(no title)
cool_cherry | 5 months ago
> So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
With the Ontario system I described (first example), no. You can't ensure this. In fact, the server that receives your authentication credentials is the same as the server that receives your vote.
How things work:
1. You send a POST with {"DOB":"1995-01-01", "PIN":"12345678"} to server.
2. Server responds with a session cookie. That cookie is included with all subsequent requests in order for the server to know you are authenticated. This is a typical authentication scheme for web applications.
3. Eventually you make a selection and cast your vote. This will send your vote, and the cookie, to the server.
4. The server verifies the cookie is valid and records your vote.
It is definitely possible for the server to connect the identification information you provided in your initial login with the cookie, if it chooses to log that data. There's no way for the client to know if it's happening or not.
It's also a proprietary system, and because it's owned and operated by the online voting vendor (and not a government body) it's exempt from freedom of information legislation, so you wouldn't be able to see any information about the system's design even if you really wanted to. We do know steps 1-4 exist though, because we can infer all of it from the browser's development tools when interacting with the website.
With this type of system, there is also no meaningful way for a municipality to verify the count is correct, beyond the testimony of the vendor. The system is a black box, where votes go in and a result comes out. The vendor reports the result, and the municipality then declares candidates elected.
To be clear: Not a hypothetical. This is a real system! Used by 49 municipalities in 2022!
> How do you override a previously cast vote in that system? (Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
You don't! To the best of my knowledge, no vendor/municipality offers this feature in Ontario.
xorcist|4 months ago
The reason why we have public elections is to ensure a peaceful transfer of power. I believe each and every scholar of political science would agree with this statement.
What's important is that there must be no reason to sow distrust into the process. No party should be able to claim their votes weren't properly counted, or that the process is somehow suspicious. The voting process could be mathematically perfect, but if people doesn't trust that votes can't be bought and counters can't be bribed then it's all for nothing.
That's why we need transparency. Not because of some higher theoretical lofty ideas, but because the basis for peaceful transfer of power between parties mutually suspicious of each other is not there.
If trust gets broken then society gets broken. Elections will continue, but in a generation or two they will cease to be able to fulfill their intended goals, and that's when we see the outcome. Not next year. That's what scares me.