US's First Internet Votes To Be Cast This Friday 143
longacre writes "If you thought online voting in America was a distant pipe dream (nightmare?), think again: the nation's first Internet-based voting system goes online this Friday, just days after the release of the Damning Report On Sequoia E-Voting Machine Security we discussed yesterday. In the first real world run of the Okaloosa Distance Ballot Piloting (ODBP) test program, election officials from Okaloosa County, Florida have set up kiosks in Germany, the UK and Japan where 600-700 absentee voters — mostly military personnel — are expected to cast ballots. Security experts still have many questions, of course, particularly on the potential for interception of voting data while it travels across oceans (via 'secure VPN'), the security of the kiosks ('hardened laptops' with no hard drives and other sensitive components disabled) and the security of the three data centers (one of which is itself housed overseas, in Barcelona, Spain), not to mention the fact that Florida doesn't exactly have a stellar record when it comes to vote counting. Florida's Dept. of State also has a fairly detailed outline of ODBP's components and processes [PDF]."
Re:WTF?!?? (Score:5, Informative)
Using encryption, exactly what you asked for can be done.
I suggest you start your reading by looking at blind signatures.
Of course, it won't be implemented correctly, but e-voting is mathematically possible.
Re:WTF?!?? (Score:5, Informative)
Re:WTF?!?? (Score:5, Informative)
More specifically:
http://en.wikipedia.org/wiki/End-to-end_auditable_voting_systems [wikipedia.org]
It's probably better... (Score:4, Informative)
... than the alternative [defenselink.mil]
internet voting is just lobby-budget driven (Score:2, Informative)
we have had paper trail voting every year the last hundred years. i costs very little, all votes are counted by 02.00 AM, with the last voter leaving the voting booths around 18. A second count is then done (by different people) which is done by lunchtime the next day.
all papers are stored forever in a deep mountain storage facility. we have all our votes stored over the last 100 years. if you would like to go count, say 1974's votes, just go ahead.
~80% of our population goes voting. (US today is 40% i believe)
i live in sweden.
Re:libertarian (Score:4, Informative)
Two things; a) banks can't. Fraud is a serious problem.
More importantly; b) banks get to try again. Most electronic cash transfers have two ends. It's in the interest of each one to check it goes right. If one end is committing fraud then the other end will complain. You can then reverse the transaction (if you have correctly identified the parties) or at least take security measures so it doesn't happen in future.
Voting is different. In order to avoid vote buying it has to happen in secret and for the most part if you can check your own vote you can also show someone else how you voted. This is much harder than securing most financial transactions.
Re:WTF?!?? (Score:4, Informative)
Well, let's look at how a traditional absentee ballot works:
To begin with, you have a list of eligible voters and some way of identifying each of them. This is easy enough to duplicate with public keys, passwords, whatever.
The ballot itself consists of an inner part, containing the actual selections, and an outer part, containing the voter's ID. The inner part is sealed, and remains that way until the ID portion has been stripped away.
The same thing can be done with encryption. Create the digital equivalent of an anonymous ballot, indicating your preferred candidates. Encrypt that ballot (with a "salt" value to ensure uniqueness) with the public key designated for the purpose. Sign the encrypted ballot with your own public key and submit it.
When the voting authorities receive your ballot they simply validate the signature and store it for later use, still in its encrypted and IDed form. If you change your mind, or the original ballot was submitted under duress, etc., you can submit a new ballot later or show up in person on the day of the vote, and the old ballot will be discarded unopened.
When it's time to count the votes -- after deleting the obsolete ballots of anyone who showed up in person -- the ID information is discarded (permanently) and the raw ballots are decrypted and counted. The tricky part is ensuring the complete destruction, or at least disassociation, of the ID data, but that's just a matter of developing the proper policies. The same concern applies regarding current absentee ballots.
Re:Not an Encryption Problem (Score:3, Informative)
I imagine it would work similar to the way it works in the states where these remote machines will be staffed and you will be issued a card based on your identity that gives three shots at casting one ballot. If you attempt to show up a second time, your name is checked on a list that says you already cast a ballot and the staffers would refuse to give you a card.
Absentee voting should all be provisional votes in my opinion. This means that your vote is in essence tracked so if it becomes challenged, it can be removed from the totals. There are anonymous ways of doing this or should I say ways of keeping your vote secrete even though someone could technically find out. These ways might include where enough people in the know will be notified is someone attempts to access your vote. If it is electronic, I think it should automatically yank your ballot, notify you and monitors that are independent from the state as well as the state election officials too. This way when someone attempts to check on your vote, then need a legitimate reason that can be justified to you, the state, all the candidates involved and so on where fraud can be detected and dealt with appropriately. If an employer or public official uses the information against you, there should be mandatory jail time along with severe civil damages. But this is just my opinion.
Sadly, we already have people in Ohio attempting to hijack absentee ballots and it is probably going on in other states. On the news last night, a woman reported that someone came to her door claiming to be the Official absentee vote collector and told her she needed to finish filling it out and give it to them. She supposedly claimed that she didn't believe them and it was at work so he would have to come back later and someone actually called her saying that was the way they are collecting absentee votes and she was supposed to give it to the worker who stops by. We have out of state college kids renting houses specifically to case votes while claiming to live there, they were actually back into other states going to school and comming back on weekends or in between classes to establish residency. They are currently under investigation by the Franklin county prosecutors office and my understanding is that they have word on others homes like that in other counties.
It is a shame that people want to game the system like that. It is more of a shame that they feel they need to do that in order for their candidate to win. I guess Ohio is doomed to have their will hijacked by out of town people supporting a candidate other then what they choose. I know who they are supporting but we will leave that out because a lot of people will excuse them for some reason.
Not the first Internet election in the US (Score:1, Informative)
This isn't the frist election in the us to be on the net
the first one was in 2000 in the arizona primary
http://people.reed.edu/~gronkep/webofpolitics/projects/onlinevoting/arizona.html
Re:Andrew Appel. (Score:3, Informative)
The website ishttp://www.cs.princeton.edu/~appel/voting/index.html [princeton.edu]