Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Encryption Government Privacy Security IT

Online Voting Should Be Verifiable -- But It's a Hard Problem 258

An anonymous reader writes with a link to a pithy overview at The Conversation of recent uses of (and nagging difficulties with) online voting and asks Regular 'internet voting too risky' arguments don't take some approaches into account like verifiability of votes by voters, observers, and international media. Could we have end-to-end verifiable online voting systems in the future? What are the difficulties? Where is it being done already? From the linked article (which provides at least some answers to those questions), one interesting idea:Another challenge to designing verifiability in online voting is the possibility of malware infection of voters' computers. By some estimates between 30%-40% of all home computers are infected. It’s quite possible that determined attackers could produce and distribute malware specifically designed to thwart or alter the outcome of a national election – for example undetectably changing the way a user votes and then covering its tracks by faking how the vote appears to have been cast to the voter. Whatever verifability mechanisms there are could also be thwarted by the malware.

One way to try to prevent this kind of attack is to make voters use several computers during the voting process. Although this is hardly convenient, the idea is to make it more difficult for an attacker to launch a co-ordinated attack across several computers at once.
This discussion has been archived. No new comments can be posted.

Online Voting Should Be Verifiable -- But It's a Hard Problem

Comments Filter:
  • by whoever57 ( 658626 ) on Thursday May 14, 2015 @10:37AM (#49689643) Journal

    Just like postal voting, Internet voting is a bad idea.

    In a family group, you simply don't know who is really voting. Yes, the correct person may be marking the postal ballot, or clicking the votes, but a dominant family member can be looking over the voter's shoulder, making sure the vote corresponds to the dominant family member's preferences.

    • Re: (Score:2, Insightful)

      End the antiquated requirement for anonymous ballots, and the technical solution becomes very easy. But neither should you be able to check an individuals vote anonymously. Coercing or discriminating against someone for their vote needs to become a serious crime before any of this could be put into place though.

      • by Shakrai ( 717556 ) on Thursday May 14, 2015 @10:56AM (#49689823) Journal

        End the antiquated requirement for anonymous ballots
        Coercing or discriminating against someone for their vote needs to become a serious crime

        I like how you point out the most important reason for the anonymous ballot while simultaneously calling for its end. Hint: It's already a crime to try and coerce someone's vote. It's also a very difficult crime to prove, which is why it's simpler to just say, "Your boss can't go into the booth with you." than "Tell is if your boss is trying to intimidate you."

        If Democracy is worth anything it's worth an hour of your fucking time once a year to go a polling place. Online voting is a solution looking for a problem. Absentee ballots are a necessary evil for people (the handicapped and those unavoidably out of town) who legitimately can't make it to the polling place. They do not need to be and should not be the new normal.

        • by DarkOx ( 621550 ) on Thursday May 14, 2015 @11:12AM (#49689991) Journal

          I also agree with you. I do think we need to make a couple more considerations though.

          First "those unavoidably out of town" should not be an excuse unless the distance between postal zip codes is greater than say 200 miles, and if the post marks indicate otherwise your ballot is invalid. That is the only way to prevent abuse.

          Second right now it is possible for your boss to intimidate you into not voting and certain companies probably have a pretty good idea of the voting blocks their employees fall into. We need to be fair and make election day a National Holiday! So that everyone has the day off. We probably need to make exceptions for the groups for which anti-strike laws already exist, Health, Safety and infrastructure folks who potentially have to work the holiday. There also needs to be some kind of penalty for employees who try to ignore election day like its just another MLK day have have nonessential personnel work anyway.

          I agree the only way to ensure any sort of integrity is to have people GO to the polls, but we need to make sure everyone can.

          • If Democracy is worth anything it's worth an hour of your fucking time once a year to go a polling place.

            I also agree with you. I do think we need to make a couple more considerations though.

            First "those unavoidably out of town" should not be an excuse unless the distance between postal zip codes is greater than say 200 miles

            Since when does a round trip of "200 miles" take "an hour"?

            it is possible for your boss to intimidate you into not voting

            Is it coercion for the boss to threaten to terminate your employment if you fail to travel on Election Day, ostensibly for essential business purposes, to a location that just happens to be between 100 and 200 miles away from the polling place?

            We need to be fair and make election day a National Holiday! So that everyone has the day off.

            It might take more than a day to travel to and from the polling place. For example, I went to college about 180 miles from home. How should someone at school 180 miles away from home vote in the district where

          • I don't see why "out of town" should be an excuse. Voting is done country-wide on the same day, is it not? Polling stations should have (and probably do have) policies and procedures for handling an out-of-area voter.
            • Because different locations have different ballots due to being in different districts and having different candidates and issues.
        • by bigpat ( 158134 )

          Online voting is a solution looking for a problem.

          I mostly agree with this. But I do see an opportunity for more participatory government if there is a way to vote online on local issues.

          I live in a Town with an open meeting form of local government. That means anyone can show up and vote on items that are on the agenda. Our votes are not anonymous because anyone can look around the room and see who is voting which way on what.

          Specific votes by individuals are not officially recorded, but they could be recorded by anyone. If you give up on the ide

          • by taustin ( 171655 )

            If you give up on the idea of online elections, and focus instead on online town meeting voting on particular bylaws or local spending, which doesn't need to be anonymous,

            Based on my own experiences living in small towns, I can only conclude that either you never have, or you're smoking some mighty fine dope. There's no place where anonymous voting is more necessary. Boss Hogg knows where you live, and where your kids play. And will make certainly know he knows.

            • by jythie ( 914043 )
              This.

              Small town corruption has always been a significant and insidious problem, and you can do a case study with pretty much any town under 20k people with a few families holding the power and retribution being common enough to simply assume.
            • by bigpat ( 158134 )

              Based on my own experiences living in small towns, I can only conclude that either you never have, or you're smoking some mighty fine dope. There's no place where anonymous voting is more necessary. Boss Hogg knows where you live, and where your kids play. And will make certainly know he knows.

              I don't partake. And I am not taking about voting for representatives or to elect individual people.

              Have you lived in a small town with an open town meeting form of government? Roberts Rules. You sit in a big hall, sometimes there is a voice vote when you either say yay or nay and if the moderator cannot determine the yays or nays then you stand and are counted as either yay or nay. Only for votes on salaries for particular town officials do they pass around the paper for an anonymous vote. You could do

        • by jythie ( 914043 )
          On the other hand, one of the big 'battle grounds' with voting right now are conflicts regarding how narrow those windows are for casting a ballot, with a focus on decreasing availability to populations based on, well, who they tend to vote for.

          One major advantage of postal and internet voting is they both are things that individuals can take steps to access on their own schedules, while polling places require enough community organization to counter decisions being made by other organizations. Individual
      • End the antiquated requirement for anonymous ballots

        There's nothing antiquated about anonymous ballots. Voting secrecy is as critical now as it has ever been, for all of the same reasons: to minimize reprisals from friends, family, employers, and the government for voting "the wrong way", and to decrease the ease with which people can be coerced or bribed to vote a particular way (since the ones doing the bribing or coercing can't verify that you voted the way they want.)

      • by ultranova ( 717540 ) on Thursday May 14, 2015 @11:26AM (#49690143)

        End the antiquated requirement for anonymous ballots, and the technical solution becomes very easy.

        End anonymous ballots and you end democracy.

        But neither should you be able to check an individuals vote anonymously. Coercing or discriminating against someone for their vote needs to become a serious crime before any of this could be put into place though.

        How do you prove you were "encouraged" to vote a certain way? You can't, and even an attempt to sue for example your employer will affect your future in sufficiently negative way to make the prospect daunting. Nor can you prove someone wasn't so influenced. So the election result has zero credibility, thus delegitimazing the entire system. Which, of course, is the goal of various non-anonymous voting schemes that people suggest from time to time.

      • There are levels of anonymity.
        1. The ballots are anonymous as long as the voter wishes to keep it anonymous.
        2. The ballots are anonymous regardless of whether the voter wishes to reveal their vote.

        I think just having level 1 is probably fine. Plus having level 2 means that a voter can;t check that his/her vote was counted correctly.

    • Completely agree with this. Going to a polling station might not be perfect, but it works - its secure and watched over by generally impartial humans. There is just now way to get all the same benefits of voting in a secure public place for internet or postal voting.

      You might solve some of the identity issues by rolling out universal ID cards, but like you say - how do you know they are not being coerced?

      • Why the push for online voting? Because, the Internet or something?

        Just because you can doesn't mean you should. There is much to be said for making the effort to show up and mark a ballot. If voting becomes as easy as clicking some on-line survey like you find on the typical news page, then we will end up with what we deserve.

        • Re: (Score:2, Flamebait)

          by DaHat ( 247651 )

          Because there are those who believe that voting today is just to gosh darn hard.

          Too hard to find your polling place and go there during election hours.

          Too hard to request an absentee ballot if you don't be able to make it on election day.

          Too hard to come up with a photo id to prove you are who you say you are.

          Here in Washington state we ignore all three of those and mail the ballot straight to your house and give you 3 weeks to return it to be counted. No possibility of fraud there!

  • by amorsen ( 7485 ) <benny+slashdot@amorsen.dk> on Thursday May 14, 2015 @10:39AM (#49689675)

    We are really really good at handling online transactions of various kinds. Voting is easy. You just have to give up the secret ballot...

    Anonymous secure verifiable voting is a bad joke.

    • Even then, though, I'm not convinced you can have verifiable voting, even if you give up the secret part.

      If a "secret magic number" is all that you have to confirm that a) it's the person you expect it to be, and that b) someone isn't forcing them ... I'm still not sure you can put any trust in it.

      So then you're dealing with not-secret, not-really-verifiable, still not secure.

      Because surely we're not suggesting some PIN mailed to you actually proves that you are the one clicking the buttons of your own acco

      • by amorsen ( 7485 )

        b) someone isn't forcing them

        Defending against this requires secret ballots. If you can verify how a person voted, then that person is at risk of coercion. Online voting cannot provide secret ballots. If you want secret ballots, do not use online voting.

        I thought I wrote that clearly enough in my first attempt, but apparently not :)

        • Sorry, I interpreted you as saying we could have verifiable voting on the intertubes.

          You can have anonymous (and therefore useless) voting.

          You can't have secure and verifiable without draconian invasions of your privacy.

          You sure as hell can't have all three.

    • This Plus (Score:4, Insightful)

      by s.petry ( 762400 ) on Thursday May 14, 2015 @10:51AM (#49689793)

      The same thing they claim on-line voting has problems with, is the exact same thing we have problems with using boxes. Every election there is somehow missing ballots, and don't even get me started on dangling chads, absentee ballots, and how many dead people are voting every election.

      No system is perfect, but what they have currently can't be any worse than on-line voting.

      • How'd the Obamacare website go?

        Imagine our election...

        • I remember the CA recall election in 2003. This was in the early days of electronic voting machines and with the 2000 Presidential election still in the minds of many voters. There were lawsuits to delay the recall in order to roll out more electronic machines at the expense of paper ballots. In subsequent years, many of those same groups sued to go back to paper after electronic voting had its own issues.
          It doesn't matter how you vote, some folks will just be reflexively against it.
    • by Megol ( 3135005 )

      There already are systems that are anonymous and secret - look into some digital money designs.

      The problem isn't technical - it is a social one: how to ensure nobody gets pressured to vote for somebody. Allowing a user to vote several times and making the last vote count help a bit however it isn't enough...

  • Or... (Score:3, Insightful)

    by Anonymous Coward on Thursday May 14, 2015 @10:40AM (#49689679)

    Or we could just use paper ballots that simply work.

    Why the need to push technology into places where it is not needed and it doesn't improve the process?

    • Agreed.

      Paper ballot --- if need be a scanning machine, but there _has_ to be a physical audit trail verifiable w/o the use of a machine.

      • Re:Or... (Score:5, Interesting)

        by pixelpusher220 ( 529617 ) on Thursday May 14, 2015 @10:55AM (#49689819)
        Indeed and I give you 3 words for needing a paper trail.

        National Security Agency.

        They hack everything already. You do NOT want them hacking the votes. Given the complete lack of oversight and their already loose definition of 'legal' and 'overseas'...it sets up a perfect storm of an unanswerable rogue agency wagging the dog to get the pro-forma oversight they 'want'.
        • by tnk1 ( 899206 )

          And what keeps the government from "hacking" the current voting process? They just use different means. And it would be caught out the same way as you would "hacking". That is to say, someone would come forward for either patriotic or self-serving reasons.

          Sure, if there was online voting, the NSA itself, as opposed to the other agencies, would be more likely to have the resources to do it. However, why do you think that they won't get Snowdened, like they already have?

          Snowden went public based on some s

        • I'd be worried about more than the NSA - have you seen how much money wealthy people donate to political candidates? All it takes is a rich person with dodgy ethics and a million bucks to spare - and they can buy zero day vulns and hire hackers to compromise the election server. Only a few people would need to be involved.

          Muuuuch harder to rig a physical election across multiple voting locations. You need to compromise lots of different ballot boxes if you're going to swing the result subtly, and there are

      • Agreed.

        Paper ballot --- if need be a scanning machine, but there _has_ to be a physical audit trail verifiable w/o the use of a machine.

        Its pretty obvious. Random checks between ballots and reader totals can be done to keep an eye on things, or even re-running ballots on separate machines. I'm surprised there is so much debate.

      • by rtb61 ( 674572 )

        Paper Ballot. Manual count of votes with representatives of all those running for the election checking the count being done by paid election officials. Elections to be held on the weekend. More polling stations. More social event with charity drives ie http://en.wikipedia.org/wiki/S... [wikipedia.org] at the polling stations. As many people as possible involved in the election process. Democracy is about people and as should people should be involved as much as possible in it the most important element of democracy the v

    • I think that paper ballots that are machine read but human verifiable take the best of both worlds.

  • by IamJaxn ( 455539 ) on Thursday May 14, 2015 @10:40AM (#49689685) Homepage

    We can't even get voting machines that are secure and verifiable. We contract companies with no accountability to make these, and they don't even listen to third party researchers, or calls for open reviews. Why on earth would we think we could secure it on a public network, with umpteen more attack vectors?

  • If we have a machine-readable and human readable paper record, then the paper record could be imaged, then submitted to a independent system to verify that all the votes are accounted for, and that what is printed is what is read by machine. It is up to the voter to verify what is printed is what was voted.

    What's more is the voting verification system does not need to be from the same manufacturer of the voting machine itself.

    • by bondsbw ( 888959 )

      The voting verification doesn't even have to be a computer system. It could be a manual process, where any interested party can verify vote counts as they come in at the precinct, and sign off on the totals when they are delivered to the state.

  • IEEE 1622 (Score:5, Interesting)

    by vikingpower ( 768921 ) on Thursday May 14, 2015 @10:42AM (#49689711) Homepage Journal
    I am a ( small ) contributor to the future IEEE 1622 standard. We chose not to deal with the security problem, and to tackle only the electronic interchange format. Security, in electronic voting, seems too hard a problem to solve right now.
  • Or we could just use paper ballots that simply work.

    Why the need to push technology into places where it is not needed and it doesn't improve the process??

  • ... like the 1980s, "I want a computer to balance my checkbook."

    Online voting is a solution to a problem we don't have.

  • It's weird... (Score:2, Insightful)

    by iONiUM ( 530420 )

    In Canada you can file your taxes (and even get the replies via e-mail), renew your driver's licence, file for immigration changes (visa extensions, etc.), renew car plates, get a new passport, etc. all online. And yet, we don't feel we are secure enough to allow people to vote? How the fuck does that make any sense?

    In the end, all this bullshit about "we can't provide enough security for voting" is just a smoke and mirrors job. The real fear is that everyone who doesn't vote now because it's a pain in the

    • How can you provide complete secrecy of the voter's choice? Let's say I want to buy a vote. In the current system, the person I am paying disappears into a booth, and I actually have no idea how they voted. Better yet, the ballot does not contain their name! Not a very useful thing to try to buy votes because there is total secrecy of the voters choice. The LACK of verification is a feature, not a bug. How can we provide this very important property (unverifiability of voter's actual choice even by an

    • by vux984 ( 928602 )

      And yet, we don't feel we are secure enough to allow people to vote? How the fuck does that make any sense?

      Voting should be simple. And by simple I mean low-tech. Canada's system is nearly perfect. Everyone can understand it. Everyone can see how the votes are counted. An observer can watch the voting, can watch the counts. Recounts are easy.

      As soon as you make it online, it becomes inscrutable. Even if you design a system with open hardware, open software, etc most people still can't understand it, and can't verify it. And even if they verify the software and hardware, they can't know that's the software and ha

  • David Bismark demos a new system for voting that contains a simple, verifiable way to prevent fraud and miscounting — while keeping each person's vote secret. http://www.ted.com/talks/david... [ted.com]
    • What's to prevent a hacker from inserting votes into the system? Granted, there is a mechanism for detecting if votes are deleted, but it relies on people checking their vote receipt against a website. The bulk of the population is not going to do that, so a hacker has fairly high probability of being able to delete votes without being detected. And what happens when a hack is detected? Is there a way of determining how many of the ballots are tainted? Do you run the election again, or go with the
  • But don't worry, we've got "Lawrence's Mom is a Slut" waiting in the wings as our new VP.

    • Also, there's been a rash of 911 calls resulting in SWAT teams breaking down the doors of people who voted for Candidate B over Candidate A.

  • by omnirealm ( 244599 ) on Thursday May 14, 2015 @10:56AM (#49689831) Homepage

    I don't want people who aren't invested enough* to go to a poll to decide policies that affect my life.

    (*modulo people with disabilities or who have work conflicts, but we already have mechanisms in place to account for that -- I'm talking about the general issue of lowering the bar too much)

  • by magarity ( 164372 ) on Thursday May 14, 2015 @10:59AM (#49689861)

    Why have online voting? Really, voting in person means people who are interested enough bestir themselves to do so. And if they are interested enough to go vote, presumably they at least know the candidates' names ahead of time and hopefully something of the issues. Until you can guarantee there are no ultra-low information voters then universal turnout is not good. Otherwise might as well turn voting over to Mechanical Turk.

    • Our current voting system was designed for a voting public that was mostly self employed farmers. Taking some time off to into town and vote wasn't that big a deal. Now the voting public is mostly wage based corporate employees and making the time to go to the polling place is much more complicated. Vote by mail seems to be the best compromise at the moment and is working fine in Oregon.
  • Wait until all the State Driver's Licenses become smart cards and use those to verify identity. Similar to the PIV/HSPD-12 cards the U.S. government uses for employees. Require PINs just like with ATM cards.

    With the card being an actual computer that can store secure digital certificates, and the same trust model the entire country uses now -- your government-issued Driver's License (and/or Passport) is accepted by pretty much EVERYONE as proof of identity -- this is doable.

  • by ADRA ( 37398 )

    1. Have a universal number, lets call it a SIN number for simplicity
    2. Have a web site / physical record of casted votes with the casted vote and the voter's unique id hashed by something like MD5/SHA & date/time of casted vote in the incredibly rare case of hash collisions (correction, see below)
    3. Send a mail-in pamphlet that provides a seed so that only the voting registry knows your unique (no reverse SIN guess in case your SIN was compromized by 'influencing' parties)

    Me: Joe Blow
    Issued SEED: 123456

  • But is it NP-Hard?

  • by Moof123 ( 1292134 ) on Thursday May 14, 2015 @11:12AM (#49689983)

    By time we get to the polls we get to choose between Kang and Kodos. The real choosing has been done in back rooms by power brokers and billionaires. Low voter turn out is in part fueled by the apathy that comes from only getting to choose between two pre-selected options by those with very different morales and priorities from the rest of us. The candidates on the ballot only got their by becoming indebted to those power brokers and rich, meaning they have to be corrupted as a per-requisite.

  • E-voting without fraud is a solvable problem, you just need to holistically think about the issues, like this guy: http://www.ted.com/talks/david... [ted.com]

  • You have to make sure every link in the chain is secure.
    That means:
    1) Secured military-grade with strong anti-tamper machines, built on open-source OS software and hardware, that'll sign votes with a one-time-only HSM with strong anti-tamper (i.e., acid to burn off everything inside it if someone attempts to open it). Every HSM's public key will be competely open to the public, and the public will verify that the number of booth is what it's supposed to be.
    2) Real life humans verifying the identity of the p

    • Except this article is talking about online voting which means:

      1) Any computer connected to the Internet can vote in the election. This includes grandma's unpatched Windows XP box with the 50 browser toolbars that she opens all those e-mail attachments with.

      2) There is no verification of identity. Is "John Smith" who is voting really "John Smith"? Or did some hackers steal his voting credentials? Or maybe John's employer demanded his voting credentials to ensure that John votes "the right way."

      3) Speakin

    • If you so much as ask for ID, a vocal group of people around here start shouting voter suppression.

      A big part of the problem is that it isn't just a technical problem. It's a social one.

  • This problem has already been solved.

    People already trust the financial system. Copy it.

    Instead of creating a 'bank account', people would create a 'voter registration'.

    Instead of processing debits and withdrawls, the system would process votes.

    The solution is elegant because it is simple. By modeling it after the banking system, you inherit the implicit trust in that system. Anyone who challenges the system, has to challenge the global financial system. Who is going to stand up and say, "You can't trus

    • Transactions are tied to people and have a trail as a requirement. For votes, the requirement is that there is no trail. You can go back and fix/change things when there is a trail, so for financial transactions it works well enough.
      • by dave562 ( 969951 )

        Except there is a trail. Voters have to register. They have to present valid ID at the polling booth.

        While the actual votes are 'secret' there is no secrecy around who is voting.

        For the online system to work, all it has to do is confirm that the total number of votes tallied for any issue are equal to or less than the total number of voters.

        The actual content of the vote (yes or no, for or against) does not need to be associated with a voter.

        • Except there is a trail. Voters have to register. They have to present valid ID at the polling booth.>

          Wrong, there is a trail to 'who' voted, but not a trail to 'what' their vote was. That trail cannot be allowed to exist. Transactions have a trail of both "who" and "what", and they also have "where to" and "where from", all things you can use to go back and verify or correct for transactions.

          • by dave562 ( 969951 )

            You just re-iterated what I said.

            It seems like you are branching off onto tangents, or trying to solve different problems.

            The point I am making is that verifying voter eligibility, recording votes and tallying votes can be done with a system like the financial system. I use the financial system as an example because it has physical locations (ATMs) that are analogous to a voting booth, and they have virtual locations (bank web sites) that are analogous with online voting. The plumbing is already there, an

            • If a vote needs to be truly verified, it cannot be anonymous.

              But it must be anonymous. That is the part that cannot change.

              Banking transactions actually have failures, but they are detectable and correctable due to the ability to tie the 'what' to the person.

              • by dave562 ( 969951 )

                What is your solution for preserving anonymity but verifying the vote?

                • I think the system we have today is as good as it gets, at least compared to any proposed solutions. Paper votes under physical control, tally with a scanner, then keep paper for verification where needed and random checks for accuracy. Chances of widespread manipulation are extremely small, issues are detectable, and there is no way to trace a vote decision to a person.
  • How about an easier option of sticking with paper ballots, but having a longer window in which to vote? Having just a day at the polls, one a work day, assures that a fair portion of the population (especially the working poor) will have a hard time getting to the polls to throw away their vote.

    How about having all mail in ballots be either be legal to send with a first class stamp or come postage paid. Even in our vote by mail state I find it to be a PITA to get my ballot in since I only ever have first

  • All the cleaner election benefits of paper ballots, plus you could do anything governments do right now to paper currency to prevent fake ballots from being stuffed into election counts

    Best system for dealing with different disabled voter challenges easily bar none.

    We are always getting 70-80% voter turnout in where vote-by-mail is being used now for a decade.

    • We are always getting 70-80% voter turnout in where vote-by-mail is being used now for a decade.

      Could you elaborate on that ? Where exactly is vote-by-mail being used ? Just curious.

  • by Etcetera ( 14711 ) on Thursday May 14, 2015 @11:40AM (#49690327) Homepage

    Democrats, hipsters, and neo-technotards, please give it up.

    There's absolutely nothing wrong with paper ballots that reminding people to double-check the accuracy of wouldn't solve. It's worked forever, reduces security to the (relatively known problem to solve) of physical security of a location and transit -- something banks have done for centuries. For voter verification, require Photo IDs from a recognized entity, and/or "vouching" similar to what's done now in many states when needing to notarize something from someone with insufficient ID.

    Make ballot-by-mail and online voting special-case-only (eg, registered expats; those on deployment; etc.) and such a small scope that it's not worth the coordinated, targeted investment in massive hack schemes, then secure using the best, reasonable internet-encrypting technology.

    Stop trying to re-invent things that aren't really that broken to begin with. And sorry Millennials, the inability to vote by app from your cell phone is a feature not a bug.

    In related news: I wish more people would go watch Max Headroom again. Sometimes I feel we're living about 15 of those 20 minutes into the future

    • Democrats

      Christ, everything is politicized in your them vs. us two-party system, isn't it?

      • Actually, I think I would welcome the addition of the Neo-Technotards as a third party. The political debates would be VERY entertaining. Can you imagine the looks of exasperation on the faces of the other parties' candidates?
  • What about a layered encryption system?

    First, a random token is generated for your vote. This could be generated client side (with potential collisions) -- it's just a way for someone to verify their vote later. That, plus the vote(s) are encrypted with the Tallying Machine (TM) public key. Next, the output of that is combined with your identity information and encrypted with the Identity Machine public key. The whole thing is then sent to the IM, decrypted, identity is verified, voting record is made,

  • ..the possibility of malware infection of voters' computers.

    You need to either be ok with that (i.e. botnet owners should have more votes than normal people, because the whole reason that people give their computers over to botnets, is that they want to personally have less power) or else you need to give up on the idea of online voting.

    And since nobody sane is going to be ok with that (I think people will disagree with my above parenthesized assertion), then: give up on the idea online voting. By the tim

  • voting should be at least a weeklong window. And Electoon Day itself should be a paid national/bank holiday. It should be more sacrosanct than Christmas Day; working on Election Day should be quadruple pay, to discourage employers from opening their doors.

A verbal contract isn't worth the paper it's written on. -- Samuel Goldwyn

Working...