rigged (despite the rules), electronic voting machines have been tampered with and even something as simple as denying people the right to vote (sending people away who stand in line for hours). These non-tech exploits are used regularly and should not be forgotten... I'd say a web-voting is the lesser of two possible evils. Especially since the technical requirements of such a system are known. If fucking soda companies can print unique codes on the inside of the bottles and phone operators use codes for prepaid cards i'd say we should be able to make it work for something important.
I posit that for every argument against such a system slashdot's finest geeks will come up with a solution...
We already have home tests here in the Netherlands. I work in the building above the STD testing facilities in Amsterdam, and every day there is a line of people wanting to get checked... not only because they think they've got something, but people are starting to get checked regularly, it isn't taboo here anymore. But especially to increase the test rate of younger people you can get a test kit at home now. I also received the letter for the Chlamydia check recently, when you answer they send you a test kit so you don't have to come stand in line at the clinic.
I know for a fact that a test that is anonymous, works easy and checks for all STDs would become very popular fast, especially because the government would probably hand them out to all high risk groups...
It's not about 'wanting' or not... i'm afraid your statement is superseded by rule 34.
Yeah, but I wanna bet it will take them years of skill grinding to even get to level 1...
That's just another great example to vote Pirate Party... I actually put down my autograph for the Pirate Party in the Netherlands last week, we now have enough people that support us so we will participate in our country's next elections on the 9th of June. This is happening globally as you can see on the nice map here: http://en.wikipedia.org/wiki/Pirate_Parties_International
Wow... foretold by St. Paul himself! He was after all known for his prophetic vision of 'later times'... Funny how especially Paul's revelations are quoted ad-infinitum that the 'end is near' because of X which remotely resembles a symbolic verse Y, while a passage like this which is a quite literal instruction and can't be explained a million and one way is overlooked.
History shows it often to be the case, like England breaking with The Church, and the later conflict in northern Ireland was political... religion was used as a political tool there by some groups to force a hard line split where there otherwise would be a huge political middle ground. When religion starts getting involved any conflict usually becomes much more absolutist.