Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Encryption Privacy Security The Internet Politics

Some States Have Embraced Online Voting. It's a Huge Risk. (politico.com) 338

An anonymous reader quotes a report from Politico: On Sunday, researchers at the Massachusetts Institute of Technology and the University of Michigan revealed numerous security flaws in the product that West Virginia and Delaware are using, saying it "represents a severe risk to election security and could allow attackers to alter election results without detection." In fact, it may be a decade or more before the U.S. can safely entrust the internet with the selection of its lawmakers and presidents, according to some experts. Still, a handful of states are pushing ahead, with the encouragement of one politically connected tech entrepreneur -- and the tempting logic of the question, "If we can bank online, why can't we vote the same way?" These are the problems with that logic:

1) Elections are different. Lots of people bank, shop and socialize online -- putting their money and personal details at potential risk of theft or other exploitation. But elections are unique for two reasons: They are anonymous and irreversible. Aside from party caucuses and conventions, virtually all U.S. elections use secret ballots and polling places designed for privacy. That protects people from being blackmailed or bribed to vote a certain way -- but it also means that, barring an advance in the technology, voters have no way to verify that their ballots were correctly counted or challenge the results. That's far different from a consumer's ability to contest a fraudulent credit card purchase, which depends on their financial institution linking their activity to their identity.

2) The internet is a dangerous place. Even if it were possible to require electronic ballots to travel through servers only in the U.S., no method exists to ensure security at every server along the way. It would be like trusting FedEx to deliver a package that had to pass through warehouses with unlocked doors, open windows and no security cameras. The most effective way to protect data along these digital paths is "end-to-end" encryption [...] Researchers have not figured out how to use end-to-end encryption in internet voting.

3) People's devices may already be compromised. It's hard enough to protect a ballot as it transits the internet, but what really keeps experts up at night is the thought of average Americans using their computers or phones to cast that ballot in the first place. Internet-connected devices are riddled with malware, nefarious code that can silently manipulate its host machine for myriad purposes. [...] Importantly, election officials cannot peer into their voters' devices and definitively sweep them for malware. And without a secure device, end-to-end encryption is useless, because malware could just subvert the encryption process.

4) Hackers have lots of potential targets. What could an attacker do? "There are literally hundreds of different threats," said Joe Kiniry, chief scientist of the election tech firm Free & Fair. Among the options: Attacking the ballot; Attacking the election website; Tampering with ballots in transit; Bogging down the election with bad data; and/or The insider threat involving a "bad" employee tampering with an election from the inside.

5) Audits have faulted the major internet voting vendors' security. Virtually every audit of an internet voting system has revealed serious, widespread security vulnerabilities, although the ease with which a hacker could exploit them varies.

6) Internet voting advocates disagree. Election officials who embrace internet voting deny the risks are as serious as the experts say.

7) What it would take to make internet voting secure. Secure internet voting depends on two major advances: technology that allows voters' computers and phones to demonstrate that they are malware-free, and end-to-end encryption to protect ballots in transit. [...] Solving these problems would require expensive, long-term collaboration between virtually every big-name hardware- and software-maker, Kiniry said.
Note: Each point listed above has been abbreviated for brevity. You can read the full article here.
This discussion has been archived. No new comments can be posted.

Some States Have Embraced Online Voting. It's a Huge Risk.

Comments Filter:
  • xkcd (Score:5, Insightful)

    by ShanghaiBill ( 739463 ) on Wednesday June 10, 2020 @10:38PM (#60169596)
    • by Kisai ( 213879 )

      He's not wrong.

      Like the entire mechanism for secure voting already exists, it's used inside bitcoin. That's the entire "blockchain" mechanism.

      Where things get complicated is cost. You can not have both an anonymous and secure system. That's impossible. To vote digitally is to be able to cast any vote, for anyone, at anytime, and the blockchain will only go back to the ip address of the voter, not the voter themselves. For that to be solved, requires pushing the votes from the other end of the chain.

      Every ve

    • You guys take voting too seriously. It's not a choice between good and evil like some kind of comic book story, you are choosing between several (usually just 2 for the US) groups of people who are fundamentally trying to do their best for you. It doesn't make all that much difference fundamentally which one of them wins really.

  • Either you're a redneck conservatard that flocked to the beaches or some other outdoor gathering as soon as (or maybe even before if you were a real rebel) your state's lockdown ended, or you're a guilt-riddled libtard that flocked to one of the various protests for George Floyd (and maybe rioted a bit if you were a real rebel) the past few weeks.

    If you didn't have coronavirus before, you've probably been exposed to it by now or you're likely to come into close contact with someone who has been for the a
    • there's no shortage of folks who just avoided both. I didn't go to protests and I'm still sheltering in place. I wear a mask when I'm out and I work from home.

      Meanwhile Epidemiologists say COVID-19 is here to stay until at least mid 2021.
    • Comment removed based on user account deletion
  • There's as many R hackers as D hackers, that way they balance each other out.
    • by Q-Hack! ( 37846 )

      There's as many R hackers as D hackers, that way they balance each other out.

      Does that mean the the L hackers are the ethical ones?

    • Re: (Score:2, Interesting)

      by AmiMoJo ( 196126 )

      But is it worse than voting in person when you have Republicans suppressing the vote?

      If online voting results in say 1000 cases of fraud but allows 100,000 people who would have had their votes suppressed to participate in democracy then it's a worthwhile trade-off.

      Of course the best solution is to stop suppressing votes but that doesn't seem very likely to happen.

  • Just have a federal right to vote by mail in addition to whatever exists now. In 5 states this is the only way you can vote, but every single state has some kind of vote by mail system that can be expanded. If it’s good enough for active military it’s good enough for everyone. Automatic voter registration and same day registration should also be a right in every state.
    • Just have a federal right to vote by mail in addition to whatever exists now.

      That would require amending the constitution.

      Probability of that happening: 0%.

      • Technically, if the constitution doesn't forbid it, then we already have that right! Huzzah!

        • Technically, if the constitution doesn't forbid it, then we already have that right! Huzzah!

          The Constitution doesn't forbid states from implementing universal vote-by-mail. Several states, including Colorado, Hawaii, Oregon, Washington and Utah, have already done this.

          But the Constitution does not permit the federal government to require vote-by-mail.

          Some states make VBM universal.

          Some states make VBM optional and available to anyone who requests it.

          Some states deny VBM to any voter without a valid reason for an absentee ballot.

    • Re:No need (Score:4, Informative)

      by slack_justyb ( 862874 ) on Wednesday June 10, 2020 @11:30PM (#60169710)

      Just have a federal right to vote by mail in addition to whatever exists now.

      That is more complicated than is let on at first blush. First some background, Article I Section 4 Clause 1 of the US Constitution.

      The Times, Places and Manner of holding Elections for Senators and Representatives, shall be prescribed in each State by the Legislature thereof; but the Congress may at any time by Law make or alter such Regulations, except as to the Places of choosing Senators.

      This indicates the exclusive nature of voting by the States. And courts have upheld that States get the vast majority of sway when it comes to how elections go down.

      However one of the more famous times recently this "regulation" power has been invoked is with the "Motor Voter" law that went into effect in 1995, which forced states to offer the ability to sign up to vote when you go to renew your driver's license. The only exemption to this is if the State does not require voter registration or the State offers Election Day Registration (EDR). As it stand North Dakota is the only state that is exempted by not requiring any form of voter registration and Idaho, Maine, Minnesota, New Hampshire, Wisconsin, and Wyoming are exempt since they offer EDR.

      Congress has full authority to pass law regulating Federal elections. Now what Congress cannot do is change when voting happens in a state, where the voting will happen, and how the voting will proceed.

      That last part is the highlight question to something like what you ask. Congress can say, "Women can vote", "You do not need a title to land to vote", and "you must offer the chance to register at the DMV." This all deals with how someone is recognized as a voter, not the method they will use to vote. Now Congress has indicated [congress.gov] that they want to strip all conditions to vote by mail. Which they can do, but a State still has the right to offer it or not. Additionally, some States redefine mail-in voting as proxy voting which, without getting too detailed, can still have restrictions on even if HR138 passed and became law. Now those restrictions would trigger lawsuits and it would be hazy on where the Courts would go on that. So, it's not as clear as "just do A then B" as it would seem. There is a lot of detail being skipped over here, so don't take my account as covering every single point here. But I did want to convey that changing elections in the US at the Federal level, is really, really difficult.

  • by Jane Q. Public ( 1010737 ) on Wednesday June 10, 2020 @10:55PM (#60169646)
    I'll start with the first point:

    1) Elections are different. Lots of people bank, shop and socialize online -- putting their money and personal details at potential risk of theft or other exploitation. But elections are unique for two reasons: They are anonymous and irreversible. Aside from party caucuses and conventions, virtually all U.S. elections use secret ballots and polling places designed for privacy. That protects people from being blackmailed or bribed to vote a certain way -- but it also means that, barring an advance in the technology, voters have no way to verify that their ballots were correctly counted or challenge the results. That's far different from a consumer's ability to contest a fraudulent credit card purchase, which depends on their financial institution linking their activity to their identity.

    This demonstrates lack of imagination. These issues have been tackled and solved.

    Let me give you an example: In WA State, ballots are mailed in using 2 envelopes: the inner envelope contains your anonymous ballot. The outer envelope has your name and address, and a place for your signature.

    When signed ballots are received, the name and address (and signature if necessary) are checked against the list of registered voters. Your name is checked off as having voted, and the inner envelope is then put in the pile to be counted.

    So whether you voted is recorded, but not how. The number of names recorded as having voted is checked against the number of votes actually counted.

    You can go online later to see whether your vote has been counted.

    There is a paper trail; there are paper ballots showing the actual votes and they are saved.

    Anyone who is involved in the election can send observers to where the votes are marked off and tallied.

    Using that system, it would take a rather large and involved conspiracy to cheat by a large amount.

    I'm not claiming all places that have wanted to implement mail-in voting lately have such a system. I'm just saying that it does exist, and it is approximately as secure as in-person voting.

    • Your details to your own statement "These issues have been tackled and solved." do not address the issues and whole misdirect the focus and nature of internet voting.
    • by raymorris ( 2726007 ) on Wednesday June 10, 2020 @11:44PM (#60169724) Journal

      Reread what you quoted and then see if any of what you said in any way refutes anything that you quoted.

      >> That protects people from being blackmailed or bribed to vote a certain way -- but it also means that, barring an advance in the technology, voters have no way to verify that their ballots were correctly counted or challenge the results.

      > So whether you voted is recorded, but not how.

      So the system you described does not allow the voter to verify that their vote was correctly counted or challenge an error.

      It in no way protects from a person forcing or "strongly encouraging" someone else to vote a certain way. This was a real problem before secret ballots - employers would have have employees vote as directed.

      Just this past week someone here on Slashdot said he always fills out a mail-in ballot in his wife's name, so his vote is counted twice.

      I've been writing security-related software for over twenty years. Designing and building secure internet systems is what I do and what I've done pretty much my whole adult life. There's no way I'm touching online voting. Aside from the obvious issues that systems routinely have major security holes, that they don't function as designed, it's actually provably impossible to design any web-based system with some of the security guarantees that In-person voting has. Even if the system were implemented perfectly.

      For example, in-person, you go to the voting booth by yourself. Nobody else can see your vote, so they can't buy your vote or bully you to vote a certain way. Any web-based system allows somebody to stand there and watch the homeless folks vote as directed for $2/vote. It allows whomever to order you to vote a certain way, and watch to be sure you do so.

    • No, not at all. Trivially easy. Bribe a single mail carrier in a neighborhood that traditionally votes the way you DON'T want to go. Pay them to just throw out all ballots. I didn't "add" votes to the total, I merely "deleted" likely votes I don't like. A single person, carrying ballots without any accountability, spread over a few weeks - no one will notice.
      • The mail carrier will almost certainly get caught and do real prison time, somewhat reduced after snitching on you. But you're right, the attempt is easy, just getting away with it that's tricky.
    • So whether you voted is recorded, but not how. The number of names recorded as having voted is checked against the number of votes actually counted.

      And yet that process relies on human oversight over humans. It is not an anonymous process. I dare say the enemy of perfect is good enough applies in this situation, but even this process here is in many ways *less* anonymous and more open to problems than in person voting.

  • I bet there are more than a thousand engineers within 20 miles of me who could design and implement an online voting system that was 1) secure, 2) audit-able, 3) universally accessible, 4) inexpensive compared to what we have now, and 5) anonymous.

    Almost everything this article has to say about the risks of online voting is wrong.

    Obsessing over possible hacks and individual system failures is pointless and counter-productive. Assume a hack can happen. Your design goal is to make the hack meaningless.

    • by Jane Q. Public ( 1010737 ) on Wednesday June 10, 2020 @11:16PM (#60169684)
      You'd probably be wrong.

      Online systems today are unconscionably fragile and prone to vulnerabilities.

      They are too complex. And the tools used and components from which they are built are often not sufficiently audited for security.

      Here is an example: one of the most popular software libraries used today for encrypted logins, called "bcrypt", went for years without being thoroughly audited by cryptographers.

      In fact, the authors stated that "we hope" the additional key-generation rounds they implemented in order to slow down its operation did not introduce new vulnerabilities.

      And it was reasonable to think so, considering the way it was built. But hope and thinking so just don't cut it when it comes to cryptography.

      In fact I'm still not sure whether bcrypt has, in fact, been thoroughly cryptographically audited.
    • by Darinbob ( 1142669 ) on Wednesday June 10, 2020 @11:31PM (#60169712)

      Trouble is, those qualified engineers won't be building such a system. Instead some fly by night corporation will do it by winning the lowest bid and outsourcing the work to China. Sadly, this is not a joke.

      • Unfortunately you are right about that.

      • Instead some fly by night corporation will do it by winning the lowest bid and outsourcing the work to China. Sadly, this is not a joke.

        "And in other news, we're happy to announce that President-elect Xi Jinping will be occupying the White House in January 2021. His first declared act will be to make Chinese New Year a new National holiday..."

    • by Nkwe ( 604125 )
      Don't forget the requirement that it must not be possible for a person to see (demonstrate to others actually) *how* they have voted after the fact, only that they have voted. Many really smart people have spent a lot of time thinking about this and the answer is always the same - online voting is a bad idea.
    • I bet there are more than a thousand engineers within 20 miles of me who could design and implement an online voting system that was 1) secure, 2) audit-able, 3) universally accessible, 4) inexpensive compared to what we have now, and 5) anonymous.

      If you live in Silicon Valley, there aren't a thousand engineers who can do that. SV is oriented towards rapid development, not security.

    • The thing is: ideally the voting process is auditable by laymen, and that means they must understand the process end-to-end. Any idiot understands how paper ballots works, how the counting works, and how it is hard to perform any large scale fraud if there's enough impartial observers watching. And if they want, they can perform the role of impartial observer themselves. That way you can ensure that the vast majority of people will respect the outcome of the election even if it didn't go their way.

      Wit
    • I bet there are more than a thousand engineers within 20 miles of me who could design and implement an online voting system that was 1) secure, 2) audit-able, 3) universally accessible, 4) inexpensive compared to what we have now, and 5) anonymous.

      Regarding points 1 and 5 - I'm curious to see how they'll get around preventing someone from watching how you vote on a computer at the library or at an internet cafe, and paying you accordingly.

    • by LionKimbro ( 200000 ) on Thursday June 11, 2020 @03:57AM (#60170124) Homepage

      Clearly, you have not worked in computer security.

      If you did, you could find 5 flaws in what you are saying very quickly, and given an hour, come up with at least 30.

      Here's my 5 quickies:
      1. monitoring software observes what you are doing, and reports it
      2. software is hacked, performs a particular vote, regardless of what you say, and then reports back to you that you voted the way you did, in convenient audit
      3. network stack is hacked; with access to local private keys, is able to intercept and modify your vote
      4. "the vote is determined by the person who (or computer that) counts the vote" -- sure, you can audit your vote, but you can't audit anybody else's vote, and only the tally is what matters
      5. the point is to have a process that people can trust because they understand everything about how it works, and not efficiency -- because the system is super-obscure, it fails to generate trust in the process -- furthermore, people who actually work in computer security will say what they say today: THIS IS NOT TRUSTWORTHY

      You've rested your argument on the financial industry. Guess what: All those banks have perfect ledgers about how money moves where and when. It is completely transparent to them -- and not just to them, but to various government agencies. There are strict rate limits on monetary transfers over a certain amount. When moving around large sums of money, there is mandatory reporting. We tend to not think of opening a bank account as a big deal, because we just deal with personal bank accounts. But at the corporate level, opening a bank account is a BIG deal, and you can get arrested for attempting to opening a side bank account. Tracking the money is where it's at. So it's not comparable, AT ALL, to anonymous voting and anonymous vote tallying. Your thought that it is "because every consumer monitors their own account" is completely incorrect. It's because there is a completely transparent and redundant system every step across the way.

      Encryption is great: a person can send a message to another person and it can't be deciphered in between. "Yay," but it doesn't solve our problems, at all. Public key encryption doesn't solve the problem of the security of a vote. One time pads do not solve the problem of the security of a vote. Homomorphic algorithms do not solve the problem of the security of the vote. How do you confirm that people are not double-voting? If you register keys or pads, you have eliminated anonymity. If you do not register keys or pads, who the hell is sending you a vote, and who is sending votes multiple times? There is an extremely high motive for foreign and internal actors to subvert and control the system. The best subversions will cause a vote to be won by a fractional amount, and will do so imperceptibly, and may even erase it's tracks, so that audits show a clean system.

      You say that "brilliant engineers can solve all of the problems." Will you listen to the brilliant engineers, when the brilliant engineers tell you, "NO" ..? I assure you, the brilliant engineers understand public/private key cryptography, which is covered in most any undergraduate computer science discrete mathematics course. Engineers know exactly what it can do, and can't do. Security experts understand that encrypting and decryption of the message is the LEAST of the problems of securing an anonymous vote.

      Again: Securing the transmission of the message is the LEAST of the problems in secure voting. It is just one tiny piece in a very large puzzle of problems that have to be solved.

      It is not "common sense" that considers it impossible -- it is profound thinking on the parts of highly knowledgeable people. What is "common sense" is "if you can dream it, they can do it." The uncommon sense is understanding, "You know what, this is actually pretty difficult, when you start to think about it..."

      Voting is NOT about convenience, and it is NOT about efficiency. It is about TRUST.

      Paper ballots wor

  • by Dasher42 ( 514179 ) on Wednesday June 10, 2020 @11:04PM (#60169656)

    It seems to me that the act of casting the ballot thoughtfully is time-consuming and demanding of equipment. Doing that off-site with researched guides offering solid pro-and-con would allow a more informed choice to the public.

    Yet, only a paper trail is secure. Might we not cast our ballots in different ways, but opt to show up in person to certify a paper ballot printed with our selections? This would speed things along, and could be done with the integrity of paper ballots which most other democracies still use.

    • Re: (Score:2, Informative)

      by AmiMoJo ( 196126 )

      The issue is voter suppression. The Republicans have done so much to repress voters that people are looking for ways to bypass their restrictions, including postal voting and internet voting.

  • One way to create FUD is to list all the things that are bad. If you just want to make everyone feel that the world is going to end if some change occurs, then just talk about all the bad things that will happen.

    If you want to stop the windmills, focus on the birds it will kill. If you want to stop the scooter, focus on the fact that they litter the streets. If you want to stop the expansion of learning to online platform, focus on the the few that do not have a smart phone or data plan.

    There is no do

    • If there is any FUD here, it is the comment I am replying to. Well, it is more "fuD", with focus on the D. You are sowing doubt where none is warranted.

      Paper ballots work. There is a paper trail, in case of uncertainty, count the votes once more. It is hard to rig the system, at least on a large enough scale to influence election results. Corrupted nations or states can do it, but you have to ban election observers etc, which basically tells anyone the election is rigged - so you do have to give the game aw

  • On the surface you might think that internet voting might fix a bunch of problems, but I don't think it'll fix the problem of whole demographics of people being excluded in one way or another from voting. You know who I mean for the most part. The people who want to keep certain people from being able to vote will just find a way to delete or otherwise invalidate their votes, or for all we know, change them to what they want.
    For the time being we need to be able to vote using physical ballots and ensure th
  • Nobody is making money on classic voting, so nobody to lobby to keep it that way. If you look to other industries, like poker for example, states will fight you tooth and nail against you playing online, while they have no problem you doing it at local card rooms or casinos. WA state went so far to criminalize online poker in order to protect brick and mortar businesses, and even duding COVID-19 lockdown, if you want to play, violating the lockdown rules to setup a home game is less of an offence than tryin

  • it's that you can setup shop near a mcdonalds and pay people a bigmac in exchange for their vote. thats the main reason for a closed ballot vote in the first place and not for a system where you just go and put your vote in a book (which is 100% secure and tamper proof but also so transparent that your employer knows if you voted for him).

    just that you have an _option_ to show other people what you voted for compromises the whole idea.

    some people don't mind that though - but it actually does matter. especia

  • by SirAstral ( 1349985 ) on Wednesday June 10, 2020 @11:51PM (#60169734)

    You lost something you never had to begin with.

    I love the smell of confusion in the morning!

    Remember folks, this is not a democracy of any kind, and as the riots have been proving lately, you only have the rights you "demand". I tell you what... you give me all the power and I will be happy to tell you what you want... sound good? Oh wait... that does not change anything for you, but it does change me into having a lot more power than I do now.

    Just remember that when you go to the poll and vote R or D, you are voting for just more corruption and whatever changes that crazy mess brings us.

  • The third item could be resolved by spinning up a unique container in a cloud provider and putting a html 5 interface in front of it which connects internally over vnc. Then present the user with a series of questions to verify their identity and after passing them, allow them to cast a vote. After which the container will be burned and it doesn't matter what is on their personal devices.

  • The goal of any election is to return a "true" result. That the candidate(s) who win are offering the most beneficial elected term to the largest number of voters. As judged by those voters and recorded in their votes.

    One way to falsify that result is to interfere with, or corrupt, the voting process. This can be done at any step along the way - no matter what the actual process of casting that vote is. However, an equally effective way to produce a bad election result is for one or more candidates to off

  • Like the news about some universities stop using standardized test scores as admission criteria, the way for the move to online voting make sense is that making fraud possible is exactly the intention of this change.

    You think anyone sane, after hearing about so many various govt/companies getting hacked, or numerous data leaks, would still think that it is possible to secure online voting? People are already so worried that many are against contact tracing apps! I.e. people won't trust technology even if

  • Comment removed (Score:4, Interesting)

    by account_deleted ( 4530225 ) on Thursday June 11, 2020 @01:27AM (#60169908)
    Comment removed based on user account deletion
    • by kaur ( 1948056 )

      The Estonian internet voting system is mostly working as you describe it. The government-issued digital identity does the identification part, encryption does the secrecy part, distributed systems and procedures ensure role separation. Everything is audited, the procedures are public, the cryptographic protocol is public, the source code of the system is public. Risk analysis & management, security management, auditing and oversight are all part of the system.

      This has worked since 2007. We got a statew

  • by Cajun Hell ( 725246 ) on Thursday June 11, 2020 @01:33AM (#60169920) Homepage Journal

    On the bright side, at least no matter how the presidential election goes, we already know the outcome is very likely to be disputed afterwords, so there should be a lot of fireworks and drama. (Are you still paying for entertainment?) Hopefully the winner's margin is larger than the total number of voters in West Virginia and Delaware combined.

    You could say we have already been dealing with absentee ballots for a century or two, which come with the same theoretical risks despite it not really being the same, thanks to its more oldschool physical, formal and regulated interface. We never let the fact that overseas soldiers are allowed to vote, make us question an election, did we?

    But if peoples' malware-infested PCs and phones are now being thrown into this, then Republicans' shrill screeching about the integrity of the mailman becomes obsolete. While everyone laughs at Republicans, their phantasmal demon mailman cackles along ... and his backup cavalry arrives: THE INTERNET joining up with the older, greyer horsemen of the questionably-secret ballot (the domestic abusing spouse or the tyrannical employer). Suddenly that's some credible election FUD.

    When someone says "I'm not sure I believe these numbers," you won't even be able to say they're wrong, no matter how crazy they are, because nobody should believe those numbers. And even if West Virginia and Delaware's votes don't matter in the presidential election because the other states do a landslide, these votes-we-can't-trust states will still send newly-elected reps to Congress.

    • I for one just hope we get a senile old grandpa than an oversized manbaby running the country next. I mean either way we're screwed for the next 3 years as well, but one is slightly less screwed than the other.

      I mean seriously 370milllion people in the country and the choice boils down to someone who acts like a 2 year old and someone who was alive when Lincon was shot?

  • Not having privacy will certainly hurt democracy, as some groups will simply force a specific vote that is verified by the leaders of the group, tampering with the voting application can be done invisibly making it a very desirable point of attack, and without a paper ballot there is no possibility of a recount in case of doubt, but end to end encryption is a solved problem. It's not enough to guarantee online voting, but that is not what makes it impossible.

    When your computer talks to your bank, the server

  • Voting needs to be auditable. It's not just a matter of being able to recount votes, but you need to be able to check every step of the process. You can use electronic devices but there needs to be a paper trail. And as long as Republicans continue to suppress voting, just no to online voting.

    On a separate note we should embrace ranked choice voting for candidates. It reduces the likelihood of extreme candidates from winning and gives third parties a real shot at participating in elections without spoiling
  • But... But how will they get "the right" people into power if they can't manipulate elections???
  • by heson ( 915298 ) on Thursday June 11, 2020 @03:45AM (#60170102) Journal
    Do your e-voting at my place, if I see that you vote correctly you get $100.
    This way we can jump start the trickle down economics by giving the poor a good incentive to vote for lower taxes for the rich and a lower minimum wage.

Truly simple systems... require infinite testing. -- Norman Augustine

Working...