Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Video Prof. J. Alex Halderman Tells Us Why Internet-Based Voting Is a Bad Idea (Video) 264

Video no longer available.
On March 2, 2012, Timothy wrote about University of Michigan Professor J. Alex Halderman and his contention that there is no way to have secure voting over the Internet using current technology. In this video, Alex explains what he meant and tells us about an experiment (that some might call a prank) he and his students did back in 2010, when they (legally) hacked a Washington D.C. online voting pilot project. This is, of course, a "professional driver on closed course; do not attempt" kind of thing. If you mess with voting software without permission, you might suddenly find the FBI coming through your door at 4 a.m., so please don't do it.
This discussion has been archived. No new comments can be posted.

Prof. J. Alex Halderman Tells Us Why Internet-Based Voting Is a Bad Idea (Video)

Comments Filter:
  • Not a "bad idea" (Score:4, Insightful)

    by Sarten-X ( 1102295 ) on Monday March 12, 2012 @07:58AM (#39325103) Homepage

    No, it's a good idea with bad implementations, and little chance of those implementations improving. Using it for an actual election of consequence at this point would be bad. Let's not assume that everything that doesn't work in the foreseeable future is inherently bad, okay?

    • Re:Not a "bad idea" (Score:5, Interesting)

      by Anonymous Coward on Monday March 12, 2012 @08:06AM (#39325151)

      The problem is that the cost of securing such a system (which has to be accessible to the general populace) is very very high compared to the cost of compromising such a system.

      Anyway, I dislike any system where it is not mandatory to enforce the privacy of the voter. One of the main reasons we all have to go into a single person booth is to prevent someone who can *tell* how we voted influencing our vote. This could be as nasty as a someone with a crowbar or insidious as the patriarch of the family making his family vote in the same way.

      • Comment removed based on user account deletion
        • by Pope ( 17780 )

          Going to the moon was a hardware problem. This is software, and much more difficult.

          • by FhnuZoag ( 875558 ) on Monday March 12, 2012 @10:25AM (#39326401)
            I think more importantly, while things could have gone wrong, the difficulties in the lunar landers were not *malicious* in nature. It's easy to make a system 'probably' safe in an environment of random threats, but in an environment that is actually actively hostile, that unlikely event of failure would rapidly become a certainty.
            • by 0123456 ( 636235 )

              I think more importantly, while things could have gone wrong, the difficulties in the lunar landers were not *malicious* in nature.

              Indeed. There were some horrible bugs in the AGC software which were only found in space, but they didn't matter that much because no-one was actively trying to attack the system so they could be worked around.

              For example, if I remember correctly on Apollo 7 someone accidentally ran the pre-launch attitude alignment program in orbit, so the AGC thought it was back on the launch pad and they had to reset it to the correct configuration. Simple fix: don't let it run after launch in the next release, but poten

        • Put a 512bit key, one for each person in America and hand them out with a USB reader, one per household.

          So, all I have to do to vote as you is get my hands on your key? Maybe by forcing you to turn it over to me as a condition of employment (unstated of course). Or even simpler I buy them off of people who can't be bothered to vote.

        • Re:Not a "bad idea" (Score:4, Informative)

          by fgouget ( 925644 ) on Wednesday March 14, 2012 @03:57AM (#39350077)

          But WHY would it be so expensive? See here is what I've never gotten

          It's not expensive like a luxury car is expensive. It's expensive because despite decades of research verifiable anonymous electronic voting, and even more so internet voting, is an unsolved problem.

          and maybe I'm missing something but we've had smart cards for a pretty damned long time, so why not use them? Put a 512bit key, one for each person in America and hand them out with a USB reader, one per household.

          What could go wrong you ask?

          First distributing hundreds of millions of keys is no small undertaking. The government would have to keep a database of the public keys assigned to every voter. It would have to handle lost keys: invalidate them and reassign a new one. If it's a per-state affair then they would have to handle people moving out of state, and back in, etc.

          The government would obviously use your public key so they can decode and tally your encrypted vote. That also means the government computer would know exactly how you voted (and have cryptographic proof of it). At that point you have absolutely no proof that they wouldn't store that information elsewhere. It also means anyone hacking the system like these researchers did would also know how you voted (and could resell that information or your public key).

          With the kind of access these researchers had, another attack would be to decode your ballot and discard it before it's even been tallied if you voted the wrong way.

          Someone could impersonate you and claim to have lost their voting key. Your key would then be invalidated thus making you unable to vote. But with access to the server another attack would be to change your public key in the government database. You would then be unable to vote until the database has been restored from backup (likely after the election). A variant would allow them to replace your ballot with a new one signed by the corresponding private key. Given that you would not be allowed to verify your vote anyway (to prevent the sale of votes), you would have no way to know this happened and no chance to complain. Even if you did you would have no proof of the hack.

          If someone gets hold of the smart card, USB key or CD containing your private key, then they would be able to vote in your place. They could also simply steal or confiscate it to prevent you from voting.

          Heck, you present generating secure keys as if it was something trivial. But even that can easily go wrong: you suggest a 512 bit key but a 768 bit RSA key [wikipedia.org] has already been broken, just see the Debian SSL/SSH key debacle [slashdot.org], the recent discovery that about 2 out of 1000 RSA keys is a dud [slashdot.org]. Then there's all the encryption systems that have been cracked over the years like WEP, CSS, etc. What makes you think the encryption used for your vote will fare any better. And more to the point, how will a layman be able to verify by himself that it will?

      • I wish I could mod this up. You sum up the privacy problem very concisely, and IMO it renders the security discussion moot.

        • by delt0r ( 999393 )
          Security can extend to privacy. In fact a number of proposed voting protocols specifically provide privacy of the vote. Some go further so that you can't even prove to a 3rd party which way you voted, thus removing "mafia" attacks. At least in theory.
      • Anyway, I dislike any system where it is not mandatory to enforce the privacy of the voter. One of the main reasons we all have to go into a single person booth is to prevent someone who can *tell* how we voted influencing our vote. This could be as nasty as a someone with a crowbar or insidious as the patriarch of the family making his family vote in the same way.

        You are 110% correct! Your point also applies to postal voting. IMHO, postal voting should only be available in special circumstances.

      • Anyway, I dislike any system where it is not mandatory to enforce the privacy of the voter.

        Why would an electronic system not be able to enforce privacy? The problem is auditing while keeping privacy. One possible solution is to issue everyone strong security keys at random so that no one knows who actually received a specific key. All votes are signed with the voter's security key. Of course, the problem with this is that unless you re-issue the keys for every vote, while the identity would be protected, the voting history would not.

    • Yes, a bad idea (Score:5, Insightful)

      by dkleinsc ( 563838 ) on Monday March 12, 2012 @08:10AM (#39325191) Homepage

      I'd argue that it's a fundamentally bad idea, for reasons which have absolutely nothing to do with technology.

      It's very simple: If you go to a polling place, you are in a situation where you can be observed by poll workers, who will notice things like somebody standing over your shoulder with either a gun or $10 to get you to vote the way that somebody wants you to. Whereas if you can vote anywhere, it's quite possible for an organization to do those sorts of things.

      The same arguments also apply to voting by mail, or over the phone, or absentee ballots. For instance, it was not uncommon for political parties to stop by my grandmother's nursing home to help the residents vote, helpfully filling it out for the voter (including checking the boxes for their preferred candidates).

      • Re:Yes, a bad idea (Score:5, Insightful)

        by AdrianKemp ( 1988748 ) on Monday March 12, 2012 @08:19AM (#39325261)

        I was going to suggest the less sinister issue with it, although along the same vein.

        If all you have to do is log in and vote from your computer, a small "incentive" could seriously increase the voter turn out. Of course I'm referring to the incentive being provided by a company/party.

        Right now, laziness is keeping the vast majority of uninformed dolts away from the ballot boxes. Utter hatred is keeping some informed ones home too but that's a different issue.

        • Re: (Score:2, Interesting)

          by Anonymous Coward

          If all you have to do is log in and vote from your computer, a small "incentive" could seriously increase the voter turn out.

          I don't see how that's really all that much different from mail-in and absentee ballots.

          Right now, laziness is keeping the vast majority of uninformed dolts away from the ballot boxes

          No it's not. The vast majority of uninformed dolts let a few informed political insiders pick which candidate to vote for, and then they happily go along with it as this method allows them to remain completely ignorant. We call it the Party System, and if you vote based solely on what your Party chooses then yes I'm talking directly to you.

          Apathy and minor crimes which have been given Felony status are what is keeping m

          • Oh yes, it's not laziness it's apathy... forgive me for not using your preferred term which in this context is all but identical.

            It's not different from the existing system for mail-in and absentee votes that works perfectly well and won't cost billions trying to secure. I can't imagine what my problem with replacing a perfectly functional system with one that is no better (possibly worse) at a huge cost would be...

        • "Right now, laziness is keeping the vast majority of uninformed dolts away from the ballot boxes."

          I think it's the uninformed dolts who are doing most of the voting. How else do you explain the types of leaders we are getting?

          • heh heh

            Although true I think most of the voting is powered by union leaders and "special interest" groups, they point the minions in the right direction. All I was suggesting is that the effect would get even more pronounced and further drown out any hope of sensible, informed voters rising above the noise.

            For the record, I think that ship has long since sailed... but I don't advocate making the problem even worse.

      • by Hentes ( 2461350 )

        These are technical problems, which require cryptographic solutions. It's not that hard to make a vote unverifiable by the voter. What's missing is mostly the will: the point of current e-voting systems is not to be secure. With enough determination and a few years of development these problems can be overcome.

        • He's talking about someone *standing over their shoulder*

          How is that a technical problem?

          How about having them log in and then voting for them? How is that a technical problem?

          • Re:Yes, a bad idea (Score:5, Insightful)

            by nedlohs ( 1335013 ) on Monday March 12, 2012 @08:45AM (#39325457)

            That already applies to postal voting, and so as a replacement for postal voting isn't an issue.

            • You're quite right on that front, but if we are talking about it as strictly a replacement for postal voting I have different non-technical problems with it (namely cost).

              While the pilot test (the one that didn't happen due to the hacking) was intended for a postal replacement there was no question that the eye was on extending it for general use.

              There will come a time when the postal system no longer exists and e-voting will be the way to go even just as a replacement for that. I'd say that day is no earli

            • Postal voting takes effort relative to online voting which will discourage the sort of person who would sell their vote for a dollar.

              I don't particularly like the current postal voting system as I get no feedback when I vote and thus zero idea if my vote was received never mind actually counted, but I still trust written records more than electronic.

              For those saying this will be secure in the future...it will then become insecure in the future as well.

            • by gl4ss ( 559668 )

              postal voting as just mail-in voting has the same problems as online voting would have.. it's just characters sent over the mail.

              this is why if you're Finnish you'll have to haul your ass to the embassy to vote if you're abroad, this mandates same kind of voting process as if you were at a regular voting station.

              though, it's amazing how many finnish wanabe new-democracy geeks totally miss the point about how you can no longer reasonably claim that you will have to vote in secrecy if you could do that with y

          • by Hentes ( 2461350 )

            As I have said, it's possible to make a cryptographic system where the votes are unverifiable to a third party. Give the voters a series of codes for every option, the guy standing over their shoulder will have no idea which code means what. Or have them submit one key of a pair, and encrypt their vote using the other one. The guy standing there again will have no idea whether the key they use to encrypt their vote fits the one they have submitted. It's not an unsolvable problem.

            • Yeah, you need to actually think before you post.

              How are you getting them the codes? Telepathy?

              • by Hentes ( 2461350 )

                You can't have a secure voting system without at least one physical check, that's pretty obvious. You have to be able to verify the voter's identity.

      • by Pieroxy ( 222434 )

        This and the fact that having ONE website that is the receptacle of all ballots is probably going to draw a heck of a lot of efforts to break in. Not sure something like that *can be* secured.

        • by delt0r ( 999393 )
          Many of the proposed voting protocols assumes there are at least N authorities that count votes and at least M would need to be compromised before you could hack the vote. Votes are sent to all authorities, or are otherwise "published", pre encrypted. There really are technical solutions to most of the problems. At the protocol layer at least. Real implementations that are also easy to use is something else entirely.
      • by DrXym ( 126579 )
        Physical voting isn't enough however. There were widespread allegations of vote rigging in the Russian elections for example with election officers tampering with the number of counted votes. If the whole system is corrupt then it will obtain the result it wants regardless of how the vote is conducted.
      • Re:Yes, a bad idea (Score:5, Interesting)

        by yakovlev ( 210738 ) on Monday March 12, 2012 @09:05AM (#39325609) Homepage
        Absolutely. This was my first thought.

        It's actually quite sinister when you consider that you can combine this with a Super PAC.

        A Super PAC is an organization that can get unlimited amounts of money from corporations and has zero legal accountability to the candidate. This means it's perfectly possible for a Super PAC to offer to pay anyone $20 to vote (implied "for their candidate") then include some kind of browser plug-in that actually checks that the voter voted. If it's determined that this is illegal then the Super PAC goes down, but the candidate is squeaky clean. I'm sure they'd portray this as the internet equivalent of driving you to the polling place, though it's obviously much worse.

        $20 per person x 300 million people = about 6 billion dollars to pay every man woman and child $20 to vote. It's probably a billion or two cheaper than that when you consider that children can't vote. This means it is well within the abilities of a well-funded Super PAC to offer $20 per vote (technically not necessarily for their candidate) to anyone who will take it.

        All I've tried to describe above would likely be considered legal. If they wanted to step a little outside legal, the plug-in could "helpfully" fill out the vote form for the candidates they wanted you to vote for. A little less sinister would be to add a "default vote" or "Vote with Super PAC for Hope!" button to the ballot shown to the voter. Even if they said they would still pay you, some people would vote as directed for fear they would lose the money, and many would vote as directed because clicking the button or just pressing "VOTE" on the form as presented was easier than thinking about the issues. They could go even less sinister than that and just reorder the candidate listings on the ballot, such that their candidates were always on top.
      • by delt0r ( 999393 )
        As i posted above, some voting protocols specifically deal with these situations. Also while you can post your vote, both guns and cash work just fine.
    • by lfourrier ( 209630 ) on Monday March 12, 2012 @08:14AM (#39325231)
      It's a BAD IDEA!

      Every vote that doesn't occur in a supervised place can be sold, extorted, etc... That include correspondance voting, of course, but usually for small numbers unlikely to change the result.
      The fact that the transmission is not reliable is nothing compared to the whole mess of distance voting.
      • by errandum ( 2014454 ) on Monday March 12, 2012 @08:30AM (#39325345)

        The big problem, unlike the story suggests, it's not security. It is the fact that you cannot guarantee that the vote is coming from whoever is registered. Anyone with a login and password can usurp your vote, so you'll never have a doubt free election ever again.

        On the other hand, I do believe that you can design a secure system for voting, as long as you can guarantee that the machines were not tampered with.

        • why introduce machines, when you have litteraly centuries of debug and tuning for paper based voting ?
          • Because referendum opponents usually cite the high costs attached to paper based voting as the main reason against direct democracy.

            Online voting would enable many, many more elections per year, and let people vote on more fine grained issues than just "a party to represent me for the next 4 years". Many representative positions could be abolished completely when people could directly vote on everything.

            Paper based voting and represetative democracy are solutions from hundred of years ago. The fact that the

            • by RCL ( 891376 )

              Many representative positions could be abolished completely when people could directly vote on everything.

              Uh, no. Unless voters are given unequal weight, you could reasonably assume that the most voters won't have enough qualifications/knowledge/big picture view to make any particular decision. Also, lack of a single decider can result in "design by committee"-like problems if combining choices is allowed.

        • by TheLink ( 130905 )

          Smart people have thought of how to do it already: https://www.youtube.com/watch?v=ZDnShu5V99s [youtube.com]

          BUT to me this does not address one of the major requirements for a practical voting system: Convincing enough of the losers that they have lost. If you cannot convince the losers that you have lost you may end up with civil wars or riots. One of the main reasons for having such elections is so that people can choose leaders without having so much violence involved.

          With a decent ballot box system with physical coun

      • Re:Not a "bad idea" (Score:4, Interesting)

        by oobayly ( 1056050 ) on Monday March 12, 2012 @08:42AM (#39325421)

        Yup, it's definitely a bad idea. It also interferes with my idea of weighted ballots:

        A series of (simple unambiguous) questions acompany the ballot.
        During counting, the quiz is marked, and that vote is weighted using the result (you get one mark for turning up)

        This way you're not disenfranchising anyone as their vote will count. It just means that people who understand what they're voting have a greater say as to what goes on. I'm sick to death of seeing knuckle dragging Neanderthals (who have voted the way their television told them to) have as much say as myself (if I don't understand what the vote is on, I'll make sure I read up on it).

        Point in question: The alternative vote refurendum in the UK. The number of people I heard saying they'd vote no for completely false reasons was ridiculous. Fine, if you don't agree. Just make sure you know the facts first.

        Online voting would just make it easier to cheat.

    • "using current technology".

      The title can't contain everything, that's why there's also a summary/intro.

  • by Theophany ( 2519296 ) on Monday March 12, 2012 @08:03AM (#39325123)
    Why is Internet-based voting required anyway? Surely this is a great idea to get those basement dwellers out of the house at least once every four years. There are already systems in place to allow those confined to their homes due to medical circumstances to participate in their democracy. Whether it's done tomorrow or in 30 years time, people will still find ways to break the system. Net result? A colossal waste of money over something that is already in place and works as well as can be expected.
    • by betterunixthanunix ( 980855 ) on Monday March 12, 2012 @08:05AM (#39325141)
      In the USA, we are lucky if a simple majority of people vote at all. Internet based voting might help with that, since it takes some of the effort out of voting.
      • by vlm ( 69642 ) on Monday March 12, 2012 @08:16AM (#39325241)

        In the USA, we are lucky if a simple majority of people vote at all. Internet based voting might help with that, since it takes some of the effort out of voting.

        Actually that's a bug not a feature. Billions of dollars spent on election advertising (by people expecting to be rewarded after the election) and half the population is resistant enough (or intelligent enough) to not bother voting. I can't imagine the politicals being happy about those people being enfranchised, why instead of simple minded TV commercials they'd actually have to win them over using logic, or purchase their votes with programs, or ... How exactly do you control people without simpleminded emotional arguments anyway?

        No the real feature is the death of democracy and replacement with feudalism. A "Large Enough" fraction of the population will be doing this online voting under the close eye of their supervisor at work, or their church pastor, or their professor at school, or maybe the landlord's office, or probation officer's office, or their spouse... It's kind of a stealth poll tax such that "the more important people" will be enforcing who votes for who.

        Sure, it is true, that technically you can vote for anyone you want, with this new internet voting... all you need is no job or independently wealthy, atheist, non-student, property owner (as opposed to renter), clean criminal justice record, and be an orphan with no immediate family or friends. Everyone else has to vote for who the local alpha male says to vote for.

        I can't say as its really going to change anything, because both parties are two sides of the same coin with different marketing messages.

        • by gmuslera ( 3436 ) *
          > half the population is resistant enough (or intelligent enough)
          or dumb enough. Even expressing (i.e. with some sort of "none of the above") that none of the options is good for you is a powerful message if in large enough numbers. Is not an "is ok what chooses everyone else", nor "anyway will win candidate x, no matter what i vote". Is not the same a president backed by 51% of the population of a country than one backed by the 26% because only 50% of potential voters cared about it (and in those peopl
          • by vlm ( 69642 )

            or dumb enough. Even expressing (i.e. with some sort of "none of the above") that none of the options is good for you is a powerful message if in large enough numbers. Is not an "is ok what chooses everyone else", nor "anyway will win candidate x, no matter what i vote". Is not the same a president backed by 51% of the population of a country than one backed by the 26% because only 50% of potential voters cared about it (and in those people could have something rigging the sample, like some interest, or pressure, or getting some benefit, or, well, not being resistant/intelligent enough to empty political speech)

            Have to find another example for "dumb" because "everyone knows" your description above is a waste of time in an entrenched two party system.

            I'm not saying there exists no dumb reason not to vote, but your specific argument really didn't do it for me.

      • by Ihmhi ( 1206036 )

        We should enact Compulsory voting [wikipedia.org] like many other countries have. Show up or face a fine, and repeated offenses without a good excuse equate to jail time.

        Before someone brings up the whole "freedom" thing, keep in mind that a lot of states (if not the entire country) have a lot of other compulsory things that are viewed as unsavory by some people, such as Selective Service, paying into Social Security, and mandatory car insurance. (I'm not saying that's a justification, but it sort of kills the whole "again

        • Re: (Score:2, Insightful)

          by Anonymous Coward

          We should enact Compulsory voting [wikipedia.org] like many other countries have. Show up or face a fine, and repeated offenses without a good excuse equate to jail time.

          Before someone brings up the whole "freedom" thing, keep in mind that a lot of states (if not the entire country) have a lot of other compulsory things that are viewed as unsavory by some people, such as Selective Service, paying into Social Security, and mandatory car insurance. (I'm not saying that's a justification, but it sort of kills the whole "against freedom" argument IMO.)

          I live in a country with compulsory voting & being an anarchist I never vote; however I agree with the parent: compulsory voting gives meaning to not voting. It makes clear that voting is giving away your personal descision power to somebody who openly craves for power.

        • I can't believe people still keep bringing this up. It's amazing that some people ACTUALLY believe that forcing completely politically uninformed people to pick a name on a list will make democracy better. Compulsory Voting only works if you can also somehow force everyone to educate themselves about the choices and GIVE A DAMN about who they pick. Otherwise 90% of the "forced" voters are just going to pick a random name or nullify their vote (your countries elections are non-traceable RIGHT?). And you bett
      • Re: (Score:3, Interesting)

        by Dan East ( 318230 )

        I would assume that if a person can take a few minutes out of one day a year to travel to a voting station and place a vote, that they will at least have some idea of what is on the ballet and what they are voting for. If a person can vote online without having to even bother going to the effort to leave their house, then I think there's a good chance more "random" voting will occur, or at least votes placed with even less consideration of the issues or actual candidate.

        I'm not saying that sort of totally

      • In the USA, we are lucky if a simple majority of people vote at all. Internet based voting might help with that, since it takes some of the effort out of voting.

        Whereas in North Korea the turnout is almost 100% [freerepublic.com]. Higher turnout clearly makes for a better election. For some definitions of "better".

      • by roothog ( 635998 )

        The majority of people in the US don't vote because they don't feel that any of the candidates have their interests in mind and because they feel that no matter who they vote for, they're going to be screwed over anyway. The inconvenience of having to walk/drive to the polling place isn't the issue, and solving that isn't likely to dramatically improve voter turnout.

    • by Hentes ( 2461350 )

      Paper-based voting is not perfect either, and frauds do happen. And it's not a waste of money, as software development is relatively cheap, and the main purpose of online voting is to cut the costs of elections to a fraction. Money will be saved in the long run.

  • TLDW; (Score:3, Funny)

    by vlm ( 69642 ) on Monday March 12, 2012 @08:06AM (#39325149)

    Too Long Didn't Watch; I don't watch video in general. People who can't express themselves in words certainly can't express themselves in video either.

    I would assume a much simpler and cheaper and safer way to corrupt internet voting is to internet vote under the watchful eye of your supervisor at work, or the watchful eye of your head of household at home, or maybe your local church could provide internet access to vote, or ... You could work around that bug by bringing internet access to the local elementary school gymnasium (they've probably already got wifi like our schools), placing some superannuated citizens in charge of what to them is incomprehendible technology (in other words anything newer than IBM unit record apparatus from pre-1930), maybe replacing those complicated internet kiosks with a simple paper form and pencils and an instantly reading/verifying optical scanner.. oh wait thats exactly what we have now where I live. Hmm. Sounds like a big waste of money for everyone except the people getting the money... who happen to be campaign donors.. Oh, I see whats happening here.

  • Idea.. (Score:4, Funny)

    by backslashdot ( 95548 ) on Monday March 12, 2012 @08:08AM (#39325179)

    Is it really a bad idea? This is just the opinion of some researchers, so why don't we vote on it online and see?

  • by ArcSecond ( 534786 ) on Monday March 12, 2012 @08:13AM (#39325219)

    I like them. I trust them. They are their own record. And, if you like, you can spoil them.

    In Canada, we have our ballots counted within hours of the polls closing. And you can go back and re-count them if necessary.

    Keep it simple!

    • by kikito ( 971480 )

      One word:

      Russia.

      • You must understand that in the United States, elections are so corrupt that Fidel Castro once offered to send Cuban election observers to Florida. Proof the old man has a sense of humor!

      • by gl4ss ( 559668 )

        what about russia? electronic voting would be better there?

        I think russians remember why it's not a good idea to keep a track record of what everyone voted...

  • ... the media and schools that keep the public purposely uninformed. As long as corporate media can do as they please voting either on the internet or off doesn't mean a lot.

  • Weakest link (Score:5, Interesting)

    by digitalaudiorock ( 1130835 ) on Monday March 12, 2012 @08:27AM (#39325331)
    I've always thought the whole issue is pretty clear. Internet voting can never be any more secure than it's weakest link...the end users browser/computer/device. In other words it can never be secure. As far as I'm concerned it's a total non-starter for this reason.
  • by Sqreater ( 895148 ) on Monday March 12, 2012 @08:32AM (#39325347)

    The assumption is always that paper ballot voting is secure. Electronic fraud is somehow more important than paper ballot fraud. President Kennedy wasn't even a legitimate President according to some due to paper ballot fraud and they have a good case. See the "Controversies" section of the Wikipedia article on the 1960 election: http://en.wikipedia.org/wiki/United_States_presidential_election,_1960 [wikipedia.org]. No, the whole controversy over the safety of voting is just a reason not to do what is required by a belief in Democracy and what is absolutely necessary in a period of time which illustrates the obsolescence of the old system. The Macroparasites have taken control of our system of government and true electronic democracy is the only way we will get power back into our hands. As for the safety of electronic voting, let me say this: It is safe to do internet banking; it is safe to transfer trillions of dollars of assets around the world daily; but it is somehow not safe to cast a single vote electronically . I don't believe that is the truth. And those who argue against electronic Democracy are merely the familiars of the Macroparasites.

    • by madro ( 221107 )

      Internet (ok, electronic) banking has different, independent stakeholders verifying the validity of transactions with armies of accountants armed with IS systems that have been around for decades.

      Electronic democracy does not.

    • by The_Noid ( 28819 )

      You completely miss the single most important aspect of a voting system that makes it fundamentally different from a banking system:
      It must be impossible for anyone to see or prove what vote a voter has cast.

      If that single requirement is not met, then the whole system, regardless of how secure it is in all other aspects, is useless.

      A banking system does not have that requirement, since your bank is allowed to know who you transferred money to and from whom you got money.

    • The assumption is always that paper ballot voting is secure. Electronic fraud is somehow more important than paper ballot fraud.

      Nice straw man you have there. No, the argument is that paper ballot voting is more secure (or less insecure, anyway) because electronic ballot fraud is easier on a large scale than paper ballot fraud. It's true that there is no perfect voting system, but this does not mean that all systems are equally bad.

  • "Traditional" voting is as insecure as e-voting, if not more. All it takes is money.

    • by gmuslera ( 3436 ) *
      Both are insecure, but how much it is needed to exploit them in critical numbers? For some Bush election in 2000 was a case, and probably latest russian elections are a good sample too. But how much easy for those in the (local? federal?) government to put something in the middle to rig an internet election? Or to do a worm like stuxnet, meant to change the votes sent instead of sabotage nuclear installations.
    • by gl4ss ( 559668 )

      if you got enough money to buy out everyone in the process and volunteering at the polling stations.. well good for you. it's going to take a lot more of money and involve a lot more people than affecting some counting station computer with the money.

      traditional method - where you go to a polling station, and vote in secrecy, guarantees that even if you have money and bribe everyone who goes to vote you can't verify what they specifically voted - if they're at home and can take proof of what they voted for,

    • "Traditional" voting is as insecure as e-voting, if not more.

      Riiight, because it's just as easy to make thousands of ballots disappear, or insert thousands of fake ballots into the count, or have an army of election judges deliberately miscount at the precinct level ... as it is to write a script exploiting a software backdoor. No difference at all.

      Do you know why people use computers to accomplish tasks that used to be done on paper? Because it's faster, easier, and cheaper.

      All it takes is money.

      I think here you're talking about how people choose to vote, not whether their votes are a

  • by Anonymous Coward

    Internet voting and more in Estonia explained here [slashdot.org].

  • Online voting can and will become the norm in the future. Like anything else we do in our lives, implementation is key and the only thing between success and failure. Perhaps the good professor should look at this: http://www.thestar.com/news/canada/politics/provincialelection/article/1059558--internet-voting-in-advance-polls-a-great-success-in-markham-report-finds [thestar.com]
  • Uh... this is DC. (Score:4, Informative)

    by Entropius ( 188861 ) on Monday March 12, 2012 @08:58AM (#39325547)

    So, I live in DC.

    The result quoted in the summary, that DC didn't manage to pull off a secure electronic vote, shouldn't be interpreted as a condemnation of e-voting, for the simple reason that this city couldn't manage to find the exit to a paper bag with a map and GPS. The incompetence around here is hilarious: there's a reason everyone working for the government lives in either Maryland or northern Virginia, since being in DC itself just means you get to hear sirens 24/7.

    Everyone's heard of Marion Barry, the crack-smoking mayor? Turns out they elected him mayor again right away when he got out of prison. He mismanaged the city finances so badly that Bill Clinton cut him off from a lot of his authority, and he flounced* from the mayorship -- and got elected to the City Council. Since then he's gone eight years without paying income taxes, driven drunk, and embezzled money. Now he wants to run for mayor again.

    The guy is a complete scumbag. The Washington Post said "To understand Washington, you have to understand Marion Barry."

    *Flounce: To leave after a post (on the internet) where you proclaim yourself a martyr, with great drama

  • Voting is flawed (Score:5, Interesting)

    by Gideon Wells ( 1412675 ) on Monday March 12, 2012 @09:02AM (#39325575)

    Even the current system isn't correct. The Republican Party holds voting accuracy as near sacred as part of their party talking points. Take a look at how they handled a primary season where they should have absolute control over the rules:
    * Iowa went from Romney to Santorum, though a statistical tie, because someone mistyped a 2 as 22: http://www.usnews.com/news/articles/2012/01/18/rick-santorum-might-have-actually-won-the-iowa-caucuses [usnews.com]
    * Maine almost didn't even count a whole county: http://abcnews.go.com/blogs/politics/2012/02/maines-miscount-one-county-might-be-included-after-saturday/ [go.com]
    * Nobody can seem to make up their minds on what to do about Florida. It is supposed to be, normally, a winner take all state. It moved its primary up and got sanctioned by the party by having its delegates cut in-half. Also, it may or may not be proportional. We'll find out in August: http://www.miamiherald.com/2012/01/26/2610390/fight-looms-over-fla-delegates.html [miamiherald.com]
    * Missouri has two elections this year. The first doesn't county, but everyone is assuming it will. The one that was held already was state mandated, but the state Republicans, not wanting to lose half their delegates, have decided that one won't count. They'll have a second one that will really count. Note : http://www.huffingtonpost.com/2012/02/07/missouri-primary-2012-explained_n_1257817.html [huffingtonpost.com]
    * She was allowed to vote once it was all sorted out, but an 84-year-old was initially told she was dead when she appeared at the polls: http://boston.cbslocal.com/2012/03/07/84-year-old-fall-river-woman-tries-to-vote-told-shes-dead/ [cbslocal.com]

    My apologies to any Republicans I offended with these results. I only used these examples as they are near immediate in time scale.

    The current voting system is full of flaws. It has been full of flaws. It will likely remain full of flaws. No need to worry about hackers mucking up an election when a typo can swing an election, and never have gotten caught if someone didn't post an image to FaceBook. So I don't see on-line voting as some type of corrupting influence on a pristine system.

    The problem I see here is in the oversight. Considering it took two days for Washington D.C. to notice, I would say the real problem was not so much that the system got hacked, but D.C. didn't care enough about the election to monitor it as it was going on. The same lackluster oversight could still swing *cough*Iowa*cough* a close election.

  • ...but the whole idea of ANONYMOUS voting. Common people, anonymous??? Was not this made a bad word? And just think about, if all the voting is made PUBLIC, then there would not be any chance for false votes, as anyone, at anytime could check and confirm his vote. And as we are grown adults, it is really good to know that your neighbor voted for this "^%$%^$%^$^%$%", and take the appropriate measures of course.....in the good sense of the word of course, and the legal too, and lawful too..
  • Honestly, is this Professor an expert in computer and internet security? He is telling me that it is 100% impossible which is a highly uneducated answer.

    Or does he mean there is no way to do it that will allow the game playing and fudging the current player have enjoyed for decades? That would be more likely.

    I could certainly make a system that is significantly hack resistant, and if you did not have anything live on the net until the morning of election you limit the ability for people to attack and fin

    • by gl4ss ( 559668 )

      you could make a hack resistant system at their end, but then you'd be only using that system just as a vote counter...

      btw. your manual verification system would turn the whole western voting system on it's head. "come here to redeem your vote-slip for cash".

      first thing usa should do would be to move voting to happen on sundays though.

    • by hey ( 83763 )

      Its a sign that somebody doesn't know what he's doing in security if he thinks a problem is easy.

  • I saw a clip recently how an Islamic country has combined paper card ballots with thumb prints. I think with that combo there is no room for BS as long as the people push the government to care enough to fairly scrutinize the votes in suspicious situations.

  • by xxxJonBoyxxx ( 565205 ) on Monday March 12, 2012 @09:20AM (#39325757)

    Another bad idea: video as a SlashDot post. Seriously - we're too busy to watch this. Get it down to a paragraph we can scan while we're waiting for something to connect, something to compile or a minion to find an answer for us and maybe.

  • What's the problem? (Score:4, Informative)

    by spaceyhackerlady ( 462530 ) on Monday March 12, 2012 @10:33AM (#39326465)

    What problem are they attempting to solve?

    The whole idea of having traceable pieces of paper, physical manifestations of the intentions of actual voters, has served us well. Anybody can see it. Anybody can understand how it works. Anybody can observe the process in action. These are good things.

    The only issue I have is proportional representation, or the lack thereof. We've had a couple of referenda on the subject here in B.C., both of which have been defeated by massive FUD campaigns.

    ...laura

  • by EmperorOfCanada ( 1332175 ) on Monday March 12, 2012 @10:35AM (#39326487)
    Right now in Canada there is a big "Robocall" scandal where one party automatically called tens of thousands of people affiliated to other parties to tell them that their polling station had moved. The people would either say, "Too far" or not find the non-existent poll and not vote. This proves that there are Canadians who are motivated, funded, and capable to mess with an election using electronic means. What the hell chance do any electronic voting systems have?

    Here in Halifax the morons have voting over the phone and are thinking about online municipal voting. They say it increases "Voter participation" basically they are sick of people not giving a crap about their self importance and think that throwing democracy in the toilet is the way to go.

    This has political ramifications beyond the obvious, the bad people will always win, scenario. Even if the system was theoretically 100% secure I would never trust any party elected electronically. Thus my confidence in their right to be in power would be zero. What impact would this have on people abiding by laws, paying taxes, and other civic relationships. Take Greece as an example of where this has broken down. People there don't pay taxes because nobody else pays taxes. If you are fool enough to want to pay taxes you will find yourself sucked dry because the system is so screwed up that it has now adapted to the fact that people will cheat 100% of the time.

    On top of all that the government insists on keeping these proprietary systems as secret as possible. Every single time the systems have been handed to security researchers they have torn them to shreds.

    The only electronic voting that I would like to see is a polling system where you go in, pick your stuff and the computer prints out the results on a ballot you put into the machine. You can then look over your ballot and see that all is good. Worse case if there is a power outage or whatnot you could fill the ballot in by hand. Then you put the ballot into a ballot box which is the primary record of the election. This way the computer is more auditing the election. You would get instant poll results subject to verification by counting. I have worked at a polling station and it is often the first time for everyone so I can see a situation where people might mess up. The computer would not override them but if the computer strongly disagreed (ballot box stuffing) then everything would now be carefully scrutinized. Also the benefits to an electronic voting system of this nature is that it allows for complicated ballots to be filled out correctly. No hanging chads.

    The list of major hacks on major companies is just too long. Most companies hope for the best with security and more design for the eventuality that they will be hacked and thus look to quickly mitigate the damage through good backups and whatnot. It turned out that Nortel's computer system was completely pwned for over 10 years. If Google has been hacked by the Chinese then no company in the world can claim to have a secure voting system, full stop.

    One last problem is that if one party wins an election through fraud, proving that they are evil, they will now be able to structure the system so that they always win from then on. Thus good government is dead the instant a party wins through electronic fraud as the only party who could beat them would have to be more evil.

Do you suffer painful illumination? -- Isaac Newton, "Optics"

Working...