Open source Voting System
Politics aside if you were to create an open-source voting system how would you design it to be efficient, secure, and tamper-proof?
I was thinking of something like using blockchain This would create a provable mathematical audit trail for each transaction then. Combined that with using your SSN and a unique ID from the voter registration. You would have proof of every valid vote basically 2fa. Then data will be exported to a write-only USB drive once an hour.
@Orakel interesting didn't know that still, it's just a fun thought experiment to see what people come up with. Tons of really smart people here and wanted to see where this went.
@omnipotens Electronic voting can't be audited the way paper voting can. The last election should make it obvious what happens when a large portion of the population can't trust the voting system and that's what you get with electronic voting.
Also: you don't (and should not!) need an SSN to vote. The US has no unique ID numbers.
@swiley Well every legal citizen that is allowed to vote has a social security number that is unique to the person. As for paper audits are full proof is the biggest lie ever told in my opinion. If money can be counterfeited so can ballets. We can still use both but I believe the answer is in technology. With 2 systems the offline voting machine and a registered voter chain. Each transaction can be matched and tagged as valid duplicated or not in the system.
Of course this is a flaw with the SSN system itself, as they don't want to do anything about this to prevent it.
Also, not every American has a SSN, though functioning in society without one is next to impossible. When my kids were born, i was not required by law to sign them up for a SSN (but had I chose not to, it would have made life hell)
@omnipotens @swiley That said, presuming that the feds actually fix the idea of a SSN and make the digits sufficiently long enough so that name/number collision do not happen, there's still the issue that Americans are not required to have one.
You aren't even required to have legal state-issued ID to prove your identity in many states. Even if you have state-issued ID, they aren't biometrically linked in any way to you except photos (which are easily fooled)
There are serious problems with having a single ID number that's used for official things like this. We're already seeing how easy it makes fraud and how that affects people. It used to be illegal to use the SSN for anything other than social security, there was a good reason for that.
If we really wanted a national ID than the federal government should be running a key server. No one reasonable wants this because it would create a huge mess and we absolutely should not be tying it to biometrics. Biometrics are worse than requiring a shared secret to authenticate because you can at least choose who you share the secrete with and change it if you think it's been compromised.
People in Kentucky are just as dumb as people in virginia. Hopefully you see why even if we had a national ID you couldn't expect it to actually refer to individuals 100% of the time. Fraud happens and the world is messy and the cleanup is way too slow for whatever automation you'd want to build for it anyway.
@swiley @matt No I am not requiring them to run any OS. Right now when I go and vote I show ID. All I am adding is a randomized voter registration number. When you vote. you put in your id and your voter registration number. If those two match then it's a valid vote. It will just add another layer of difficulty to slow corruption. I am not even saying it's a full-proof idea but its a start.
I don't think paper audits are fool proof. The reason electronic voting is a problem is that *you have to convince the skeptics that it's correct.* Most of the people skeptical of your voting scheme may not even understand PKI and other ideas necessary to judge it's correctness. The result is a mass rejection of the results like what we had last year.
@swiley Not to mention when they do a paper audit they do not check the validity of the votes cast only the number of votes. If they see the same person voted 10 times there is nothing they can do as the task is to count them not investigate them.
@omnipotens I don't know, but seems to me like conventional voting systems place a lot of importance on anonymity, and also are very much reliant on a centralized means of authorization (i.e the government keeps a list of everyone, and crosses your name off when you show up to vote), which suggests to me that any such system would hinge entirely on trusting the central authority.
I'm not sure how you could carry forward those premises into an "open source" system, depending on what that means.
@eviloatmeal no not true, If that was the case then people would not have received letters in the mail saying their vote was rejected due to signatures validation. It depends on the state and how each state runs there election process.
@omnipotens If this is directed toward the anonymity part, then I should clarify that I mean anonymity in the sense that you can't tell from the end result who voted for what, as in, most of the voting systems I've heard of either have some mechanism by which you can't figure out what someone else voted, or at least actively refrain from publishing that information.
@omnipotens If you vote on any personal devices it's obviously completely insecure. If you vote on any machine that is controlled by the state, you can't verify what it does. I think the only possible way is to vote on paper and then perhaps have a very transparent way of counting the results that uses more modern technology than people counting. For example if you have a simple single choice voting, a machine could take the votes and sort them, then the sorting would only needed to be verified.
@NickFreeman I completely disagree granted personal device your correct on but paper ballets can easily be forged. They do it for money and they use much more precautions than the ballets. Paper is definitely not the way to go. If you want a paper to be apart of the process ok but they are way too easy to manipulate and way too hard to investigate. Even the audits they call do nothing more than a recount and never investigate the validity of the ballet.
@omnipotens I don't want to talk about the US as it is rather complex compared to other countries (electoral college, no proper way of identifying voters, etc). At least the way we vote in Germany, there is no need for tamper-proof paper, it's just ordinary paper.
@NickFreeman Well the electoral college was put in place to give each state a voice. Without it all the states would be dictated by the highest populated states which are California and new york. Each state runs it's own elections so yes it can be messy.
@omnipotens Well, in the US it is all based on majority vote instead of proportional representation, with the result that there are only 2 relevant parties. In my opinion a monopoly or oligopoly is not only bad in a market, but also in politics. With a proper proportional representation, everyone's vote would be equally relevant and the whole system so much simpler and easier to unterstand.
@omnipotens A fundamental difference to overcome here is that one can verify open source programs by compiling it ourselves, or a hash sum.
You can't verify a voting machine unless you're allowed full access, and if you're allowed access then other people cannot trust the machine.
I do like this idea. Definitely, such a system is possible to design, implement, test, audit, and, finally put into production.
However, the main challenge will be to explain the functionality of such a system to a common voter in plain language. There are so many prerequisites of exact and intrinsic knowledge. A common voter will have no chance to trust it without a plain belief.
The system will contain literally thousands of components where each and every of them can contain a vulnerability that can compromise the system. As the system is compromised so the result of the voting. Not speaking of the human factor during analysis, development, testing, and maintenance. Even the majority of the staff responsible for this will not be able to understand the system as a whole.
@omnipotens I'd never trust a non paper based voting system. And even worse, with digital systems there can be no proof of tampering.
Votes should not be counted with a machine either.
@SnabelAdmin I still believe if you can counterfeit money you can counterfeit ballets. And it's nearly impossible to validate all the paper ballots are legit.
Well, the difference is scale. You need massive infrastructure, organization and resources to do voting fraud. And keeping it secret will be difficult because of the amount of hands that have to be gathered without leaking.
The current American system sucks, but the solution isn't going away from paper.
There is extensive research on this made by experts, and USA has always been critizised for digitalizing voting by these experts.
@omnipotens you cannot. Computers are a black box system to the voter and ergo, have no place in the electoral system.
@omnipotens Check out Resist Bot
@omnipotens Have a look at Patricia Aas' work in this area. Why paper ballots is the good and how to secure such a system.
Linux Geeks doing what Linux Geeks do..