×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Net Voting in California

CmdrTaco posted more than 14 years ago | from the stuff-to-think-about dept.

News 143

Myxx sent us an article from Yahoo that talks about online voting and the issues and recommendations reached by a panel in California. The summary is that they suggest waiting and seeing. Apparently the Internet is secure enough for billions of dollars in financial transactions, but not for voting.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

143 comments

We should go slow. (0)

Anonymous Coward | more than 14 years ago | (#1358953)

The Federal and State governments have terrible track records implementing large computer systems. Specificly the new FAA system, California Dead-beat dad tracking, new welfare benefits system, new IRS system,... (I could go on). These systems are BILLIONS over budget, years late, and often don't work as specified. I have grave concerns about security. Stealing credit cards from CD-UNIVERSE is one thing, stealing an election is another. Just as peoples confidence in the security of web transactions is critical to the success of commerce on the web, people must have confidence that the election was not 'rigged'. Stolen credit cards in the news lately have made people nervous. How do you convince them that "Donald Duck" won't be their next President? We need an infrastruture of digital signatures, average people need to become confidant in them and learn how to protect them. We also need to develop more secure servers with more 'fail-safe' features so that an operator can't "forget" to turn security back on. We should take this one step at a time until we arrive where we want to go. This is not simply money put at risk by a few banks and venture capitalists, but rather the future of the nation.

no its not secure enough (0)

Anonymous Coward | more than 14 years ago | (#1358954)

please, how many times do we have to go through this? its not the fact that we don't have the know-how to do online voting -- i mean, there are plenty of cryptographic algorithms that can be used to ensure secrecy, etc, but there are many other issues surrounding voting, mainly providing the infrastructure, and appropriate management of the information. when you do an online transaction, you are just concerned about privacy of your information (and the fact that you'll get whatever you ordered, but that's a separate issue) which can very well be protected by encryption -- so even assuming a vulnerability in the webserver that takes transactions that some script kiddie delightfully exploits for all our benefit (it'll make you safer, yeah right), they're not going to spend a million years cracking your encryption over your credit card number, name and expiry date if you've stored everything online in an encrypted database. of course, it is my belief that you shouldn't be storing credit card details anywhere near your webserver (and preferably have them only decrypted offline), even if it inconveniences the damn user so much that they have to enter their details again. so much for one-click technology.

if you were to do online voting, i would have thought that everybody would need to digitally sign their vote -- so you would have to provide a simple means to sign it (not pgp -sta -u BLAH myfile~1.txt), put it on the browser, and distribute / generate / manage the keys. smart cards are one answer, but they're a bit pricey for what we're trying to achieve here.

---
my opinions have nothing to do with my employer

So much for the secret ballot (0)

Anonymous Coward | more than 14 years ago | (#1358955)

Here at EvilCo, we offer on-line voting stations for the convenience of our employees. We will even send a manager along to help you with the system, and suggest what votes might allow you to continue your employment with EvilCo. Employees who wish even more convenience can simply escrow their voting credentials with our accounting and security department--- we'll take all the work out of voting for you, and give you a nice tasty $5 bonus!

Accountability (0)

Anonymous Coward | more than 14 years ago | (#1358956)

It would be too hard to make sure one person got one vote. Now we have checks in place to make sure that only one person votes, and these don't even work that well. What happens when scripting makes things easier.

Online commerce dosn't care if I have more than one credit card, they don't even care if I order more than one item, they just want it paid for.

And if there is a question about the validity of the transaction, they just don't ship it.

What happens when I steal all my friends id's, and vote my conscience for them.

One of the largest attractions to the internet is the anonymity and pseudonimity of its users. We can't very well let fake people vote.

these problems will probably be solved, but they definitely aren't solved now.

Re:The thing is.... (0)

Anonymous Coward | more than 14 years ago | (#1358957)

So which side is spreading the most FUD nowdays? Microsoft or Linux advokiddies?

Who's spreading the vaunted security of vaporware that is hyped to be running our world as we speak?

K-R4|)! N0\/\/ h4x0rz 641|\| R33l P0w3r!!!!1!!!!! (0)

Anonymous Coward | more than 14 years ago | (#1358960)

Seriously, having someone crack Citibank or Netcom and steal a bunch of credit card number is a biiiig headache, but someone cracking the voting tallyer and stuffing the ballot.... and don't tell me how "secure" the system is. CSS was "secure". Clipper was "secure", SSH2 was "secure"... Need I continue?

Re:Security on-line (0)

Anonymous Coward | more than 14 years ago | (#1358961)

lest we return to the days of ... non-anonymous voting.

I can't support online voting until this problem is addressed. Regardless of fixes to computer security flaws, how can we make sure votes are anonymous?

And it's not the anonymity of those who want to be anonymous which is a problem, it's the anonymity of those who would love to show others how they voted, because that's the only way you can sell your vote. The same problem exists with absentee ballots now, but the scale would increase significantly with online voting. And could there be potential to automate the vote-buying process?

Re:Don't hold your breath. (0)

Anonymous Coward | more than 14 years ago | (#1358964)

Careful, it might empower the people and corruption might get voted out of office.

Not so simple (0)

Anonymous Coward | more than 14 years ago | (#1358965)

Security's not so hard. Having high availability and preventing people from voting multiple times at mutiple locations isn't a trivial problem. Making sure that people are anonymous isn't so easy either. The problem is much different from e-commerce. But just because it's a difficult problem doesn't mean it hasn't been solved (at least to some degree).

Re:Calling all Trolls! (0)

Anonymous Coward | more than 14 years ago | (#1358968)

I'll be there.

MICK THE FIRST POST MASTAH

Re:Security on-line (1)

Anonymous Coward | more than 14 years ago | (#1358972)

lest we return to the days of ballot stuffing and non-anonymous voting.

"Vote early, vote often!"

Re:Eh? (1)

Anonymous Coward | more than 14 years ago | (#1358973)

What people are forgetting here is that voting in California is rife with fraud already. The CA supreme court ruled it's an undue burden to ask voters for identification when they vote, so there are lots of irregularities in every election. I don't see how computer voting will change that.

Ooh yeah. Time to get the cluster warmed up... (1)

Colin Smith (2679) | more than 14 years ago | (#1358978)

I wonder how many billions of extra votes one could stuff the eletronic ballot boxes with?

Who want's to be the next president of the USA? Only $1 per vote (Special introductory offer).

Limited Time Window (1)

Malachi (5716) | more than 14 years ago | (#1358979)

I think some people forget that Voting would only have a limited access window. So a hacker or those being malicious would have to work very hard very fast on a very tight system. Is this to say it cannot be done, of course not, there is always that six year old who got a decoder in the cracker jack box and wants to show his stuff off.

Digressing I think that we really need to look long and hard at good crypto solutions. Right now people can steal anything, and they do, from people's social security to my CC the other day on CD Universe. You can't make anything good without breaking a few things in the making, and people continually think that it has to be 100% or nothing when most of us live in an 80% (if that) world. I think there are only two main issues. How do we keep the transaction secure, and how do we know you are you. Solutions for these are wide ranging and I'm sure others are covering them well in these threads.

I'd like to see a faux voting for a year. I really want to see some official idea count on how many people would vote. Besides just thinking for us normal two legged healthy people, think of the handicap/disabled people that could vote. You can bring out a lot more of the populous if it were available.

We're not ostriches, so lets keep our heads out of the sand,
Malachi

Re:Schneier agrees (1)

Malachi (5716) | more than 14 years ago | (#1358980)

"You can vote via the Internet in the Arizona Democratic primary. Does anyone other than me think this is terrifying?"

I see no meat though.. he's afraid, and by rights so because who knows how much research went into the idea et al. I'd like to see a thurough summary done by him though.

Keep'n it real,
Malachi

Security and Integrity (1)

XenoWolf (6057) | more than 14 years ago | (#1358981)

What kind of mechanism is going to be there to prevent someone from swaying the election through some clever brute-force guessing of the relevant information from which the verification of uniqueness and identity is keyed? Are they going to restrict it to one vote per IP? That'll shut down nearly all voting behind a firewall or other masqueraded connection. Are they going to assign some kind of one time key to use along with their SSN or something? I don't think that these guys have or are willing to get the technological mojo to pull this thing off 100%, but then again, I still feel slightly unsafe at the nominal 128 bit encryption that current browsers offer.

XenoWolf

The thing is.... (1)

szyzyg (7313) | more than 14 years ago | (#1358983)

The most common OS in the world isn't something I'd consider secure enough to cast online votes with. I mean can you imagine voting viruses taking over as many copies of Lose2000 as possible and casting votes one way or another.

It's not just making sure that the correct votes are cast, but htat those people who still don't bother (tsk... some people) don't have their votes appropriated.

Voting is easy (1)

epaulson (7983) | more than 14 years ago | (#1358984)

At least with Wisconsin's laws. Wisconsin allows you to register at the polls on Election day, establishing residency can be done by just showing a lease or even a piece of mail. In Madison, most everyone lives within a mile or less of their polling place (I live about 300 feet from mine)
Voter turnout in my district is so heavy that they ran out of ballots in the last Congressional elections!

America will fight online voting for the same reason it will profess support for the family farm - going to the polls is part of our national identity. Sure, the future may be megafarms and evoting, but you can be damned sure a lot of us are going to fight it tooth and nail.

Don't hold your breath. (1)

Sanjuro (9253) | more than 14 years ago | (#1358985)

Just think of what might happen if voting was made easy for the masses. Why, people might start voting, and we can't have that, now can we?

All sarcasm aside, I think online voting is inevitable, but it will be interesting to see what entities drag their feet over this because they fear the kinds of change this would bring.

This must never happen (1)

LWolenczak (10527) | more than 14 years ago | (#1358986)

If you are permitted to vote on the internet for your cantadate, then their is a GREAT possability for abuse of the system, besides that, how do you know a ip address is realy inside that state, you dont....

The whole idea behind this is to allow THE SYSTEM to remain, and get BIGGER, which is what Americans do not want, exept for some jerks who currently hold presidentcy.

Cool (1)

marks (12185) | more than 14 years ago | (#1358989)

Wow...all they need now is an internet toilet (don't they have that in Japan?)!

Too bad I don't live in CA.

-mark

Re:Against Internet voting (1)

Bucko (15043) | more than 14 years ago | (#1358990)

But it might not work that way. Consider: It's likely that the wealthy already do vote in large numbers/percentage, and their numbers can't be increased significantly. There's many studies that conclude the likelihood of voting is more or less proportional to wealth, after all. If that's the case then any measure that increases the number of voters, even a little, is likely to be more democratic in the sense that you mean.

My question is, do we want to further enfranchise those who don't care enough to go to the polls now?

J.

Re:Against Internet voting (1)

landtuna (18187) | more than 14 years ago | (#1358991)

No, I'm not saying that at all. Consider this hypothetical situation.

What if the government were to pay for special employees whose job it was to go to the homes of rich retired men (but not women) and ask them for their votes. This sounds very undemocratic while making it easier for a certain segment to vote. Unless there was some kind of female backlash to counteract this policy (backlashes and protests being a whole different kind of evil), these rich old men would end up with a larger share of the vote.

It is undemocratic to make a special effort for certain segments of the population while not making a similar effort for others. Other issues notwithstanding, perhaps Internet voting would make sense if there were simultaneous outreach programs to those who aren't connected.

Against Internet voting (1)

landtuna (18187) | more than 14 years ago | (#1358992)

I heard an excellent argument against Internet voting on NPR yesterday. Because Internet voting makes it easier to vote, more people will probably vote. Because Internet users are generally wealthier, this means an even more disproportionate number of wealthy people will have a larger share of the vote. So it's kind of undemocratic to make voting easier for some people than others.

Re:Against Internet voting (1)

landtuna (18187) | more than 14 years ago | (#1358993)

You just said what's hard about voting - "You go to your local polling station." Some days, I don't even want to get out of bed. :) With Internet voting, you can vote in your pajamas.

Re:Security on-line (1)

Overt Coward (19347) | more than 14 years ago | (#1358994)

<JOKE>
I had an uncle who lived in Chicago. He voted Republican until the day he died -- then he started voting Democrat.
</JOKE>

--

Someone made a good point to me once (1)

sean.k (20273) | more than 14 years ago | (#1358996)

and that is that there's no way to tell if an online vote is made under coercion, while it's fairly reasonable to assume that votes made in person are not (as the 'evil' party would have no way of knowing which way the vote was actually cast).

There is also the possibility of a loss of anonymity with online voting, as you could have 20 people in the room with you at the time or the protocol/whatever could be snooped if not done properly.

If they do this I hope they consult the more knowledgeable crypto people in the field and work out a solution everyone is happy with. Just because you CAN do it doesn't mean you SHOULD. Though I agree that it would get people voting more frequently.

Bah, humbug! (1)

JosefK (21477) | more than 14 years ago | (#1358997)


If those kids can't bother to get off their asses and get out into their communities to vote, why should they even bother being involved in the political process at all?

Not really (1)

D3 (31029) | more than 14 years ago | (#1358998)

I would say the internet is not really secure enough for the $billions in transactions either. How many more thousands of credit cards, etc. have to be stolen online to wake people up?

Security on-line (1)

Valdrax (32670) | more than 14 years ago | (#1358999)

I thought a good number of articles on this site pointed out that e-commerce isn't nearly 100% safe. Voting is not one of those matters that should be taken lightly when it comes to security, lest we return to the days of ballot stuffing and non-anonymous voting.

Re:Couldn't Agree More (1)

SwissPope (33213) | more than 14 years ago | (#1359000)

I agree with you. Though I would also like to note that if the vote counts differed significantly with the results of appropriately conducted polls, it could possibly indicate overall election-outcome fraud. So in that respect, we wouldn't _totally_ be in the dark when it comes to detection. But you are right, investigating election fraud and recovering from it would be a nightmare because of the lack of physical evidence. It's much easier to manipulate electronic materials rather than physical materials.

Why not use bank's ATM? (1)

phreax (37730) | more than 14 years ago | (#1359001)

People are already comfortable using ATM because of its simplicity. Distribute an ATM card for every registered voters and will expire after voting. No need to install PCs, and votes will be legally counted if votes were made inside that state. No need to validate IP addresses.

"I think, therefore I am."
Philip Apostol

Re:Why not use bank's ATM? (1)

phreax (37730) | more than 14 years ago | (#1359002)

No. I was thinking of using ATM's infrastructure but not connected to bank's financial systems. Let's say a dedicated machine for voting only.

Voter apathy (1)

The Queen (56621) | more than 14 years ago | (#1359003)

I heard this story on NPR yesterday (while stuck in snow and traffic - erg!) and they only briefly touched on the issue of voter apathy. 'Oh the internet will get all the 20-somethings to vote' was about the extent of it. While I will say that I don't vote as often as I could/should due to schedules/weather/PMS/etc., I believe that for the majority of my peers voter apathy rests with political distrust and disinterest. The public schools may require that you learn about the system but it's done in a very inefficient manner (I think I got a 'B' in 12th grade Government class, but ask me how a bill becomes law - ???).
What's needed is for the youth of this country to be shown, not told, how the government works. They have to believe that corruption is beatable. Right now, even I have a hard time believing that.
Technology shmecnology, online voting will happen. It's not a matter of when or even how. It's still an issue of voter apathy.

The Divine Creatrix in a Mortal Shell that stays Crunchy in Milk

Re:issues with identification (1)

anonymous loser (58627) | more than 14 years ago | (#1359005)

I thought of that, but it's pretty easy to find out someone's SSN, since it's used for just about everything. A PIN might work, but that also is easy to hack unless it's exceedingly long.

issues with identification (1)

anonymous loser (58627) | more than 14 years ago | (#1359006)

I would think that one of the main problems with internet-based voting is verification of the voter's identity. Right now, when I go to the voting booth, there are people there to check my ID and voter registration. On the internet, however, you pretty much have to depend on the voter registration by itself. Voter registration numbers are pretty much sequential, so it would be easy (currently) to write a hack and stuff the ballot box, so to speak. I think that before internet-based voting becomes a viable option, a whole new infrastructure will have to be created which supports identification in a more robust manner.

Re:Why not use bank's ATM? (1)

ostiguy (63618) | more than 14 years ago | (#1359007)

One of the goals is to reduce cost. Voting stations basically need to be maintained and housed for probably some 363 days out of a year. Oregon is at the forefront of all mail voting because it is cheaper. I think an ATM based system would require some heavy lifting programming wise, and not be as cost effective. Matt

Re:Limited Time Window (1)

ostiguy (63618) | more than 14 years ago | (#1359008)

There would like not be a limited time window as a result of the growing trend of absentee voting. On the West Coast you have about a month to vote. Given that this lengthens campaigns' media buys, thus making them more expensive, and in turn making it more difficult for challengers, it is unlikely that the trend towards longer voting periods would be stopped.

Matt

Slow change (1)

pyrogerg (68083) | more than 14 years ago | (#1359009)

Well, caution is good. In a sense protecting the integrety of our electoral process is far more important than protecting financial transactions. I see nothing wrong with taking time in implementing electronic voting, especially in general elections.

In another sense, electronic voting may be what finally restores the electoral process to a more popular state. When I consider the number of people who never write letters, yet have become compulsive emailers, it seems a similar phenomenon may be in store for political invovlement.

Whether that, in the end, is a positive or negative effect (people wouldn't have to care enought to get out to the polls in order to be counted) is another issue entirely.

Re:mob rule (1)

Stonehand (71085) | more than 14 years ago | (#1359010)

1. Then repeal motor-voter laws. It is not
necessary that all have an equal chance in
EVERY method, so long as it is plausible
(e.g. putting booths in subway maintenance
tunnels is NOT valid) for eligible voters
to vote.

2. Most voters don't spend much effort, anyway.
Fewer voters cite policy issues compared to
personality or physical appearance.

3. Legally, there's no stipulation that voting
be either easy or difficult so long as folks
can plausibly do it.

It doesn't really matter, anyway, as long as there's no separation of powers. For all practical purposes, the Executive has usurped much of Legislative authority; we now have presidential candidates talking about what executive orders they'd issue, after all. First, get a Congress that's willing and able to fight the Prez...

Since when? (1)

Noxx (74567) | more than 14 years ago | (#1359013)

First off, since when are online financial transactions secure? And more importantly, is it *really* a good idea to vote using the Internet? Remember, we're talking about a medium where you can search for pages on having sex with goats while on fire, and the engine will return "specify type of goat"... Of course that's just my opinion, you could be wrong.

Re:The thing is.... (1)

Zagato-sama (79044) | more than 14 years ago | (#1359014)

Uh right, once we all switch to Redhat Kleenex, the world will magically transform into a better place where all software works and oops! X just locked up.

So which side is spreading the most FUD nowdays? Microsoft or Linux advokiddies?

Security Through Obscurity (1)

tgw (88434) | more than 14 years ago | (#1359016)


If you scan through the California report [ca.gov] , it's interesting to note that one of the "possible approaches to the problem of malicious software" which they list is security through obscurity [ca.gov] (bottom of page, section titled 'Obscurity/complexity').

They speak of how "voting software may be kept secret prior to the election" so that "potential authors of attack software may not have enough time to develop and distribute it during the election window".

I'm not sure I'd count on that. Really motivated hackers/crackers can come up with stuff pretty darn quick.

Open-Source Voting Software (1)

tgw (88434) | more than 14 years ago | (#1359017)


The TechnoDemocracy Project [technodemocracy.org] was recently started to create open-source voting software. Open review of the TDP code should make it more secure than the closed-source/proprietary approach traditionally used & recommended by the California task force.

do we really want to see political banner ads? (1)

e.m.rainey (91553) | more than 14 years ago | (#1359019)

The net may not be secure enough for voting, but we have to ask ourselves something very important. Do you really want to see banner ads for political canidates? My god, think of the pop-up windows, the pop-up windows! I'm sure you can imagine a scenario: Canidate X's popup pops up, then Canidate Y's pops up over X's and then Z's covers both Y and X. It would be worse than prOn sites!

Why drag those heels? (1)

JimStoner (93831) | more than 14 years ago | (#1359020)

OK. So there are a number of issues with Internet voting, as noted in other posts here. But they are not impossible to overcome (IMHO).

So why are ALL governments dragging their heels on implementing this?

Well, the instant you have online voting, the next obvious question to ask is:

Hey, why don't we use this all the time, instead of just for elections?

Instant polling of the electorate's opinions would render large areas of Government redundant (or maybe obviously redundant *smiles*). Consider...

Ban abortion YES/NO

Invade Iraq YES/NO

The funniest aspect for me is wondering what the 4 million Sun readers in the UK would vote for. (For those who don't know, The Sun defines tabloid journalism in the UK).

Interesting item from the article (1)

acfoo (98832) | more than 14 years ago | (#1359022)

``Unfortunately, the threat of computer virus and other technological attacks on personal computers make Internet voting from the home or office an unsecure and unwise practice at this time.''

Despite being non-sensical (virus attacks?), this is well-taken. CmdrTaco brings up the point that $billions are floating around on Internet transactions, but voting is not done online. Even though it seems when you go to the polling place that security is _weak_, it still requires some hard-to-defeat methods that make widespread voting fraud hard (at the voter end-- counters can cheat all they want if there's no oversight).

The problem is that voting in elections is the basis for creating the infrastructure (contract law, the courts, determining and collecting taxes, etc...) that allows Internet transactions to be conducted. This is a sensitive process and any chance to undermine it (and how fast could a beowulf cluster on a bunch of those new weather computers fraudulently vote?) has to be avoided.

Much as I would love to vote online, I just don't think that we're there yet

Anonymous voting? (1)

borzwazie (101172) | more than 14 years ago | (#1359023)

C'mon people. You're not voting anonymously now. Ever hear of voter registration? Naturally, there isn't supposed to be a link between that piece of paper and your name, but you do declare (supposedly for statistical purposes) your party of choice. A vote is not a private thing. Think about it. First, you must publicly register. Then, you must go to a public place of voting to actually vote. I agree that your individual choices aren't supposed to be attached to your name, but there's no such thing as truly anonymous voting.

My own thoughts are that the kind of online identification required to do online voting would destroy online anonymity. Any ID for this purpose would soon be exploited. Think not? Social Security numbers were specifically NOT for identification purposes. And look at them now. Everybody wants them. So, do you REALLY want to vote online?

UK point of view (1)

MooBug (102526) | more than 14 years ago | (#1359024)

As a brit - I cant really comment on the Calafornia issue but I think the idea behind online voting could be beneficial.

I agree wholeheartedly that the governmetn (be it our or yours) tend to take a " lets wait and see" point of view on things especially if its something that other people may understand better than they do ...

if the governemnt is keen on attracting people to online commerce (which I know the uk one has been pushing for) maybe a step forward and backing online voting would increase consumer confidence?

As long as the service was guaranteed to be secure I dont think people would have a problem with it.

Re:Against Internet voting (1)

sredding (107116) | more than 14 years ago | (#1359025)

Sounds like NPR didn't read the report and is working towards a media frenzy.

While urging short-term caution, the California task force, which included election officials and data security experts, said the longer-term outlook for e-voting was good, and that Internet voting could prove particularly attractive to 18-24 year olds, one group of potential voters with a poor turnout at the polls.

Call me cynical, but I don't believe for a second that the politicians want anything to do with a system that increases voter turnout.

Online voting can give us a true democracy with no need for representatives (that don't represent us). We can vote for ourselves! Close the House! Close the Senate! Shut down the Electoral College!

Oh, it's unconstitutional? Of course it is. The founding fathers never saw this coming.

cheers,

Re:Online Voting--Why? (1)

sredding (107116) | more than 14 years ago | (#1359026)

How many people do you see who should be allowed to vote, i.e. to determine the very future of our nation?

The answer is simple, ALL OF THEM.

Amendment XV
Section 1. The right of citizens of the United States to vote shall not be denied or abridged by the United States or by any state on account of race, color, or previous condition of servitude.

But our nation (the US, in my case, and most other modern nations) is founded on the fundamentally incorrect premise that every man's opinion is equally correct (i.e. it has an equal chance of being correct). This is demonstrably wrong.

What do you propose? A test? Some sort of credentials that you must acquire before you are qualified to vote? That's the ticket. Don't allow the uneducated to vote. Most of them are poor anyway. They don't count.

That's absolutely obscene. How long do you think that will last before the unhappy, unrepresented poor overthrow your elitist government?

cheers,

Re:Net Voting & Security (1)

sredding (107116) | more than 14 years ago | (#1359027)

You make it sound as if the current system cannot be hacked.

From the article: ``Votation.com makes elections more secure than existing election systems currently do,'' company Chief Executive Officer Joe Mohen said.

cheers,

Net Voting & Security (1)

KenClark (110945) | more than 14 years ago | (#1359028)

People always put more effort into things when there's more at stake.

Putting effort into hacking e-commerce will get you some credit card numbers and therefore a bit of cash.

Putting effort into hacking electronic vote-stuffing can make you leader of the free world.

Do you still believe enough in net security?

Ken

mob rule (1)

kender (111273) | more than 14 years ago | (#1359029)

Do we really want more easy democracy? I have thee problems with voting online... 1. What about those who do not have or want access to computers. It is necessary to give everyone an equal chance. 2. It should take effort to vote. You should care enough to change your voter registration each time you move and follow the elections enough to remember that it is election day. 3. We are not a democracy, we are a republic. A democracy comes down to what the majority says happens (mob rules). Luckily for the minority on any issue are rights have to be considered. If the majority decided that computer users should be killed, could it happen??? No because each individual has their civil rights protected. Voting is a responsibility. It should be available to everyone, but not easy for those that are whipped into action by a last minute media blitz. In my town whenever there is a school bond measure, the district polls the electorate for likely voters for the measures and pesters them into voting... Bringing them abesentee ballots and reminding them that it is time to vote. Online voting is just going to accelerate that process.

Re:Online Voting--Why? (1)

GodOfHellfire (113081) | more than 14 years ago | (#1359030)

I pretty much agree with you on this one. Online voting would be *too* easy. Most people do not care about the real issues - they will just vote for who they have heard of (code for who the media likes the best). People who make the effort to go vote are the ones i want making the decisions.

However, you are incorrect on one point: the US is not founded on the premise that every man's opinion is equally correct. Back when this country was formed, you basically had to be a white male land-owner to be able to vote. Also, remember that the popular vote DOES NOT determine the president - it is the electoral college that does. Even the Founding Fathers didn't trust the general populus.

secure!=secure (1)

rmstar (114746) | more than 14 years ago | (#1359032)

Business and voting can't heve the same standard.
It is one thing if someone steals a million
dollars and a different one if he forges a hundred
votes, because of the influence this can have in a
country's destiny and the actual restriction of
rights this means.

just my opinion,

rmstar

Book Premise (1)

shitface (121619) | more than 14 years ago | (#1359034)

A billionare software maker convinces state/nation that internet voting is safe when done strictly through his product. Then come election day, there is a record amount write-ins on voting all strangely for that billionare software maker or someone of his choice.

Re:Against Internet voting (1)

chrischow (133164) | more than 14 years ago | (#1359037)

you can vote in your pyjamas with real voting too, you'll just get some funny looks

One problem... OK two (1)

chrischow (133164) | more than 14 years ago | (#1359038)

terminals in polling stations is fine, but then allowing voting from home? wouldn't that mean people without a computer and connection would be excluded?

i wonder if e-voting is a good thing, ppl tend to think second on the net, flames start up because of the lack of reality in cyberspace and the instantness of discourse

would e-voting be the same? one click and theres the vote for Adolf Hitler Jnr, opps i changed my mind... too late!

traditional media voting at least gives u a few seconds more to ponder the voting decision and if necessary rip up or spoil your slip

Re:Why not use bank's ATM? (1)

chrischow (133164) | more than 14 years ago | (#1359040)

it would be ace if u could get some cash from it too after voting

what advantages are there of using this instead of good old paper slips, apart from the obvious cost saving?

Re:Why not use bank's ATM? (1)

chrischow (133164) | more than 14 years ago | (#1359041)

yeah i know, the money thing was a joke :P

card authenticated terminal voting at polling areas could be a first step to electronic voting

Re:Against Internet voting (1)

chrischow (133164) | more than 14 years ago | (#1359043)

what exactly is hard about voting anyway? u go to your local polling station, hand over your reg card, get given a slip, go and put a cross next to some idiot or other then go and put the folded slip in the box w/ the slit. then go home. maybe we need to stop a trend to computerising everything otherwise we'll end up never walking anywhere... and all weighting about 800lb

Re:issues with identification (1)

kwsNI (133721) | more than 14 years ago | (#1359045)

That's not a really big issue, each voter registration number would just have to be cross-referenced with something else, like an individual PIN or Social Security number. This way, you couldn't just randomly pick a nubmer and vote.

kwsNI

Re:Against Internet voting (1)

Ray Yang (135542) | more than 14 years ago | (#1359047)

Wait ... are you saying that it's UNDEMOCRATIC to let people who want to vote vote? Are you saying that we should purposefully throw up complex registration barriers akin to sophisticated literacy tests and poll taxes? That sort of system is precisely the one that could get monopolized by a particular social segment, and expanding voting opportunities on every front is the best way to combat it -- if everybody has to jump through several dozen hoops to vote, only the people with enough free time can vote. If anybody can easily vote, you will have more voters, and these voters will be people with not as much free time => people traditionally unrepresented in politics.

Re:Going slow is probably good (1)

beff (135968) | more than 14 years ago | (#1359048)

This reminds me of a story my uncle told me. Twenty years ago he lived in the former Soviet Union and at the time, his town was experimenting with democratic-like processes like voting. The government announced that they would have a secret ballot vote for mayor. When my uncle showed up to vote, the voting official handed him an envelope. My uncle looked at it and asked why it was already sealed. The official replied, "Because it's a secret ballot, of course."

Younger voters, yes - (1)

NoizAngel (137753) | more than 14 years ago | (#1359050)

Younger voters would definitely vote more readily if they didn't have to leave thier computer - And let's face it - so would a lot of other people. Going down to whereever place they've decided to put the polling station isn't fun (as in Canada, anyway, they seem to manage to place you at one that's *not* the closest possible), waiting in line isn't fun, and so on.
It would probably save alot of money in the long run - less polling stations needing to be staffed -
But for me, the interesting thought is - How many voters who don't vote and don't have net access would seek out a public terminal? Here, Employment Centres have free net access - I'd be interested to see how many people who are intimidated by the voting process would vote for the first time because this option is a friendlier one.

-Noiz,
Who apparently rambles before her first coffee.


---------

It's worth a try... (1)

CondorDes (138353) | more than 14 years ago | (#1359051)

I live in the SF Bay Area...Contra Costa and Alameda counties are seriously considering doing something like this. Yes, there are security issues, but I think they can be resolved pretty easily...I have been doing some web security work and I think it could be done.

Re:Don't hold your breath. (1)

HenrysCat (140068) | more than 14 years ago | (#1359052)

Last time we allowed Students to vote on the Net for anything in the UK they tried to use it to make money to support their drinking and baggy jumper purchases. The voting for Sports Person of the year had to be suspended because of a student conspiracy to get a 100/1 shot voted in.

The reality is... (2)

jd (1658) | more than 14 years ago | (#1359057)

...The Internet isn't secure enough for diddly. I've been checking out securityfocus.com, and it's frightening how many systems get broken into, how many servers are insecure, etc.

Throw in the fact that most browsers use 56-bit encryption, no host authentication and no user certificates, the level of trust you can put into who is sending the data is amazingly low.

Add in the fact that server certificates are often granted with minimal (or no) real checks by the issuer, and voters can't be sure if they're sending to the real site or a hijacked one.

Add in the number of sites that clone title pages, to fool search engines, the ease with which crackers can break in & insert redirect tags, and the zero understanding most admins show of even the mose basic security issues, it's a wonder anyone trusts the network with so much as an e-mail, let alone major financial dealings or voting systems.

Public attitudes is the limiting factor (2)

dustpuppy (5260) | more than 14 years ago | (#1359059)

I think one of the biggest problems of online voting is that there will be a strong perception that it is too easy to alter the results.

With 'hard copy voting', you have to go to some effort to make a significant difference to an election - you'd have to rig many voting booths, have physical access to the boxes, probably buy off the officials and vote counters ... etc

With online voting, you would only have to change a couple of numbers (assuming that you could hack past the security and get away undetected).

Unlikely that someone could hack past the security? Maybe, but there are enough stories in the media about stolen credit card numbers and hacked web sites for the general public to have a real fear about the security of online voting.

And to cast additional fear upon the populace, if it is 'easy' to hack the vote computer, it is even easier to change the whole result of the vote with a single click.

This may not be true in reality, but that is what the general public believe ... and try convinving them otherwise.

Nope. While systems may be ready to handle online voting, the public is not.

Eh? (2)

Signal 11 (7608) | more than 14 years ago | (#1359060)

Well, unless you can ensure two things: non-repudiation (can't claim they didn't) and authenticity (they are who they say they are) online voting can't happen. Period. Just remember: Texas was the first to start using digital signatures as legally binding. =)

This looks like a serious problem (2)

SimonK (7722) | more than 14 years ago | (#1359061)

You need some way of ensuring that each registered voter votes once and only once, and that only registered voters vote. The obvious way to do that is to give each voter an identifying secret of whatever kind.

The problem is that the correspondance between the voter's electronic identities and their real identities has to be broken in some gauranteeable and visible way, or unscrupulous persons can use the same information thats needed for security to trace people's voting records.

Re:Security on-line (2)

Bearpaw (13080) | more than 14 years ago | (#1359062)

There's also a difference between banks setting up software to secure their own (and their customers') money, and the gov't farming out a contract to the lowest bidder -- say, some group of losers with freshly-printed MS certs -- to set up a "secure" voting system.

The worse thing that can happen to a bank is for their customers to lose confidence in how safe their funds are. But I think most people -- at least in the US -- have already lost confidence in the gov't, so it's not like the gov't would care as much about that risk.

"Wait and see" sounds like a good idea to me.

Besides, if people aren't sufficiently motivated to get off their butts and go somewhere to vote, I'm not sure I'd want them to vote.

Re:Paper is good (2)

NMerriam (15122) | more than 14 years ago | (#1359063)

you have to vote for someone. Your only option if you don't like any
of the candidates is to stay at home


Or you can write-in a vote. It's less convenient than punching out the little holes with the pin, but then a few minutes out of your life for the sake of democracy isn't such a big deal...

Re:Voter apathy (2)

NMerriam (15122) | more than 14 years ago | (#1359064)

They have to believe that
corruption is beatable. Right now, even I have a hard time believing that.


rent "All the President's Men". Ironically, the reason so many people are distrustful of government, while also being the single greatest example of how -- no matter how powerful you think you are -- your dirty laundry will eventually be aired.

The slippery slope (2)

Mike Schiraldi (18296) | more than 14 years ago | (#1359065)

"The latest results in the race for the presidency show Al Gore with 20% of the vote, George W. Bush with 28%, Jesse Ventura with 3%, and someone named 'Hemos Sucks' with a whopping 49%..."

Re:Online voting: not ready for prime time (2)

Stephen (20676) | more than 14 years ago | (#1359066)

When the internet has enough bandwidth and redundancy to conceal the effects of net congestion it will be time to look at internet voting for serious elections. Until then all its suited for is informal polls.
Like, was your shirt inspected [slashdot.org] by #16, #7 or your mom, you mean?

Online Voting--Why? (2)

Bob Uhl (30977) | more than 14 years ago | (#1359068)

The fundamental assumptions of the supporters of online voting are several. First is the idea that if voting is made easier more will vote. This is not necessarily true, but we can let that slide for the moment. The greater problem is the unsupported assumption that more people voting is a good thing.

On the contrary, I assert that the only reason that we have gotten where we are today is the fact that so few have historically voted. Take a walk down a city street sometime and look around you. How many people do you see who should be allowed to vote, i.e. to determine the very future of our nation?

The common man is a fool. He is easily swayed by advertisements. He does not care about issues so much as he cares about bread and circuses. As long as the politicians keep him distracted he is happy. There's nothing wrong with this; not everyone needs to have control over the government not everyone needs to be in charge. But our nation (the US, in my case, and most other modern nations) is founded on the fundamentally incorrect premise that every man's opinion is equally correct (i.e. it has an equal chance of being correct). This is demonstrably wrong.

As for myself, I do not vote. I find the system of universal suffrage to be an insult to all, learned and unlearned. What this country needs is fewer, not more, voters. I also have no desire to be part of ruling class; I have no wish to be responsible for wars (even though I generallt support them), executions (even though I support capital punishment), imprisonments and the rest of the sordid business of governance. I wish merely to live my life under the rulers who have been set over me. In this country the rulers are all those who vote.

Re:Against Internet voting (2)

Steve B (42864) | more than 14 years ago | (#1359070)

I heard an excellent argument against Internet voting on NPR yesterday. Because Internet voting makes it easier to vote, more people will probably vote. Because Internet users are generally wealthier, this means an even more disproportionate number of wealthy people will have a larger share of the vote. So it's kind of undemocratic to make voting easier for some people than others.

This isn't a very convincing argument -- after all, the current voting arrangements make it considerably easier for non-workers than for regular 9-5 types. (Somehow, I doubt that NPR spent any time complaining about that....)

The really strong arguments against Internet voting are:

Privacy: How do you prevent people from watching over the voter's shoulder? Political machines could even arrange parties with goodies and Net terminals -- perhaps it would be illegal to tell you how to vote, but there would be obvious pressures.

Security: Other messages here have commented on this problem.

Public Confidence: This is related to the previous issue. As long as the Internet has security holes, people are going to wonder about a Votescam scenario [copi.com] every time an election "upset" occurs.

Civic Engagement: Let's face it, the chance that your vote will decide any election above the dog-catcher level is about equal to your chances of winning the lottery. The excersize is more symoblic than substantive, and clicking a mouse just doesn't cut it for most people.

Voter Standards: If people aren't sufficiently interested to physically visit the polls (or send in the form for a mail-in ballot if they cannot do so), they probably aren't sufficiently interested to educate themselves on the issues.
/.

Re:Couldn't Agree More (2)

anticypher (48312) | more than 14 years ago | (#1359071)

There are a lot of issues at stake with internet voting, and just because some people can make simple credit card purchases over the net doesn't mean something important like voting can just pop into existence without a lot of thought.

There are issues with ensuring only registered voters get to cast votes. Any simple system (SS number and Drivers License number) would be trashed in an instant by /.ers and any other rational person. It will require mailing a physical token to each registered voter who signs up for web-voting, at a minimum.

There are issues ensuring a registered voter only votes once, and their first vote stands. Vote early and vote often is humour everywhere outside of Chicago :-) That is why there is a physical voter list at each polling station and a requirement that the numbers balance with the number of ballots in the box.

Then there is the issue of anonymity. What happens if someone manages to collect a copy all the incoming votes, and can make a match between a vote and a person? It doesn't matter how strong the encryption is, at some point it has to be decrypted to be counted.
Lets say someone compiles a list of all the people who voted one way on an emotional issue like a new imigration law, or a business issue like insurance reform, and then sold that list to insurance companies, employers, or credit research companies. All /.ers are certain that data would be mis-used at some point, its guaranteed to be abused if money is involved.

I think there will eventually be technical solutions to every one of the problems on the list, but it will take time to create good stable systems to withstand fraud and abuse. I agree that large scale internet voting should take a wait-and-see attitude, lets start with a few small municipal elections and thoroughly debug everything over a long period of time, then make it easier and easier to use before rolling it out.

the AC

Must hit submit now, there is a woman in the next office building doing a strip-tease, and a large crowd is forming around my desk. Who's got a digital camera when you need one? :-)

Re:The slippery slope (2)

anticypher (48312) | more than 14 years ago | (#1359072)

Ladies and Gentlemen, the next president of the United States is:

Hemos the Hamster

who just beat out Hank, the Angry, Drunken Dwarf, by 1.2% of the vote

Bwahahahahahahahaha

Ok, someone has to get back to work now :-)

the AC
There's never enough moderator points around for all the good humourous posts

Re:Going slow is probably good (2)

Hard_Code (49548) | more than 14 years ago | (#1359074)

"3. Ensure that those votes are truly anonymous."

Huh? Why? You need to be the exact opposite of that. You need to be identifyable. Not so the government can print in the papers "Joe Schmoe voted for a 'looser'", but so people can be accountable.

Wouldn't PKI be the perfect solution in this case? With their voter id card, give em their key, with which they can use to vote exactly once.

Jazilla.org - the Java Mozilla [sourceforge.net]

Re:Going slow is probably good (2)

TheCarp (96830) | more than 14 years ago | (#1359078)

> Huh? Why? You need to be the exact opposite of
> that. You need to be identifyable. Not so the
> government can print in the papers "Joe Schmoe
> voted for a 'looser'", but so people can be
> accountable.

Accountable? um no
The idea is to have it be identifiable that
Only an identified person could have voted but
there should be NO way at all to deterime what
their vote was.

> Wouldn't PKI be the perfect solution in this
> case?

Actually... Applied Cryptography has a few
interesting protocols for Secure Anonymous
Voteing. Its interesting because (I don't have the
book with me here) it can provide a way to verify
that only allowed people can vote, and also make
sure that it is impossible to correlate votes
with individuals.

Personally I would be alot more interested if
instead of working on better ways of voteing,
the worked on ways to give you something
worthwhile to vote for.

When its a vote to decide WHICH corrupt
authoritarian asshole will be fucking me over
for at least the next 2-4 years, there is not
much incentive to vote at all.

Might as well let them decide by a best 2 out of
3 competition of Rock Paper Scissors, the result
would be the same.

Re:Voter apathy (2)

TheCarp (96830) | more than 14 years ago | (#1359079)

> What's needed is for the youth of this country
> to be shown, not told, how the government
> works. They have to believe that corruption is
> beatable. Right now, even I have a hard time
> believing that.

Well...why should we teach that "Corruption is
beatable". IS it more important to teach things
that make you feel good about the system rather
than the truth?

Personally, I do not think corruption is beatable.
I AM apathetic about voteing. I have never in my
life voted. I will never vote an individual into
office (I do plan to vote for a certain voter
ballot initiative in my state....but thats a
differnt matter..I will not vote for a candidate
into office).

As long as the system is being setup, and
trampling upon my rights as an individual, and
forcing me to pay them money, why should I care
who is doing it?

All voteing boils down to is deciding whose
bank acount the special interest money goes into.

Secure Enough?!? Really? (2)

Postmaster General (136755) | more than 14 years ago | (#1359080)

It's actually secure enough for billions of dollars in transactions, huh? Gee, that's a news flash, if I ever did see one.

Sarcasm aside, it's easy to justify eCommerce over net voting. The potential for profits for eCom vastly outweigh any risks, in the minds of investors. They'll take the risk with eCom, and hope nothing happens. If something bad does happen, then they'll deal with it at that time.

This statement by CmdrTaco gives me the impression that he either has been living in seclusion for the past couple of weeks, or he just ignores the recent events with credit card number thefts.

I believe California is completely justified in taking this position, and would personally expect nothing less from any Gov't.

Voting is a much more serious issue. It's something where the risks definitely outweigh any benefits.

Re:Don't hold your breath. (2)

HenrysCat (140068) | more than 14 years ago | (#1359081)

The main danger would be Students would't have to leave their bedrooms to vote, thus they might actually bother and then we could be in a whole world of pain.

Secure my ass (2)

Aashton (140070) | more than 14 years ago | (#1359082)

I just had to cancel my credit card because that schmuck in Russia stole the number and red flags went up all over. I don't think we want to be rushing into anything. Besides, the democratic process is supposed to be one of thought and rational decision, not convenience. Not everything needs to be as quick and easy as possible.

Schneier agrees (3)

Anonymous Coward | more than 14 years ago | (#1359083)

In Bruce Schneier's latest Cryptogram [counterpane.com] , he says online voting scares the hell out of him.

Re:Paper is good (3)

nstrug (1741) | more than 14 years ago | (#1359084)

Another advantage of paper voting is that you can spoil your ballot in order to register your disgust with all the candidates. With the mechanised voting systems in the US, you have to vote for someone. Your only option if you don't like any of the candidates is to stay at home, and be classed as apathetic. Voter turnout in the US is the lowest of any democracy and this is usually attributed to apathy, but I wonder if it would be higher if Americans had the option of spoiling their ballots and registering their disapproval of all the candidates. This could easily be rectified by having a 'non of the above' option on the voting machine (or the internet voting page.)

Nick

Paper is good (3)

Stephen (20676) | more than 14 years ago | (#1359086)

Americans, who are used to electronic voting, will probably think I'm mad here, and that I am about to destroy all my credibility as a geek. But I don't like voting by computers at all, let alone over the internet.

In the UK, we vote by placing crosses on pieces of paper. It may be old-fashioned (and our government are talking about changing it) but I think it has one enormous advantage: it's totally visible. As the count is made, representatives from all the political parties are present. They can see what's going on with their own eyes, verify it, and question it if necessary.

I regard this transparency as a basic democratic safeguard. One doesn't need to trust that the technology is working properly. The accuracy of the result is not in doubt (if it's close, it's recounted, several times if necessary).

(Besides, election night is much more fun as the results come in one-by-one through the small hours of the morning!)

A boost for women in government? (3)

Junks Jerzey (54586) | more than 14 years ago | (#1359087)

If internet voting is going to be anything like the deja.com polls, then whoever looks the best in a tight sports bra will win.

Online voting: not ready for prime time (4)

substrate (2628) | more than 14 years ago | (#1359089)

Online voting isn't yet ready for prime time. I agree that traditional security concerns can be met with existing encryption and security standards. What can't be guaranteed is that your vote will actually be received and counted.

With traditional votes as long as the roads are open and the weather isn't too bad people can make it out to a voting station. The total tally may be larger on nice days than during inclement weather but there will be a respectable cross section of the population who will make the effort to vote. If you make it to the station your vote will be counted.

Votes tend to have geographic biases which is why you have states or municipalities referred to as being 'traditionally democratic' or 'traditionally republican' etc. This could lead to a denial of service attack to alter the outcome of the election. Send out your armed contingent to keep voters from reaching the voting stations. For a variety of reasons this isn't done. It's illegal, frowned upon by the public, tends to get the government pointing its arms at you and so on.

With internet based voting the structure of the internet itself will guarantee that even though some number of voters are at the voting station (their personal computer in this case) but won't be heard during the final tally. Net congestion, ISP problems but we'll assume that their computer is actually working.

A denial of service attack against geographic regions is much easier though and much more anonymous. Just make sure that the traffic in a region is high enough to make voting difficult. Look for misconfigured machines that will allow an avalanche of pings to be sent with information at your local script kiddy database.

You can argue that not allowing online voting will stop some people from casting their vote. To that I say so what? If somebody can't make the effort to make it to the local vote station then they probably aren't concerned enough about what their vote represents to even have formed a real opinion. There are real circumstances such as illness but there is already vote by proxy to cover this.

When the internet has enough bandwidth and redundancy to conceal the effects of net congestion it will be time to look at internet voting for serious elections. Until then all its suited for is informal polls.

Coerced votes?? (4)

Russ Nelson (33911) | more than 14 years ago | (#1359090)

How do you detect coerced voting when you don't have poll watchers? The whole idea of the secret free vote goes down the drain. It's a damnfool idea, promulgated by damn fools. Shoot it down whenever you can.
-russ

Voting IS different. (4)

Wellspring (111524) | more than 14 years ago | (#1359091)

I hate to admit it, but voting is different from financial transactions. The incentive for fraud is greater, and the system is less fault-tolerant because so few people vote. I am more knowledgeable about elections than I am a security guru, so take this w/ a grain of salt, but:

Software systems are much easier to crack than physical systems. At the risk of sounding like the french with their 'visual telegraph' alternative to telephones, there is a comfort in the fact that:

1. Tampering can be limited to people with physical access to the machine which is monitored by ordinary people. Political parties employ 'poll watchers', who are ordinary people who often aren't even politically active, to keep an eye on the machines during the elections process to watch for tampering.

2. If tampering DOES occur, the machine can be examined to determine who did it, and reveal physical evidence. It is much harder to determine that from a compromised system.

3. Financial transactions are time-dependent, whereas election info is useful for years. So I can sniff the encrypted packets today, and decrypt it with tomorrow's techniques.

Besides, I keep hearing from experts that our current systems for financial transaction are insecure and require major overhaul.

People are very passionate about politics-- just read the other posts! There are plenty of people who, given the means, would actively try to disable or disrupt an on-line election. Or try to distort the results. Or use tricky web page scripts to socially engineer a person into voting for other candidates. The point is, this is one of the most vulnerable things to tampering in the real world-- let alone online. We have to be very cautious before we implement it.

Going slow is probably good (4)

beff (135968) | more than 14 years ago | (#1359092)

I haven't read the full Californian report, but I can understand from a security perspective why going slow would be a good idea. Online voting is much more complicated than online shopping. A good online voting system will have to:

1. Only allow registered voters to vote.

2. Only allow voters to vote once.

3. Ensure that those votes are truly anonymous.

4. Ensure that all valid votes are accurately counted.

If you think about it, requirements 1 and 3 seem almost mutually exclusive. I know that there are algorithms that purport to be able to handle this in theory, but rolling on-line voting out to people that don't know how to program their VCR isn't going to be easy. Applied Cryptography by whats-his-name has a fairly good section on voting protocols.

Couldn't Agree More (5)

Effugas (2378) | more than 14 years ago | (#1359093)

Yup. The net is secure enough for billions of dollars of e-commerce, but not for voting. Here's why:

Fraud on the financial level is easy to detect--somebody is out their money. Someone either has their goods or has their money, and either they have both or they have neither. There's a long paper trail, with *individual* impact on only the two parties involved in the financial transaction.

Fraud on the voting level is so much different, it's scary. Your computer says, "Ah! Vote registered for Mr. Bob", that's it. You're out no money, you've lost nothing if your desktop has been secretly tampered with, there's no paper trail that you're going to have any reason to analyze because you're not going to know anything went wrong. Lets not forget, with nothing written down, there's no physical evidence of the original votes--how can one demand a recount when the servers store the votes? Once the data enters the server, all sorts of unique WORM/cascading signature/etc. methodologies can be applied, but it's gotta get there.

The most insidious part of all of this is that it's not simply the voter that loses out by a falsified vote, but society as a whole. Votes affect everyone; financial deals are limited to those directly transacting.

Maybe something like iButtons, or Amex's Blue might go along way towards increasing my faith in online voting. For now, I just don't think the tech is there for something so critical.

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...