Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

E-Voting Reform In an Out Year?

timothy posted more than 3 years ago | from the your-session-has-expired-please-log-in dept.

Open Source 218

An anonymous reader writes "Most of us know the many problems with electronic voting systems. They are closed source and hackable, some have a default candidate checked, and many are unauditable (doing a recount is equivalent to hitting a browser's refresh button). But these issues only come to our attention around election time. Now is the time to think about open source voting, end-to-end auditable voting systems and open source governance. Not in November of 2012, when it will, once again, be far, far too late to do anything about it." It'll be interesting to see what e-voting oddities start cropping up in the current election cycle; Republican straw polls have already started, and the primaries kick off this winter.

cancel ×

218 comments

Sorry! There are no comments related to the filter you selected.

Yeah, well... (1)

jra (5600) | more than 3 years ago | (#36562646)

Those of us who know and care -- and I don't mean me, I mean people like Dr Rebecca Mercuri, whose postgrad work has been right on this point -- have been trying to get that to happen since, oh, at least 1996 or so.

You can see the (total lack of) results, right?

Re:Yeah, well... (3, Insightful)

Anonymous Coward | more than 3 years ago | (#36562674)

The problem is that the list of people with the power to do something about it is almost identical to the list of people who benefit from it being corrupt and unauditable.

Fortunately they are easy to identify, (1)

Shivetya (243324) | more than 3 years ago | (#36563638)

on the ballot they tend to have a (D) or (R) next to their name.

I won't trust voting till...

1) There is an audit trail

2) The code is up for inspection

3) You are required to show ID to vote

Re:Fortunately they are easy to identify, (0)

Anonymous Coward | more than 3 years ago | (#36563692)

The ID requirement will never, ever happen. For some reason people treat it like a Jim Crow literacy test or poll tax.

Re:Fortunately they are easy to identify, (1)

MachDelta (704883) | more than 3 years ago | (#36563940)

Seriously? No ID? As a Canadian, I'm a bit shocked by this. We have to show ID when we vote (or have another ID'd elector in your riding take an oath and vouch for you, but I've never actually seen that happen), and no one bats an eyelash... do I dare ask why this little proceeding is not practiced south of the border?

Re:Fortunately they are easy to identify, (2)

demonlapin (527802) | more than 3 years ago | (#36564150)

In the segregation era in the South, there were often poll taxes (nominal fees intended to keep poor whites and all blacks from voting) and literacy tests (white voters might be asked to read the King James Version of John 3:16, black voters to explain the meaning of the Fourth Amendment). For reasons I do not fully understand, the idea that you should have to show identification to vote has become part of this parcel - perhaps because people think that having to have an ID is a poll tax, perhaps because they think that a disproportionate number of black voters will have white poll workers declare "this picture looks nothing like you".

I think that having to show ID is a pretty good idea, even if it's not really a major source of fraud. Most vote fraud occurs with absentee ballots, but the lack of voter ID presents a real credibility problem to the public. Unfortunately, absentee ballots can't be banned, because any attempt to do so will result in a litany of stories about deployed soldiers who can't vote because they can't meet any of the normal standards for verification. As a compromise, we might elect to use indelible ink (as is used in India and Iraq) to mark one finger of all voters. This does not prevent voting out of your district but does prevent voting multiple times.

Re:Fortunately they are easy to identify, (3, Insightful)

AK Marc (707885) | more than 3 years ago | (#36565630)

For reasons I do not fully understand, the idea that you should have to show identification to vote has become part of this parcel - perhaps because people think that having to have an ID is a poll tax, perhaps because they think that a disproportionate number of black voters will have white poll workers declare "this picture looks nothing like you".

Showing ID requires ID. When the state will give you an ID card for free, then it will no longer be a poll tax. Until then, it is a de facto poll tax, even if that poll tax is $20 every 4 years or some other small number.

I think that having to show ID is a pretty good idea, even if it's not really a major source of fraud.

Why would it be a good idea if it adds an additional burden and doesn't really address fraud? I've never heard of anyone ever going to vote and finding that someone else has already voted in their place. At best, it's about dead people voting, and that's probably why the ID thing is so important to the Republicans, because I keep hearing that the only reason Democrats win in Chicago is that dead people vote there. It seems our politics is so hung up on the past that it never looks forward.

There are millions of American citizens without IDs. Most of them poor, and thus presumed Democrat. That's why the Democratic Party is against requiring IDs and Republicans for it. Neither cares one whit about voter fraud, they just want to make it easier for their supporters to vote and harder for their opposition.

Re:Fortunately they are easy to identify, (1)

BenJCarter (902199) | more than 3 years ago | (#36563946)

Never say never :D

The Tea Party passed voter ID in Wisconsin [reuters.com] , and it's looking promising in Ohio and Pennsylvania.

Re:Fortunately they are easy to identify, (3, Insightful)

the eric conspiracy (20178) | more than 3 years ago | (#36564130)

The ID laws are happening in Republican controlled states. If you spend the time to read the justifications for these laws and the politics of those pushing for them it is clear that the reason for them is voter suppression.

For example the Texas ID law exempts registered gun owners and senior citizens from the ID requirement. Hmmmm I wonder how these folks tend to vote?

Re:Fortunately they are easy to identify, (1)

Wyatt Earp (1029) | more than 3 years ago | (#36563906)

I have to show ID here in Alaska at the voting place.

Re:Fortunately they are easy to identify, (2)

rtb61 (674572) | more than 3 years ago | (#36564724)

Showing ID to vote is silly, showing ID to register to vote so that your appear on the electoral rolls is the only sensible requirement. Quite simply when your name is checked off the electoral rolls it becomes readily apparent when a person's name is checked off twice, which results in an immediate investigation, with serious penalties.

As such in a manual voting system, even wide spread fraud will still number in just the thousands. To actually steal an election you need to corrupt the counting process not the voting process.

Once you go electronic, you only need to hack the voting system at a single point to affect the whole election ie be able to corrupt millions of votes at one point.

Manual is the only thing that makes sense, it makes corrupting the system very difficult as it requires a very wide spread effort and is always exposed. Simply shift elections to Saturdays so more people will be available from all political parties and candidates to monitor, the placing of votes, the counting of votes at the location where those votes were placed and then the transfer of votes to a secure location for recount if required.

Re:Fortunately they are easy to identify, (2)

GPLHost-Thomas (1330431) | more than 3 years ago | (#36564894)

Even the idea of having an electronic voting machine is scary. Even a mechanical one. Of course, everything has to be done manually, and watching how the voting and counting process is being done should be granted by constitutional rights (like in France, for example). Not only this: the method to do the manual counting should be written in the stone, because even manually, there are ways to cheat.

Re:Fortunately they are easy to identify, (1)

Wyatt Earp (1029) | more than 3 years ago | (#36565728)

In Alaska you register to vote when you get your driver's licence, so the State bases your district on your address they have on file with your DL.

You show up at the polling place, show your driver's licence, they check you off their list, you go vote.

Re:Fortunately they are easy to identify, (0)

Anonymous Coward | more than 3 years ago | (#36563922)

3) You are required to show ID to vote

Yes. The place where I vote asks your name and address to check your name on a list of registered voters, but they don't check ID. In 2004, I went in to vote, only to be told I had already voted. They had me checked off the list. I asked if they had checked "my" ID when I voted earlier, and they said no. They were sorry, but I could not be allowed to "vote again". So, I gave them my next door neighbor's name and address. Then they asked for my ID. All you have to do in my city is get someone's name and address out of the phonebook, and you can vote in their place if you get there before they do.

Re:Fortunately they are easy to identify, (1)

jd (1658) | more than 3 years ago | (#36564016)

Which is why there needs to be some method of making it provable that a vote is legitimate without violating the anonymity. In other words, the voter and the vote should be non-repudiatable in isolation but no combination of voter with vote should also be non-repudiatable. That's tough, in fact it's the single-toughest problem in the whole e-voting system, which is why I consider it to be the problem that needs to be solved first with all other components built around that solution. Everything else is trivial and therefore you can produce a near-infinite number of useless solutions by solving those bits first.

Re:Fortunately they are easy to identify, (1)

jd (1658) | more than 3 years ago | (#36563978)

The e-voting system I've suggested a few times (anonymous generation of private/public key pairs issued to those who have ID) would make the showing of ID superfluous. You can vote with an invalid encryption key if you like, but there's bugger all the voting computer can do with it as it can't decrypt it. This also avoids the objections (which are valid) by individuals who have complained excessive ID requirements make voting impossible (in violation of the Federal laws on voting, not to mention the 15th Amendment which prohibits disenfranchisement of those who are legit, regardless of reason or excuse, no matter how good on the surface it may be).

Every time this comes up I say the same thing (1)

symbolset (646467) | more than 3 years ago | (#36564574)

When computers are granted suffrage as full citizens then they ought to be allowed to record and count votes. Until then this work should be performed by citizens potentially familiar with the nature of the responsibility and conscious of the potential personal consequences of failure.

Don't call me a Luddite. I'm an IT pro with over three decades experience, and tech is the side my bread has butter on. I'm not opposed to computer programs as citizens as long as someone comes up with a credible way to implement that, which doubtless would involve a constitutional amendment. Until then some few things are just too important to compromise on for the sake of timeliness, efficiency and cost. Voting is one of those things. Votes ought be taken and counted by citizens and nobody else. We should not be so impatient that we cannot wait for citizens to record our votes; to count and tabulate them. To be so impatient is to surrender the responsibility and power of franchise in bulk and will end in trouble of the worst sort.

There is no way around the fact that machine recording, counting and reporting violates the precept of "One citizen, one vote." Anybody who's passed Introduction to Programming would know that. The output of any program is determined first by the programmer, second by the operator, and only then by the inputs as those two permit if the process isn't otherwise compromised. To say there exist some citizens who can audit the machines and code is to create a class of supercitizen qualified to do so and affect the votes of citizens in the main - it places too much trust in the code auditors and grants them more power in the body politick than "One citizen, one vote." Given the advanced state of modern technology it's also a false confidence. Anyone sufficiently skilled to audit the code knows that the underlying hardware can be compromised at the silicon or firmware levels.

Just don't do it. Groups of citizens should count votes at the most local level with diverse interests represented among them and watching each other. At each higher level interested and claimed neutral citizens should tabulate and aggregate them. Everyone participating faces the personal risk of prison or tyranny if cheating is detected or involved undetected. It's that important. It's not a perfect system but if we citizens fail in it at least it's our own fault. To surrender the power of voting through trust to machines crafted by unknown entities running code written by unknown entities audited by special citizens is just to surrender our franchise entire. Trust is for suckers. We may as well not vote.

Machines aren't citizens and they ought not count votes.

Re:Fortunately they are easy to identify, (2, Informative)

riverat1 (1048260) | more than 3 years ago | (#36564268)

If you are required to show ID when you vote then the only valid ID should be a voter card they issue you free of charge when you register to vote.

The reason that Republicans want you to show ID when you vote is to suppress the voting of people who are more likely to vote for Democrats. The level of voter fraud, that is people who are not eligible to vote voting, is so minuscule in this country it's not an issue. In Ohio in 2004 they looked for that and only found 4 out of millions of votes. Yes it could effect an election that comes down to 1 or 2 votes but how often does that happen?

Here in Oregon where all elections are vote-by-mail our "ID" is our signature on the outer envelope of the ballot. The inner envelope is generic and once they verify your signature against the digitized signature they got from your registration they separate the two envelopes. We have very few election problems in this state.

Re:Fortunately they are easy to identify, (0)

Anonymous Coward | more than 3 years ago | (#36564566)

"suppress the voting of people who are more likely to vote for Democrats"

You mean deceased persons, cats, dogs, fictional characters, and illegal immigrants?

Re:Fortunately they are easy to identify, (1)

jd (1658) | more than 3 years ago | (#36564938)

The first four of those tend to vote Republican. Ask the Gipper.

Re:Fortunately they are easy to identify, (1)

Tanktalus (794810) | more than 3 years ago | (#36564792)

Why is it that people who don't have any state or federal ID are more likely to vote (D)? I'm really wondering about that.

Illegal immigrants? No sympathy here: if you want to be afforded full citizen rights, you need to do it legally. Immigration sucks? Yes it does, but if you're already not prone to following the laws just getting in, why should anyone believe you're going to follow the laws once you're in? Voting is a right for citizens. If your party is reliant on illegal voting to get a majority, I would think you don't really represent the general citizen population, and maybe a refocus is in order.

Homeless? Canada seems to be able to subsidise ID cards of some sort for homeless people. Not sure what the problem is in the US.

If you have a driver's license, you have state ID, so you can vote. If you don't, it seems reasonable to get a non-driver's license (at least, that's what it was called here when my wife got hers originally 15 years or so ago). It's provincial ID that can be used like a driver's license for everything except actually driving. And was cheaper than a driver's license. You could use it to buy booze, enter a bar, get a passport, and even vote. I'm not sure it even needed regular renewal.

So who, exactly, doesn't have ID in the U.S. that would traditionally/normally vote (D)? I'm curious.

Re:Fortunately they are easy to identify, (2)

riverat1 (1048260) | more than 3 years ago | (#36565348)

The ID's required are picture ID's. Most often that is either a drivers license or a passport. Many poor people and people who live in cities with decent public transportation have neither. That is definitely a Democratic leaning demographic.

As people get older they may give up renewing their drivers licenses so they're expired or as in one example I heard about in Indiana a bunch of nuns living in a convent who had been voting for decades were not allowed to vote after Indiana's ID law was passed because they didn't have any picture ID. Those two demographics may lean a bit Republican but it's hard to say.

If anyone ever documented illegal immigrants actually voting in any numbers I'd pay more attention to that meme. If I were illegal I'd want to avoid anything that might call attention to myself. I've heard about more voter fraud from Republican voters than I have from Democratic voters.

If you are going to require voters to have picture ID then you need to provide it free of charge in a way that is not a burden on them to get (like having to take time off from work, etc.). Otherwise it's essentially a poll tax.

It should never be closed source (2)

elucido (870205) | more than 3 years ago | (#36563046)

Any voting machine which is closed source is equal to allowing a magician to count the votes.

First of all there must be a papertrail for any electronic voting machine. While the counting process can be automated, the voting machine should only exist to make voting easier, such as push a button to select a candidate. This should generate a receipt with a unique number representing the digital signature of the person voting. This would make counting easier and would also allow one to vote via the internet where they select a candidate, print out their receipt, and mail it in.

Closed source irrelevant, paper ballot not (4, Interesting)

Chris Burke (6130) | more than 3 years ago | (#36563188)

Open source is really irrelevant. You can never prove that the voting machine is running an un-altered binary produced from that code on unaltered hardware and with unalterable memory. It's not bad, but it doesn't guarantee anything, so if that's what you think is keeping voting from being equal to a magician counting the votes, then that's a false sense of security you're feeling.

The way you make voting secure is to take the part where you have to trust the machine's memory, with no way for the voter to confirm that its contents are correct -- the magician, essentially -- out of the picture.

Instead, the machine should simply be an enabler for printing a correct ballot. That paper ballot must be the only ballot that matters. That ballot can be machine readable, but it must also be human readable, and it must be the same markings that both human and machines read to determine who the ballot is for.

In this regime, it doesn't matter if the source is open or closed. It doesn't matter if the voting machine is compromised. Because now the "magic" is out in the open, so if the machine tries to pull any tricks, the voter has the ability to actually see that their vote was recorded incorrectly, and not put that ballot in the ballot box.

Re:Closed source irrelevant, paper ballot not (1)

jd (1658) | more than 3 years ago | (#36564046)

That's one of a number of possible solutions to the veracity problem. Because there are many solutions to veracity, not all of which are compatible with the many solutions to other parts of the puzzle, it's not useful to focus on that one solution. What you ideally want to do is to start with the bits for which there are provably very few solutions because then you minimize the risk of producing flaws elsewhere by having to leave out parts.

Re:Closed source irrelevant, paper ballot not (1)

swillden (191260) | more than 3 years ago | (#36564084)

What you ideally want to do is to start with the bits for which there are provably very few solutions because then you minimize the risk of producing flaws elsewhere by having to leave out parts.

I'm not sure I agree with this statement -- given that any security system is only as strong as the weakest link, you need to get it all right (or right enough, anyway), and why not start with the low-hanging fruit? But, regardless of that, I'm interested to hear what you think are the bits that provably have very few solutions, and what you think should be done to address them. It sounds like you've put some thought into it; I'd like to hear it.

Re:Closed source irrelevant, paper ballot not (1)

jd (1658) | more than 3 years ago | (#36564924)

Think of it as a SQL statement. If you start with the smallest table and join onto that, both you as a developer/tester and the computer will have the least work to do.

Ok, the smallest solution-space would seem to be to make each ballot unlinkable to a voter and yet be able to prove that the mapping of ballots to votes is a perfect 1:1, that all voters were authorized and that the ballots counted were the ones presented.

This is small because you have veracity of every set and every relationship at the same time as you have repudiatability of any connection between any vote and any voter. There simply aren't many ways you can meet those two heavily-conflicting constraints.

Here are the options I've been able to come up with. They all rely on voting machines not counting votes but merely doing a bit of trivial local processing with all the actual counting being done somewhere else. There is therefore an actual electronic ballot from start to finish, rather than a tally that could come from anything, and since a complete set of actual ballots exists, they can be recounted or inspected at any later date as is the case with a paper ballot (preserving the elements of veracity within the current solution). They also all provide methods by which third-party observers (including the general public) could be provided with sufficient information to monitor the voting for fraud at some level without violating the anonymity of the votes or the privacy of the voters.

(Indeed, it is assumed in all of these methods that you want limited-capacity third-party observers so that if holes were to be found they could not be exploited without detection, where the limited nature of the observing isn't itself compromising the security.)

1. Anonymous public/private encryption key pairs.

A voter casts an encrypted ballot in which the key they possess is useless to anyone wishing to find out what the vote was, but where there is one and only one key that can decrypt that ballot and produce a valid record. This requires that you have two machines - the one generating the key pair and the one doing the decryption, where both are tamper-proof, the link is unidirectional and the link is also tamper-proof. The one generating the key pair provides the human users with the encrypting key part only, which forms a part of the voter registration card used in the act of voting. The human users never see the decrypting key, which is passed solely to the decrypting system. With no linkage between the keys, even if you could snoop in on the communications you could never positively link any given encrypting key with any given decrypting key.

(The link therefore doesn't have to be snoop-proof, though that's obviously preferred, it only has to be tamper-proof so that it is never possible for an outsider to inject a false key pair into the system.)

If you place your vote directly onto the "voter registration card" (think more of what a single-function PDA would look like, given all the functions you can cram onto a smartphone today, than a simple piece of card with a name on it) and that card produces the encrypted ballot, the encryption key is never exposed and therefore cannot be duplicated and used by someone else.

If the decryption system destroys all keys that have already been used and ignores all ballots for which no decryption key exists on the system, no encryption key can ever be used for more than one vote and no vote for which the key generator did not generate the key pair will ever be counted.

You now have a system where one card is unique to one voter is unique to one ballot is unique to one recorded vote, provably so, without violating the confidentiality of any of the sequence.

This system has a limit on scalability. The decrypting machine is essentially using the decrypt key list that it has as a variant of a rainbow table. It must, therefore, try !(number of voters) possible keys in the worst possible case in order to be able to find the right key. (Since we know in advance that an encryption key is used once, any given decryption key can be ignored after it has been used in a successful decrypt.) That number is obviously going to grow very rapidly, so the system can only be useful if the total time needed to decrypt all ballots is unacceptably long. Trying to limit the key space you need to examine would violate the requirement that encryption keys are anonymous.

It's not impossible, but it's not cheap. It relies utterly on the fact that the rainbow table is going to be much, much, much smaller than the total keyspace in any brute-force attack (so that external attackers of the system require compute power that goes beyond what actually is possible in order to find either key from the other or to alter a vote undetectably in transit).

2. Quantum Cryptography

Instead of using public key encryption and a powerful decryption system, have each ballot computer linked via a physically private connection to the decryption machine and use quantum cryptography to transfer the ballot direct from the voter to that central computer. A physical ballot would be printed out at the same time and placed in a physical ballot box. This is required because unlike methods 1 and 3, this method does not use secret information that guarantees the 1:1 relationship although it does guarantee that what is counted is what is cast (QC ensures the votes can't be altered in transit). The 1:1 would be obtained by matching the computer's records of the ballots electronically obtained with the ballots in the ballot box, which should match 1:1 if no attempt at fraud has occurred. Fraud would result in a mismatch on the counts or the contents. It could never result in the two matching. It's faster than the other methods, but has the drawback that it's much harder to know which data is the fraudulant data.

3. Cryptographic hash receipts

This tries to produce a similar effect. Whereas in the cryptographic solution you have "secret knowledge" that is divided into two parts (the key) with each part known in one place, this has one piece of "secret knowledge" (a very large pseudo-random salt where the salt can be linked in some way to the ballot) known in two places (the voting machine and the validating machine).

The idea is that the voter casts a ballot and that ballot is then stamped by the voting machine as valid in much the same way that official documents get notorized by humans currently. The idea here is that the notorizing stamp is unique to a ballot and can be verified as correctly belonging to that ballot only by someone with that secret knowledge.

Any attempt to inject a false vote into the system will produce a stamp that cannot be verified as the corresponding secret knowledge doesn't exist. Any attempt to alter a vote will result in the cryptographic hash no longer matching the document it is a hash of. The hash doesn't tell you who cast the vote (so we have anonymity) and the entire catalogue of hashes generated can be circulated at the time of generation (as it tells you nothing about how a person voted, but since all lists must match up, would tell you if all votes had indeed been counted).

Re:Closed source irrelevant, paper ballot not (0)

DNS-and-BIND (461968) | more than 3 years ago | (#36565080)

I always laugh when I see this "only paper ballots are secure" meme out there. It displays such a laughable level of ignorance, it's almost cute. You know, the PRI in Mexico rigged elections for 80 years using nothing but paper ballots.

Re:Closed source irrelevant, paper ballot not (1)

BenJCarter (902199) | more than 3 years ago | (#36565356)

Software is irrelevant to this process. The machine shouldn't mark the ballot, the Human should. After all, that's what make us human.

Re: The only way to win is not to play (2)

taiwanjohn (103839) | more than 3 years ago | (#36565576)

E-voting is like global thermonuclear war. Call me old fashioned, but I like the idea of marking a paper ballot with a pen, and putting it a box.

Here in Taiwan, ballots are counted at the precinct level. The counting is done in public, with representatives of the major parties present. The whole process takes a couple of hours.

The whole idea of "machine voting" is stupid. It's worse than a waste of money, it invites all kinds of suspicion and dispute. There has to be a paper trail. No exceptions.

Using a machine-countable ballot may save time, and that's ok. But at least it leaves a record that can be double-checked by hand.

Re:Closed source irrelevant, paper ballot not (1)

AK Marc (707885) | more than 3 years ago | (#36565688)

It still doesn't have anything built in for lost/damaged/added ballots.

One thing is for certain (0)

Anonymous Coward | more than 3 years ago | (#36562648)

The U.S. has unsustainable expenditures at every level of government, to the tune of probably trillions of dollars. For certain there will be concerned interests with billions of dollars at stake who will not consider elections fraud to be off the table.

Re:One thing is for certain (2)

blair1q (305137) | more than 3 years ago | (#36562798)

See, that's the thing. There are people who think nothing of spending $100 million to crock an election so they can make $1 Billion by pushing $1 Trillion and a few thousand lives down a shithole.

And they have millions and millions of $10K millionaires voting for them.

A little fraud at the ballot terminal is nothing compared with the psychological sea-change needed to fix that.

Semi-Electronic voting (1)

Darkness404 (1287218) | more than 3 years ago | (#36562712)

Why not use semi-electronic voting where you use a pencil and a scantron-type ballot, primary results can be done electronically while there are paper records that can be counted by hand if the results are challenged. It seems to be the best of both worlds, preventing a lot of the flaws of e-voting while still allowing results to be counted quickly, easily and without bias.

Re:Semi-Electronic voting (1)

blair1q (305137) | more than 3 years ago | (#36562820)

I prefer the type where you enter your vote on a touchscreen and get a printout that is duplicated and dropped in a lockbox by the machine itself.

Cleaner and auditable right down to you presenting your votes to be compared with the ones in the lockbox and the ones recorded in the central DB.

Unfortunately, I think I just invented it, so I doubt I'll find it anywhere.

Re:Semi-Electronic voting (3, Interesting)

Anonymous Coward | more than 3 years ago | (#36562976)

You can't have people leaving with proof about how they voted, lest they'd be coerced by thugs waiting around the corner for proof that they voted as agreed upon, or else.

Re:Semi-Electronic voting (1)

MachDelta (704883) | more than 3 years ago | (#36563954)

I'm not sure you read that as intended. The paper duplicate would be dropped in a safe, presumably in the base of the machine - not given to the voter to be carried out.

Re:Semi-Electronic voting (1)

symbolset (646467) | more than 3 years ago | (#36564682)

You're not really familiar with the nature and uses of tyranny, are you? I'm guessing you didn't post this from Syria.

Re:Semi-Electronic voting (1)

jd (1658) | more than 3 years ago | (#36564094)

You are correct that voters should never be attachable to a vote, but the prior poster is also correct that it is essential that it be provable that the votes counted were the ones cast and that all legitimate votes cast were counted. A sufficiently powerful cryptographic hash (perhaps with sufficient salt from the myriads of identification documents everyone has on file) might work. You have a hash, you can look up to see if the hash is listed amongst the votes counted, but all anyone else could do would establish that you voted (by merit of having a hash), they lack the information necessary to either directly correlate you with any actual ballot or to brute-force what the ballot must have been to generate the hash. And since anyone can look to see if a name's been ticked or not off the voter's lists, that's no more information than they'd have at present.

Re:Semi-Electronic voting (2)

Chris Burke (6130) | more than 3 years ago | (#36563230)

I prefer the type where you enter your vote on a touchscreen and get a printout that is duplicated and dropped in a lockbox by the machine itself.

Change it to where the voter drops the one-and-only printout into the lockbox themselves, after verifying that it is correct. Then we're in agreement.

First, because otherwise how does the voter know the printout put in the box is the same as the one they're holding? If we trusted the machine to do that correctly, we wouldn't be having this discussion.

Second, because any idea which sacrifices the secret ballot is a horrible idea.

Re:Semi-Electronic voting (2)

aztracker1 (702135) | more than 3 years ago | (#36563724)

Scan-trons are faster and less expensive... One scantron can process 40 voters faster than one e-voting booth with a touchscreen.. AZ has both.

Re:Semi-Electronic voting (1)

symbolset (646467) | more than 3 years ago | (#36564732)

Um, I was hacking Scantrons in the 1980s. You got anything more current?

Never mind. If you believe in this you'll buy into anything automated and there's nothing I could say to convince you.

I have to say this though: fastest and least expensive are not the key values we're looking for.

Re:Semi-Electronic voting (0)

Anonymous Coward | more than 3 years ago | (#36564822)

Scan-trons are not appropriate for people with arthritis, vision problems, or some handicaps. Touchscreens can help people vote independently.

As far as speed, if that is important, touch screens can be made faster / more responsive. Can scan-trons?

Also, would you rather have people convert their choices into something a machine can read but they can't (as easily)? Why not have a machine convert their choices into something both they and a machine can read (paper ballot)?

Yes, this works, quite well in fact. (3, Informative)

Trerro (711448) | more than 3 years ago | (#36562994)

This is how CT does it. You bubble in the form, feed it to the machine, and if there's a close race, they pull out all of the paper ballots and recount manually.

Additionally, the state picks a few towns and a few offices at random, and has people from other towns come in and hand count the results to make sure no BS has occurred.

Needless to say, we don't get many claims of election fraud in this state.

I helped with both forms of recount, one where some guy lost by 10 votes, and one random audit. On the recount, the difference between the hand and machine counts was a single vote (which is actually amazing considering how many X'ed the bubble, checked it, or otherwise failed to read the directions). On the audit, the difference was 3 votes. Both left a margin of error of 0.1%, which is pretty damn close to perfect. Multiple recounts may be needed if someone wins by 0.1%, but that's pretty damn rare. (The guy who lost by 10 votes lost by 10/1300ish).

It's really not that hard to keep elections honest, the people just need to demand it, everywhere.

Re:Yes, this works, quite well in fact. (1)

Trerro (711448) | more than 3 years ago | (#36563016)

Both of those 0.1% figures should say "less than 0.1%", Slashdot ate the less than sign because it apparently thought I was trying to do HTML. (Post mode was "plain old text" before you ask. :P)

Re:Yes, this works, quite well in fact. (1)

Chris Burke (6130) | more than 3 years ago | (#36563928)

(Post mode was "plain old text" before you ask. :P)

Which, intuitively, means "Use html, but interpret blank lines as paragraph indicators for <p> tags." Which is what "html formatted" means, as far as I can tell. It's been that way for so long, I've kinda stopped thinking about. Used to be you had to select a middle option between html and plain-text to get the "html but with automatic paragraphs" functionality.

Now, let me see... Okay, "extrans (html tags to text)" seems to be just what you'd think "plain old text" would be. And "code", which I would have thought would mean pure html, actually is the same as extrans only with <tt> tags around it.

Huh.

Anyway, quite an understandable mistake. :)

Re:Yes, this works, quite well in fact. (0)

Anonymous Coward | more than 3 years ago | (#36564490)

"It's really not that hard to keep elections honest, the people just need to demand it, everywhere."

Problem is the average American citizen can't understand what you are saying, and if they could they wouldn't give a shit. To them you are a nut case conspiracy theorist.

Re:Semi-Electronic voting (0)

Anonymous Coward | more than 3 years ago | (#36563780)

It is odd that you claim this is the best of both worlds when it is the worst.

Electronic voting gives you accessibility. You took that away with scantron (the elderly and handicapped will have a hard time with that #2, sorry.

Paper voting gives you untraceable and recountable documents. You did away with that when you made counting the paper documents conditional.

Still, semi-electronic voting isn't bad, you just pick the other half. Use the electronic ballot-filler-outer, make it print a ballot that is both human and machine-readable (unless you have a damned good reason, make the computer read exactly the same symbols the human does), and vote with that paper ballot.

If you have a hard-on for counting with the machine that the voters use, use it to check the physical ballot counts, but be aware that you're potentially reducing the privacy of the vote.

Re:Semi-Electronic voting (1)

BenJCarter (902199) | more than 3 years ago | (#36563984)

This has the added benefit of providing an auditable trail of hand written ballots. Every human will make different marks. Unlike a computerized printout. You will also have physical ballots to count.

What's not to like?

Here's a stupid idea: (2, Funny)

MyFirstNameIsPaul (1552283) | more than 3 years ago | (#36562746)

I'm only partly through two of the links, but I just thought of something. What if BitCoins were used for elections? Wouldn't it guarantee that sending my coins to cast my vote would be guaranteed?

that would be a poll tax (1)

Joe_Dragon (2206452) | more than 3 years ago | (#36562850)

that would be a poll tax

Re:that would be a poll tax (1)

MyFirstNameIsPaul (1552283) | more than 3 years ago | (#36562954)

Okay, not the BitCoin system that is actually used for payment. BitCoin is just an open-source software project, and anyone can create their own BitCoin network. For example, one could be made by a state strictly for use in voting, or Check E. Cheese could use them instead of metal tokens.

Re:that would be a poll tax (1)

trappa (1894960) | more than 3 years ago | (#36564298)

This is basically equivalent to requiring everyone to have a public and a private key, then signing the key of whichever candidate they want to vote for.

It would be a secure and verifiable system. However it would never work because it's not something that a normal voter would understand.

The only problem would be making it anonymous. If you required each person to have a new key for each election and had all keys signed by a central authority (recording only that a person already had a key signed, but not actually recording which key it was), I think it might be theoretically possible.

Also, since only the central authority can know which keys are properly signed, someone could always make a fake signed key, if someone were to try and bribe them into casting a specific vote. That way, even if the vote buyer required the person to cast their vote right in front of them, they'd have no actual way of knowing whether or not it was valid.

Alas, if only everyone was a cryptonerd.

Re:that would be a poll tax (1)

MyFirstNameIsPaul (1552283) | more than 3 years ago | (#36564400)

The voter wouldn't need to know anything. "Here, keep this thing we give you in case you want to prove how you voted."

Re:Here's a stupid idea: (0)

Anonymous Coward | more than 3 years ago | (#36562926)

Either you do it anonymously and then there is no way to tell that you are authorized to vote and haven't voted already, or you do it in the open and then your vote is not anonymous.

Re:Here's a stupid idea: (1)

Basalt (47097) | more than 3 years ago | (#36562978)

That makes your vote traceable to you.

Bad idea for many reasons.

 

Re:Here's a stupid idea: (1)

spitzak (4019) | more than 3 years ago | (#36563200)

I thought part of the design of bitcoin is that it is untracable. Though you have -1 added to your bitcoin total, and +1 is added to the candidate, there is nothing connecting these operations after they happen. I believe this is what the original poster was getting at.

The idea would be to somehow give every person a coin (that may be the tricky part so that every voter gets one and not more or less...). They can then "pay" that coin to who they want elected. There would have to be a modification to bitcoin so no other transaction is possible (otherwise I would think your boss/union/etc will insist that everybody transfer their coins to them so they pay).

If bitcoin really works as advertised (ignoring it's usability as money) this seems like it may be a good idea.

Re:Here's a stupid idea: (1)

MyFirstNameIsPaul (1552283) | more than 3 years ago | (#36563528)

Hey, I'm didn't say it was a good idea. And besides, maybe the voter doesn't have to be given the key, but have the key encrypted on something the voter keeps.

Re:Here's a stupid idea: (0)

Anonymous Coward | more than 3 years ago | (#36563140)

Bitcoins with Chiropractic HOSTS file!

Re:Here's a stupid idea: (0)

Anonymous Coward | more than 3 years ago | (#36563582)

Dear god, it's Dr. APK Bob

Check the compiler for backdoors. (1)

elucido (870205) | more than 3 years ago | (#36563000)

Just because it's open source doesn't mean you can feel safe. There could be backdoors critical areas such as the compiler, or other places.

We know that government agencies would pay, bribe, or trick developers into sneaking a backdoor in. That's all it would take.

So who audits the code? How is it audited? In specific the kernel and compilers must be free of backdoors.

Re:Check the compiler for backdoors. (3, Interesting)

techno-vampire (666512) | more than 3 years ago | (#36563166)

We know that government agencies would pay, bribe, or trick developers into sneaking a backdoor in.

Really? You know that for a fact? What evidence do you have, or are you just spouting your mouth off?

Margin of error (1)

currently_awake (1248758) | more than 3 years ago | (#36564066)

It's better to assume politicians are corrupt and watch them, than to assume them honest and not.

Re:Check the compiler for backdoors. (1)

symbolset (646467) | more than 3 years ago | (#36564782)

Actually Ken Thompson [scienceblogs.com] , first author of the Unix C compiler, did just this - not as a bribe or trick, but just to dissuade people from putting too much trust in the compiler. The more you know, the less you trust - which is the point of this exercise. Trust is for suckers. Also: we've forgotten long ago more things than we know now.

Re:Check the compiler for backdoors. (1)

bieber (998013) | more than 3 years ago | (#36563302)

The difference is that if there's a backdoor in a proprietary system then you'll never, ever know about it. Seriously though, if you assume that those in power are just outright manipulating the results, then there's no reason they'd need influential developers to sneak a back door into the system and risk someone catching it on a code audit. They could just as easily pay some lackey to break in wherever the machines are being stored and install a new firmware, pay off poll workers to manually edit results on the machines, or just engage in good old fashioned voter intimidation before anyone got to the polls. Any voting system can be gained, but at least in the case of an open voting system we'd have the opportunity to check and see for ourselves if we were being cheated.

Paper ballots (1)

riverat1 (1048260) | more than 3 years ago | (#36563014)

I don't care if they're printed by machine or filled out by hand but the end result should be a paper ballot that can be hand counted if necessary. Anything else is too easily manipulated. I'm not saying paper ballots can't be manipulated but it's far harder with them than with some electronic record.

Re:Paper ballots (1)

chemicaldave (1776600) | more than 3 years ago | (#36563388)

Better yet, start out with both. Any errors in the e-voting system will show up immediately.

Re:Paper ballots (1)

the eric conspiracy (20178) | more than 3 years ago | (#36563988)

Who is to say that what gets printed or counted is the same thing the voter marked?

Ultimately trust is a matter of finding a way to trust and verify the entire process. E-voting is just a minor part of this.

Re:Paper ballots (1)

swillden (191260) | more than 3 years ago | (#36564126)

Who is to say that what gets printed or counted is the same thing the voter marked?

The voter should be able to ensure that what gets printed is what he or she marked.

Ensuring that the ballots are counted as cast is another problem, but one that we know how to solve well enough to ensure that large-scale manipulations of the vote will be found. Once you've got clearly-marked paper ballots that the voter has verified correct, the rest of what follows is well-understood, and your next anti-fraud focus should be on voter registration processes.

Re:Paper ballots (1)

demonlapin (527802) | more than 3 years ago | (#36564168)

You can vote on a machine, have the machine print a voting ballot, and have the voter verify the ballot before dropping it in the box.

Re:Paper ballots (1)

riverat1 (1048260) | more than 3 years ago | (#36564660)

I should have been clearer. If the ballot is printed by machine that machine is not counting the ballot, just printing it. The only thing that actually gets counted is the paper ballot that the voter has verified is an accurate reflection of their intention. If you use a scantron or some other machine to count ballots then they should be randomly audited by hand counting to verify that they are accurate.

Hybrid electronic/paper voting is best solution (1)

Mikey123 (932252) | more than 3 years ago | (#36563076)

Using purely e-voting to elect government is akin to asking "Anonymous" whom they want for president, which would probably be the "Son, I am dissapoint" guy --- or worse. The only way that e-voting is useful is as a hybrid system with paper voting, that employs results validity through random and targetted sampling. Proposal: (1) When a citizen votes during an election, as the paper vote is dropped into the ballot box it is simultaneously scanned by an computer reader which is networked to central tabulation HQ.(If the vote cannot be read, it is not accepted into the ballot box) (2) When voting is finished, all voting staff and political party staff (from all parties running) get instant "un-official" print-outs of voting, with results described by each ballot box, across the entire voting area. These "un-official" election results can be posted online the very second voting ends. BUT, ballot boxes with paper votes are still securely locked down, as always! (3) Before results of the election can be officially announced, two more things must happen: i)a random sample of a significant proportion of ballot boxes must be counted by hand, and verified to be equal to or very, very close to what the "un-official" electronic results were, which were already posted online for each ballot box. ii)every party running in the election is allowed to request an official hand-count of a generous proportion of ballot boxes, at places of their choosing, with hand-count results to be verified against the original "un-official" electronic results. (4) If in the previous step above any of the hand-counting for any single ballot box is off from what the "un-official" electronic tally originally had reported, the electronic results are deemed VOID and completely thrown out. At this point, ALL paper ballots go to be hand-counted, to get the true election outcome. Advantages of this approach: (1) Costs WAY less to conduct elections, since much fewer paper ballots are manually counted (Except in those cases where electronic results are off from the statistical sampling, in which case all votes everywhere are recounted... and whomever designed the e-voting security is fired and plastered throughout the media as an idiot/crony). Governments could even pay a nominal insurance fee so that expenses would be covered in the case that the e-voting is hacked and all votes have to be counted (2) results are just as verifiable as classic paper-only election. If absolutely necessary, all paper votes can be counted. (3) complete but un-official election results can theoretically be released seconds after voting closes. No more watching tv news talking heads yammer all night as results slowly trickle in (4) If properly designed, the system can ensure secrecy of your vote Electronic voting can be helpful, but if the day comes that we allow government elections to go electronic-only.. that is the day we ALL lose democracy.

Re:Hybrid electronic/paper voting is best solution (0)

Anonymous Coward | more than 3 years ago | (#36563120)

"Son, I am dissapoint" guy --- or worse.

Have you seen the jokers we've been putting into office this past century and more?

The 'Son, I am disappoint' guy would probably be the least disappointing president we've had in ages.

Re:Hybrid electronic/paper voting is best solution (0)

tjonnyc999 (1423763) | more than 3 years ago | (#36564182)

Have you seen the jokers we've been putting into office this past century and more?

Like the guy with zero private-sector experience, almost non-existent political experience (voting "present" is not making a decision), without any proof of eligibility, with a questionable past, no ex-girlfriends or friends, no school records, no recollection of actual contributions to the Law Review of the college he attended, and absolutely zero specific promises, only vague Stalinist-style "marching toward a bright future" bullcrap.

Which people fell for anyway. And you're still surprised?

Re:Hybrid electronic/paper voting is best solution (0)

Anonymous Coward | more than 3 years ago | (#36564704)

Better than an old warmonger with a Vice Presidential running mate who was an embarrassment.

Re:Hybrid electronic/paper voting is best solution (1)

tjonnyc999 (1423763) | more than 3 years ago | (#36565552)

I'd rather have an "embarrassment" (why an embarrassment? because the media say it's so, and logical analysis of facts goes out the window?) who actually made a decision once in her life, than a nobody-nothing whose experience is a big fat zero.

get up to date on existing law (2)

defective_warthog (776271) | more than 3 years ago | (#36563114)

In the US it varies by state; each state makes its own laws regarding voting machines based on HAVA 2002. NC has a pretty strong law. Getting software changes approved is a long and complicated process. NC could not get an open source requirement passed in '05. But the compromise that resulted required vendors to supply their source code to a limited set. This was enough to run off the evil Diebold machines; they sued, lost and backed out of the bidding process; as did Sequoia, which was still in business at the time. We ended up with one vendor; ES&S. Their M-100 ballot scanner is a decent machine. With reasonable access control measures in place it is a secure voting device. The big problem I see with ES&S is their tabulation software; frankly it is terrible. I could change vote totals at will. The required audit would catch those changes but on election night I could send them up to the next level. Current Federal and state law make updating the software illegal. I worry about the two counties I worked in as PrintElect tech support connecting their vote tabulator machines to the internet for OS updates. They run winxp. By law they are not supposed to ever be connected to the internet but small counties with small IT budgets who knows. I agree problems should be addressed prior to election year but I doubt it will happen. Every state will vote with what they have in place now would be my bet. The M-100 runs qnx. -d

Re:get up to date on existing law (1)

currently_awake (1248758) | more than 3 years ago | (#36564090)

Diebold was known to load new software onto voting machines just before an election, without authorization. I don't recall anyone going to jail over it.

Re:get up to date on existing law (1)

symbolset (646467) | more than 3 years ago | (#36564842)

The Diebold CEO guaranteed the 2004 election [commondreams.org] to Bush in Ohio. That's all you need to know about that.

Can any kind of e-voting be trusted ? (1)

cr_nucleus (518205) | more than 3 years ago | (#36563240)

I don't get this e-voting thing.

Even if the software is open sourced how can i ever know that the version running is the one it claims to be ?

I also don't understand how the count can ever be verified without compromising the anonymity of the vote. If you don't trust the system you cannot trust any kind of verification it would do nor any kind of output it would produce (including any paper trail). Does anyone have any insight on the subject ?

And i'm not even talking about software bugs. Even without any kind of malicious intentions we could still face plenty of problems.

Is it me being too paranoid or are the people talking about the subject not seeing the issues at hand ?
Or could it not be some form of social engineering to introduce a backdoor in all future elections ?

Honestly i'd love to see counterarguments.

Re:Can any kind of e-voting be trusted ? (1)

the eric conspiracy (20178) | more than 3 years ago | (#36563968)

Can you trust non e-voting either?

The RSA trust issue discussed in a different story teaches that trust is not a matter of the process, but rather a social issue.

Re:Can any kind of e-voting be trusted ? (1)

mbone (558574) | more than 3 years ago | (#36564154)

Can you trust non e-voting either?

Not entirely, but there are steps that can be taken to help insure that non e-votes are counted properly. Those steps are not available for e-voting, and I frankly do not think that the American political system is mature enough to be trusted with it.

Re:Can any kind of e-voting be trusted ? (1)

symbolset (646467) | more than 3 years ago | (#36564852)

If a citizen deliberately miscounts my vote and gets caught they go to prison. I don't foresee a computer being concerned about that issue.

Hogan (-1, Troll)

lina13 (2305956) | more than 3 years ago | (#36563336)

In the fashion world, high-profile brand has its noisy and bright ostentation and extravagance, but low-key also has its own low-key interest, each have their surprise. The Italy brand Tod ' 's family--- Hogan [hoganhoganscarpe.com] .It include Hogan Sito Ufficiale [hoganhoganscarpe.com] Hogan Scarpe [hoganhoganscarpe.com] .Our website offer the law discount.So you can’t miss it.

Hogan [hogan-hogan.org] is the most famous brand in the word.Now this is a good news for you that our Hogan Outlet [hogan-hogan.org] offer Hogan Sito Ufficiale [hogan-hogan.org] .If you like it,you can visit our website.We promise it will satisry you well.

sac longchamp (-1, Offtopic)

lina13 (2305956) | more than 3 years ago | (#36563392)

sac longchamp [longchamp-sac.com] are made from the most exquisite materials available in the world. Longchamp pas cher [longchamp-sac.com] is the best products for you. Sacs longchamp cher [longchamp-sac.com] is one of the best products of. You can buy longchamp sac from our website at a low price. Back to sac longchamp outlet store to know more products information.

Sac longchamp [saclongchampfr.com] is a world-class handbags brand. Longchamp sac [saclongchampfr.com] is so charming. If you want to live in a fashional life, please buy our sacs longchamp pas cher [saclongchampfr.com] .The price of our sac longchamp is most moderate for you.Action quickly.

Christian Louboutin Shoes (-1, Offtopic)

lina13 (2305956) | more than 3 years ago | (#36563456)

Many women friends all want to have a pair of their own individual character style shoes and the chaussures louboutin [chaussures...frence.com] can help you achive it .So just come to our website which is your best choice the chaussures Christian Louboutin [chaussures...frence.com] provide you so many charming products for you such as Christian Louboutin chaussures [chaussures...frence.com] . I believe I can catch your heart.

Do you know the more charming and the fashion shoes is ?Let me tell you, it’s the christian louboutin shoes [christianl...2pumps.com] which have high quality and fine workmanship which receives the large female customers love.And christian louboutin sale [christianl...2pumps.com] you christian louboutin [christianl...2pumps.com] which is on sale with low price.So hury up to come our website to select.

Christian Louboutin Sale [christianl...online.com] with discount at our website.We assure that wearing Christian Louboutin Shoes [christianl...online.com] will let you feel comfortable. Christian Louboutin Pumps [christianl...online.com] is most popular in this summer.Christian Louboutin website will give you the big surprise!

It doesn't matter. (0)

Anonymous Coward | more than 3 years ago | (#36563522)

Your vote doesn't matter. It can be on paper. Electronic. Audit-able. Or not. It still doesn't matter. Stop wasting time buying into the lie that it does, just because some douche on MTV spit some catchy slogan at you and you get a button for your shirt to make you feel like you've done your civic duty because you voted for one evil or the other.

does it matter? (0)

Anonymous Coward | more than 3 years ago | (#36563566)

In the U.S., isn't it the candidate that has the greatest corporate backing that wins? Only when the candidates are relatively equally beholding to the corps do human votes come in, and then it is just selecting among pre-determined "choices".

Until the fundamental problems with the U.S. electoral system are addressed, e-voting issues are just a distraction.

Re:does it matter? (1)

symbolset (646467) | more than 3 years ago | (#36565012)

The fundamental problem with the US electoral system is that citizens don't respect their vote. This is a fundamental issue with democracy in general and is a self-correcting problem, but some unpleasantness will cyclically occur to remind citizens of their duty if the underlying democratic principles survive the education process, which is never certain. Democracy remains a Great Experiment.

Democracy is the worst possible political structure, except for all the others that have been tried. Its failure is in its self-defeating nature. It's dynamic so when by chance it achieves Utopia, it's a transitional state.

I think the problem with Democracy isn't with democracy itself, but with Men. Our nature isn't amenable to living in a Utopia so when we find ourselves there, we find our way out.

Need something that can actually be bought (0)

Anonymous Coward | more than 3 years ago | (#36563746)

They key thing that will drive a solution, whether hybrid electronic/paper, or open source cryptographic voting, etc... is one thing:

The ability for a state to buy a fully integrated system, including all the support and delivery.

What companies are out there that can actually bid on a statewide e-voting contract to deliver, install, operate, and support the e-voting solution as a single entity?

If such a provider bids and then loses out against some proprietary/insecure/etc... solution, then there is real justification to go after the state bureaucrats who selected an inferior vendor. But without a commercial entity that can provide this on a "all you need to do is pay us an we make it work" basis, it's not going to happen. Then a less preferred vendor will win by default, just because there was nothing else to buy.

The dumbest problem of all time (1)

CodeInspired (896780) | more than 3 years ago | (#36563816)

I really don't understand this. How, in this age of computing, when even the most sensitive information is tracked and protected digitially (bank accounts, health records, personal identity, etc.), we still cannot acurrately and securely tally a one-time vote total? With digital signatures, virtually unbreakable encryption, firewalls, advanced routing, hash codes, unlimited logging, we still can't be sure the count is reasonably accurate? To penetrate the digital safegaurds has to be exponentiallly more difficult than say, offering a bribe to the guy doing the counting.

Re:The dumbest problem of all time (1)

mbone (558574) | more than 3 years ago | (#36564104)

Different threat models. The threat model for e-banking is that someone will steal your money, which you can independently audit. The threat model for e-voting is that someone will steal your vote, which you cannot independently audit.

Re:The dumbest problem of all time (1)

tjonnyc999 (1423763) | more than 3 years ago | (#36564152)

It would be nice if the problem was with technology. However, real life doesn't work like this. For every wide-eyed idealist, there's a hundred Timothy Geithners (tax cheat), Charles Rangel (40 years' worth of tax abuses), and Anthony Wieners (do I really need to explain this one?), who will do everything and anything to gain as much power, money, and prestige as they can - the "small people" be damned.

It's unfortunate, but that's how it is. And it's not likely to change, for several reasons which would make far too long of an explanation. Suffice it to say that I could write 10 pages on each one, and still only scratch the surface of the complexity and difficulty involved in overcoming them. A brilliant author summarized this paradigm shift, half a century ago (emphasis mine):

"Did you really think that we want those laws to be observed?" said Dr. Ferris. "We want them broken. You'd better get it straight that it's not a bunch of boy scouts you're up against - then you'll know that this is not the age for beautiful gestures. We're after power and we mean it. You fellows were pikers, but we know the real trick, and you'd better get wise to it. There's no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals, one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens? What's there in that for anyone? But just pass the kind of laws that can neither be observed nor enforced nor objectively interpreted - and you create a nation of law-breakers - and then you cash in on guilt. Now, that's the system, Mr. Rearden, that's the game, and once you understand it, you'll be much easier to deal with."

Politics, according to a dictionary definition that's been scrubbed long ago, is "the business of acquiring, maintaining, and exercising power."

It's not about what "the people" want. It's not about what is "right" or "proper". It's about "what I can get for myself". And s long as decent people continue to tolerate indecent things, the jackasses in power will continue to do whatever they want. (Now, I'm not advocating the John Ross "Unintended Consequences" type of solution, but seriously, how do we make these jagoffs even pretend to do the right thing?)

It's not about the availability of technologies or the economic and social reasons for implementing them. It's about keeping those in power, in power.

"That's the system, Mr. CodeInspired, that's the game, and once you understand it, you'll be much easier to deal with."

Re:The dumbest problem of all time (1)

demonlapin (527802) | more than 3 years ago | (#36564186)

It's hard because we want it to be anonymous. Your bank accounts, health records, etc., aren't.

Re:The dumbest problem of all time (1)

symbolset (646467) | more than 3 years ago | (#36565052)

RSA key theft much? Nothing is unbreakable. Trust is a personal thing.

It's easier to compromise the standard computer than all the guys who use them. Cheaper too.

JoeMonco? (0)

Anonymous Coward | more than 3 years ago | (#36563992)

Has JoeMonco weighed in on this at all? I can't form an opinion without help from JoeMonco.

done right (1)

currently_awake (1248758) | more than 3 years ago | (#36564042)

The computer should print the ballot on paper, you look it over, then it goes into the ballot box. That should be the only form of computer voting allowed. Anything else means you can't see how you voted, and can't see them count the votes- and that means you can't trust it. It doesn't make any difference what kind of government you have if you have no say in it, or can't trust that you do.

Problem Solving (1)

MikeB0Lton (962403) | more than 3 years ago | (#36564406)

Apparently I've missed the memo on what our voting process is doing wrong. It seems to me we are trying to create a complex technical solution because we can, not because we need it.

Technology isn't the issue (1)

davide marney (231845) | more than 3 years ago | (#36565194)

What makes vote tabulation trustworthy is having multiple, independently-reported tallies stored in multiple formats. Just like balancing a checkbook (remember that?), the key is getting agreement on the numbers from more than one source.

For example, in the state of Virginia where I am a poll worker, we count the number of people who have been allowed to vote, and we count the number of votes cast on the machines. Each hour, we compare the two numbers, and call them into the Registrar who records them in a third system. If the numbers differ, it means that a voter walked out of the voting booth without properly casting a vote (this very rarely happens.) As a result, ballot-stuffing is nearly impossible. You'd have to "fix" the numbers on three different systems.

No technology is needed to achieve this effect -- just good processes.

The problem with paper is that it is actually a rather messy, error-prone medium. Paper gets jammed, lost, defaced, torn, etc. Paperless is far more reliable and controlled. (And no, throwing a scanner into the mix doesn't fix the underlying problems with paper.) While I agree that being able to physically recount a paper ballot might help in extreme edge cases, the cost will be a much higher rate of error in every other case. We're not talking the standard 80/20 split here, it's more like 99.5/0.5 (that is, a paperless process would benefit 99.5% of races vs. a paper-based process helping .5%.)

What I would like to see is a paperless voting tally that is digitally signed. The voter, on request, can get a printed receipt of the decryption key, which they can use later on via the web to verify that their individual vote was indeed included in the final result. That way, we don't need to perfectly manage the paper, the voter can have confidence their vote was counted, and we'll add yet another independent verification process to the mix, which is all to the better.

Heh, can "voting" be trusted? (0)

Anonymous Coward | more than 3 years ago | (#36565304)

Voting or "e-Voting", voting has always had fraud.

Wikipedia has over 3600 hits on "vote fraud", but good old Google more lackadaisically says "about 25,000,000 results"...

Why are there no ID requirements to vote? You can't legally drive, can't fly on a plane, rent a car, visit someone in a hospital, get money from an ATM, or do much of anything without some sort of ID. I'll bet you didn't get an account with your ISP without verifying who you were, by at least telling them enough to get past the credit check.

How about this - no ID? Give us your word that you are a citizen, and you can vote on all "law" and "policy" issues (like "free speech", "gay rights", "abortion rights", "term limits", whatever.)

Want to vote on bond or spending bills? Tax issues? Anything that has do with spending money? Show an ID -A recent tax return with a > 0 number on the "Tax" line of your tax return would be appropriate.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>