Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

In France, a Showcase of What Can Go Wrong With Online Voting

timothy posted about a year ago | from the one-homme-one-vote dept.

Security 177

Bruce66423 submits a report from The Independent, writing that "a French primary election is made the stuff of farce after journalists defeat the 'secure' election system." From the article: An 'online-primary,' claimed as 'fraud-proof' and 'ultra secure,' has turned out to be vulnerable to multiple and fake voting. The four-day election has also the exposed the poisonous divisions created within the centre-right Union Pour un Mouvement Populaire (UMP) by the law permitting gay marriage which took effect last week. ... What was already shaping up as a tense and close election was thrown into utter confusion at the weekend. Journalists from the news site Metronews proved that it was easy to breach the allegedly strict security of the election and vote several times using different names."

cancel ×

177 comments

Hate group (-1)

Anonymous Coward | about a year ago | (#43891221)

The french U.M.P is no more than a band of thieves and a hate group. No good ever came out of them, all their attempts at democracy are utter failures.

Also consider the fact they generated some people such as Nicolas Sarkozy, the worst criminal this country has ever known.

Re:Hate group (0)

Anonymous Coward | about a year ago | (#43891245)

Hate much?

Re:Hate group (0)

Anonymous Coward | about a year ago | (#43891303)

Apparently your knowledge of history doesn't extend farther back than, say 1990?

Napoleon Bonaparte was a hell of a lot worse than Sarkozy, but you believe whatever lunatic notion you want.

Re:Hate group (1, Informative)

rossdee (243626) | about a year ago | (#43893005)

Napoleon Bonaparte was a hell of a lot worse than Sarkozy,

Napoleon wasn't President, he was Emperor
(You don't vote for Emperors)

Re:Hate group (3, Interesting)

Anonymous Coward | about a year ago | (#43891417)

Also their appeal commission for electoral matters is named C.O.N.A.R.E which translates pretty much to "asshole" in french.

That name became popular after their tried electing a leader for their party last year, the two sides stuffed ballots, they couldn't find any kind of agreement so far and they now have officially two different leaders and two dozens simultaneous "general secretary" title holders.

The only political form of opposition they actually opposed since the new president got elected was on the topic of gay marriage by showing everyone the immense depth of their evilness, trying to provoke insurrection, throwing racist and homophobic insults and repeating nonsense.

Finally about 3 out of 4 people at the head of this party is either being prosecuted or has already be condemned for various offenses such as buying people's votes, stealing public money, having dead people vote.

Lately Nicolas sarkozy and Eric Woert (previous minister of economy) are being tried for, oh greatness, abusing an old senile lady, the richest in France, the owner of the cosmetics brand Loreal. Suitcases full of euros for financing Sarkozy's campaign.

Another one still Sarkozy but with Claude Guéant (previous minister of intrior), inculpated for receiving money from Muhamar Khadaffi. Possibly up to 50 million dollars.

The minister of interior just before that was Brice Hortefeux and this nice dude with the looks of a wafen SS was condemned for "racist insults" towards militants of hist own party, the mighty UMP.

The present auto proclaimed leader of the UMP is JeanFrancois Copé. His little personal problem is he has been photographed in the house of a convicted weapon dealer, the same person who he signed fiscal exemptions for million euros when he was minister of economy.

And the list goes on and on and on...

Those people, they are rot. They represent everything that is bad in hour country. This is why we can't have nice things.

Re:Hate group (3, Interesting)

manu0601 (2221348) | about a year ago | (#43892501)

The only political form of opposition they actually opposed since the new president got elected was on the topic of gay marriage

OTOH, time is hard for right wing opposition, since the so-called left wing François Hollande is pursuing the exact same economic policy as former right wing president Nicolas Sarkozy.

During the presidential campaign, François Hollande said he would fight finance power and renegociate the treaty on stability, coordination and governance (TSCG) [wikipedia.org] , which commits signatories to austerity. He did none of this.

Re:Hate group (2)

Coeurderoy (717228) | about a year ago | (#43891455)

I really do not like Nicolas Sarkozy and his politics, but calling him "the worst criminal ..." is the kind of hyperbole that discredit the rest of your message.

Re:Hate group (-1)

Anonymous Coward | about a year ago | (#43891543)

read my second post with more details upper. He is indeed the worst criminal to lead the country since France is a republic. And don't waste my time arguing about Napoleon shit, i don't ask americans if they relate to native america's tribe leaders like Jeronimo or whatever.

The point is he committed crimes, crimes for which he is being tried one by one, that makes him a criminal and as the most tried among our previous politicians he automatically becomes the worst criminal.

If you can only argue about rhetoric there's no need to argue.

Re:Hate group (-1)

Anonymous Coward | about a year ago | (#43891629)

There is also a strong chance that he sent us to war in Libya on purpose of eliminating Muhamar Khadaffi for covering up his generous donations when be became less docile.
That's even worse then what Bush did, at least he served multiple interests. No Sarkozy just serves himself.

His third big pending prosecution is about the Karachi bombings where a dozen french citizens were killed.
They were killed because of his shady business around back fees over the sales of weapons to Pakistan.

This mans is a thief and a murderer. Nowhere in modern history anyone did even come close to that. (maybe Petain WWI but he was a traitor and not an elected president).

Re:Hate group (0)

Anonymous Coward | about a year ago | (#43891733)

Ianal, but as far as I know you are not a criminal unless you are convicted for a crime. If Nicolas Sarkosi hasn't been convicted, calling him a 'criminal' isn't just about rethoric.

Re:Hate group (-1)

Anonymous Coward | about a year ago | (#43891819)

Important people such as presidents never go to jail. Nevertheless we all know what they did.

GWBush will never be convicted but everyone knows the kind of murderer he is.

The fact that Sarkozy is being prosecuted so much lately, for HUGE cases about lives and millions of laundered money each time is already more that one could possibly expect. He is a criminal. He also liked to call suspects by the name of criminal or "présumé coupable" on TV despite the constitution on every occasion he was given.

I won't even go into his sociological influence over the french population. "La France décomplexée" he said. Yes we all know where their complexes are gone now, down the flush for full on racism, no shame, slavery to money and intellectual prostitution.

He is the devil incarnated. And at least the devil doesn't exist.

Re:Hate group (1)

larry bagina (561269) | about a year ago | (#43891885)

Jacques Chirac is a convicted criminal.

Heh. (2)

Black Parrot (19622) | about a year ago | (#43891227)

Journalists from the news site Metronews proved that it was easy to breach the allegedly strict security of the election and vote several times using different names.

Adds a new meaning to "vote for me".

Re:Heh. (-1, Troll)

terry800 (2938733) | about a year ago | (#43891529)

just as Jennifer responded I am surprised that some one can get paid $9476 in 1 month on the internet. have you seen this web link ..>>www.jam30.m

Re:Heh. (-1)

Anonymous Coward | about a year ago | (#43892691)

I bet you make all your money sucking cocks.

Re:Heh. (-1)

Anonymous Coward | about a year ago | (#43893055)

One of my colleague ,he just has announced him wedding with a old women who is a 10 years old than him !they met via kisscougar.yolasite.c0m.It is the largest and best club for Age gap Singles to chat online.Find a women who is old than you would learn more things. It's worthy a try,Maybe you wanna check it out or tell your friends!

Working as planned (5, Insightful)

Anonymous Coward | about a year ago | (#43891235)

I like this system. Each vote costs €3 and you can vote as often as you like. In other countries money buys you access, influence and power but we pretend that everyone is equal. France sweeps away the hypocrisy and makes it explicit: mo' money, mo' votes.

Vive La France, Vive La Révolution!

Re:Working as planned (4, Informative)

manu0601 (2221348) | about a year ago | (#43892511)

I like this system. Each vote costs €3 and you can vote as often as you like. In other countries money buys you access, influence and power but we pretend that everyone is equal. France sweeps away the hypocrisy and makes it explicit: mo' money, mo' votes.

This election is not ran by the French Republic, it is ran by one political party in city of Paris, to decide what candidate they will have for next Paris mayor. It does not reflect France position on electronic voting.

Re:Working as planned (3, Informative)

hcs_$reboot (1536101) | about a year ago | (#43893047)

Moreover, the voting system was not well designed: just by knowing the name, address and birth date of someone (eg someone from another party, not likely to vote during UMP primaries), and paying €3, one could vote several times... Sadly, that botched voting system gives the impression the electronic vote is a lost cause. That reminds me of a Windows to Linux migration in a big administration where the migration and training where so badly implemented that people where reluctant to work on Linux, and the whole gave an impression of a big failure.

Designed Poorly (4, Insightful)

starworks5 (139327) | about a year ago | (#43891279)

Clearly its not that internet voting cannot work, its that this was implemented poorly, credit cards are easy to get your hands on, what really matters is the vote verification. Nothing prevents a person from stealing vote by mail ballots, and using a fake signature to send in the vote, whether the vote is tallied is another matter.

Now if you used multi-factor verification, along with biometrics (webcam photo) and IP logging, you would be able to sample and defeat fake votes.

Re:Designed Poorly (3, Insightful)

Coeurderoy (717228) | about a year ago | (#43891499)

The only way Internet voting can work is if you launch a brand of transparent urns called "internet" and use them for manual voting. No amount of biometrics will ensure that a vote is not a "family vote". And that is before you factor in the fraud issues.

Re:Designed Poorly (4, Insightful)

Sique (173459) | about a year ago | (#43891781)

Internet Voting can not work for a simple reason. Internet Voting has to both ensure that each person which votes is clearly identified to make sure the person is eligible to voting and at the same time can not be identified to make sure the voting is secret, at the same time clearly identify the vote to make sure it is counted only once and at the same time not making the individual vote identifyable to keep the voting secret.

Paper-and-pen voting solves this problem by first identifying the person, handing the person a non-identifyable sheet of paper, the ballot, let the person vote in secret and then keep the vote in a closed box until the counting. (And the problems surrounding pen-and-paper-voting like ballot stuffing can be managed by making everything of the voting box except the actual voting public.)

Re:Designed Poorly (4, Informative)

linnumees (1147107) | about a year ago | (#43892173)

Yes it can.

Estonia has a smardcard-based ID card that can be used for authentication and digital signatures (two different keys). The latter is legally as good as your handwritten one which means you can build all sorts of services on top of that, elections are just one of them. The vote is encrypted with the public key of the current election, signed with the ID card and sent to a central server. Later, the double votes are removed according to the list of people who voted on the election day (so if you were forced to vote for someone and your ID card taken away, you can just grab your passport and go vote again using the "old" method), votes are separated from the signed container, moved to a physically different machine, decrypted and counted. Anyone can go and see how all the process is done.

See http://www.vvk.ee/voting-methods-in-estonia/engindex/reports-about-internet-voting-in-estonia/ [www.vvk.ee] for details.

Re:Designed Poorly (3, Insightful)

Yoda222 (943886) | about a year ago | (#43892249)

I force you to vote for what I want in front of me on internet using your ID card and I threat you that if I see you going at the voting place the day of the election I put your sex tape on the internet, or I kill you, or anything between these two options.

Re:Designed Poorly (1)

F.Ultra (1673484) | about a year ago | (#43892649)

You don't even have to watch to see if he goes to the voting place, all you have to do is to confiscate his passport on the voting day, you can even return it to him the next day.

Re:Designed Poorly (0)

Anonymous Coward | about a year ago | (#43892285)

looks like a smart and effective system, though unfortunately that would get no traction in america. its considered by some to be "discrimination" to require a form of official identification. on the other side of the aisle you have hoards of internet whiners posting "papers please" as their primary argument against an ID system.

Re:Designed Poorly (1)

Anonymous Coward | about a year ago | (#43892257)

This problem can be solved with Internet Voting too. Blind Signatures (http://en.wikipedia.org/wiki/Blind_signature) or Homomorphic Encryption (http://en.wikipedia.org/wiki/Homomorphic_encryption) are two crypto primitives useable for this job.

If anything holds back proper Internet Voting right now, it's issues like ensuring it works with compromised computers (because you can't assume a home computer will be clean), or that a person will not lose its right to vote if a crash happens at the wrong time (maliciously or not)

Re:Designed Poorly (1)

foniksonik (573572) | about a year ago | (#43892943)

Simple. Dedicated signed app that uses its own VPN connection.

Done and done. The Internet isn't the web ya know.

Re:Designed Poorly (1)

Sique (173459) | about a year ago | (#43893549)

Blind signatures don't solve the problem of proving your own ballot was counted correctly.

Re:Designed Poorly (1)

F.Ultra (1673484) | about a year ago | (#43892639)

Is that really how mail votes are handled in your country? In Sweden the mail votes are handled exactly like on election day, the same checks etc so it's not possible to just fake a signature.

UMP centre-right!? (4, Insightful)

loufoque (1400831) | about a year ago | (#43891283)

Maybe centre-right by American standards, but more like borderline far-right by French ones.

Re:UMP centre-right!? (0)

Anonymous Coward | about a year ago | (#43891511)

Or completely batshit extremists. They are even worse than the "Front National" which is where the racists are usually found.

Re:UMP centre-right!? (-1)

Anonymous Coward | about a year ago | (#43892137)

If the day comes that the actual "far right" (which was actually totalitarian socialist in the style of North Korea and the former Soviet Union) rises from the ashes of Europe your words would make you die of outright shame as you toil in the slave labour camp extracting useful material from the carcasses of your peers (most likely including whatever they'll feed you).

In short get some fucking perspective you leftist loon.

Re:UMP centre-right!? (0)

Anonymous Coward | about a year ago | (#43892269)

Ahha, looks like somebodies daddy assfucked him too hard today.

Little bitch, go home.

Re:UMP centre-right!? (0)

Anonymous Coward | about a year ago | (#43892061)

... or German standards... or basically any other country's standards.

By the way: Does anyone know any country that's more right-leaning (-tipping-over) than the USA right now? Just out of curiosity... I don't know of such a country...

Re:UMP centre-right!? (1)

Nidi62 (1525137) | about a year ago | (#43892777)

By the way: Does anyone know any country that's more right-leaning (-tipping-over) than the USA right now? Just out of curiosity... I don't know of such a country...

Iran, Saudi Arabia, uh....the Vatican? (it is technically a sovereign state after all)

Re:UMP centre-right!? (0)

Anonymous Coward | about a year ago | (#43893477)

Actually Germany, France, Switzerland, Norway, and Greece have named nationalist parties that are utterly horrifying to Americans.

Remember, racist Americans hate "illegals", standard Europeans hate "foreigners" who have been living in their countries for decades.

Re:UMP centre-right!? (2)

hcs_$reboot (1536101) | about a year ago | (#43892989)

There is one big difference between US and French parties: in France, not even once the president ever pronounce the word "god"...

Oxymoron? (5, Insightful)

jasnw (1913892) | about a year ago | (#43891289)

Is "safe online (PUT YOUR SERVICE HERE)" as much an oxymoron as the much-malinged "military intellegence" back in the '60s? I see lots of stories about both sides of online voting, but I've not seen an answer to the basic question of "is it possible to have a safe hack-proof online voting system." I don't mean an assessment of whether Siebold or any of the other idiots in this market have fool-proof systems, but whether or not voting can be done safely online even if Brother Stallman designed it. My own feeling is that it's like putting something critical such as access to power grids online - not a good idea unless there's no other way to get what you need. I don't really see what's so hard about schlepping down to your local school and voting once a year or so. If that's too hard for you, don't bother voting because the hard work of making an informed choice is likely beyond your capabilities as well. (Does not apply to people who can't get to a voting booth for several of many good reasons, and mail-in ballots has worked for these people for decades.)

Re:Oxymoron? (0)

Anonymous Coward | about a year ago | (#43891369)

You need to understand, the powers that be WANT to have a hackable voting system. They oppose any measure that tries to make the voting fair, or remove dead people off the rolls. And don't even try to ask people to verify who they are when voting, as that would cut down on fraud, which is the opposite of what they want.

Re:Oxymoron? (1)

Ardyvee (2447206) | about a year ago | (#43891373)

I would like to believe it is possible to create a online voting system as safe as the physical one. I'm not saying hack-proof, because humans are in the equation and we know how they are prone to always screw things up... But as safe as the physical it should be possible. I would add, then, to you question: is it possible to make such safe system easy/simple to use in a sensible time-span?

I do, however, agree on your feeling that perhaps even if we could, it would be better if we did not. Just as I don't think allowing anybody to control the power grid online (accessing some read-only information may be okay).

Ultimately, though, online voting could bring more voting because: a) it's "easier" (no need to move to designated voting place); b) faster to count (since, you know, it's already being dealt with in a computer, so it should be trivial to just decision#++;). You could have even more people voting on even more decisions, which should translate into better decisions/decisions that represent what the community wants. Sure, it could be done with non-online methods, but it would not be as practical.

Re:Oxymoron? (1)

IanCal (1243022) | about a year ago | (#43891469)

It isn't possible, because you can no longer have any reasonable guarantee that there was no coercion. You need to control the location the vote is cast.

Re:Oxymoron? (1)

WWJohnBrowningDo (2792397) | about a year ago | (#43891603)

Wouldn't a duress code solve the coercion problem?

Re:Oxymoron? (1)

IanCal (1243022) | about a year ago | (#43891681)

Sounds quite complicated.
It'd need to be unique to each person, and have been delivered to them without anyone else seeing (you don't want the person you're afraid of knowing you're signalling duress). Then, given that someone is likely to turn up at the house (voter fraud is very serious, I'd expect the police to be involved) you could be found out.
If it's a workplace thing, do you want to risk getting fired?
The problem is you need to this to be indistinguishable from a normal vote to any observer, and however you do this cannot be intercepted or detected.

Re:Oxymoron? (0)

Anonymous Coward | about a year ago | (#43892507)

I don't get it, why do the police have to be called the moment someone enters a vote with a duress signal? It's not a fucking bat-signal. The voter was being coerced, used the duress password to fake a vote, situation diffused, end of story. If the voter files a complaint, or does it repeatedly during every election ok investigate, but otherwise sounds to me you're trying to come up with some absurd argument against online voting because you've run out of proper arguments.

Re:Oxymoron? (3, Insightful)

ArcherB (796902) | about a year ago | (#43891737)

It isn't possible, because you can no longer have any reasonable guarantee that there was no coercion. You need to control the location the vote is cast.

Shouldn't that disqualify absentee voting? Frankly, I see no difference between Internet voting and voting by mail when it comes to security. The best way to eliminate voter fraud is to have all votes be in person with ID checked and visible mark (purple finger, for example) that can be used to identify who has already voted and can not be removed within the time frame that the polls are open. The only excuse for voting remotely should be if the voter is physically unable to make it to the polls, and even then, physical confirmation must be made of the handicap in question and the vote should be cast with a verified poll worker present.

Re:Oxymoron? (2)

IanCal (1243022) | about a year ago | (#43891813)

Frankly, I see no difference between Internet voting and voting by mail when it comes to security.

Scale. Voting by mail is done in fairly small numbers and importantly is not the standard. You have to go through extra hoops to do it. As it's implemented, it certainly has the problems of coercion, but is probably better than stopping those people voting at all.

Internet voting, however, would be something I'd see as standard. Not a special case for those who can't make it to the polls, but for everyone. And that's where it starts to worry me.

Re:Oxymoron? (2)

F.Ultra (1673484) | about a year ago | (#43892671)

Also depends upon how the mail voting is implemented, over here (Sweden) you don't just mail in your vote. You still have to go to specific voting places (if you are abroad you have to go to the Embassy) and there the voting is set up exactly like it's done on election day in the normal voting place.

Re:Oxymoron? (3, Insightful)

Cacadril (866218) | about a year ago | (#43892755)

There is a countermeasure to coercion. Allow people to vote as many times as they like; only the last vote counts. If you are forced to vote for Eve, you vote again later in the afternoon, for Alice.

Your boss would have to keep you locked in until the poll closes to prevent you from overriding the forced vote with a later vote. It would be hard to do that with enough people to change the election outcome, without it becoming very evident.

Add another provision: When you vote electronically, the computer shows you ten pictures and you have to select one. When you vote next time, you are shown ten pictures including the one one you selected. You have to select the same picture as last time to override the previous vote. The system does not tell you if you picked the right picture. If your boss forces you to vote five minutes before the poll closes, you select a different picture, and that vote is not valid. Your boss may force you to select a particular picture, but his chances of picking the right one will be just 10%. He could force you to vote ten times, but there could be timeout rules to make that hard.

Add a third provision: You may also vote in person at any police station, school, or any one of a number of places, and not just on election day, similar to absentee votes. A vote in person overrides votes over the Internet even if the Internet vote was issued later. If you suspect that you may be forced to vote for Eve just before the poll closes, vote in person early.

Re:Oxymoron? (0)

Anonymous Coward | about a year ago | (#43892009)

It's not possible because using a single-use ID# (say, the hash of the voter's info + random salt) means that if I grab their voter ID# out of their mailbox (and copy it or steal it) and use it first then you can't prove who cast the vote (or rather that the registered voter didn't cast that vote).

- An IP address isn't a person, so that won't confirm who voted.
- You can't use the address of the IP because there's nothing to prevent a legitimate voter from voting using any computer.
- You can't stop bots that try a shit load of ID#s from different IPs (just old voters with bad eyes and poor keyboard skills).
- You can't stop multiple votes from the same IP (could be a house, an office building, an internet cafe, a voting center or even a cell carrier's shared IP crap-magic).
- Many more things than my feeble brain can conjure.

There are ways to address most situations for most weaknesses, but you can't seal it up tight.

The more devices that you let connect to your voting network the more points of failure you have for service and for security.

on line vote = foreced to vote your bosses way at (1)

Joe_Dragon (2206452) | about a year ago | (#43892179)

on line vote = foreced to vote your bosses way at work.

Re:Oxymoron? (1)

Altrag (195300) | about a year ago | (#43893421)

Need two things:
- Verification that you are who you say you are.
- Verification that you haven't voted before.

The second part is easy. Distribute a pre-generated code to each eligible and registered voter (this already happens in my country -- we get voter cards a week or two before the election, though they're more of a reminder than anything important -- you can vote without them as long as you provide some other proof of residence.) Generating a 128bit (or longer) code randomly for each citizen is dead simple and impractically difficult to break in a short amount of time (especially with some anti-cracking measures in place like giving you a 10min cooldown if a single IP fails more than 3 times in a row or something.)

The first part is the hard part. In a regular polling station, the primary thing stopping me from selling my vote is that you have to trust I'm going to mark the one you paid me to mark. With the online system though I could just sell you my code and then you mark it yourself. This doesn't work in a regular polling station because the polling officers will be checking (photo) ID which is not an option online.

Of course a hybrid approach (electronic voting stations) is entirely possible -- that is, a regular polling station except with computer terminals instead of paper ballots.

Of course with any technological solution (online or not) you have to be able to trust the people who built the system to not have political motivations of their own (or at least be sufficiently moral to not compromise the system.) Which eliminates almost every company and government body large enough to actually implement such a system unfortunately.

Re:Oxymoron? (3, Insightful)

Anonymous Coward | about a year ago | (#43891409)

Online voting is inherently unsafe even if it can be proven that each person can cast one (and only one) vote. Without online voting, people go to the voting booth and put their votes in, either electronically or on ballot. No one can see who votes for whom. With online voting, your vote can be forced by others in authority. Your church, your parent, your , even your local criminal organization. Since an authority figure can oversee and insist on you voting in a way they prefer, without in-place measures protecting that vote and ensuring its confidentiality, an online vote can never be made safe.

Re:Oxymoron? (0)

Anonymous Coward | about a year ago | (#43891453)

It's not a problem of being too hard for the people -- governments spend a lot of money on renting all those locations and hiring the people to handle the counting. Clean that up, and you can have elections without the high price tags every time.

Initial setup for online voting would be very expensive, but after that it would save a lot each election (If things were working properly)

Re:Oxymoron? (0)

Anonymous Coward | about a year ago | (#43892071)

governments spend a lot of money on renting all those locations and hiring the people to handle the counting.

That is the price of democracy. If the cost is the issue, why not impose a small "fee" (aka tax their asses) on every party that runs. Say, 1% or 2% of their total contributions should do it.

Re:Oxymoron? (0)

Anonymous Coward | about a year ago | (#43893105)

why not impose a small "fee" (aka tax their asses) on every party that runs.

Ensuring that only the rich can run for any office (including minor local offices). Since secure voting is a basic need of a healthy democracy, it makes sense to tax everyone equally, not just the people who run for office.

Re:Oxymoron? (1)

turbidostato (878842) | about a year ago | (#43892403)

"governments spend a lot of money on renting all those locations and hiring the people to handle the counting. "

Don't mistake USA with "governments": other countries manage to not pay a rent (i.e.: using public schools or other public buildings) nor hires (levvy, just like being part of a jury), so there it goes your argument.

Re:Oxymoron? (1)

ShanghaiBill (739463) | about a year ago | (#43892517)

other countries manage to not pay a rent (i.e.: using public schools or other public buildings)

It is the same in America. Votes are cast in schools, fire stations, libraries, or other public locations. I have never heard of any polling place being rented. I have worked as a polling place volunteer, and I was not paid.

Re:Oxymoron? (3, Informative)

Coeurderoy (717228) | about a year ago | (#43891635)

Let's assume the infrastructure for online voting is "perfect", open source, reviewed code, yada yada ... Now how do you garanty that there will be no interference from familly members, particularly from conservative families... How do you fight vote buying when it is easy to put a screen copy tool at work to ensure "correct" voting... How do you fight disenfranchising when a well aimed pickaxe can cut off a couple of high rises long enough to lower their vote and short enough to make it difficult for the oposition to protest. And then assuming that you succeeded in getting an open source solution (any other solution is just a way to give the vote to the software editor, of course the current electronic vote solutions do exactly that) how do you protect tampering at the data transmission point, since you do not need, and actually cannot really use teams of supervisers from oponing parties, it is enough to corrupt a small group of officials so that they ignore the real vote and send what ever is convenient... The core issue of "modern voting" is that most important votes end up being between two very close candidates, and in most cases the differences between the number of voters is smaller than the margin of errors in the pre-election pools. Additionally we let the cost of election run amock so unless the "winner" is proven to actually eat little babies for breakfast, even if nobody in his or her right mind can believe that the vote is "correct" redoing the whole shebang seems too expensive. So "online voting" cannot work, moreover it "solves" a problem that does not exist, if not enough people can be bothered to show up to do a manual count, you got a problem that no voting technology can ever solve, and if they do come, then you do not need electronic voting systems.

Re:Oxymoron? (5, Insightful)

Anonymous Coward | about a year ago | (#43891825)

(Replying as AC because I'm also moderating)

Even if the system is, in fact "perfect" - and even if you could somehow avoid the possibility of coercion - you've still got a HUGE problem: how do you convince the general public that the system IS actually secure? Most people aren't nearly technically savvy enough to figure it out for themselves, or even to really understand the difference between "secure crypto" and "insecure crypto" even if you carefully explain it to them. And telling them that it's all OK because a bunch of hackers designed and/or reviewed the system isn't going to cut it, no matter how much of a good idea that might be in theory or even in practice.

The fact is, if a non-trivial group of people think the system was hacked, you've got a credibility problem REGARDLESS of whether or not it was hacked. Unfortunately there are distressingly large numbers of people willing - even eager! - to believe all sorts of wacky conspiracy-theory shit (google "chemtrails"). With a traditional in-person paper system you can at least demonstrate that massive fraud is impractical. With an online system there's simply NO WAY to convince people that massive fraud DIDN'T occur.

Re:Oxymoron? (1)

MacDork (560499) | about a year ago | (#43893555)

Let's assume the infrastructure for online voting is "perfect", open source, reviewed code, yada yada ...

Now how do you garanty that there will be no interference from familly members, particularly from conservative families...

You're setting the bar higher for online voting than the current system. How do you gaurantee no interference from family members now? I know you don't vote the right way. I'm not driving you to the polling station. I'll lock you in your room and monitor you until the election is over.

How do you fight vote buying when it is easy to put a screen copy tool at work to ensure "correct" voting...

It's just as easy to modify the html in a page so it only looks like you voted a certain way. There's also photoshop. What fool is going to pay for a vote with a screenshot as proof? I can sell my vote to every interested party by that logic.

How do you fight disenfranchising when a well aimed pickaxe can cut off a couple of high rises long enough to lower their vote and short enough to make it difficult for the oposition to protest.

That's not even realistic. Some places in the states already allow voting as early as 50 days before the election. What are you gonna do, take out my internet, at home and work, for two months... with a pick axe? Good luck knocking out my 4G.

And then assuming that you succeeded in getting an open source solution (any other solution is just a way to give the vote to the software editor, of course the current electronic vote solutions do exactly that) how do you protect tampering at the data transmission point, since you do not need, and actually cannot really use teams of supervisers from oponing parties, it is enough to corrupt a small group of officials so that they ignore the real vote and send what ever is convenient...

lrn2crypto

The core issue of "modern voting" is that most important votes end up being between two very close candidates, and in most cases the differences between the number of voters is smaller than the margin of errors in the pre-election pools. Additionally we let the cost of election run amock so unless the "winner" is proven to actually eat little babies for breakfast, even if nobody in his or her right mind can believe that the vote is "correct" redoing the whole shebang seems too expensive.

The whole point of online voting is to make it fast and cheap.

So "online voting" cannot work, moreover it "solves" a problem that does not exist, if not enough people can be bothered to show up to do a manual count, you got a problem that no voting technology can ever solve, and if they do come, then you do not need electronic voting systems.

There are challenges, but nothing you mentioned says "impossible" to me.

Missing case (3, Insightful)

gmuslera (3436) | about a year ago | (#43891319)

That journalists find and publish it is something that went right. The worst that could happen (or is happening actually) is that noone makes public their findings, or they are forbidden/punished by law if they try to see or warn if there any "weak" point. And of course, the people behind the election, both politicians and company.

Broken by Design (1)

Anonymous Coward | about a year ago | (#43891325)

> Metronews said that one of its journalists had managed to vote five times, paying with the same credit card, using names, including that of Nicolas Sarkozy.
> The discovery generated an explosion of name-calling within the party and calls by Mr Bournazel for the primary to be abandoned. After a three-hour crisis meeting on Saturday, the Paris federation of the UMP decided to press ahead

Dont need to read more than that. The PTBs dont care if the election is rigged or not. Likely broken by design.

Re:Broken by Design (1)

o'reor (581921) | about a year ago | (#43891387)

Yup. Either broken by design, or designed by people who didn't actually care about the result. Those guys neither have a culture of democracy, nor a culture of computer security. It boggles my mind that they've been 10 years in power until 2012...

supposed to make a credit-card payment of €3 (2)

gl4ss (559668) | about a year ago | (#43891447)

it sounds like a voting fit for a reality show.
"To register their vote on-line, Parisians were supposed to make a credit-card payment of €3 and give the name and address of someone on the city’s electoral roll."

sounds to me it's just a scam to get 3 euros out of people.

1) have an election about an extremely heated issue to some groups.
2) provide them a means to vote multiple times by paying 3 euros per vote
3) get money from said groups.

it doesn't look to me like they're going to refund that money.

because eh, the whole concept of how it's done goes against ultra secure and quite frankly against any principles that goes with modern voting. the whole concept is anything but secure or fair. it doesn't matter how good the code behind the service is even.

couple of good ground rules:
a) voting is a right - it is to be provided gratis for every adult.
b) check identity somehow(pay id cards from social security or whatever).
c) default enforced(unless disabled etc) voting method should not be a process that is observable to people even if a voter "wants" it to be.
d) if you need to limit amount of candidates have them collect supporters lists(this is usually easily done for people serious about being a candidate, since the limit should be relatively low). these lists can be forged and people can sign the list for multiple candidates, but that only gets them to be a candidate.

The lesson that will be learned (4, Insightful)

frovingslosh (582462) | about a year ago | (#43891355)

It is a crime to vote multiple times. That crime will not be prosecuted. It is a much bigger crime to expose that the system is corrupt and open to fraud. That crime will be prosecuted.

Re:The lesson that will be learned (2)

fuzzyfuzzyfungus (1223518) | about a year ago | (#43891397)

Is it a crime in this case? It varies by jurisdiction, of course; but party primaries are often technically just of the same legal standing as somebody's Friday poker club voting about something. They are, of course, magnified by history and institutional inertia; but the elections by which parties decide on their own candidates for office and elections where voters decide on candidates to actually put in office are quite different things.

What does it say about the people who buy these? (1)

whoever57 (658626) | about a year ago | (#43891421)

The people who make the decisions to buy electronic voting systems --are they particularly susceptible to snake-oil salesmen? Surely there is ample evidence that a truly secure on-line voting system is about as likely a unicorn registering to vote, but somehow, the buyers of the system think that they can buy what no-one else can buy?

To register their vote on-line, Parisians were supposed to make a credit-card payment of â3 and give the name and address of someone on the cityâ(TM)s electoral roll.

So you have to pay to vote? In other words, it is really just a party ballot, not a real election, that's why the journalists were able to test it and publicize the failure.

bad example (1)

frovingslosh (582462) | about a year ago | (#43891463)

Here in North Carolina, even without on-line voting, we have several unicorns and many people over 150 years of age who vote by Absentee ballot. Most of them seem to be Democrats.

Storm in a teacup (4, Informative)

AdamInParadise (257888) | about a year ago | (#43891443)

A few facts :

  • It's only a primary for the Paris mayoral election next year, i.e. not a national election.
  • The journalists shown that it was really to vote as someone else if you knew a couple of easily and legally obtained piece of information about them i.e. no hacking involved. However, so far there's no indications that fraud is actually taking place.
  • The same party is having a primary in Lyon as well, but they are using a traditional paper ballot, and so far it seems to be going pretty well.

OK, so electronic ballots are proved to be less "secure" than paper ballots, again. The UMP is proved to be technologically illiterate, again. Yawn.

Re:Storm in a teacup (1)

eulernet (1132389) | about a year ago | (#43891561)

OK, so electronic ballots are proved to be less "secure" than paper ballots, again.

Hum, do you remember the election for the leader of UMP between Fillon and Copé ?
The vote was done with paper ballots, but there have been massive frauds anyway, since Copé stole the election.
The fraud was so massive that Fillon rightfully complained, but since we are talking about politics, they settled "peacefully".

What this proves is that UMP leaders abuse the voting system.

Re:Storm in a teacup (0)

Anonymous Coward | about a year ago | (#43891731)

Copé said himself on Twitter that UMP is "learning Democracy", as an excuse for the mess. If they're only learning it now, it explains a lot... :D

Re:Storm in a teacup (1)

Yoda222 (943886) | about a year ago | (#43892313)

I doubt that UMP is learning democracy. I don't doubt they don't know democracy, my concerns are about the learning part.

What's wrong with "normal" voting? (4, Insightful)

Darkness404 (1287218) | about a year ago | (#43891479)

Before rushing to adopt online voting, we really need to ask ourselves, what exactly is wrong with just voting normally that voting online solves.

Re:What's wrong with "normal" voting? (4, Insightful)

fredprado (2569351) | about a year ago | (#43891559)

There is nothing wrong with voting normally as there is nothing wrong with travelling from east to west cost by foot. It is just a lot slower than the alternative and requires considerably more work.

The right question to make is not this one, though. It is: "Is there a way to achieve both anonymity and security"? The answer is unfortunately no. That is true for normal, paper voting as well, by the way.

The main difference is that electronic voting, and in special online voting, is easier to be tampered with in large scale, and paper voting is easier to be tampered with in smaller scale.

Re:What's wrong with "normal" voting? (1)

mjwalshe (1680392) | about a year ago | (#43891643)

Seems to work well enough in the UK

Re:What's wrong with "normal" voting? (0)

Anonymous Coward | about a year ago | (#43891739)

I live in a land-locked country, you insensitive clod.

Re:What's wrong with "normal" voting? (0)

Anonymous Coward | about a year ago | (#43891593)

Nothing.

However, /in theory/ voting online can bring about orders of magnitude reduction in cost and organisation required for an election, which means voting online could be done more often and more quickly.

Representative democracy has been shown on many occasions to be vulnerable to corruption (hope you'll not ask for citations here) that I for one strongly want the ability for the people to demand "let us vote directly on this"

Note that I'm changing the subject here slightly - online voting for representative democracy is no better than paper ballots; but it is the necessary first step.

Re:What's wrong with "normal" voting? (1)

Anonymous Coward | about a year ago | (#43891609)

Before rushing to adopt online voting, we really need to ask ourselves, what exactly is wrong with just voting normally that voting online solves.

What is wrong with normal voting? Here are juts a few things off the top of my head,

1. It is much more difficult to buy votes
2. It is very difficult to intimidate voters
3. Paper trail add verifiable
4. Corrupt polling station official generally can only affect one polling station
5. Mass vote rigging difficult to achieve
6. No single entity makes lots of money off of an election
7. It is far less convenient to sell your vote, and the buyer can't verify how you voted.

So, if you wish to rig an election or make lots of money off of one, then you certainly do not like current voting methods in most nations around the world.

Re:What's wrong with "normal" voting? (0)

Anonymous Coward | about a year ago | (#43891659)

Well, in America, where the average citizen weighs in excess of 250 pounds (I refuse to make the effort to go to Google and convert that into kilograms), it really is a problem. See, it requires a certain level of physical fitness to get up out of the couch (or lazy boy), walk over to wherever your keys are, walk to your car, start the car, look at a map to figure out where you need to go, go back inside, grill a steak, fry some freedom fries, cook some bacon, warm up some cheddar, put it all together into a meal, eat it, clean up, get back in your car, start your car, spend 15 minutes trying to remember why you got in your car in the first place, go to the polling location in your car, get out of your car, walk to the polling location, use muscles in your arm to operate the lever (and show your ID in locations where they try to discriminate against people that want to fraudulently vote), and then do ALL OF THAT ALL OVER AGAIN just to get back home.

That's too much fucking work.

It's easier to just put your keyboard on your belly, click on a few things, and vote. I wish I had a toilet inside my chair so I wouldn't even have to get up to take a dump, and maybe something kinda like a urinal on the side so if I drink too much (or I'm sick from a disease), I can vomit and shit in my chair without having to make any real effort. As for peeing, I would just use a catheter and route the tube into the toilet bowl. My mom can change it for me every couple of days.

Oh, and don't forget to vote for Obama in 2016. I heard a rumor that a certain 22nd amendment to the constitution was going to be seeing some drastic changes soon.

Re:What's wrong with "normal" voting? (0)

Anonymous Coward | about a year ago | (#43891929)

It reduces the equipment costs by an order or two of magnitude since only standard computers would be required to make a 'voting booth'.

In addition, it would boost voter participation by making it convenient via one's home computer or phone.

Re:What's wrong with "normal" voting? (1)

turbidostato (878842) | about a year ago | (#43892427)

"It reduces the equipment costs by an order or two of magnitude since only standard computers would be required to make a 'voting booth'."

And that's cheaper than a transparent plastic box and some pieces of paper exactly how?

"it would boost voter participation by making it convenient via one's home computer or phone."

And there it goes your ability to vote anonymously and out of your free will.

Re:What's wrong with "normal" voting? (1)

gnoshi (314933) | about a year ago | (#43892563)

In Australia, we boost voter participation by having compulsory voting. If you don't vote, you either have to provide a written explanation of why or pay a fine.
Of course, you can simply go into a voting booth and scribble on the slip and then it becomes an 'informal vote' and isn't counted.

About 3-6% of votes are informal (according to the Australian Electoral Commission: http://www.aec.gov.au/voting/informal_voting/summary.htm [aec.gov.au] )

Re:What's wrong with "normal" voting? (1)

fredgiblet (1063752) | about a year ago | (#43893575)

I wonder if that's a good thing or a bad thing myself.

Re:What's wrong with "normal" voting? (1)

timeOday (582209) | about a year ago | (#43891989)

what exactly is wrong with just voting normally that voting online solves.

How soon we forget [mediabistro.com] . Remember when we waited for the result for months, and then got a Supreme Court coin-toss, because marking and counting paper ballots is error-prone - some can be interpreted either way.

To this add long wait times at the polls, which effectively requires some people to pay a high price (waiting for hours) to vote, skewing the outcome.

Granted, it has not been demonstrated that computerized voting can solve these problems without creating bigger ones. But the status quo is certainly not ideal.

Re:What's wrong with "normal" voting? (1)

Anonymous Coward | about a year ago | (#43891999)

The verifiability of current systems is pretty low. You can't tell if your vote is included in the total. Thats a problem.

The other problem is making sure each qualified voter gets at most 1 vote.

Now, obviously, if the electronic online election does not solve the first issue (verifiability) completely, that is just dumb, since solving that for online elections is easy, even for secret ballot, and thus the online elections should benefit over the more traditional ones in this respect.

Solving the other issue, while keeping secret ballot is a bit harder, especially in the face of low turnouts (if you steal the vote of someone who does not then try and vote, it can go unnoticed). Their system is apparently crap in this respect, and thus it is worse than more traditional systems.

How to do it right:
1: using existing systems for guaranteeing one vote each (mailing out ballots, voting booths, whatever) distribute credentials with which each voter can authenticate to associate a public key with whir voter registration. Display this table (voter+public key) publicly and early so people can argue about its correctness well before the election.

2: Distribute a "Election Description" document, containing all the relevant server addresses, election public keys, ballot items, deadlines etc. Put up the hash on the news, gov site, UN election auditors. whatever, so users/voters can verify that their voting software got the right file.

3: Voters can generate their ballot (including a field for a random value so all ballot can be unique). Blind it for blind signing purposes (such as RSA blind signature) and send it in a request to sign, signed with the voters private key (matching their public one). The signing server must respond with the blinded ballot signed, or with a copy of a previous such request signed with the voters key (proof the voter already had a ballot signed, and thus their request is invalid).

4: signed ballot is unblinded, and submitted through TOR. A delay before submission can optionally be employed to help resist defeating the private ballot via timing attack. Server must respond with a copy of the submission signed with the election key (this is proof your vote should be counted)

5: all ballot are displayed in a public table, signed by the election key. If you ballot is missing, and you have its submission signed, hand it over to the press (its not identifying, so thats fine), and they can prove the election invalid to everyone.

Once done, the server that does the ballot signing can display its full list of ballot singing requests (Which, remember, are signed with the voter's keys). This must be at least a large as the number of submitted ballots (if they can't find enough, election proved corrupt).

Tada, secure online election. A few details are omitted, and I don't have an implementation finished, but it is in progress.

Works in a nation of mathematicians and CS (0)

Anonymous Coward | about a year ago | (#43892413)

Sir,

    You forget a key point. If most of the populace doesn't understand, can't verify, and doesn't trust such a system, it's COMPLETELY WORTHLESS.

    Even I, with a far greater sophistication in understanding of cryptography than the standard, would have a very time feeling confidence in such a system--it's all in the implementation and there are SO MANY ways to screw up.

    It's very hard to screw up a piece of paper.

    Yes, I even agree that if implemented properly, your scheme is far better, except for the faith and trust issue.

Best,

--PeterM

Re:Works in a nation of mathematicians and CS (0)

Anonymous Coward | about a year ago | (#43892745)

My system could be presented in a way that to a naive user was basically identical to what the article describes happening in France. They were happy to try and use their system. Just doing a design swap between what they had, and a well designed system, that is opensource, should be fine.

I agree that it would be very hard to get the masses to accept that its actually secure enough top try and use, but it sounds like many people accepted such a claim about a system where that wasn't even true.

Here in the USA, we have some electronic voting systems that are closed source, and proprietary. People use them, despite knowing they have caused errors. I don't know why they put up with this shit, but perhaps we have hope for installing a sane system because, for some reason, they are willing to keep trying new systems, independent of quality.

Realistically, I don't expect my setup to make it into real national elections any time soon, but I could see in getting popular via the private sector (use it for board of directors type things), and then perhaps a company would build a commercial voting solution around it which might gain traction at the precinct level in a few years. Eventually sanity could win that way, because the companies that do vote counting in a sane manner using free software saves them money, and lawsuits.

I'll happily concede that you are right, no one will understand it, and it will likely never get used for anything. I just want to have a working implementation to point at next time I see an article like this, so I can feed my superiority complex. It also seems like a fun thing to code up.

Re:What's wrong with "normal" voting? (1)

F.Ultra (1673484) | about a year ago | (#43892715)

The verifiability of current systems is pretty low. You can't tell if your vote is included in the total. Thats a problem.

Of course you can, over here on election day any one who wants are free to stay and monitor the whole counting process

Re:What's wrong with "normal" voting? (0)

Anonymous Coward | about a year ago | (#43893179)

Here its vote by mail, but even if I could go and monitor the counting, its hard to be sure your exact ballot was not skipped, read correctly, as well as the count it was included in actually was included in the official precinct count. Yes, you can do some observing, but with a proper digital system, everyone can automatically audit it to check that their vote was included, and anonymously forward their ballot to any third parties they want which can also verify that the exact ballot is included in the final list of ballots. And, this process produces sufficient evidence to prove the election is corrupt if your vote is excluded.

Even a naive user could scroll through the big list of ballots and see that theirs is included (its unique by a random number the included in it. Note that not choosing a unique/random number is to the disadvantage of the voter, and they choose it, so I don't see that as a threat).

So yes, while paper systems can be verified to some extent, you can do better with an electronic one in that aspect. Thats the key here: a good electronic system, while still not perfect, can be better than a paper one in almost all aspects, often by a huge amount.

Re:What's wrong with "normal" voting? (1)

Hentes (2461350) | about a year ago | (#43892481)

Cost.

Re:What's wrong with "normal" voting? (1)

bunbuntheminilop (935594) | about a year ago | (#43892607)

A recount of a paper ballot will generally give a different result.

If you have an electoral system where each vote is counted towards the composition of the government, then this is a problem.

YUO FAIL It (-1)

Anonymous Coward | about a year ago | (#43891501)

the deal with you tasK. Resear3h A BSD over other provide sodas, hobby. It was all parties, but here may do, may not

Vote early and vote often! (0)

Anonymous Coward | about a year ago | (#43891587)

Now via the internet from the comfort of your home.

The shill is ousted, long live the shill (1)

OhANameWhatName (2688401) | about a year ago | (#43891625)

Nicholas Sarkozy (an obviously corrupt shill for the content industry) is ousted and what do you know .. there's a voting system brought to bare which can be easily manipulated to meet the required outcome of corrupt business.

Seriously, who really believes in voting anymore? As long as these supposedly democratic systems CAN be manipulated, they WILL be manipulated. It's long past time to recognise that the governments that were supposed to serve us are now imprisoning us. Our rights to do just about anything are being slowly curtailed and now even the false facad of democracy is falling over.

China will hack online voting system (1)

Anonymous Coward | about a year ago | (#43891831)

In the last few years, China has demonstrated what a large organization can do with cyber warfare. If China can hack the computer systems for designs of the F-35 and V-22 Osprey, wouldn't China also be able to hack some online, nation wide election system? Maybe Taiwan should try online voting systems, just to show the world it can be done.

Used by both right and left...so what? (-1, Troll)

JimtownKelly (634785) | about a year ago | (#43892663)

Fake names voting was also used by the pro-gay-marriage mafia in the USA to put Barack Hussein Obama in power.

Re:Used by both right and left...so what? (0)

Anonymous Coward | about a year ago | (#43893073)

It's good that you included Obama's middle name or I wouldn't have known which Barack Obama you were referring too.

The US eVoting is just as bad... (1)

joocemann (1273720) | about a year ago | (#43893191)

It's funny... Diebold/Evergreen make many of the ATMs you probably use. The ATM will never give you an extra $20, and yet the voting machines they design are shown to be 1-3% off....

And this is in-person electronic voting.... why would the internet, a wild-west pool of hackers and government agencies, seem like a safe place for clean democracy?

For me, counting the hand cast ballots with witnesses, no matter how laborious (exaggerated claim, btw) is the most superior and reliable way to ensure that democracy is indeed what is happening.

Remember this question..... what is the point of saving money if you're letting democracy slip away? Chances are, the people that will manipulate the electronic voting will strip money from you anyway...

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...