Smart Voting

xckjoo

GreeBo wrote: »

Research my thought experiment that I came up with randomly a couple of days ago? Not extensively, no.

Or at all maybe? You weren't even aware of a similar system being trialled already. Lots of useful info on the Internet but you have to look for it.

The other posters seem to be addressing the issues already so I won't retread the same ground.

GreeBo wrote: »

I didnt say you said that, actually.
"I've explained numerous times how it is and given examples and the only reply is "oh thats against the law""

You said it in a reply directly aimed at me so it had all the appearance of being related to my words. Also factually incorrect as the ability to change the vote after taking a photo had already been mentioned.

GreeBo wrote: »

Thanks, but my bubble is intact.
Its very hard to hack a network that is only up for under a day, I mentioned that already.
What social engineering can be used to hack a network that doesn't exist for 364 days a year?

Because again these things don't spring into existence in an instance already perfectly formed. 10 years ago we would have thought a private computer network in a high security facility with no physical access to any external network could be infiltrated, but stuxnet changed that.

GreeBo wrote: »

If you couldn't access the network you could always go to a voting centre and vote.

So now you want both systems running in parallel? Now you're opening a whole new can of worms with interoperability and we're back to the only advantage of your system being ease-of-access, which apparently has been shown to be of negligible impact. Again we'll ignore the interoperability issues as I don't expect you to have a fully formed plan. But there's a pretty big potential for serious difficulties here.

GreeBo wrote: »

Do I look like I'm out of ideas?!:rolleyes:
"this one specific point" thats a pretty massive gap in the current system yet Im being beaten to death by much smaller points?

Yup. You've only had the one and you, by your own admission, haven't really thought through.
The points you're being 'beaten to death with " (diddums) are fundamental to the voting system. Not just features we might like. You're still not grasping that. There's a million and one other practical issues we haven't even touched on. You introduce new ones with every adjustment you make that I'm ignoring them as I don't expect you to have a complete system figured out.
Totally agree everyone should be ID at the polls. Andrew gave a few reasons the current system still holds together and aren't transferable to the digital domain. If you can see past his personal opinions on big corporations long enough to read his informative posts.

GreeBo wrote: »

Indeed I am.
You would probably have spoiled your vote if you start editing it. You would have to request another ballot.

Nope. All wrong from start to finish. Clear preference is the requirement. They really need to start teaching this stuff in school.

AndrewJRenko

GreeBo wrote: »

BTW In case anyone is wondering why I have this user on ignore, the above should clear it up.

That's a funny kind of ignoring!

I'm not sure if you've had much exposure to IT security professionals? The 'security mindset' is a fundamental attribute for a security professional. It involves looking for every possible threat to a system and where that might come from. It involves thinking about threats that may not be realistic today, but could be realistic tomorrow.

It is not a natural approach for many IT professionals, who are used to building things up, not breaking them down. Here's one of the industry gurus explaining the Security Mindset in more detail.

https://www.youtube.com/watch?v=eZNzMKS7zjo

So let's just establish a bit more about the environment that we're living in.
We're living in a world where elections have been stolen using technology. Trump's election was stolen as a result of the Wikileaks attacks on Clinton and DRC, and the Cambridge Analytics taking of unauthorised information via Facebook and using this to influence voters. Yes, that's a very different attack approach, but the principle of using technology to steal election results is well established.

We're also living in a world where tech companies have lied about what data they have taken and how they have used it. They have been caught red handed.

We're also living in a world where Irish corporate tax rates and data protection regulatory environment have huge impacts on these corporations. The impact of these tax rates and the associated regulatory environment run to billions of euros for these organisations. The Irish data protection environment has a huge impact on their costs and their reputation. So the ability to influence or control Irish government policy in these areas would be a very tempting option for these organisations.

To build a voting system that gave these organisations control over voting operations would be madness.

xckjoo

Not spending any more time on this so I'll be brief.

GreeBo wrote: »

It does actually. If 4 people are not checked then they could be impersonating someone else. All I need is some fake student ID and I wander up with no polling card and get a ballot.
Even easier. You are mad for talking about coercion with a new system, if someone coerces me or I sell them my vote, then I clearly wont be turning up with my ballot, the other person would have it. hows you control working out then?

Yes but they have to physically go there and vote and even without asking for ID, they'll notice the same person coming in 4 times with 4 different names. You'll need to employ 1000s of people willing to risk jail time to have an impact on the election.
I addressed the network stuff last post. I really hope you don't work with sensitive information.

GreeBo wrote: »

Sorry, how much do we spend on voting day and on during the subsequent counts? how about the impact of not having to close schools?

Don't open that door on yourself! How much do you think it would take to develop the system you're proposing? Remember the voting machines and HSE electronic accounting system? Lots of money and not even a final product.
Schools have an allotment of days off to take each year and the election days come out of that.

GreeBo wrote: »

Companies dont typically spend money on something that doesnt work, its not really in their interest.

They try not to but of course they do. Never seen a project at work get canned?

GreeBo wrote: »

Someone should tell the journal!
"If you write anything else, you run the risk of your vote being deemed to be spoilt, and it won’t be counted.

If you make a mistake, inform a member of staff immediately and do not place it in the ballot box. If they are satisfied it is an honest mistake, you will be given a new voting slip."


You can. Seems you are showing your ignorance here.

And just for fun, maybe have a quick read of this:
https://www.irishtimes.com/news/politics/ballot-papers-not-stamped-at-polling-stations-deemed-inadmissible-1.2552614

I'm not sure I'd take the journals word on things but maybe we can. How does that effect things though? There's presumably a procedure in place for such occurrences if this is possible. They can't just hand out extra ballots without accounting for them. Number out must equal the number of people that voted. Anybody able to shed some light on this?

I don't think the Irish Times article makes the point you think it does. The stamping happens before you're handed the ballot so you can check it yourself. People probably don't realise that but understanding of the voting system seems to be poor in this country. Clear preference is still the requirement for a vote being classified as spoilt or not. You can't just write in whatever you want. It's even mentioned in the article when it was argued that "MM1" should be a first preference for Michael Martin.

Capt'n Midnight

GreeBo wrote: »

You think they are going to track the address of everyone?


So in your first point I have to worry about a collisions but in your second point a collision is highly unlikely? That seems convenient?

The number of addresses is pretty much irrelevant, I'm not looking for a specific address, I'm looking for a specific value at any address, of which there are only 15 in your example. So I need to find 15 addresses that have the 15 values Im looking for. If its that or a bullet in the head, I'll probably spend the 30 mins to find the addresses.

I used the word address to address this post

GreeBo wrote: »

If someone forces you to show your details you can pick any address that satisfies what they are looking for and they cant prove that its not yours, so trying to coerce a vote would kinda be pointless.

My point still stands.

You can't use someone else's verification and pretend it's yours. Far too many combinations.



As an aside , there've been 87 punishment beatings in Northern Ireland so far this year. So no I don't think being able to verify you vote is a good thing.



Also the UK guberment has an Android app that can use NFC to read your passport so EU citizens can register to stay.

It won't work on older phones. Or Apple or Windows or Blackberry. So it's 50:50 it it will read your passport. Then again given the repeated cock-ups by the UK over residency rights passing the first hurdle doesn't mean the rest of the system works.

Voting is optional. If there's a hard Brexit getting residency rights isn't.

xckjoo

AndrewJRenko wrote: »

That's a funny kind of ignoring!

I'm not sure if you've had much exposure to IT security professionals? The 'security mindset' is a fundamental attribute for a security professional. It involves looking for every possible threat to a system and where that might come from. It involves thinking about threats that may not be realistic today, but could be realistic tomorrow.

It is not a natural approach for many IT professionals, who are used to building things up, not breaking them down. Here's one of the industry gurus explaining the Security Mindset in more detail.

https://www.youtube.com/watch?v=eZNzMKS7zjo

So let's just establish a bit more about the environment that we're living in.
We're living in a world where elections have been stolen using technology. Trump's election was stolen as a result of the Wikileaks attacks on Clinton and DRC, and the Cambridge Analytics taking of unauthorised information via Facebook and using this to influence voters. Yes, that's a very different attack approach, but the principle of using technology to steal election results is well established.

We're also living in a world where tech companies have lied about what data they have taken and how they have used it. They have been caught red handed.

We're also living in a world where Irish corporate tax rates and data protection regulatory environment have huge impacts on these corporations. The impact of these tax rates and the associated regulatory environment run to billions of euros for these organisations. The Irish data protection environment has a huge impact on their costs and their reputation. So the ability to influence or control Irish government policy in these areas would be a very tempting option for these organisations.

To build a voting system that gave these organisations control over voting operations would be madness.

The contract would go to the lowest bidder too so God knows who that would be. On the plus side it would probably just cost millions and never result in a finished product

Atoms for Peace

You can keep your E-voting, it would destroy democracy as we know it.

AndrewJRenko

GreeBo wrote: »

I'm not saying the person behind the disk is fraudulent, its the person in front of the desk that is. I can come in 5 times throughout the day and pretend to be 5 different people, presenting at 5 different desks. I can say nothing and just hand over my ballot card, if they challenge me for ID I can just play dumb and explain that I must have picked up my father/mother/uncles card by accident. Whatever excuse and then give them my real one.
80% chance I get away with it based on the 1:5 check rate.

They generally ask everyone for their name when as you hand over the ballot card. They also watch people. The Garda present will also watch for people. You also won't know what desks your names are going to be at until you first get into the polling station on the morning.
You're risking committing a criminal offence. Playing dumb doesn't generally get people off from criminal offences.

GreeBo wrote: »

But you raise a good point. What If Im behind the desk and Im scratching names off on a piece of paper I printed out myself, what If Im scratching off gibberish and I have the real sheet somewhere else. Does that render the result invalid?

You've noticed how they work in pairs on the table? And you won't know who your pair is going to be until the morning of the vote. And your pair will change after every break. And the polling station supervisor is going to be supervising to ensure staff are doing what they're supposed to be doing.

GreeBo wrote: »

Well you are talking about enough people to compromise blockchain or the network or coerce a large number of people into voting. Why cant this same number of people do the steps I outlined above in multiple polling stations?

Because the controls that have been explained repeatedly on this thread will prevent them from voting. And they would be risking conviction of a criminal offence. And when charged with a criminal offence, at least one of them will rat you out.
And for the record, it's not about 'compromising blockchain' - it is about compromising the system that is writing to the blockchain.

GreeBo wrote: »

Its as secure as you can make it with the current process. I think there could be ways to make it more secure by using technology.

From everything you've said so far, your technology solution will make it LESS secure, not more secure.

GreeBo wrote: »

As others have pointed out, many facets of society now use technology to secure things that were "secured" by people and processes before. Things change as technology becomes available.

There are no other facets of society that have conflicting requirements of anonymity and auditability.

GreeBo wrote: »

I think the length of time take to sort and count votes and the fact that only certain people have access to these votes is an issue.

Why exactly is the length of time an issue? I've heard this mentioned by others, but I'm not sure what the exact issue. What benefit arises from (for example) having results on Friday night instead of on Saturday night?
I'm also unclear as to why more people need access to votes? The system is transparent, and the security of the system relies on protecting ballot papers while in public view.

AndrewJRenko

xckjoo wrote: »

The contract would go to the lowest bidder too so God knows who that would be. On the plus side it would probably just cost millions and never result in a finished product ðŸ˜

The contract would go to the lowest bidder who meets the requirements of the tender.


It's not just a question of who gets the contract to build the voting system. If the software is going to run on local devices, it introduces a whole raft of other players into the equation.


If you're going to use your Android phone to vote, you are depending on the operating system (from Google), and every other piece of software running on your phone, the network connection (either your home wifi/broadband or your phone data connection).

xckjoo

AndrewJRenko wrote: »

The contract would go to the lowest bidder who meets the requirements of the tender.


It's not just a question of who gets the contract to build the voting system. If the software is going to run on local devices, it introduces a whole raft of other players into the equation.


If you're going to use your Android phone to vote, you are depending on the operating system (from Google), and every other piece of software running on your phone, the network connection (either your home wifi/broadband or your phone data connection).

I was making a joke about the gap between the theoretical commissioning of a system and the monstrosity they end up being. Don't ever change AndrewJRenko

AndrewJRenko

GreeBo wrote: »

It does work. A digital environment isnt some magical place. You can chose to adit everything or nothing and everywhere in between. Its a computer, it does what you tell it to do.

You cannot audit an anonymous transaction. If the transaction is anonymous, you have no way of auditing where it came from or how it got there. If the transaction is not anonymous, the ballot is no longer secret.

GreeBo wrote: »

It does actually. If 4 people are not checked then they could be impersonating someone else. All I need is some fake student ID and I wander up with no polling card and get a ballot.

No - first you're not going to know in advance whether your ID is going to be checked or not. If you wander up with a fake student ID, you're not going to know whether the actual student has voted before you, or will be coming after you to vote. Either of these scenarios will flag up the problem for the presiding officer.

GreeBo wrote: »

Even easier. You are mad for talking about coercion with a new system, if someone coerces me or I sell them my vote, then I clearly wont be turning up with my ballot, the other person would have it. hows you control working out then?

Do you know many people who will take a 1/5 shot at committing a criminal offence in a room with a Garda present? What is the coercing voter going to do when they are asked for ID?

GreeBo wrote: »

We you wouldnt even have access to the network until it came live during the vote and you would only be able to register the app if you had a valid device, so really what you would be DDoSing would be the system that supplies the app, so it wouldnt really impact the vote.

So once voting opens on voting day, I start off my DDoS attack using a distributed network of hacked, unsecured IoT devices across the continents on the network that is supporting the vote. How long is it going to take you to identify the sources of the attack and shut them down?

GreeBo wrote: »

The magical computer would keep track of who has voted and who hasnt. This thing called the network would allow people in polling stations to know who has voted and how hasnt.

Great, so in additional to an online voting system, we now need a new polling management system. And we need new hardware - client devices - in each of the thousands of polling stations. The cost of your proposal has just jumped by a further 100% - way to go on saving money there.

GreeBo wrote: »

The numbers voting in these halls would be massively reduced from the current levels. You could do something mad like only have stations in a building that have internet access? You could be crazy and use mobile broadband. But no, all of these things would be far too difficult logistically, right?

Interesting ideas - so you're going to reduce the number of polling stations. Again, if you had any actual experience of the voting system you would know that this is political dynamite. It has zero chance of ever getting passed by the political system. If Mrs Murphy has voted for me for 30 years and lives just 500m from the polling station, why would I vote for a change that will move her to a different station 3km away, beyond walking distance for her?
And you're going to use mobile broadband - so the reliability of voting will depend on technical services provided by foreign owned companies, all with their own agendas.

GreeBo wrote: »

Sorry, how much do we spend on voting day and on during the subsequent counts? how about the impact of not having to close schools?

Maybe you should have got the answer to the 'how much' question at the outset, as part of coming up with your alternative proposal?

GreeBo wrote: »

electrical vehicles dont go on fire or crash into water?
Better go Tesla!

They certainly don't have tanks of flammable liquid. But you may have noticed that I didn't say that it couldn't happen - I said that the risk is reducing over time.

GreeBo wrote: »

as would someone rewriting a blockchain.

The issue isn't around 'rewriting a blockchain'. The issue is around intercepting the software before it writes the blockchain, and writing something other than the vote cast to the blockchain.

GreeBo wrote: »

so a car crash is impossible, but Google hacking an Irish election is likely?

No, I didn't say it was impossible. In fact, I said it was a theoretical possibility.

GreeBo wrote: »

Does it matter? The vote has been compromised.
What about my constitutional right to vote? [IMG]file:///C:\Users\Admin\AppData\Local\Temp\msohtmlclip1\01\clip_image002.gif[/IMG]

The Courts will decide that, I would imagine. But again, maybe this should have been part of your research before coming up with proposals? There are some fairly straightforward mitigations available, should this risk be deemed significant - fireproof boxes, advanced driver training, garda escort and more.

GreeBo wrote: »

Companies dont typically spend money on something that doesnt work, its not really in their interest.

Companies will build whatever they can get away with selling. Experience in the USA with polling system vendors confirms this.

GreeBo wrote: »

Someone should tell the journal!
"If you write anything else, you run the risk of your vote being deemed to be spoilt, and it won’t be counted.

I wouldn't be taking the Journal as gospel on any legal issue, to be fair. What they are referring to here is any unique identifying mark on a voting paper, like the 'MM' initials in the Irish Times story you linked below. Anything that can uniquely identify a voting paper can invalidate the vote. Any simple marking of the vote preferences does not uniquely identify a paper. I've gone through the process of reviewing spoilt/disputed papers with the Returning Officer a few times, so I've pretty good experience on what works and what doesn't work.

GreeBo wrote: »

You can. Seems you are showing your ignorance here.

Yes, you're right on that one. I am literally showing my own ignorance here. I signalled that with my "I'm not even sure" prefix. Maybe that's the difference between you and me. I know what I don't know.

GreeBo wrote: »

And just for fun, maybe have a quick read of this:
https://www.irishtimes.com/news/politics/ballot-papers-not-stamped-at-polling-stations-deemed-inadmissible-1.2552614

Interesting article - isn't it great to see how these voting issues are picked up by the current system. Unlike any issues that might arise with a digital system.

prinzeugen

24 pages of finding a solution to a problem that does not exist.

Tech is not the answer to everything. (Except for lazy people).

I have gone back to pen and paper for record keeping in work. Quicker and easier.

AndrewJRenko

Here's a good summary of some of the problems that the USA have sleep-walked into


https://twitter.com/philipbstark/status/1058767582076063744?s=19

Capt'n Midnight

^^^^^


https://www.bbc.com/news/technology-45572871

A judge in the US state of Georgia has approved the use of electronic voting machines - despite being "gravely concerned" that they could be hacked.

There wasn't enough time before November's mid-term elections to switch to a secure paper-based alternative, said District Judge Amy Totenberg.

You can read the 46 page ruling here.
On the reality of best practice, state of the art in the world's richest country.
More like technology , people and processes you wouldn't trust for a Students Union election.
https://regmedia.co.uk/2018/09/18/georgiavotemachineruling.pdf

Dr. Halderman gave a live demonstration in Court with a
Diebold DRE using the same type of equipment and software as that used in
Georgia. The demonstration showed that although the same total number of votes
were cast, the contaminated memory card’s malware changed the actual votes cast
between candidates. There was no means of detection of this as the “malware
modified all of the vote records, audit logs, and protective counters stored by the
machine, so that even careful forensic examination of the files would find nothing
amiss.”

...
Viruses and malware have also been developed by
cyber specialists that can spread the “vote stealing malware automatically and
silently from machine to machine during normal pre- and post-election activities,”
as the cards are used to interface with the County and State GEMS servers

...
The DREs record individual ballot data in the order in which they are cast,
and they assign a unique serial number and timestamp to each ballot. This design
for recording ballots, according to Plaintiffs, makes it possible to match the ballots
to the electors who cast them. Additionally, the Georgia DREs use versions of
Windows and BallotStation (developed in 2005) software, both of which are out of
date – to the point that the makers of the software no longer support these versions
or provide security patches for them.

...
In August 2016, Logan Lamb, a professional cybersecurity expert in Georgia,
went to CES’s public website and discovered that he was able to access key election
system files, including multiple gigabytes of data and thousands of files with
private elector information. The information included electors’ driver’s license
numbers, birth dates, full home addresses, the last four digits of their Social
Security numbers, and more. Mr. Lamb was also able to access, for at least 15
counties, the election management databases from the GEMS central tabulator
used to create ballot definitions, program memory cards, and tally and store and
report all votes. He also was able to access passwords for polling place supervisors
to operate the DREs and make administrative corrections to the DREs.

...
on July 7, 2017, four days after
this lawsuit was originally filed in Fulton Superior Court, all data on the hard drives
of the University’s “elections.kennesaw.edu” server was destroyed. And on August
9, 2017, less than a day after this action was removed to this Court, all data on the
hard drives of a secondary server – which contained similar information to the
“elections.kennesaw.edu” server – was also destroyed.

...
Brian Blosser, “was prohibited from voting on April 18, 2017 . . . when his name did not
appear on the eligible voter rolls” for the Sixth Congressional District and “was
instead erroneously listed” as a resident of another district, an error that Fulton
County Board members blamed on a “software glitch”

...
Lamb noted that the files had been
publicly exposed for so long that Google had cached (i.e., saved digital backup
copies of) and published the pages containing many of them.”

xckjoo

Not to open this can of worms again, but Ars have an (opinion piece) article on blockchain voting today:
https://arstechnica.com/tech-policy/2018/11/blockchain-based-elections-would-be-a-disaster-for-democracy/


Spoiler: Not in favor.

GreeBo

ars wrote:

foreign governments could hack into the computer systems that governments use to generate and distribute cryptographic credentials to voters. They could bribe election officials to supply them with copies of voters' credentials

But they couldn't hack into the systems today to just register a bunch of fake votes or deregister a bunch of people?

They couldn't bribe officials today to destroy/substitute ballot boxes?

Myopic article.

xckjoo

GreeBo wrote: »

But they couldn't hack into the systems today to just register a bunch of fake votes or deregister a bunch of people?

They couldn't bribe officials today to destroy/substitute ballot boxes?

Myopic article.

Sigh. Again. Do some reading on what the current system is and how it works. Myopic poster....

GreeBo

xckjoo wrote: »

Sigh. Again. Do some reading on what the current system is and how it works. Myopic poster....

S I G H .
Current system relies on humans, premise of article is humans can be corrupted.

Graniteville

Amari Dead Songbird wrote: »

Not a hope in hell. They can't even guarantee the security of electronic voting machines at polling booths.

It's hardly a huge chore to vote as it is at present. But people want easier and easier options in everything nowadays.

There was no issue with electronic voting except that it would give accurate results in minute ths rendering days of political reporting obsolete, tally counters and vote counter jobless.

As it was something that would not suit the media, the media turned against it and put a massive amount of mis-information out there whish many people believed.

Remember these machines were all independent machines with no external connection, hence they could not be hacked unless someone was physically in charge of an individual machine.

But back then people were not as comfortable with technology and therefore believed the rubbish spouted by the media.

Put it this way, it would be far easier to walk out with a voting paper at 7am and get it printed up to look like the real thing before close of polling at 10pm.

AndrewJRenko

Here's the best response to today's NYT article pushing blockchain as the solution.

https://twitter.com/random_walker/status/1060165553149632512?s=19

AndrewJRenko

GreeBo wrote: »

xckjoo wrote: »

Sigh. Again. Do some reading on what the current system is and how it works. Myopic poster....

S I G H .
Current system relies on humans, premise of article is humans can be corrupted.

Nope - the current system relies on physical controls in public view, and you haven't identified a single point of failure in the current system. You have a solution looking for a problem.

AndrewJRenko

Graniteville wrote: »

Amari Dead Songbird wrote: »

Not a hope in hell. They can't even guarantee the security of electronic voting machines at polling booths.

It's hardly a huge chore to vote as it is at present. But people want easier and easier options in everything nowadays.

There was no issue with electronic voting except that it would give accurate results in minute ths rendering days of political reporting obsolete, tally counters and vote counter jobless.

As it was something that would not suit the media, the media turned against it and put a massive amount of mis-information out there whish many people believed.

Remember these machines were all independent machines with no external connection, hence they could not be hacked unless someone was physically in charge of an individual machine.

But back then people were not as comfortable with technology and therefore believed the rubbish spouted by the media.

Put it this way, it would be far easier to walk out with a voting paper at 7am and get it printed up to look like the real thing before close of polling at 10pm.

This is factually untrue. The eVoting system was held together with string and prayers. The vote recording database was MS Access - designed for personal use, not corporate databases. There was no way of verifying that the vote entered was the same vote recorded.

Opposition to the eVoting system was not led by the media. It was led by people who studied the technology and found it wanting - industry professionals, academics, even the Irish Computer Society came out against it.

And what exactly do you propose to do with your ballot papers at 10 pm? The number of votes in the box is matched to the number of votes cast at the tables.

dulpit

AndrewJRenko wrote: »

You have a solution looking for a problem.

Brilliant point.

xckjoo

GreeBo wrote: »

S I G H .
Current system relies on humans, premise of article is humans can be corrupted.

Nope. It relies on things like a systematic approach, physical controls, public oversight and redundancies. People are just the conduit.



Your critical thinking ability on this is appallingly poor. You keep insisting you want a discussion but haven't once take on board the counter-points to your proposal. Despite all evidence to the contrary you're still trying to fit the narrative to your idea. Have a read through the comments in the Ars article. It's a tech site with the vast majority of readers and posters being tech heads, yet the number of posters defending the idea is vanishingly small. Does that tell you nothing?

xckjoo

AndrewJRenko wrote: »

Here's the best response to today's NYT article pushing blockchain as the solution.

https://twitter.com/random_walker/status/1060165553149632512?s=19

He doesn't seem to be in favor of it. Colour me surprised. Sure what would he know about blockchain. Probably just hasn't thought it through

Capt'n Midnight

Yesterdays US elections.

https://www.rte.ie/news/us/2018/1107/1009163-us-midterms-voting-machines/

Broken voting machines were reported in at least 12 states, according to an "election protection" coalition of more than 100 groups that set up a national hotline for reporting irregularities.

...
A civil rights group has sued the county government in an effort to extend voting by two hours at polling locations that experienced delays.

Sciprio

Have you heard about some problems the U.S. is having with voting machines? I prefer the way we do it currently it may be slower but i'd trust it a lot more than voting machines. And as already said they aren't immune from being hacked.

AndrewJRenko

Sciprio wrote: »

Have you heard about some problems the U.S. is having with voting machines? I prefer the way we do it currently it may be slower but i'd trust it a lot more than voting machines. And as already said they aren't immune from being hacked.

Along with the problems with voting machines in the USA

https://www.newyorker.com/news/news-desk/how-voting-machine-errors-reflect-a-wider-crisis-for-american-democracy



they also have huge problems with voter suppression through deregistration of minority votes
https://www.newyorker.com/magazine/2018/10/29/voter-suppression-tactics-in-the-age-of-trump


and gerrymandering of constituencies to ensure the most favourable results.


https://www.newyorker.com/news/daily-comment/the-courts-take-aim-at-partisan-gerrymandering


It's the best democracy that money can buy.

Capt'n Midnight

GreeBo wrote: »

S I G H .
Current system relies on humans, premise of article is humans can be corrupted.

Current system relies on humans being naturally suspicious and being able to oversee the whole process.

evoting means either you hide the entire process from the suspicious humans OR you remove secrecy.

As a human you could oversee they whole process, I'm not sure how you could go about afixing your own holographed signed seal on a ballot box, but there are about seven billion people on the planet who could make a good stab at recognising if multiple ballots were filled in by the same person.


Back in 1984 KenThompson showed that you could put a virus into a compiler that could add a back door into any program used with it.

There is no such thing as "trusted computing" (the actual phrase means putting complete trust in multinationals)
http://wiki.c2.com/?TheKenThompsonHack

The only way you're going to get a clean compiler executable now is to build your computer yourself out of TTL logic you salvage from some museum somewhere, then code up a set of basic binary tools sufficient to assemble assembler. Then bootstrap from the source of all the modern tools.

This actually sounds like a worthy project until you realize that the only person who could possibly trust your clean compiler executable is you.

Pauliedragon

Australia tried to do the 2016 census online and it was seen as maybe a step towards online voting. It turned out to be one the biggest embarassments in any governents history.
https://www.businessinsider.com.au/disaster-australia-just-tried-to-take-its-census-online-and-the-site-crashed-2016-8

namloc1980

Graniteville wrote: »

Put it this way, it would be far easier to walk out with a voting paper at 7am and get it printed up to look like the real thing before close of polling at 10pm.

The number of voting papers given out of the book by the polling people is matched to the number of voting papers in the corresponding ballot box. If you stuffed it with your photocopied ballots that box would be immediately ringfenced in the count centre and investigated for fraud.