I used to think electronic voting was the logical next step. But now, I think voting is too important to be left to electronics. It should be done on paper.
We trust billions of dollars every day to electronic banking, so why not a vote? Electronic banking comes with many types of federal guarantees to protect against fraud. The government can step in to investigate and prosecute the fraud as well. But there is no such guarantee for the voting to select the government itself!
But it takes so long to aggregate the votes if done with paper ballots. Precisely the point. Electronic voting allows scalable attacks where the number of weak points is dramatically reduced. It is very hard to scale attacks on paper ballots. You would need a coordinated effort in many voting stations to make it work as opposed to hacking a more central electronic system.
That is why I moved from thinking that electronic voting is the logical next step to thinking that we probably need to revert back to paper ballots.
Anyone interested in electronic voting, I would suggest reading the article: Internet Voting: A Requiem for the Dream in the last issue of Phrack. It was eye opening for me.
http://phrack.org/issues/69/11.html#article
Conclusion:
1. Internet voting is not compatible with democracy
2. No amount of technology can change this
3. Whom you voted for ought to be secret
4. Who voted should not be secret -- it should be known as widely
as possible
5. And who counts the votes, and how, certainly ought not be secret
>But it takes so long to aggregate the votes if done with paper ballots.
This one was alway wierd to me. Other countries always manage to count the votes in one night, and while the USA is very big, you'd think there would be that many more people counting the ballots available to make up for it. I guess it doesn't scale that easily.
> But it takes so long to aggregate the votes if done with paper ballots.
This is also why the complaints of government being slow to respond to things are hollow: It's meant to act that way.
Which is why Trump and his "Executive Orders" are problematic; that isn't to say they are problematic for previous administrations as well. At any rate, they exist for a certain purpose, but that freedom to use them has been abused pretty much from day one of their existence.
Arguably, they are there mainly for emergency purposes, when something needs to be done fairly quickly, but is something that would take too long to have done thru ordinary channels (Congress, etc). It was probably (wrongly) assumed that Presidents would be wise and restrictive about their use (completely ignoring how human nature works of course).
I only mention Trump because he jumped into using them almost before he was sworn in; but so far (from what I understand) he has yet to break any records for usage of them during a term (except for maybe speed). In fact, the record actually belongs to FDR (who had 4 terms, also WW2, so that might be a part of everything).
In an emergency, I can understand their use, but outside of that, we (everyone, including the President) should trust in the slow plodding of our system. It may not be perfect or work out perfectly every time, but its lack of speed gives us time to reflect and make better decisions, IMHO.
Totally agree with you, I do not understand this need to go digital. Voting has worked and works really well with paper, it's a process anyone can audit, even non-technical people. Sure it might take a day, and a bunch of money, but so what? Our democracy heavily relies on this process.
In Oregon we're 100% mail-in paper ballots. I've come around to this idea too, especially after seeing some of the processing operations. Bulk counting in managed/secure facilities, along with secure storage of archival votes, seems like the way to go.
It does not take long to aggregate votes using paper ballots. I was counting paper ballots in a national election, and we were done before 11 PM the same day.
>Electronic banking comes with many types of federal guarantees to protect against fraud. The government can step in to investigate and prosecute the fraud as well. But there is no such guarantee for the voting to select the government itself!
That's only because the government hasn't bothered to invest in electronic voting security, regulations, and rigor to the extend that they invested in fraud protection and financial regulations. I'm willing to be that if the government cared more about modernizing, securing, and distributing our voting systems, we'd see improvement on the level of electronic banking and finance.
Not that I expect this to happen anytime soon. For various reasons, voting rights and opportunities in the US are steadily declining and don't seem to be taken seriously. You can fill in the blanks yourself there.
Electronic voting is dangerous and is a very bad idea. Voting should be done on paper, using pencils, put into ballot boxes, and counted by people.
Paper works, and it works well. It's a system that has worked well enough for thousands of years, and we have figured out most of the issues with it during that time. Anyone that can count can validate a single precinct. You can have one person, or 100 people all standing there watching a ballot box all day for tampering. You can have a whole group of people count the results, or just a few.
In a traditional paper system, swaying a single precinct with "blackhat" methods takes a lot of physical resources, a lot of time, and in most cases a lot of people. Then multiply that by every precinct in the country, and it quickly becomes pretty much impossible to do and get away with. Plus it leaves a physical "paper trail" (in the form of payment for people, communications, and physical materials or the receipts for those materials).
Electronic voting gives us very few benefits, and a significant amount of downsides. And it doesn't matter if it's FOSS, it doesn't matter if it's vetted, it doesn't matter what safeguards are put in place, all it takes is one mistake. One fuckup, and someone can now choose the leader of a nation, and in some cases that leader can change the rules of the next election, meaning it only takes one single mistake to ruin it for many many generations in the future.
And replacing a system where literally everyone can validate a system on voting day if they want to with a system where only a fraction of a fraction of people can even read and understand the code, let alone validate the code (and can't actually validate the hardware, or make sure what is running on the hardware is actually that code, or make sure that the hardware is even what it says it is), and it takes a magnitude more time to do so, just isn't a good idea.
> Voting should be done on paper, using pencils, put into ballot boxes, and counted by people.
I'd go further and say that for such a manual system, the counting should be done as speedily as humanly possible, but that if it takes a few days to do it - then so be it.
I don't think this is one area that should be rushed, and I don't understand why so many people - including people who should know better - thinks it should be.
The Chaos Computer Club did some extensive educational work a couple years back to make sure we keep our paper ballots here in Germany. And this work keeps going to this day. I'm very greateful, seeing all the issues we are avoiding because of this, but the fight against misinformed or malicious politicians is still going on.
A very important factor in their work was making sure people called them "voting computers" instead of "voting machines". Most people have a sense by now that computers are hackable and insecure, if only through movies where hackers can hack every system. Calling them machines gives people the sense they are a unhackable mechanical appliances.
Voting in Germany is very efficient anyway as votes are usually counted within 1-3 hours and a final result overnight. It's hard to see the advantage of computers, buying the machines will likely outweigh paper costs.
That's a bit different in other countries where counting paper ballots can take days. Doesn't make voting machines safer, though.
If there's a flaw in the system -- and there will be flaws, the only question is how soon they're found -- there's a risk that the whole thing can be compromised in one fell swoop.
Whereas pen and paper voting, counted by hand, is slower and less accurate and has plenty of its own flaws, but there's no simple way to compromise the entire vote at once. You'd have to fool a whole bunch of different people in different ways, and/or recruit them into a huge conspiracy.
Other countries use pen and paper and it works fine. Electronic voting machines should be banned.
After more than a decade of security researchers raising the alarm over critical electronic voting machine vulnerability, I hope this finally causes some real demand for verifiable ballots.
No one really claims that the voting machines were secure because it was technically advanced. The voting system is secure because it is irregular and physically distributed and not connected.
In other words. Hacking the election is up there with the us planned 9/11 it would require social engineering of unheard proportions.
I'm for both. Aka you submit your ballot on paper. Have a machine and people both count the vote. If the machine count has a different outcome vs people then you know you've got an issue.
By outcome I mean something like machine had person A winning, people count has person B.
We do something similar in Spain. We vote with paper ballots. Then, when polls close, the volunteers at each table count the ballots and input the data into an electronic system, which makes the aggregates. In a few hours (4-5) we have the results of the election.
However, paper ballots are returned to the voting urns and sealed. The sealed urns are then sent to a few centralized counting locations where they are manually counted again by civil servants during the corse of a few weeks. (Party representatives can witness both countings).
Usually there are some very very small differences between the first and the second counting, but I don't recall even a seat changing because of them. This has the advantage of being both fast and safe.
In my country a losing presidential candidate has been able to convince part of his base that there was electronic fraud using an 'algorithm' even though the whole process was done manually. Imagine if it was really done electronically. That is why I am convinced voting should be done with paper and pencils.
I like paper voting but there should be a holiday and the vote should be mandatory even if only to check off "none of the above." The reason I like electronic despite its flaws is someone can do it while on the toilet, and here in the US where there is low turnout and voter suppression, that's about where I want the bar to be.
I'm old enough to remember the when e-voting was brought about by the Bush administration. At the time those of us on the far left were convinced that Bush was the American incarnation of Hitler (seems quaint now, doesn't it) and Diebold e-voting machines were going to precipitate the end of democracy.
What if we've gotten into some kind of weird feedback loop where every swing of the pendulum between the two parties has been leading to more and more "extreme" candidates on each side?
Or what if the extremism is only on one side, because they perceive the other side as being too extreme, when that side is just trying to be for the people?
I'll leave you to decided which side is which, of course...and where all this might lead (it ain't pretty, should this actually be what is playing out).
this just re-stresses the point to COMPETITION in the electronic voting space. If you had a monopoly over the systems, what encouragement would you have to upgrade them? There are all sorts of ways to innovate "e-voting", and all of them are objectively improved over the current US methods
Yap, let's introduce the "invisible hand of the free market" into the voting system. As we have all experienced, that always leads to the safest and most ethical outcome.
What are some of the benefits of e-voting that make up for the possible shortcomings?
From my perspective, e-voting is more difficult for the blind/disabled, more difficult to audit and check (you'd need to be a programmer that is well versed in cryptography to even begin to audit a codebase), much harder to verify/validate your own vote was even cast, much less reliable, and overall is confusing and harder to use.
The only benefit I can see is making it easier to vote for those working or who aren't able to get to a precinct. But that's a problem I'd much rather have solved by making it a mandatory holiday and providing state-paid-for transportation on election days.
[+] [-] vowelless|8 years ago|reply
We trust billions of dollars every day to electronic banking, so why not a vote? Electronic banking comes with many types of federal guarantees to protect against fraud. The government can step in to investigate and prosecute the fraud as well. But there is no such guarantee for the voting to select the government itself!
But it takes so long to aggregate the votes if done with paper ballots. Precisely the point. Electronic voting allows scalable attacks where the number of weak points is dramatically reduced. It is very hard to scale attacks on paper ballots. You would need a coordinated effort in many voting stations to make it work as opposed to hacking a more central electronic system.
That is why I moved from thinking that electronic voting is the logical next step to thinking that we probably need to revert back to paper ballots.
[+] [-] Techbrunch|8 years ago|reply
Conclusion:
[+] [-] shaqbert|8 years ago|reply
[0]: https://www.youtube.com/watch?v=w3_0x6oaDmI
[+] [-] cyborgx7|8 years ago|reply
This one was alway wierd to me. Other countries always manage to count the votes in one night, and while the USA is very big, you'd think there would be that many more people counting the ballots available to make up for it. I guess it doesn't scale that easily.
[+] [-] cr0sh|8 years ago|reply
This is also why the complaints of government being slow to respond to things are hollow: It's meant to act that way.
Which is why Trump and his "Executive Orders" are problematic; that isn't to say they are problematic for previous administrations as well. At any rate, they exist for a certain purpose, but that freedom to use them has been abused pretty much from day one of their existence.
Arguably, they are there mainly for emergency purposes, when something needs to be done fairly quickly, but is something that would take too long to have done thru ordinary channels (Congress, etc). It was probably (wrongly) assumed that Presidents would be wise and restrictive about their use (completely ignoring how human nature works of course).
I only mention Trump because he jumped into using them almost before he was sworn in; but so far (from what I understand) he has yet to break any records for usage of them during a term (except for maybe speed). In fact, the record actually belongs to FDR (who had 4 terms, also WW2, so that might be a part of everything).
In an emergency, I can understand their use, but outside of that, we (everyone, including the President) should trust in the slow plodding of our system. It may not be perfect or work out perfectly every time, but its lack of speed gives us time to reflect and make better decisions, IMHO.
[+] [-] raverbashing|8 years ago|reply
You just need regulation to prevent the abysmal idiocy of manufacturers
Also standardize the interface (ADA compliant, etc)
Hire the Nevada Gaming Commission to regulate it and so be it. Make the machine print a paper backup that is put on a ballot box as well
[+] [-] baby|8 years ago|reply
[+] [-] LVB|8 years ago|reply
[+] [-] pps43|8 years ago|reply
[+] [-] tambourine_man|8 years ago|reply
https://www.youtube.com/watch?v=BYRTvoZ3Rho
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] rpazyaquian|8 years ago|reply
That's only because the government hasn't bothered to invest in electronic voting security, regulations, and rigor to the extend that they invested in fraud protection and financial regulations. I'm willing to be that if the government cared more about modernizing, securing, and distributing our voting systems, we'd see improvement on the level of electronic banking and finance.
Not that I expect this to happen anytime soon. For various reasons, voting rights and opportunities in the US are steadily declining and don't seem to be taken seriously. You can fill in the blanks yourself there.
[+] [-] aidenn0|8 years ago|reply
Each voting machine tallies votes and prints out a filled-in paper ballot. Then you get quick electronic counting but with an auditable trail.
[+] [-] endgame|8 years ago|reply
[+] [-] Klathmon|8 years ago|reply
Paper works, and it works well. It's a system that has worked well enough for thousands of years, and we have figured out most of the issues with it during that time. Anyone that can count can validate a single precinct. You can have one person, or 100 people all standing there watching a ballot box all day for tampering. You can have a whole group of people count the results, or just a few.
In a traditional paper system, swaying a single precinct with "blackhat" methods takes a lot of physical resources, a lot of time, and in most cases a lot of people. Then multiply that by every precinct in the country, and it quickly becomes pretty much impossible to do and get away with. Plus it leaves a physical "paper trail" (in the form of payment for people, communications, and physical materials or the receipts for those materials).
Electronic voting gives us very few benefits, and a significant amount of downsides. And it doesn't matter if it's FOSS, it doesn't matter if it's vetted, it doesn't matter what safeguards are put in place, all it takes is one mistake. One fuckup, and someone can now choose the leader of a nation, and in some cases that leader can change the rules of the next election, meaning it only takes one single mistake to ruin it for many many generations in the future.
And replacing a system where literally everyone can validate a system on voting day if they want to with a system where only a fraction of a fraction of people can even read and understand the code, let alone validate the code (and can't actually validate the hardware, or make sure what is running on the hardware is actually that code, or make sure that the hardware is even what it says it is), and it takes a magnitude more time to do so, just isn't a good idea.
[+] [-] Fej|8 years ago|reply
Describes all the problems with electronic voting and why it's an awful idea. It's short for what it is, a fantastic eight minutes.
https://youtu.be/w3_0x6oaDmI
[+] [-] TeMPOraL|8 years ago|reply
> using pencils
Why pencils? Aren't pens more secure (more difficult to erase / alter without leaving a visible mark on paper)?
[+] [-] cr0sh|8 years ago|reply
I'd go further and say that for such a manual system, the counting should be done as speedily as humanly possible, but that if it takes a few days to do it - then so be it.
I don't think this is one area that should be rushed, and I don't understand why so many people - including people who should know better - thinks it should be.
[+] [-] cyborgx7|8 years ago|reply
A very important factor in their work was making sure people called them "voting computers" instead of "voting machines". Most people have a sense by now that computers are hackable and insecure, if only through movies where hackers can hack every system. Calling them machines gives people the sense they are a unhackable mechanical appliances.
[+] [-] dx034|8 years ago|reply
That's a bit different in other countries where counting paper ballots can take days. Doesn't make voting machines safer, though.
[+] [-] iainmerrick|8 years ago|reply
If there's a flaw in the system -- and there will be flaws, the only question is how soon they're found -- there's a risk that the whole thing can be compromised in one fell swoop.
Whereas pen and paper voting, counted by hand, is slower and less accurate and has plenty of its own flaws, but there's no simple way to compromise the entire vote at once. You'd have to fool a whole bunch of different people in different ways, and/or recruit them into a huge conspiracy.
Other countries use pen and paper and it works fine. Electronic voting machines should be banned.
[+] [-] Canada|8 years ago|reply
[+] [-] ThomPete|8 years ago|reply
In other words. Hacking the election is up there with the us planned 9/11 it would require social engineering of unheard proportions.
[+] [-] tcbawo|8 years ago|reply
Also, why don't we have automatic voter registration? Let's pay this cost once and move on.
[+] [-] Larrikin|8 years ago|reply
[+] [-] cobookman|8 years ago|reply
By outcome I mean something like machine had person A winning, people count has person B.
[+] [-] JorgeGT|8 years ago|reply
However, paper ballots are returned to the voting urns and sealed. The sealed urns are then sent to a few centralized counting locations where they are manually counted again by civil servants during the corse of a few weeks. (Party representatives can witness both countings).
Usually there are some very very small differences between the first and the second counting, but I don't recall even a seat changing because of them. This has the advantage of being both fast and safe.
[+] [-] corpMaverick|8 years ago|reply
[+] [-] itodd|8 years ago|reply
[+] [-] thrillgore|8 years ago|reply
[+] [-] maxerickson|8 years ago|reply
https://ballotpedia.org/Voting_methods_and_equipment_by_stat...
Hopefully the message that paper ballots are simpler and provide a strong audit trail will continue to beat back the new and shiny.
[+] [-] swiley|8 years ago|reply
[+] [-] tribby|8 years ago|reply
[+] [-] em3rgent0rdr|8 years ago|reply
[+] [-] tjhorner|8 years ago|reply
[+] [-] elbac|8 years ago|reply
https://www.predictingourfuture.com/online-voting/
After listening, I became convinced that electronic/internet voting is a terrible idea.
[+] [-] alistproducer2|8 years ago|reply
[+] [-] cr0sh|8 years ago|reply
Or what if the extremism is only on one side, because they perceive the other side as being too extreme, when that side is just trying to be for the people?
I'll leave you to decided which side is which, of course...and where all this might lead (it ain't pretty, should this actually be what is playing out).
[+] [-] vuln|8 years ago|reply
[+] [-] bdz|8 years ago|reply
[+] [-] jvandonsel|8 years ago|reply
[+] [-] kuschku|8 years ago|reply
[+] [-] em3rgent0rdr|8 years ago|reply
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] UltimateFloofy|8 years ago|reply
[+] [-] miheermunjal|8 years ago|reply
[+] [-] cyborgx7|8 years ago|reply
[+] [-] Klathmon|8 years ago|reply
From my perspective, e-voting is more difficult for the blind/disabled, more difficult to audit and check (you'd need to be a programmer that is well versed in cryptography to even begin to audit a codebase), much harder to verify/validate your own vote was even cast, much less reliable, and overall is confusing and harder to use.
The only benefit I can see is making it easier to vote for those working or who aren't able to get to a precinct. But that's a problem I'd much rather have solved by making it a mandatory holiday and providing state-paid-for transportation on election days.
[+] [-] cr1895|8 years ago|reply
Can you expand on the objective improvements?
[+] [-] lngnmn|8 years ago|reply