Re: Electronic voting

From: Lee Daniel Crocker (lee@piclab.com)
Date: Fri May 16 2003 - 17:01:51 MDT

  • Next message: Michael Wiik: "Re: "liberal media""

    > (Hal Finney <hal@finney.org>):
    >
    > I see two problems here. The lesser one is that no paper
    > is left at the polling place.

    Well, yeah, that was kind of the idea. The definitive auditable
    result is supposed to be the published lists.

    > The greater problem is that this system facilitates selling votes.
    > After the election, an official receipt showing a certain vote will
    > probably be able to be turned in for cash in many jurisdictions.

    That's a good point. I'm not sure if it's possible to avoid that
    without sacrificing total user-auditability. After all, if the user
    can prove to himself that his vote was counted correctly, he can
    prove it to someone else. Frankly, though, I'm not convinced that
    this is such a bad thing.

    Your suggested method requires a trusted party, and that's exactly
    what we're trying to avoid. I want a system that /assumes/ the
    government will do everything it can to cheat, because it will (and
    has, many times).

    > Here it may be getting a little too complex. Many voters won't have
    > the ability to run these algorithms, especially the elderly, who vote
    > in large numbers. I don't see why you can't just use the same receipt
    > numbers that are already on the ballot, though.

    That's a non-issue; I certainly don't expect every voter to sit down
    and write code. I expect most of them to go to some public website's
    "vote check" service, or to simply not bother. But it has to be
    /possible/ for anyone to do it from scratch from published algorithms.

    > There may also be a privacy concern here. Especially in smaller towns,
    > distinctive votes on certain issues may give people a good idea of
    > who certain ballots belong to.

    That's a legitimate concern too. After all, if Fred Farkle got only
    vote in his district, and Fred Farkle voted, there's a fair chance
    that the vote was Fred Farkle's (and would therefore reveal his other
    votes as well). The only around this is to use the system only for
    large elections. For elections so small that this is a problm, a
    simpler paper system is probably better anyway.

    > In any case, this auditing procedure looks reliable in theory.
    > But I'm not sure that we could confidently say that it is as good
    > as the present system.

    I can gurantee you it's better than the current system /as implemented/,
    though perhaps not better than the current system as designed. The
    design of the current system doesn't include polling place workers
    dumping bags of ballots into a shredder, for example, or lots of votes
    from dead folks.

    > Some elections are very close, and even a fraction of a percent
    > will swing the results. If it were possible to get away with a small
    > amount of "virtual ballot stuffing" then people would lose confidence
    > in the system.

    People seem to have some irrational confidence in our current system,
    which is totally broken.

    > And if they do get motivated and check the results the first few times,
    > over the years, they are likely to become careless.

    Yep, that's a big concern of mine, too. Eternal vigilance, and all that.

    > The harder type of fraud to catch would be added votes, which means
    > putting fake names onto the voter rolls. I'm not sure how the
    > vulnerability of your approach to this problem would compare with how
    > things are done today.

    About the same, I imagine.

    -- 
    Lee Daniel Crocker <lee@piclab.com> <http://www.piclab.com/lee/>
    "All inventions or works of authorship original to me, herein and past,
    are placed irrevocably in the public domain, and may be used or modified
    for any purpose, without permission, attribution, or notification."--LDC
    


    This archive was generated by hypermail 2.1.5 : Fri May 16 2003 - 17:14:43 MDT