Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Government Privacy United States Politics

New Jersey Residents Displaced By Storm Can Vote By Email 189

First time accepted submitter danbuter writes "In probably the most poorly thought-out reaction to allowing people displaced by Hurricane Sandy in New Jersey [to take part in the 2012 presidential election], residents will be allowed to vote by email. Of course, this will be completely secure and work perfectly!" Writes user Beryllium Sphere: "There's no mention of any protocol that might possibly make this acceptable. Perhaps the worst thing that could happen would be if it appears to work OK and gains acceptance." I know someone they should consult first.
This discussion has been archived. No new comments can be posted.

New Jersey Residents Displaced By Storm Can Vote By Email

Comments Filter:
  • I didn't know (Score:5, Insightful)

    by mwvdlee ( 775178 ) on Sunday November 04, 2012 @08:23AM (#41871815) Homepage

    I didn't know New Jersey had over 5 billion residents.
    Or atleast that's my estimate of the amount of votes they'll be recieving.

    • Re:I didn't know (Score:4, Informative)

      by Intrepid imaginaut ( 1970940 ) on Sunday November 04, 2012 @08:46AM (#41871931)

      I think the Swiss have been using online voting for a while now: http://www.cbsnews.com/2100-202_162-645615.html [cbsnews.com]

      • by K. S. Kyosuke ( 729550 ) on Sunday November 04, 2012 @09:02AM (#41872019)
        Yes, but they are Swiss. They make perfect watches, have an insane amount of automatic rifles in homes while not thinking twice about not committing crimes with those rifles while eating their famed chocolate, and are otherwise generally badass. Take that, New Jersey! Still think it could work there?
        • by __aaltlg1547 ( 2541114 ) on Sunday November 04, 2012 @11:40AM (#41872969)

          Yes, but they are Swiss. They make perfect watches, have an insane amount of automatic rifles in homes while not thinking twice about not committing crimes with those rifles while eating their famed chocolate, and are otherwise generally badass. Take that, New Jersey! Still think it could work there?

          Of course they don't commit crimes with the rifles. They already have all the criminals' money.

        • Where do the swiss grow their cocoa beans?

      • Re:I didn't know (Score:4, Insightful)

        by Hentes ( 2461350 ) on Sunday November 04, 2012 @09:31AM (#41872131)

        And that has nothing to do with email voting.

      • Re:I didn't know (Score:5, Informative)

        by Albanach ( 527650 ) on Sunday November 04, 2012 @09:45AM (#41872185) Homepage

        There was a project sponsored by GNU to develop software that would permit online voting securely. Obviously this would be hugely useful if it were secure and freely available. http://www.gnu.org/software/free/ [gnu.org]

        Production stopped in 2002.

        Here's what they had to say, "From my experience of designing and developing GNU.FREE over the past three years it has become clear that creating an Internet Voting system sufficiently secure, reliable and anonymous is extremely difficult, if not impossible. As Bruce Schneier points out "a secure Internet voting system is theoretically possible, but it would be the first secure networked application ever created in the history of computers.""

        Of course, it's possible the Swiss know something about secure software development that Schneier doesn't. Or perhaps they're just happy to accept the risks.

        • by h5inz ( 1284916 )
          There is also an electronic voting system in Estonia that uses ID cards (a smart card) for secure authentication. There is also a short summary about the secrecy scheme of the voting process in the document referenced below.
          http://www.vvk.ee/public/dok/Internet_Voting_in_Estonia.pdf [www.vvk.ee]
          • There is also an electronic voting system in Estonia that uses ID cards

            I think we can learn a lesson from operating systems here. The danger of attack tends to be somewhat proportional to the size and value of the target. In the past, the vast majority of attacks were limited to Windows, because it ran on the vast majority of computers and the potential gains were greatest. Today that is no longer the case, with Linux, OSX and phone operating systems all being attacked, together with attacks of niche system

        • by Yvanhoe ( 564877 )
          The Swiss system relies on a trusted third party, something that secure network applications try to avoid.

          It works in Switzerland because they have put a trutable government in place and learned to trust it instead of wondering if it should not just be gone at each election.
      • Re:I didn't know (Score:5, Insightful)

        by Derek Pomery ( 2028 ) on Sunday November 04, 2012 @11:14AM (#41872781)

        Even if an online voting system could be implemented in perfect security, I'm still bothered by the fact that the voting booth is supposed to be influence free.

        If you go vote, people pressuring you have to stay like 50 metres away from the polling place.

        There is no such protection in online voting. A church could put the computer, oh, right in front of the altar and have the congregation line up. Heck. There's a lot of concern about buying votes (personally I'm thinking if you think someone will stay bought for $100 against their conscience, eh, welcome to try). But that whole situation changes with online voting. Again, can have people vote right at their workstation for a bonus in the next paycheck.

        I'm sure there'd be proposals of laws against it, but, enforcement is still an issue. Esp since pressure can be as simple as peer pressure.

        BTW, on the buying votes front, supposedly each campaign is spending over $1000 per undecided voter in swing states, w/ actual impact of the ads being very hard to measure. Amusing.

        Reminds me of all the concern about rich people being able to self-fund campaigns. Should ask Meg Whitman how that worked out for her.

        • I live in New York. President Obama is going to get our electoral votes no matter which lever I pull in the booth, so if someone wants to pay me $100 to flip a particular switch, I'll gladly accept their money and pull whichever lever they ask of me - it boils down to literally whether I want $100 or not.

          As for pressure on a poll in a church, I'd assume that any non-personal venue that is stated to be a place where votes can be submitted fall under the 100-foot rule, enforcement could be incentive-based - y

        • by Guppy06 ( 410832 )

          There is no such protection in online voting.

          This problem is not unique to online voting; it's also an argument against allowing voting by mail.

          • Agreed. Not a fan of that either.

            I just feel that online voting expands the problem and simplifies the abuse.

        • There is no such protection in online voting. A church could put the computer, oh, right in front of the altar and have the congregation line up.

          There is no need to conjure a theoretical example when the real example of unions and "card check" exists, and is being repeatedly litigated [washingtonexaminer.com].

          The National Labor Relations Board’s attack on the secret ballot [dailycaller.com]

          . . . The National Labor Relations Act established the secret ballot election as the preferred method for determining employee free choice. Although the act has been interpreted to permit voluntary recognition by card check . . .

          . . . An employer does not have to acquiesce to a union’s demand (or its employees’ request) for recognition based on a card check; the employer can demand a secret ballot election. Similarly, if an employer voluntarily recognizes a union based on a showing of majority support by cards, its employees are given 45 days to demand a secret ballot election challenging the union’s majority claim.

          Unions prefer card check, however, for two main reasons. First, card check is less costly. Second, unions are more successful at securing an employee’s signature on a card than they are in earning the employee’s vote when it is cast in secret. The reasons are not hard to find. A card check subjects an employee’s vote to the scrutiny of third parties, peer pressure from fellow employees, and even coercion. Unions collect cards over time, often in secret and without the knowledge of the employer, and open workplace debate on the issue of unionization. A secret ballot election takes place after a campaign participated in by the union, the employees and the employer; it reflects employee sentiment, educated by the campaign’s debate, at one point in time.

        • Yeah, I laughed at a WP article about someone convicted of vote buying. The end of the article had a quote from one of the vote sellers saying he just voted how he wanted anyway and pocketed the cash. Another "sold" his vote to both sides.

          FYI, even the inside of the booth is not safe. At least in MD if you are "unable" to vote alone you can bring almost ANYONE into the booth with you by both signing an affidavit that they aren't your boss nor a candidate for office. And poll workers can't question it
    • Apparently Estonians vote online too:

      http://techcrunch.com/2012/09/24/report-america-ranks-behind-estonia-in-internet-freedom-heres-why/ [techcrunch.com]

      http://www.cnn.com/2011/11/08/tech/web/online-voting/index.html [cnn.com]

      [Canada], Sweden, Latvia and Switzerland are among the countries that have tested Internet voting.

      But when it comes to national elections, Estonia is the clear leader.

      The tiny Baltic nation (its population of 1.3 million is roughly the size of San Diego) has allowed online voting for all of its citizens since 2007. In this year's election, nearly one in four votes was cast online, according to its elections commission.

      Note that they have a national ID card, reasoning that it's better to have *one* government controlled database that they can control and monitor, rather than to have a zillion databases that are unconnected and contain various levels of information.

      • PS: A link to their National ID card management website: http://www.id.ee/ [www.id.ee]

      • Re:Estonia (Score:5, Insightful)

        by plover ( 150551 ) on Sunday November 04, 2012 @11:40AM (#41872977) Homepage Journal

        The reporter is obviously confused about the meaning of 'freedom'. The real problems with online voting have less to do with the technology and more to do with the integrity of the process.

        Even if an online system worked perfectly, how do you know that when Joe cast his vote that Frank wasn't standing behind him with a gun in one hand and $100 in the other? You don't.

        Now, that's a problem with absentee ballots as well, you might say, and you would be right. But the effective difference is the difficulty of scaling fraud up in the physical world as opposed to scaling up fraud in an online world. I might be a rich gangster and hire 10 thugs to influence 10 votes. But as a crooked employer, I could monitor the voting of thousands of employees, and I'd know exactly who is on the short list to be promoted.

        Preventing coercion requires the act of moving a voter into a secluded voting booth, with a truly secret ballot.

        • But as a crooked employer, I could monitor the voting of thousands of employees, and I'd know exactly who is on the short list to be promoted.

          I am confused, if they are doing it from home, how will your employer abuse your right?

          • The presumed first step is that employers require their employees vote while at work. Easy enough to do even with indirect threats right now, when so many people are un- and under-employed. Didn't vote at work? Not gonna look good on your next performance report...

            • The presumed first step is that employers require their employees vote while at work.

              Agreed, the ideal is a secret ballot, but circumstances are currently less than ideal. If voting by email were the norm I'm sure some employers would try to bluntly coerce their employees, however I don't think they would succeed on a significant scale without getting caught. Also not all coercive employers are going to bend the vote in the same direction.

              The obvious risks in this temporary measure is back-end fraud and man in the middle, again the lack of notice gives Dr. Evil very little time to organi

          • by plover ( 150551 )

            Half the people will vote from their web browsers at work, more if the boss makes an announcement: "Hey, take a few minutes after lunch and be sure to log on and vote today."

            Our company machines give us a warning every time we sign in: "This machine may be monitored at any time, and all activity may be logged. Don't assume anything you do on company equipment is private." I know that not only do they have such monitoring and logging capability, but it extends to https: surfing as well. It would be a sma

        • I don't think (in this case) Frank has enough time to organise a gun and $100 for a significant number of Joe's. Beside Joe could simply lie to Frank and tell him he has already voted by email.
  • Official Directive (Score:5, Informative)

    by Robadob ( 1800074 ) on Sunday November 04, 2012 @08:32AM (#41871865)
    This seems to be the official thing about it because there's some stuff going around twitter that it's a lie. http://nj.gov/state/elections/2012-results/directive-email-voting.pdf [nj.gov]
    • by thrill12 ( 711899 ) on Sunday November 04, 2012 @08:42AM (#41871909) Journal
      ..as they ask for a "waiver of secrecy": they actually *realize* that the e-mail voting will need the removal of one of they key things in a democratic election: the secrecy of voting. Now an actual record of the vote is transmitted in the clear (when using e-mail) and if anyone coerced said voter they will have undisputable proof what that person voted. I gues the OSCE will write this down in their report [osce.org]...
      • by sribe ( 304414 ) on Sunday November 04, 2012 @09:51AM (#41872223)

        ..as they ask for a "waiver of secrecy": they actually *realize* that the e-mail voting will need the removal of one of they key things in a democratic election: the secrecy of voting.

        Since when is secrecy of voting key to a democracy? This democracy, for one example, was founded without it...

        • by Sabriel ( 134364 )

          It's not the key, it's a key. Defense in depth, etcetera.

          Also, if by "this democracy" you are referring to the United States: the names of many of the signers of the American Declaration of Independence were initially kept secret, for fear of British reprisals.

          • by sribe ( 304414 )

            It's not the key, it's a key. Defense in depth, etcetera.

            I agree that providing people with the option for secret voting is good; but I disagree that it is bad to allow a potentially non-secret method to those who prefer it.

            Also, if by "this democracy" you are referring to the United States: the names of many of the signers of the American Declaration of Independence were initially kept secret, for fear of British reprisals.

            I am indeed referring to the US, where *after* the establishment of the republic, most votes were town-hall style public votes. (The initial anonymity of the signers of the declaration is not at all relevant.)

            • by plover ( 150551 ) on Sunday November 04, 2012 @11:54AM (#41873067) Homepage Journal

              Allowing non-secret voting creates the conditions under which coercion can take place.

              How do we know Tony Soprano hasn't threatened everyone in the neighborhood to vote for his candidate? Let's say one of Tony's associates is at the polling place, "observing" the election as his right. If he is watching you vote, he can be sure you voted his way. If you have the "choice" of a secret ballot or a non-secret ballot, he could tell you up front "don't be choosing the secret ballot, I need to see your vote. Or else."

              If the voter is not given the choice of non-secrecy, that vote can't be subverted. In a secret ballot, the voter can always make their own free-will choice. And only through enforcing ballot secrecy can the election judges be certain that the vote was impartial.

        • Since when is secrecy of voting key to a democracy? This democracy, for one example, was founded without it...

          Others have explained why secrecy is important, but I thought I'd touch on the second part of your statement.

          1. It is hard, if not impossible, to secretly declare independence.
          2. The founding fathers were all prepared to be hung for treason against the crown.

          In the theme of my second point, you can dig up numerous stories of businesses and public figures that have received backlash for publicly supporting a candidate, a political party, or a politically charged policy idea.
          Which is why secrecy is crucial to

      • by goodmanj ( 234846 ) on Sunday November 04, 2012 @12:42PM (#41873359)

        Let me play devil's advocate here. While we all know that email is insecure, as a practical matter the security holes in this are roughly equal to vote-by-mail. Not that that's a good thing, but this doesn't introduce many new problems. The NJ elections directive recognizes this, and treats displaced voters as "overseas" for the purpose of election rules.

        Summary of the procedure:
        * Your voter registration is already on fiile.
        * You email a request for your ballot
        * The elections agency marks your ballot number in the registry, sends you a ballot with a unique ID, along with a waiver of secrecy.
        * You fill out the ballot and the waiver, and send them back.

        Can we spam the election with billions of votes? No. Well, you can send the emails, but they won't have the right ID numbers so they won't be counted.
        Can we hijack individuals' votes by voting for them, or by changing their vote via a man-in-the-middle attack? Yes, but you can do this by paper mail too, and it's a one-vote-at-a-time thing.
        Do we lose the secrecy of the ballot booth? Yes, but that's lost in vote-by-mail too, and voters choose whether they'd rather submit a non-secret ballot, or trudge through miles of floodwaters to cast their vote in person.

        The practical question you've got to ask yourself is not "could someone be disenfranchised by this?" but "will more people be disenfranchised by doing this than by *not* doing it?"

        In short, adding "e-" to a technology doesn't miraculously make it evil or cool. And in this case, the security holes are roughly equal to a system already in common use. As a mandatory universal voting system, email voting would be an abhorrent violation of civil rights. As a short-term, *optional* response to a major emergency, it's worth considering.

        • Re: (Score:3, Informative)

          by Anonymous Coward

          I'm surprised that postal votes are not secret. There's no reason for that.

          In Australia if you do a postal vote, you're given 2 envelopes. you put your vote inside the first unmarked envelope. Then you fill out all your voting details on the other envelope, and put the first envelope inside.

          When they receive, your vote. The details on the outer envelope are checked. Once they are happy that it's a valid vote, the unmarked envelope is thrown into the pile of other postal votes.

          Simple, low tech solution...

  • by Azathfeld ( 725855 ) on Sunday November 04, 2012 @08:36AM (#41871895)
    You can't just send an email with your vote in it. They're allowing scanned copies of absentee ballots. It's no less secure than absentee voting in general; they'll check the names against the voter rolls just like they do when you vote in person.
    • by mysidia ( 191772 ) on Sunday November 04, 2012 @08:42AM (#41871913)

      they'll check the names against the voter rolls just like they do when you vote in person.

      Unfortunately, the list of names on the voter roles is public.

      Will they be smart enough to check that for every ballot received by mail, there was actually an application for a ballot by that person?

      • by Anonymous Coward on Sunday November 04, 2012 @08:57AM (#41871989)

        All voters in Oregon vote by mail. Each ballot is submitted with a signature on the outside envelope. That signature is matched against the voting rolls before the ballot is counted. The ballot is in a secrecy envelope so the person opening it during the counting process doesn't know whose vote it is.

        There are several problems with the process described here that make it different. The first is that an electronic signature can be a scanned copy obtained from a different document. The second, raised elsewhere, is that the ballot is not secret. The third is that someone could electronically modify the ballot during and stage of the process. This seems to be relying on a form of "security by obscurity". For a small number of ballots that is probably sufficient. But if you get a large number of ballots it will be an inviting target for someone trying to alter the outcome of the election.

      • Will they be smart enough to check that for every ballot received by mail, there was actually an application for a ballot by that person?

        People all over the planet have been voting by snail mail throughout the 20th century, do you (and the mods) really think that your the first person "smart" enough to ask that question? Could it be that others have put more thought into running the election than you have put into your post?

    • So that'd require those displaced people to have an absentee ballot already - how does that work? Even if they happened to have applied for it, not likely that this is with the stuff they took with them when fleeing their homes.

      Also I wonder in general if there is any emergency plan thought out for just this situation. Elections happen often enough and the US is big enough to sooner or later have one seriously disturbed by some major natural disaster somewhere in the country - could be a hurricane, could al

      • If you clicked on the link, it says exactly how it will work. You email them an absentee application, they email back a ballot, you return the ballot. The only difference is that this is not snail mail (and some states already do this for overseas and/or military voters, so it obviously works well enough without the massive fraud people like to predict).

    • New Jersey's email voters can be confident of as secret a vote as voters already get in Colorado, because only election officials will know who they are. (Look it up, folks, and cry: http://yro.slashdot.org/story/12/09/22/1419211/federal-judge-says-no-right-to-secret-ballot-oks-barcoded-ballots)

      And, of course, they'll have as much reason to be confident their votes were counted as residents of any state that uses slot machine (er, electronic) voting.

      It doesn't really matter, anyway. When you want to buy an

  • by metaforest ( 685350 ) on Sunday November 04, 2012 @08:40AM (#41871905)

    Election Night.

    *starts making popcorn.

  • The next day.... (Score:4, Insightful)

    by Lumpy ( 12016 ) on Sunday November 04, 2012 @08:45AM (#41871929) Homepage

    It is amazing! New Jersey had 100% voter turnout and that ALL voted for Romney! It is awesome to see that this state in the face of disaster can turn out a voting percentage that no other state has EVER turned out!

    Pundits point at this as an effect of how the TV show Jersey Shore has given NJ residents that the new president will pass a law to get it taken off the air and the cast exiled.

    • It's only available as an option for displaced voters and they'll identify those by location (e.g. the Jersey shore.). Obama has about an 11% advantage in New Jersey, so I think his NJ electors are safe. The House and Senate seats look pretty safe too. I guess it could affect some local races.
  • by bmo ( 77928 ) on Sunday November 04, 2012 @08:48AM (#41871943)

    ... already. They are merely letting people be treated like overseas military.

    FTFA

    "Officials say electronic voting is also an option for emergency workers. The option is already open to New Jersey voters overseas and in the military."

    It's not like someone just came up with an idea yesterday.

    --
    BMO

    • So how do they reconcile if someone emails a ballot twice from two email addresses? I can see how it's a bit less likely to be fudged if the email was sent from a .mil address because those would be verified email addresses. I'm not so much against it as I'm interested in seeing that it's accurate, and people don't feel disenfranchised by fake votes.

      • by bmo ( 77928 )

        >So how do they reconcile if someone emails a ballot twice from two email addresses?

        I would think there would be some sort of cryptographic signature embedded in the emailed ballot, so they only get that one ballot back and not a hundred copies.

        --
        BMO

        • by mellon ( 7048 ) on Sunday November 04, 2012 @10:13AM (#41872353) Homepage

          How would that work? Suppose I get a ballot, and scan it, and that scan gets out. The "cryptographic signature" will be on every copy of the scan. How will they know which one is mine? I think in this case, if what you suggest were true, my vote would either not be counted, or would be swamped by all the hacked copies. Either way, I lose.

          Cryptography isn't a magic want that you can wave over a security problem to make it go away. It's a useful tool, but this is a _really_ hard problem, and what's been proposed here is not in any way secure.

          • by bmo ( 77928 )

            >what's been proposed here is not in any way secure.

            The article doesn't even get into any security at all. It's just an announcement and I'll bet the reporter didn't even bother to ask.

            Come on, man.

            You wanna find out? How about you go call up the NJ Board of Elections.

            --
            BMO

            • by mellon ( 7048 )

              Why on earth would I do that? I already know that there is no crypto technology that could be associated with a scanned ballot that would actually be secure against the attack I just described. That was my point.

      • The "From" field of an SMTP transaction isn't authenticated, it's just something that the sender supplies. It works the same way, and has the same reliability as the return address area of a snail mail envelope. Yes, the mail carrier (or SMTP server) could check it against the mailbox it is collected from, but practically that doesn't happen (and in fact for email, as it may have been relayed through intermediate servers, there's situations where the @ clause of the from field wouldn't match the RDNS of t

      • Comment removed based on user account deletion
    • Getting all the ballots out and back (ok, they have until the 19th for that part) in such a short time could be an issue. Phone lines and the tubes could get clogged with all the traffic.

  • by yelvington ( 8169 ) on Sunday November 04, 2012 @08:52AM (#41871969) Homepage

    Absentee voting already works this way pretty much everywhere in the United States:

    First, you have to already be registered, so the notion that nonexistent people are suddenly able to vote is nonsense.

    Second, you must file a request to get the absentee ballot. In most states you do not have to show any form of ID to do so, but your name is checked against the registration records before any ballot is provided.

    Third, you fill out the ballot form, sign it, and mail it in. Note that the signature means your ballot is not really "secret."

    Fourth, the forms are checked against the registration rolls again when they are counted, and signatures also may be checked (usually a sampling are spot-checked). In many places, absentee votes are counted AFTER the live votes and they may even be skipped if the number of absentee votes would not change the outcome of the election. If a voter has voted at his or her precinct, and an absentee ballot from the "same" voter shows up, that's an obvious case of fraud and the ballot is set aside.

    There is no reason to imagine that email makes this any less secure than the snail mail system.

    • No it is not if the process for handling postal voting is well established for the majority of voters in a district. (Or in my case the whole county) But during a FEMA disaster and an increased need.... there's plenty of room for grubby paws... and I think that is the concern.

    • by Entrope ( 68843 )

      There are a number of good reasons to believe that email voting is less secure than snail mail. Among them: it is easier to change, forge or destroy electronic records than physical ones; there fewer legal protections for email than postal mail; and there is much less experience with email voting, so mistakes are easier to make and fraud is easier to commit.

    • I voted absentee this year, and unless my state (New Hampshire) is the odd one out (always possible), you have the process wrong.
      I filled out a ballot, which had no identifying marks on it at all. No signature, name, or anything like that.
      Then, that was sealed inside an envelope with a statement I had to sign saying that I myself completed the ballot, and it was the only ballot I filled out.
      That envelope was then put inside another envelope that could be dropped in the mail or handed in at the town office.
      O

  • How is this any different from postal votes? Who cares if it's sent via email or via the post.

    I guess email is more easily intercepted and the contents changed, but standard post isn't immune form that either.

    • Intercepting and tampering with an email with an attached image is a lot easier than intercepting and tampering with a physical ballot in the possession of the US Mail. Something placed inside a physical envelope and handed off to a postal worker enjoys enormous protection under US law; email does not.
      • by mellon ( 7048 )

        Also, in order to sign a ballot you have to physically handle it, which means your fingerprints will be all over it. And you have to sign it with a physical pen. A suspect ballot should yield a lot of information to a forensic analysis.

      • Comment removed based on user account deletion
  • Unless people live in Ohio or Florida why even bother to vote, much less set up new ways to vote? NJ and CT haven't voted republican since 1988, NY since 1984, anybody think it's going to be any different this year?
  • Who gives a fuck, they always vote for the other lot anyway.

Never test for an error condition you don't know how to handle. -- Steinbach

Working...