×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

In Theory And Practice, Why Internet-Based Voting Is a Bad Idea

timothy posted more than 2 years ago | from the but-what-do-these-guys-know? dept.

Crime 218

A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it's a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there's no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they're overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.

(Read more for more, and look for a video interview with Halderman soon).

Jefferson and Halderman have impressive credentials as analysts and critics of internet voting. Jefferson, a computer scientist at Lawrence Livermore National Laboratory, is chairman of the board of the Verified Voting Foundation, an NGO focused on promoting election integrity, and coauthor of a report that spurred the Department of Defense to withdraw for further consideration its then-plan for online voting, called SERVE, in 2004. Halderman takes a different, hands-on approach, demonstrating (along with his grad students at the University of Michigan) just how polling-station election machines and online voting system can be compromised. "I've probably hacked into and otherwise found vulnerabilities in more polling places than anyone else," he says.

Jefferson and Halderman are careful to define the key element of elections they're trying to expose as unfixably broken: namely, the delivery of completed ballots over the internet, whether that means a web app, email or some other conduit, without a voter-verified paper audit trail. Some kinds of election technology can move from the voting booth to the online world with less risk to the integrity of the election itself — for instance, distribution of blank ballots, or even online voter registration. "This isn't about keeping score of primaries, or gathering information about candidates, but actually voting," said Jefferson. The risk of hacked elections isn't just the possibility of political rivals trying to out-do each other, he said; ultimately, vulnerable election systems compromise national security and ballot secrecy. Even a few hundred votes may suffice to swing a House or Senate race, and that can have cascading consequences for control of elected bodies themselves. "Wherever there's a concentration of votes sufficient to swing a major election, there's a national security concern."

Why assume that election systems can be manipulated? And since paper ballots are not immune to questionable or downright fraudulent counts, why call out the electronic version in particular? In part, he says, because the structure of an electronic voting system is inherently complex, and because it's difficult if not impossible to roll back results if a compromise is suspected. Unlike paper ballots (and in the absence of a paper audit trail backing an electronic voting system), online vote gathering offers no good way to re-count. Jefferson laid out four major and overlapping areas of likely attacks on internet voting systems, any one of which could taint the results of an election.

First, individual voting jurisdictions are vulnerable to attack. (In the U.S., for federal elections, that essentially means counties, totaling more than 7000.) Even in local races, there can be billions of dollars at stake in high-population counties like Cook County or L.A. County. Vendors, both their networks and their source code, are also at risk. Assuming that even best efforts can keep the source code behind the handful of election-system vendors safe is a sucker's bet, Jefferson says. Even large companies with enormous security resources have been hacked, with source code a prime target, as happened to Google and 25 other firms in 2010 in a breach attributed to Chinese operatives. "Who knows if those [online voting software] vendors have already been penetrated? You wouldn't have any idea," said Jefferson.

Even if both local voting authorities and e-voting software vendors were themselves able to deflect all attacks, voters using an online voting system on their home or office PCs would still be at the mercy of the weakest link of the chain — the security of the machines available to them. Targeted malware could be used to present a different set of on-screen options to a voter than it actually sends back to the election counters. Because one of the protections of a secret ballot is to make available to voters proof that they voted but not how they voted, individuals who intended to selected candidate A would have no reason to know their vote was cast for candidate B instead. Malware could also simply vote without user interaction. It may not be election related, but a large fraction of PCs are already infected with some kind of malware, showing how big a problem this could be.

Finally, pure network attacks (or even errors) could disrupt the integrity of an election; exactly that kind of attack brought much of Estonia's online traffic to a halt in May 2007; lucky for Estonians that was not during an election, because Estonia is one of the few countries that has fully adopted online voting. Perhaps more chilling is the brief re-routing in April 2010 of 15 percent of the world's internet traffic through China.

Insecurity on the internet is itself a long-standing problem, so why the fuss? Unlike financial crime, such as credit card fraud, election fraud is hard to detect, and even harder to correct for, in large part because ballot secrecy is key to fair elections.

Voting is different. "Superficially, you'd think the transactions are very similar [to financial transactions], but underneath, all the issues are completely different. The privacy requirements are completely different, for example," says Jefferson. To prevent coerced voting, or simple vote selling, "You're allowed to tell anyone how you voted all you want, but you're not allowed to have proof of how you voted." Rolling back results to investigate suspected breaches is impossible, Jefferson says, without exposing the actual votes of individuals, at the very least to election officials.

Investigating financial crime online is the opposite; there, figuring out exactly who did what and when is the whole point, and the evidence is easy to find: if banking credentials are stolen, he said, "some account will go to zero." But in the case of elections, it's more likely that "the wrong people take office, and life goes on, and it's just never discovered."

And while no election fraud has yet been attributed to it, the trend is growing to institute the version of online voting that Jefferson calls "the worst idea ever" — voting by email. 33 states have modded their voting systems to accept in some cases PDFs of scanned ballots through ordinary e-mail to be entered by election workers. The numbers may be small (typically, this form of voting is limited to overseas voters, and in some cases voters are asked to acknowledge that their vote cannot be kept secret), but this allowance means that "e-mail voting is very widespread in the United States."

While Jefferson works through Verified Voting to influence policy makers to lay out the case against online voting, J. Alex Halderman, in his role as an assistant professor at the University of Michigan, turns theory into reality: he and his students break election systems (devices as well as software) in the U.S. and abroad to show just how easily a malicious attacker could do the same. He offered as an example of several of the ways electronic voting can fail his successful attack on an internet voting plan (see this earlier Slashdot story) that was to have been implemented in 2010 in the District of Columbia. The District had, with Federal grant money, designed an online voting system and already put it nearly into production, and had mailed PINs and voter ID numbers to voters in anticipation.

To D.C.'s credit, Halderman says, the election officials at least asked first for advice from security experts around the country, and invited them to test it in advance of using the system in an actual election, though mere days before the system was to have gone live. "It's not every day you're invited to hack into government computers without the threat of jail hanging over your head," says Halderman, who was attracted to the challenge of investigating the system itself, as well as curiosity about how the D.C. officials would respond to a system compromise.

Though Halderman says the Ruby on Rails-based system was written in "generally clean code," his team discovered a shell injection vulnerability which gave them access to the D.C. system (see his full paper as a PDF for the details), and immediately set about playing.

Web apps tend to be brittle, says Halderman, and D.C.'s was no exception. "App frameworks are written in ways that allow small mistakes to have big consequences," especially when vulnerabilities are often widely disseminated soon after discovery, and not always by white hat hackers like him.

"The first thing we did was steal all the important stuff," he says — credentials, keys, and more. Simply snooping on the data wasn't enough to fully demonstrate the problems in the system, though; the team replaced the information on all of the ballots as well, replacing the actual candidates with ones of their choice, offering up options like Hall 9000, and Bender for school board, and forced client machines to play the University of Michigan's fight song, before erasing the logs that would have allowed their intrusion to be properly analyzed by the system's administrators.

Their attack also led them to gain full access to a terminal server on the same network, and after they'd hacked into this ("using the default password from the owner's manual," Halderman notes) they noticed there was evidence in the logs of other attacks. In particular, some of the attacks appearing to originate in Iran and in China. While Halderman doubts these represent an attack specifically on the DC system voting system, the evidence of such attacks is "an illustration of how vulnerable things are."

Halderman acknowledges that voting in person, especially by electronic means, is far from foolproof, but he joins Jefferson in saying that online voting is categorically worse, and suggests that everyone who takes an interest in security or the mechanics of democratic elections raise the issues of privacy and security. His conclusion and advice for election officials in the U.S.: Voting online is a bad idea, and it simply can't be fixed in the foreseeable future. All the security problems of e-voting machines at polling stations apply directly to internet voting, too, which means that anyone on Earth can attack an online election.

"If my vote is insecure, everyone else who lives under that same government is harmed by that."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

218 comments

American Idol (-1)

Anonymous Coward | more than 2 years ago | (#39224869)

Both the republicans and democrats will have and equal number of hackers so they will balance each other out.

What are you in for? (-1)

Anonymous Coward | more than 2 years ago | (#39224897)

Molesting a dead horse.

Anonymity vs. Accountability (5, Insightful)

johanwanderer (1078391) | more than 2 years ago | (#39224907)

It is pretty obvious that electronic voting requires both anonymity (to remove fear of retributions) and accountability (to remove fraud).

About the only way to do that is to issue each person to have a pass-phrase coupled pair of electronic "vote cards" that is non-identifying. It would require the present of both cards and the pass-phrase to vote. If you lost one card, you can use the other (plus the pass phrase) to invalidate the lost card (and any recently casted votes.) If you lost both cards, you are SOL. No vote for you.

So, you just can't have a reliable electronic voting system.

Re:Anonymity vs. Accountability (1)

sycodon (149926) | more than 2 years ago | (#39225027)

No vote for you.

You know how far that would get in the courts...injunction city.

Re:Anonymity vs. Accountability (1)

Anonymous Coward | more than 2 years ago | (#39225119)

Unless that was just the requirement for online voting, and in-person voting was still available.

Re:Anonymity vs. Accountability (2)

mhajicek (1582795) | more than 2 years ago | (#39225305)

in the present, when someone else votes in your name before you do there is no recourse. I see this as an improvement.

Re:Anonymity vs. Accountability (4, Insightful)

sycodon (149926) | more than 2 years ago | (#39225089)

To further comment, I don't think the biggest problem with online voting is going to fraud, it's going to be incompetence.

Idiots now can't find their precincts, get confused over which box to check, etc. Put them in front of a computer and it's a recipe for lawsuits and protests.

Re:Anonymity vs. Accountability (0)

Anonymous Coward | more than 2 years ago | (#39225181)

I used to work in support and was surprised at the amount of people that don't know the difference between a web browser and the operating system, the address bar and the search bar in their browser. Any given web portal and their ISP, the fact that you can right or left click... and some people are afraid to click anything even if it says, "click OK to continue".

Re:Anonymity vs. Accountability (4, Insightful)

msauve (701917) | more than 2 years ago | (#39225465)

This is the problem with many things voting related. I don't want "voter registration drives," or "easier access."

If people can't put out the effort to register on their own or get to a voting booth, how likely are they to put out the effort to learn about the candidates and issues, and make an informed choice? Making it easier for idiots to vote is a _bad_ thing.

Re:Anonymity vs. Accountability (0, Troll)

Daniel Dvorkin (106857) | more than 2 years ago | (#39225737)

Making it easier for idiots to vote is a _bad_ thing.

Indeed. That's why I support HB 12345, the Smart Voting Act of 2012, which states in its entirety, "The Slashdot user 'msauve' shall never again be allowed to cast any vote in any election within or held under the authority of the United States of America." Should solve a lot of problems.

Re:Anonymity vs. Accountability (1)

ichthus (72442) | more than 2 years ago | (#39226057)

The only way to enforce such an act would be to require that voters present ID -- something to which I'm sure you'd be opposed.

Re:Anonymity vs. Accountability (4, Informative)

tlhIngan (30335) | more than 2 years ago | (#39226475)

The only way to enforce such an act would be to require that voters present ID -- something to which I'm sure you'd be opposed.

Here in Canada they do that.

Here's how the elections are done. You arrive at the location, and present your voter card (fi registered) or ID (if not). The greeter will direct you to one of several tables set up for registering your vote. They will ask for government photo ID, and find you on the voter's list, to which you must then place your signature beside your name on the list.

Then the volunteer tears a ballot off the the booklet, and records the serial number of the ballot beside your name. They hand you the ballot, and you got make your choices. When you return, you hand the ballot back, they tear off the serial number foil and deposit it in a bag. The now anonymized (there's no serial number anymore) ballot goes into the box.

So now there's several safeguards.

One - voter is assigned a ballot box. Thus the names and signatures on the registration sheet must correspond to a ballot, so there should be no extra nor short any ballots.

Second, the serial number stubs are kept, and verified to ensure that the voter got the right ballot, and there too has to be the same number of stubs as voters. The unused books are returned and serial numbers verified to ensure proper count of unused ballots.

If someone wanted to stuff the ballot box, they could, but they'd have to know exactly how many ballots there are, and do reprints of the ballots (since they're all numbered, the number of ballots left over plus the number of ballots cast or spoiled must equal the number printed).

And the serial number is unique to the ballot - a different voting region will not have ballots with the same serial number - they are all unique.

Still can't avoid fraud or voter intimidation, but there are plenty of checks available.

Re:Anonymity vs. Accountability (0)

Anonymous Coward | more than 2 years ago | (#39226421)

If people can't put out the effort to register on their own or get to a voting booth, how likely are they to put out the effort to learn about the candidates and issues, and make an informed choice? Making it easier for poor people to vote is a _bad_ thing.

FTFY

Re:Anonymity vs. Accountability (1)

Robadob (1800074) | more than 2 years ago | (#39225161)

That solution still wouldn't get around the issue of malware displaying a different form, and then taking what you post and replacing the candidate before actually posting the data.

Re:Anonymity vs. Accountability (-1, Flamebait)

MightyMartian (840721) | more than 2 years ago | (#39225209)

If you're too fucking lazy to vote in person, fuck you, no one gives a rats fuck what you think anyways.

Re:Anonymity vs. Accountability (2, Insightful)

sycodon (149926) | more than 2 years ago | (#39225251)

I would add:

1. Register in a timely manner. Same day crap is asking for fraud.
2. Get a photo ID.

But I guess all that is racist somehow.

Re:Anonymity vs. Accountability (1, Flamebait)

Daniel Dvorkin (106857) | more than 2 years ago | (#39225663)

But I guess all that is racist somehow.

It's racist because every single time we've made it more difficult to vote, it's been used to discriminate against minority voters. "We should restrict voting in such-and-such a way" <-- prima facie evidence that the person you're talking to wants to suppress the minority vote. You can dress it up any way you want, but history is against you.

Re:Anonymity vs. Accountability (1)

reboot246 (623534) | more than 2 years ago | (#39226091)

So . . . . . care to tell us how many times you voted last time?

You have to show an ID to do damn near anything in this country, so why shouldn't it be required to do the most important thing a citizen can do?

And, lastly, prove that requiring a photo ID keeps anybody from voting. If you can, you're doing better than any court has done to date.

Re:Anonymity vs. Accountability (3)

sycodon (149926) | more than 2 years ago | (#39226317)

Showing a photo ID is not restricting voting.

If that was the case then you would be able to say that showing proof of anything, residency, age, whatever is "restricting" voting.

But I guess you would be all for letting anyone wander in and vote.

Re:Anonymity vs. Accountability (1)

Anonymous Coward | more than 2 years ago | (#39225365)

Of course the same goes for those who do vote in person. No one (particularly politicians) gives a rats ass what they think either and the sooner the whole system on replaced by something offering actual representation, the better - for everyone.

Re:Anonymity vs. Accountability (3, Insightful)

Daniel Dvorkin (106857) | more than 2 years ago | (#39225585)

If you're too fucking lazy to vote in person, fuck you, no one gives a rats fuck what you think anyways.

If you're too fucking stupid to realize that there are a million and one legitimate reasons why voting in person may be difficult to impossible for a lot of people who have every bit as much of a right to vote as anyone else, fuck you, you're not fucking worthy to vote.

Re:Anonymity vs. Accountability (0)

kikito (971480) | more than 2 years ago | (#39226403)

You are incorrect in 3 ways. First, no one gives rats fuck. They are too small.

Second, I do care about what he thinks.

Third, it's "anyway", not "anyways".

Re:Anonymity vs. Accountability (5, Funny)

hjo3 (890059) | more than 2 years ago | (#39225323)

It is pretty obvious that electronic voting requires both anonymity (to remove fear of retributions) and accountability (to remove fraud).

If we can do this reliably with bitcoin then there must be a way to implement this, right?

Re:Anonymity vs. Accountability (0)

Anonymous Coward | more than 2 years ago | (#39225371)

Mod parent +1 Funny!

Electing vs. voting (0)

Anonymous Coward | more than 2 years ago | (#39225395)

Electing requires anonymity.

Voting directly on issues [metagovernment.org] , however, can be done publicly. Then everything is verifiable, because you can see if your vote is registered properly.

Re:Anonymity vs. Accountability (2)

digitalaudiorock (1130835) | more than 2 years ago | (#39225537)

It's always been painfully obvious to me why any form of on-line voting is quite simply a non-starter: It can never be any more secure than the client...that is, the users device. In other words, it can never be trusted...period.

Re:Anonymity vs. Accountability (2)

lakeland (218447) | more than 2 years ago | (#39225653)

There is a third side to the coin though - Apathy.

I'm sure there are people who take voting seriously and carefully consider their choices. But they're such a minority that elections are won or list by how well you appeal to people making snap decisions and following prejudice. Presumably internet voting will greatly raise the percentage of the population voting because it significantly lowers the barrier to entry - you don't have to give up a couple hours. Will that increased turnout be people who have paid even less attention and so result in even more plastic politicians, or will it result in reduced impact of lobby groups because they now make up a lower percentage of voters.

Last election my wife and I didn't vote. We had intended to but the kids were a bit sick and acting up. The hassle of going to do our civil duty with a couple grumpy kids was more than the civil obligation I felt - especially since it was quite clear that my vote wasn't going to affect the outcome.

What about (1)

buchner.johannes (1139593) | more than 2 years ago | (#39224931)

Punchscan and other E2E methods. I guess too complicated is the drawback.

Any concerns using machines just to speed up counting of the votes?

Re:What about (2)

Wolfrider (856) | more than 2 years ago | (#39225225)

--If only we had some kind of central computer for voting... Something like... MULTIVAC ?

/ Asimov fan

on the Internet, nobody knows you're Chinese (1)

swschrad (312009) | more than 2 years ago | (#39224943)

or Russian or Lower Slobbovian or Crown Prince of Liberia seeking assistance in returning 500$million from us banks.

or a basement dweller scripting 170,456 votes for write-in U. B. Silly for mayor of Podunk, Kansas.

Privacy vs. Accountabilty (3, Interesting)

rwv (1636355) | more than 2 years ago | (#39224969)

You can't have both privacy and accountability over the Internet. You need accountability to ensure that votes are counted correctly and that nobody votes more than once. You need privacy because people have to be able to feel safe voting against individuals or groups who have the means to assert unlawful control over a particular jurisdiction. I can't see how you could ensure both privacy and accountability through purely electronic means.

Simple example: I could easily commit fraud by submitting a vote for my wife if I knew she hadn't voted yet. Complex example: I could hack the voter database with ten minutes until the polls close... find out everybody who hadn't already voted... and use a botnet to cast their votes a particular way. Slightly less Complex example: I could use a botnet to cast everybody's vote a particular way within the first 17 seconds of the polls opening -- Election Over... Landslide Victory for Kodos!

Re:Privacy vs. Accountabilty (5, Insightful)

spudnic (32107) | more than 2 years ago | (#39225547)

Privacy is a huge issue here. Now if you have to go to a voting booth to vote your overbearing SO can't coerce you to vote one way or another. You have plausible deniability. That's kind of hard to do when they're standing behind you watching you vote from the family PC.

Re:Privacy vs. Accountabilty (1)

betterunixthanunix (980855) | more than 2 years ago | (#39226287)

I can't see how you could ensure both privacy and accountability through purely electronic means.

There are cryptographic ways of doing this, but they only really work if you can ensure that people keep their own secret tokens secret (e.g. to prevent your counterexamples from working). The biggest problem is ensuring that a machine is not taken over by malware, which could lie to the user about who they are voting for, even if the user keeps their secrets safe from others (something must be entered into the computer).

The way I see it, Internet voting is only possible if the protocol is implemented on a special device that can be directly connected to a home network, which cannot be altered by software. This is probably more expensive than just having voting stations that people have to travel to, though, so it really defeats the point (except, perhaps, for people who are very far away).

How would internet be easier then mail? (2)

Kenja (541830) | more than 2 years ago | (#39224987)

Voting is already easy, just check some boxes on the form the mail you and stick it back in the mail box. If you cant handle that, perhaps you shouldn't be voting?

Re:How would internet be easier then mail? (2)

oodaloop (1229816) | more than 2 years ago | (#39225109)

For starters, it doesn't say annything in TFS about e-voting being easier than mail, just that it offers advantages, like lower time delay and not having items lost in the mail. For military members in places like Guam other remote areas, mail isn't all that easy. Then again, neither is reading the summary, is it?

Re:How would internet be easier then mail? (3, Informative)

Sir_Sri (199544) | more than 2 years ago | (#39225495)

For the military in overseas operations in something like guam or airbases it's probably the most easy. Their deployments are scheduled by the government in advance, and they are there by orders of the government who will generally need to be able to speak with them before their deployment and generally during. You may need to make allowances that they need to vote either in advance (potentially days) or you need to accept a delay in the return of their results or a bit of both. Guam is also US territory, meaning there are official US government officials running the show who should be able to organize things. The same could be said of any area with an Embassy, since the election should be handled through the Embassy and consular offices. A flight from Guam to Hawaii is 7 hours. Vote on the island, load plane with ballots, fly to hawaii, or 5 more hours and Los Angles. This doesn't need to be hard.

The guy who's screwed is an aid worker trying to get red cross supplies into Syria, aid into Somalia, that sort of thing. There's no official government presence where you can show up and connect to them, the deployments are arranged as needed, on short notice in many cases, and they may not have any sort of diplomatic baggage transfer system that you can access, especially without an embassy (think Iran, where even though US operations are going to be run out of someone elses embassy you don't necessarily want to hand the Iranians a list of all Americans in the country by virtue of asking them to vote).

Now that doesn't mean the US government doesn't make life unnecessarily difficult for voting from Guam or Afghanistan or whatever, but there's no reason it needs to be. If you can get someone ammunition you can get them a ballot. And if you can't get them food or ammunition you generally know well enough in advance that they're being sent out.

Submarines operating on long deployments submerged are basically screwed. But not Guam. Yes, you have to have some tolerance for early voting, that a person who's going to be deployed to a fire base for the next 2 months might not have a ballot on election day sort of thing. But if the military is running it, it really isn't that hard to handle an election, they may make it seem hard by choosing to be incompetent, which makes a lot of sense on the specific example of Guam of course.

Re:How would internet be easier then mail? (-1)

Anonymous Coward | more than 2 years ago | (#39225173)

It's in the interest of the Democrats that morons, incompetents and felons be able to cast a vote.

yeah, yeah, troll I am, but a truthful troll carrying a message you can't refute.

Re:How would internet be easier then mail? (-1, Troll)

CurryCamel (2265886) | more than 2 years ago | (#39225277)

Oh, I thought morons, incompetents and felons vote for Republicans.

But perhasp this explains it - *all* americans are morons, incompentents and felons?

Except, ofcourse, those that don't vote.

Re:How would internet be easier then mail? (0)

oodaloop (1229816) | more than 2 years ago | (#39225493)

Or perhasp it is more complicaterd than "anyone who doesn't think like me is wrong and stupid." Neither side is right. Both parties are hypocrites. Get off your high horse.

Re:How would internet be easier then mail? (0)

Anonymous Coward | more than 2 years ago | (#39225439)

"Easier," maybe not. But there are other reasons:

Snail mail postage costs a heck of a lot more than electrons.

I would presume creating a snail mail voting ballot probably costs more in printing costs than design of an e-ballot.

Snail mail takes the amount of time it takes to send the ballot out, and then send the ballot back. (The "Snail" part... ;) ) If I'm not mistaken, there have been complaints before about absentee ballots not being received in time to send back. (Especially to overseas / servicemembers.)

Most of this to me, though, falls under Heinlein's law. "Always listen to experts. They'll tell you what can't be done and why. Then go do it." It may be that, at present, the costs and design to do a secure e-system would be greater than absentee mail ballots. That should not be a permanent indictment that there never can be a secure e-voting system. (How about an RSA smart token that has to be personally signed for in order to authenticate the voter, for starters?)

Re:How would internet be easier then mail? (1)

cdrguru (88047) | more than 2 years ago | (#39225625)

How about someone with limited vision who lives alone? What, they have to ask the neighbor to vote for them?

How about someone without the use of their hands? While they could poke a stylus at a screen with their mouth, they can't fill in a scanned box on a paper ballot.

How about someone that insists their ballot must be in Spanish, French, Urdo or Navajo?

Sorry paper ballots aren't going to work in the US.

Ease of access is not a problem in the US (4, Insightful)

93 Escort Wagon (326346) | more than 2 years ago | (#39224989)

Over the last few decades, American states have tried one thing after another to "make voting easier" in an attempt to increase participation (and, usually, to sway elections by increasing the number of voters aligned with one major party or the other). Two of the most significant have been the passage of "motor voter" laws (you can register to vote when you get or renew your driver's license) and "vote by mail". However none of these have really worked. People (like me) who are inclined to vote will do so, whether by mail or by traveling to an assigned polling place. The majority of American voters, though, simply don't seem engaged in the process.

I'd be all for e-voting with the right technology (secure and economical), but it's just about convenience for me. But I'll vote in any case - I have no illusions it'd increase participation.

Re:Ease of access is not a problem in the US (1)

Anonymous Coward | more than 2 years ago | (#39225271)

The approach used in other countries is also multiple elections. Here, in NZ, we have 'general elections' to elect parliment - and there are only two questions asked on that (who do I vote for in my local district, and which party in central goverment.) This election is focussed and ONLY about forming national goverment. It's done, in person, on paper, at polling booths. (Not voiting machines or anything; simply pen marks on paper). Okay, 2011 there was a referendum with two questions too; upshot there was exactly FOUR questions.

The other election is done by mail; and it's the one where I elect mayor, city council, health board etc. People don't care about that one as much and results take a lot longer. Other roles, such as law enforcement and judicary, are not political positions and thus are not elected.

From a non-American, it seems that your elections are complex simply because you elect and vote on so many things at the same time.

Re:Ease of access is not a problem in the US (1)

93 Escort Wagon (326346) | more than 2 years ago | (#39225417)

From a non-American, it seems that your elections are complex simply because you elect and vote on so many things at the same time.

To make matters worse, I live in a state (Washington) where initiatives can be placed on the ballot if enough registered voters are willing to petition for it. And the legislature will often refer referendums to the people in cases where they are worried about political fallout.

Basically, our ballots really can get quite crowded - your impression seems correct from this side as well!

Re:Ease of access is not a problem in the US (0)

xkr (786629) | more than 2 years ago | (#39225937)

Yeah, voting is pretty imperfect. Do you have a better system?

Re:Ease of access is not a problem in the US (0)

Anonymous Coward | more than 2 years ago | (#39226099)

> I live in a state (Washington)...

The state of Washington wrt voting is a complete mess. Where I live the votes are counted almost exclusively by Boeing union members. Of course ballots that don't vote for big oppressive government are thrown away. My votes and most of my coworkers haven't counted in the four years we've been working together. WA has a good system to verify if your vote was thrown away by the union thugs, but there isn't a system to correct for the missing votes.

Aside: In this state is illegal to say your party affiliation in a ballot. It's bizarre that the unions pushed for that information to be withheld.

Re:Ease of access is not a problem in the US (2)

cdrguru (88047) | more than 2 years ago | (#39225693)

Partly the volume and complexity of the ballot is because back in the 1950s virtually the entire country stopped for a day while 70-80% of the people voted. We are still assuming things are going to work that way. They don't.

Today you might wait in line for 30 minutes to vote. In the 1950s you might have waited a couple of hours in some places. Then they brought in the new voting machines that mechanically tallied votes and this was the beginning of it all. But still it took a lot of people (volunteers as well as the voters) out of the workplace for the day or at least a good part of it.

Today we are tailoring the idea of an election around the idea that it is a huge holiday and no businesses like it. Instead the reality is that it really doesn't affect businesses any longer because instead of 70-80% turnout we have 30%. And all the undocumented workers in the warehouse aren't voting anyway although folks keep trying to sign them up.

Re:Ease of access is not a problem in the US (2, Interesting)

Yakasha (42321) | more than 2 years ago | (#39225355)

Over the last few decades, American states have tried one thing after another to "make voting easier" in an attempt to increase participation (and, usually, to sway elections by increasing the number of voters aligned with one major party or the other). Two of the most significant have been the passage of "motor voter" laws (you can register to vote when you get or renew your driver's license) and "vote by mail". However none of these have really worked. People (like me) who are inclined to vote will do so, whether by mail or by traveling to an assigned polling place. The majority of American voters, though, simply don't seem engaged in the process.

I'd be all for e-voting with the right technology (secure and economical), but it's just about convenience for me. But I'll vote in any case - I have no illusions it'd increase participation.

Ya, see, the problem is not participation in the actual voting process. Actually voting (absentee especially) involves checking a couple boxes and dropping it in the mail. Not difficult, not time consuming, not costly.

The problem is getting voters informed. And no matter how easy you make it for them to "raise their hand", they're still not going to take the time to research the candidates or issues. So, like you said, those who are inclined, not just to vote but participate, are going to do so. Those who aren't, won't.

Things like this (not the internet voting, but just difficulty in voting in general) have been discussed since shortly after voting was invented. I'm sure it is one of the many reasons cited by the founding fathers as a reason for our representative democracy. The mob is generally horrible, corruptible, easily swayed, lazy, and stupid. Representatives (of the people & states... though Senators have now been hijacked and turned into representatives too) provide a layer of reason between the mob and decision making that makes the complete participation of the mob in voting unnecessary and in fact, once you consider all the problems the mob has, undesired.

Re:Ease of access is not a problem in the US (0)

Anonymous Coward | more than 2 years ago | (#39225571)

Actually voting (absentee especially) involves checking a couple boxes and dropping it in the mail. Not difficult, not time consuming, not costly.

I've voted at the poling station, absentee, and early. None of them has ever been easy. The cost on my part has been from 20 minutes to 3 hours. To vote absentee, I had to commit fraud, because they wouldn't let me apply before leaving the country, but once I left the country there wasn't enough time for the mail to travel three ways in time for my vote to be counted. Everyone I asked said to just sign the thing saying I was already outside the country. The thing that started with "Under penalty of perjury. . ."

If you think voting is easy, lucky you. I work on Tuesday.

Re:Ease of access is not a problem in the US (1)

Lehk228 (705449) | more than 2 years ago | (#39226069)

Have you been asleep the past ten years? The current trend is the opposite, make voting harder, close voting stations. In minority communities, in the name of stopping the nearly nonexistant problem of individual voter fraud creating ID requorements which have a small impact on middle class voters but create complex and expensive barriers to the poor who can't afford the $25 to get an ID from motor vehicles. Notice that every one of these laws excludes use of a foodstamps card as photo ID

I have a better attack (2, Insightful)

TheSpoom (715771) | more than 2 years ago | (#39225023)

1. Identify areas where [opposing party] voters are likely to outnumber [supported party] voters.
2. DDoS routers / MITM block voting site for those areas.
3. Power.

No, I didn't miss a step.

Re:I have a better attack (4, Funny)

Zeromous (668365) | more than 2 years ago | (#39225353)

You did, in fact, miss a key step:

4. Profit.

That said I believe you have solved the /. riddle. Long after every other nerd that solved it previously went in to politics :)

Re:I have a better attack (1)

xkr (786629) | more than 2 years ago | (#39225909)

Yeah, that will work. Except that those actions are highly visible. Criminals don't like getting caught (generally).

It's nonsense (0)

Anonymous Coward | more than 2 years ago | (#39225079)

Who will witness the voting ? It's totally hidden. Somebody could open free sex massage saloon especially for voters of his favourite player...
There's total scam possible. Starting from especial viruses made like for Iran, and ending with hookers for "free"...
That's nonsense.
Nobody can witness, that elections are really democratic.

The problem is not with online voting (1)

Hentes (2461350) | more than 2 years ago | (#39225107)

The problem is not with online voting itself, but with the current unsecure implementations. We simply don't have a working online election system yet. As in all fields, progress in cryptography requires time and hard work, but in my opinion with enough determination we can solve all problems in 5 years. Before that, online voting is lunacy. After it has been made secure, I will be all for it.

Re:The problem is not with online voting (5, Insightful)

TheSpoom (715771) | more than 2 years ago | (#39225171)

No, the problem (among many, many others, though I think this is the biggest) is that there's no way to provide a secret, anonymous ballot. With online voting, parties could reward those voting for them, or bosses could require that their employees vote for the "company party". Verification of a user's vote is as easy as making them log in and vote in your presence, on your computer. Hell, a company could just require that you hand over your login and vote for you. Outside of physical presence, how do you suggest these problems be worked around?

Re:The problem is not with online voting (1)

Hentes (2461350) | more than 2 years ago | (#39226043)

As I have said, not all problems are solved yet, but I haven't seen one that looks impossible. I will detail a system that solves the problems you mention (but has other problems, particularly being vulnerable to an insider. To be honest, the hard part is not just that you have to solve all the problems, but you have to solve all at once). First of all, you are right that physical presence is required, but it's enough to check it once in a lifetime. Before your first voting, you go to the office, ID yourself, and generate a few hundred keypairs (or as much as necessary to be able to participate in every vote in your lifetime), the public ones of which you submit to the office. For anonymity, every vote will have a different keypair associated with it, for example for the second vote you will have to use your second key. You encrypt your vote with your private key and then send it to the election server. It checks if your vote can be decrypted with any public key it has in store, and if it can, it will count it as legit. Thus, the votes will be recountable. And the server will give no verification, making it impossible for a third party to tell whether the vote was succesful, disabling fraud.

Re:The problem is not with online voting (1)

gtbritishskull (1435843) | more than 2 years ago | (#39226185)

You have to get beyond a username and password. The first solution that comes to mind is biometrics. For example, when you register to vote, you also have them scan your irises (I think that they are uniquely identifiable). Then, after you vote online, you confirm it. In this case, the person voting might have to have a video (by webcam) of them following a point on the screen. If you have the correct eyes following the correct pattern, then the vote is confirmed. While there might be a way to get around it, it would probably be labor and cost intensive to do it on a large scale (for many people).

Keep in mind that this is just an example. Technology would have to have progressed to the point and be widespread enough that this was feasible for the average person. And it could be fingerprints, or DNA, or whatever.

Easier Voting = more uninformed voters (1)

iliketrash (624051) | more than 2 years ago | (#39225129)

As noted in the introduction, the easier it is to vote (internet, mail, motor-voter registration, etc.), the more people vote who wouldn't otherwise have voted. This is the best reason there is for not making voting easier, for it is these marginally-motivated people who are the least informed and the most ill-informed.

Re:Easier Voting = more uninformed voters (1)

geoffrobinson (109879) | more than 2 years ago | (#39225219)

I have been thinking the same thing for years. (Regardless of political views of these types.) And if you bring it up people will tell you you are a huge jerk.

Re:Easier Voting = more uninformed voters (0)

Anonymous Coward | more than 2 years ago | (#39225373)

If you can't be bothered to stop off at the polling place on your way to/from work, or mail in a ballot if you can't physically make it to the polls, then you really have no business voting.

Re:Easier Voting = more uninformed voters (2)

techno-vampire (666512) | more than 2 years ago | (#39225995)

I spent over ten years working the polls on election day. Generally speaking, it's a long, slow, boring job, but somebody has to do it. However, I always hoped for a small turnout, not a large one because that increased the odds that the people voting knew something about the issues.

You see, the informed voters will turn out for every election because they actually care about the issues. When you have a large turnout, it's because large numbers of ignorant people have been excited by a sound-bite, a slogan or a last-minute piece of mud-slinging and turned out to vote their emotions, even if, as sometimes happens, it's against their own long-term interests. I'm opposed to anything that makes voting easier than it already is, simply because it makes impulse voting more of a factor. Do you really want elections won by the candidate who came up with the most attention grabbing, last minute soundbite? I certainly don't!

Re:Easier Voting = more uninformed voters (1)

Hentes (2461350) | more than 2 years ago | (#39226183)

The point of online voting is not really ease of use (which may not even will be true in a thoroughly secure system), but that it's hell of a lot cheaper. This can reduce costs, allow for much more referendums, and even make direct democracy technically possible.

Meanwhile in estonia... (2)

JoosepN (1847126) | more than 2 years ago | (#39225131)

The are no downsides to voting online. There is no one that would try to tamper the online voting without making it obvious it is a fraud. I mean Russia would have an interest to it, but they have better chance of buying off the main parties to actually putting their candidates in power.

Personal Computers (3, Interesting)

JobyOne (1578377) | more than 2 years ago | (#39225147)

People's home computers are an awfully weak link in the chain. TFA mentions it, but I think it bears repeating: an embarrassing number of US home computers are infected with some sort of malware. I've read estimates as high as 60% of all computers.

I won't trust most strange computers enough to log into my Gmail account (even using two-factor authentication), unless they live under the control of either me or a very short list of other people I know and trust to keep a clean system. So obviously there's not a chance in hell I'd trust those malware lockers with the keys to our government.

e-voting is crap (0)

Anonymous Coward | more than 2 years ago | (#39225151)

it's so easy to game I'm surprised somebody even suggested it. Seriously, besides all the botnets and hacks and other obvious things... what prevents goons to start selling parts of "their territory" to candidates, and then set up a voting place at some location, making sure everybody votes "the right one" at gunpoint?

It's as if politicians in america were trying to use technology to make fraud easier by the day.

I'm unsure about the "as if"

Re:e-voting is crap (1)

JobyOne (1578377) | more than 2 years ago | (#39225401)

I'm far from ready to vouch for the idea as a whole yet, but let me play devil's advocate for a moment.

Like one comment mentioned above, giving people a pair of cards tied to a passphrase would be a decent idea. What if we gave them THREE cards, maybe of different colors, but only two of them are valid. If they use the third dummy card instead of one of the valid ones it looks like a successful vote, but the user is then required to visit whatever office again for a new set of authentication cards. That way coercion cannot be effectively applied, and votes can't be bought reliably.

Doesn't change the fact that home computers are generally entirely too security-compromised to trust with something like voting.

diebold was rigged in 2008 (2)

Joe_Dragon (2206452) | more than 2 years ago | (#39225183)

It's not hackers is the people makeing the voteing systems that are in the best place to fix them.

Is it really any worse? (0)

Anonymous Coward | more than 2 years ago | (#39225221)

Just look at what is currently taking place in Canada, and the issues during the 'hanging chads' incidents in the US... is electronic voting any worse than what we have?

I suspect that a combination of electronic and paper might be a solution, e.g.
You get a pincode do your vote, but when you are done voting you have to print out a electronic confirmation that gets mailed back to validate the election if a recount is needed...

Maybe the Americans just need to simplify their elections a bit... in our federal elections I generally mark one x on one ballot... provincial elections, same, municipal elections, I often have to fill in THREE items... holy cats!

Many of you missed a main point. (3, Insightful)

gurps_npc (621217) | more than 2 years ago | (#39225275)

1) Given that it is possible to cheat ANY system - paper, online, colored stone (Ancient Greece used that one).

2.) The problem is not stopping cheating, but detecting it.

3) Which clearly illustrates the problem with using internet voting.

The most interesting thing about internet/computer technology is the huge decrease in the number of humans necessary to do work. An executive with good words skills doesn't need a secretary pool.

Similarly the real problem with the internet/computer based voting is that now a small group of hackers can cause MAJOR election fraud with a far fewer number of conspirators. The traces are much harder to find, or worse, to prove.

It is not the ease of cheating that is the problem, but instead the difficulty of detecting it.

Anonymous (0)

Anonymous Coward | more than 2 years ago | (#39225279)

Bad idea because it will allow Anonymous votes?

It would be better than Canadian election fraud (1)

msobkow (48369) | more than 2 years ago | (#39225337)

The difficulties of coding a secure voting system are no more difficult than those of coding a secure debit or credit card payment transaction, and subject to EXACTLY the same risks.

The bigger issue is that every single electronic voting platform I've heard of to date has been a closed-source solution, uninspected, unverified, and unaudited. With a proper open source solution that could be inspected and vetted by the hundreds of thousands of programmers out there who'd be interested in finding flaws, I've no doubt a proper solution could be implemented.

It would beat the heck out of the robocall scandal currently plaguing Canada. Making calls to misdirect voters to non-existent polling stations would be futile if people were voting from home.

As to the issue of verifying identity, when you apply for unemployment insurance, your ID is checked online and a card sent to your last registered snail-mail address with the security code needed for initial systems access. I'd think a similar system would be adequate for online voting registration.

The bigger problem is that voters would be pretty much guaranteed to forget their passwords between elections, and that would be a huge problem with the process.

Re:It would be better than Canadian election fraud (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39225577)

You fundamentally misunderstand the issues.

> The difficulties of coding a secure voting system are no more difficult than those of coding a secure debit or credit card payment transaction, and subject to EXACTLY the same risks.

No... individual financial transactions can be verified by both parties after the fact (on your transaction record). Individual voting results cannot be verified by either [to prevent coercion, vote-selling, and reprisals]. Instead, aggregate voting results must be verifiable without tying them to an individual voter. It is a completely different problem.

> The bigger issue is that every single electronic voting platform I've heard of to date has been a closed-source solution, uninspected, unverified, and unaudited. With a proper open source solution that could be inspected and vetted by the hundreds of thousands of programmers out there who'd be interested in finding flaws, I've no doubt a proper solution could be implemented.

Open source platforms are meaningless in voting because you cannot prove that the machine is running the software that you that claim it is. Vet the software all that you want. It doesnt prevent a vendor from silently installing a different version into a virtual machine.

Vote by Mail works very well in Oregon (2, Interesting)

EnergyScholar (801915) | more than 2 years ago | (#39225433)

All practical methods for voting are vulnerable to fraud. Some methods, like paper ballots, provide better resistance to systemic fraud, others provide better resistance to small-scale fraud. Systemic fraud is the greater risk, by a huge margin. Vote by mail is vulnerable to manipulation on a household level, but is very hard to systemically defraud. For example, a household tyrant might steel the vote of other household members and intimidate them into silence, but this same villain would have a hard time stealing the votes of neighboring households. With electronic voting, whomever hires the best hackers can steal the election.

I've done most of my voting in the US State of Oregon. In Oregon all voting is done by mail. All registered voters receive a ballot with an anonymity envelope. You fill out the ballot, put your ballot in the anonymity envelope, put that in the envelope with your name on it, sign the outer ballot, and send it off in the mail. All the paper ballots are there for future physical counting, and you can check whether your vote was received. There is no election day voting, except to drop your last-minute ballot off at the Post Office before polls close. Voting is done by mail days or weeks in advance. Vote-by-mail is a secure, effective, and practical voting method, and is virtually immune to the sorts of systemic fraud that plague electronic voting.

I encourage other Slashdot readers to support vote by mail in their locale.

Re:Vote by Mail works very well in Oregon (0)

Anonymous Coward | more than 2 years ago | (#39225829)

From my experience working with e-voting machines(set-up, test, deploy, recover and post), there seems to be plenty of vulnerabilities for nefarious peoples to game the results. However, those results have been(hopefully still are) 'unofficial' pending the ballot hand count. The real problem is, those vulnerabilities pale in comparison to the discriminate invalidating of ballots done in the backroom during the hand count, regardless of the voter's obvious intent. Live, provisional, absentee and early ballots(mail-ins) are all subject to the inane guidelines set-up by the two parties prior to, and even created during, the hand count. No 3rd party has a snowball's chance in hell of ever winning a coveted elected position, IMIO.

Re:Vote by Mail works very well in Oregon (1)

xkr (786629) | more than 2 years ago | (#39225881)

I agree with you, but want to make two comments: (1) mail is still expensive, slow, and far from perfect; (2) the US Postal Service is the largest polluter (gas fumes, junk mail) in the western world. I don't like giving them more stuff to mess up.

Re:Vote by Mail works very well in Oregon (3, Insightful)

0xABADC0DA (867955) | more than 2 years ago | (#39225987)

Vote-by-mail is a secure, effective, and practical voting method, and is virtually immune to the sorts of systemic fraud that plague electronic voting.

Wrong. It's vulnerable to systemic fraud in the counting. If you infiltrate the post office or the election office you can easily alter the results in volume.

When you have a polling location you can verify the box is empty, observe people placing votes into it, and observe the counting. You observe every step in the process to get your poll's final tally, and when the results are posted with a breakdown by polling location you can verify that it was added correctly to the total. All you need is a few trusted people per polling location and you can trust the results.

But in vote-by-mail the only part you observe is casting your own vote. You can't say that a 'household tyrant' didn't vote for others -or- that systemic fraud didn't occur in the post or in the tally. It's better than internet voting could ever be since the unobservable parts (post office, elections office) are harder to corrupt and get away with it, but it's still unacceptable for running fair elections.

What would they do in Sweden? (4, Interesting)

iamnot (849732) | more than 2 years ago | (#39225445)

Well, what they do in Sweden for voting is still old-school paper ballots... in fact, to a former North American it is almost a bit scary as the political parties are allowed to hang around the polling stations handing out polling slips... yes, you use a specific polling slip for the party you want to vote for, and the well-organized and well-funded parties will sometimes send out the voting slips ahead of time! What they also have in Sweden is a national ID system - everyone has an ID number that is used for everything - taxes, healthcare, picking up packages from the post office - everything! And tied to that system are the major bank systems, many of which us a Bank-ID token which you load on your computer to allow online tax submissions, health insurance claims, parental leave (hello 480 days paid leave!), etc. The online part of the ID validation is based on either a single-use scratch bankcard or a keypad that you insert your bankcard into, which you enter a validation code, your PIN, and then it returns a validation code. So, my guess is that switching to e-voting in Sweden would be a breeze, and the security would definitely be strong. Now that I think about it, no idea really why there is no e-voting here yet - heck, you can file your taxes by SMS here!

Everyone Must Understand the Voting Process (5, Insightful)

jaa101 (627731) | more than 2 years ago | (#39225511)

In my view an important property of any ballot is that the great majority of people must be able to understand the whole process. That's the only way for people to have confidence that there's a reasonable chance of detecting and preventing rigging. It also rules out pretty well any form of electronic voting. Internet security involves very serious maths that very few people can handle.

Around here we still write numbers in squares on pieces of paper and drop them in the ballot box. It works. The cost is tiny compared to the cost of government. I just can't see the advantages of more automation being worth the risk.

People might think it weird that an IT guy would have this luddite view but I think, on the contrary, I'm better placed than most to know what could go wrong.

Re:Everyone Must Understand the Voting Process (2)

xkr (786629) | more than 2 years ago | (#39225855)

I'm a very tech guy and I agree with you 100%

Are you kidding me? (1)

mcavic (2007672) | more than 2 years ago | (#39225559)

Unlike paper ballots (and in the absence of a paper audit trail backing an electronic voting system), online vote gathering offers no good way to re-count.

What? Push a button, and the recount is done. You could also distribute the votes to multiple data centers to be independently counted by different software, to reduce the possibility of tampering.

Re:Are you kidding me? (2)

Daniel Dvorkin (106857) | more than 2 years ago | (#39225797)

Push a button, and the recount is done.

That's the point; it's not really a "recount" by any meaningful definition of the word.

Re:Are you kidding me? (2)

NicBenjamin (2124018) | more than 2 years ago | (#39225985)

You aren't understanding the point of a recount.

The idea is that you can re-analyze the data (ie: people's votes) more rigorously, so you are 100% sure that the guy elected is the guy most people voted for. That can't happen with electronic data because the data is the count, and no recount will change the result. If, for example, the printer screwed up and put candidate a (call him Stalin), on the line the scanners counted for candidate b (call him Hitler), the recount will prove that, and Stalin will be elected instead of Hitler.

If the same thing happens with a non-paper ballot of any kind the recount is worthless because there's no way to find out that the election machine was displaying votes for Stalin and counting them for Hitler.

Internet voting compounds the problem by adding a bunch of totally non-secured terminals, where you could easily install malware that counted every vote as a vote for Hitler.

Handicapped voting (1)

cdrguru (88047) | more than 2 years ago | (#39225567)

In the US it got decided that handicapped people should be able to vote. This meant that 99% of the existing systems in place could no longer be used. How do you have a blind person vote without assistance? How about someone that has lost the use of their arms? Then there are the issues of having to have ballots in the language of the voter's choice. This is the sort of thing that has gotten us where we are today with electronic voting machines.

I think the "right" answer is to tell the handicapped that they need to have a "voter" that they bring in to help them or they just don't get to participate. Because that is a lot simpler than all of the other solutions and impacts the fewest number of votes. Same thing with folks that insist they must have a ballot in Urdo - the answer there is English is the official language and no government documents need be in any other.

The other problem is "subjective voting strategies" like the hanging chads. Clearly, this was proven not to be working and worse, more and more chads got punched out the more the cards were handled. Meaning a perfectly valid ballot (card) was invalidated because another punch was made simply by handling it too much. This clearly needed to go.

Arizona uses paper ballots which are electronically scanned. Handy for the polling place but not so good for blind people and those with serious vision problems. The "bad ballot" problem where someone makes too many or too few (or too light) marks is handled immediately because the ballots are scanned when you hand them to the attendant. But it doesn't satisfy the requirements for allowing nearly all handicapped voters to participate. Nor does it solve language problems - Arizona is pretty simple where they need to print only about 25 different language ballots to meet all of the citizen's needs. But imagine a place like LA or New York with hundreds of different languages mandated by the state to be supported. Every election brings new protests that ballots are not in the "right" languages.

Electronic machines that make paper ballots might be the only way that works, but there is no getting away from the electronic machines. They are the only way to deal with the language problems and the handicapped problems. So we aren't getting rid of electronic voting, ever. We just might make it a lot more complicated though.

I certainly agree that Internet voting is so insecure as to be an absurd idea.

Re:Handicapped voting (2)

techno-vampire (666512) | more than 2 years ago | (#39226117)

How do you have a blind person vote without assistance?

I don't know how it's done in Arizona, but in California, you're allowed to have somebody help you fill out the ballot if you're unable to do it yourself. If nothing else, one of the precinct workers will assist you. Of course, most blind people probably have permanent absentee ballot status and take care of it on their own, but there's already a way to let them vote at the polls if needed.

Re:Handicapped voting (3, Informative)

NicBenjamin (2124018) | more than 2 years ago | (#39226147)

In Michigan the way the handicapped vote is simple: they bring a friend they trust who verifies their ballot is right. It's technically not a secret ballot, but so far it's worked fine.

As for multiple languages, I think you don't understand the law very well. Russians, Poles, Germans, and French people do not have any legal right to demand ballots in their native tongues. Only Native Americans, Asian Americans, Hispanics, and Alaskan Natives do; and they only get them in jurisdictions where they make up a large portion of the population (10,000 people or 5% of the population, whichever is lower). New York State, for example, has Counties that print ballots in Spanish, Korean and Chinese. I wouldn't be surprised if there're more languages in Arizona, for the simple reason that AZ has a lot of Indian reservations which have populations speaking a Native American language.

A fine idea until 1337 polibot wins (1)

istartedi (132515) | more than 2 years ago | (#39225643)

It's a fine idea until 1337 Polibot wins by a margin of 4 billion votes in a write-in campaign and the referendum on dictatorial powers pases. Then the first act of the administration requires us to do our taxes in binary and funds a "Kill all humans" campaign. What? A glitch you say? We can't change it. It's democracy. It's sacred. Kill all humans.

Why voting parties?? (2)

snemiro (1775092) | more than 2 years ago | (#39225775)

I prefer to vote projects than parties. The political/judicial/exec system is a huge Ponzi scheme, where the taxpayer has to pay and the politicians and friends collect the monies.

Hard, but not impossible (2, Interesting)

xkr (786629) | more than 2 years ago | (#39225815)

I have a lot of background in cryptography and interent security. (This does not mean my opinion is better than yours.)

I agree that this is a hard problem and that there are many exposed 'weak links.'

But I don't think it is insolvable.

If someone were to offer $1 million to the best proposed solution, and a handful of $100,000 runner up prizes, the zillion smart people who read /. and are underemployed would come up with some great solutions.

There are some tricks that can be borrowed from current election checking. For example, look carefully at all of the user statistics -- compare to prior elections, registration stats, time of day, IP addresses, user PK certificates, comparison to other, "similar," voting domains, etc. This type of non-privacy-invading audit is good at identifying problems down to about 1% - 3% of the voting population. A hacker, trying something for the first time, has a good chance of getting located this way.

Another trick is sample audits -- a bit like "exit polls," where a fraction of voters are asked how the voted. This can be viewed as privacy invasion, but it happens all the time, now, so there is really no policy change. Again, this can find anomalies down to about 3%.

Another trick is post-election audits of PK certificates. Better late than never.

Another tool is to carefully monitor internet traffic to look for anomalies, particularly DOS attempts.

Another tool is to provide "hardened" computers that voters can use, at places smilar to today's polling locations -- senior centers, gov't offices. These machines have had some type of security audit. And yes -- this approach has its own risks, I know. I would suggest mixing this approach with user's own computers.

I know people want to use web browsers, but I would not do that. Voters have to download a totally dedicated app (see open source, below), and each app has PK signature.

Another trick is give some users hardware keys, like paypal and RSA use. Even if only 1% of voters have a hardware key this provides a very high degree of polling information and that can spot fraud down to a small fraction of a percent.

And finally, all software should be open source. Period. As pointed out repeatedly, relying on secrecy is pretty much a guarantee of breech.

I am not offering a solution here. I am merely pointing out that there are methods and tools that can be used as a starting point for a real solution.

Don't say a problem is insolvable until you have tried seriously to solve it.

And finally, no voting system is 100.000% perfect. Get over it. For example, no system prevents buying votes. No system prevents voters from lying. Build the best system you can.

Re:Hard, but not impossible (1)

xkr (786629) | more than 2 years ago | (#39225979)

One more tool: capture a picture of the voter using the PC's camera. Helps eliminate a guy voting for his wife. (They probably vote the same, anyway.)

lazy voters (0)

Anonymous Coward | more than 2 years ago | (#39225831)

Of course this doen't apply to everyone but If someone is to lazy to vote the old way, I'm not so sure we should want their vote counted anyway

Postal voting first (1)

andymadigan (792996) | more than 2 years ago | (#39225879)

Not that I'm particularly eager to put our elections in the hands of the post office, but before we consider an internet voting system, we need a postal voting system. Many states (including New York) do not allow postal voting unless you can prove you can get to your polling place (if you're out of the state/country). There's a good reason for this, and it's been brought up before: it's not a secret ballot. In theory, your employer can force you to fill out your ballot in front of them.

On the other hand, California allows postal voting. If it works in California, it should work in NY and across the country. Postal voting would make voting about as inconvenient as Netflix.

Online voting has a lot more problems. I can see some pretty insidious botnets getting into the business of faking votes, possibly by just masking the input and display to the voting site. Electoral fraud could become a huge business for individuals, corporations and foreign governments.

Intercepting mailed ballots at least should require a lot more resources, and be much easier to detect.

E-voting is simple (0)

Anonymous Coward | more than 2 years ago | (#39226113)

It's really not that complicated. If you file taxes you can vote. Change the election schedule to fall in line with taxes. Those who pay the taxes should be the ones determining who is elected.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...