from the secure-verifiable-anonymous-(pick-two?) dept.
Why online voting is harder than online banking:
Why can't we use the same techniques [that we use for banking] to secure online votes?
[...] voting has some unique requirements that make secure online voting a particularly challenging problem.
Votes are anonymous, banking isn't
Every electronic transaction in the conventional banking system is tied to a specific sender and recipient who can confirm that a transaction is valid or raise the alarm if it isn't. Banks count on customers to periodically review their transactions—either online or in paper statements—and notify the bank if fraudulent transactions occur.
[...] Some online voting companies have dealt with this challenge by dispensing with strong ballot secrecy. Voatz, for example, gives each voter an anonymized identification number that allows them to look up their votes as they were recorded on the Voatz server. This is probably essential for ensuring that votes are recorded correctly. But it erodes the sanctity of the private ballot, since people in positions of power could coerce voters into revealing how they voted.
Online banking isn't actually that secure
The more important issue, however, is that online banking systems aren't actually that secure. Indeed, conventional payment networks get compromised constantly. The Nilson Report, a financial industry trade publication, estimated that credit card fraud cost the world almost $28 billion in 2018.
[...] Voting officials can't issue voters after-the-fact credits for their stolen votes the way banks do for stolen funds. An election needs to produce a definitive result that is quickly and widely accepted as legitimate. Even a small number of fraudulent votes could flip the results of an election and destroy public confidence in the voting process. Major elections, including the American presidency, have been decided by a few hundred votes out of millions cast.
So our voting infrastructure needs to be a lot more secure than our online banking infrastructure.
(Score: -1, Troll) by Anonymous Coward on Sunday September 13 2020, @12:00AM
Fruit Loops and Fancy Free!
(Score: 2, Interesting) by krishnoid on Sunday September 13 2020, @12:05AM (3 children)
Since it's online, you could come up with a system and vote on anything -- Fingerlicans vs. Tastycrats vs. Nixon, cats vs dogs -- and try it weekly until you work out the kinks. Heck, there could be weekly "online voting" sessions until November 3, if online voting is something anyone cares about.
(Score: 3, Insightful) by Thexalon on Sunday September 13 2020, @01:01AM (2 children)
A lot of the problems described in TFS don't happen unless there's something valuable at stake, such as the state or federal budget. For instance, coercing votes and using the verification system and/or the fact that you can look over their shoulder while voting to ensure that the people you coerced vote the way you coerced them.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 5, Interesting) by driverless on Sunday September 13 2020, @02:12AM
Many years ago when the prospect of voting by computer - not online voting but just using computers to cast your vote - was being tossed around I worked for a large multinational computer company. Our mgt. wa$ intere$ted in pur$uing this, and asked the security group to comment. Our report boiled down to "It is not possible to describe in words how much the company should not get involved in this suicide mission". So we kept well away, and companies like Diebold leapt into the toxic cesspit instead.
And that was computerised voting, which is easy when compared to online voting.
(Score: 3, Funny) by krishnoid on Sunday September 13 2020, @04:18AM
Why not dry-run a vote on that? It could be an advisory vote, or just a national poll.
(Score: 1, Funny) by Anonymous Coward on Sunday September 13 2020, @12:20AM (13 children)
Record votes in a spreadsheet, using a secret identifier like social security number. That way you can check if your vote was recorded properly, by looking up your SSN, but no one else can find out how you voted.
(Score: 3, Insightful) by Thexalon on Sunday September 13 2020, @01:03AM (10 children)
You do have some clue how many people and organizations have access to your SSN, right? That does next to nothing.
Oh, and as an added bonus, you now have a list of valid SSNs for everybody in an area. Yeah, security.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by barbara hudson on Sunday September 13 2020, @02:39AM (8 children)
SSNs are not unique. For starters, more than 4million people have been issued a new SSN for purposes such as hiding from domestic abusers. For another, the supply is not limitless. There are only 1,000,000,000 unique numbers, from 000-00-0000 to 999-99-9999, and just the 325,000,000 people alive today use up 32.5% of the total pool, not counting all the dead, etc.
Recycling numbers is going to cause problems .
And you have cases like GWB who got a new number because his old one was tied to a DUI, rendering him ineligible to visit Cantduring his first term (DUIs are felonies in Canada).
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @03:02AM (7 children)
Interesting story, but 1) there are procedures for people with DUI history being admitted, especially if the conviction was so long ago as it was with Baby Bush and 2) there is no way national laws would be allowed to interfere with a visit from a head of state, especially between a relatively superior country like the US and an relatively inferior one like Canada.
(Score: 2) by barbara hudson on Sunday September 13 2020, @03:24AM (5 children)
Yes there are procedures, but the conviction will still come up on computers and at that point a customs agent can still deny entry on that basis.
And yes, any customs agent can deny a head of any state entry - and Bush was so unpopular here that it was pretty much guaranteed to happen. And any political interference is a no-no - that would probably bring down the government and trigger an election.
Only citizens java rights to entry - anyone else can be barred for any reason, or no reason. At that point you have two choices - withdraw your application or spend the night in jail awaiting a hearing. Bush's history of cocaine use would have been an issue in addition to his DUI. He would have had to show proof that he was rehabilitated from both cocaine and alcoholism.
Obama admitted to crack use, but he had no offence on record that would have been considered a felony in Canada and given cause for an initial exclusion order.
It's like one guy who tried to come into Canada and there was an arrest warrant out for him in his home state that he wasn't even aware of. Turns out it was for adultery, which isn't a crime in Canada (in Quebec it's not even grounds for divorce ), so he was legally allowed in without getting the matter cleared up.
We do not enforce American law. That includes arrest warrants for things that aren't offences in Canada. Same as the US doesn't enforce Canadian law.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @04:02AM
"Only citizens java rights to entry"
be sure to drink your ovaltine? [wikipedia.org]
(Score: 2) by Mojibake Tengu on Sunday September 13 2020, @07:34AM (3 children)
You big liar.
https://abcnews.go.com/International/wireStory/huawei-cfos-find-fraud-case-proceed-70896581 [go.com]
American sanctions against Huawei were imposed because Huawei violated American sanctions against Iran.
Canada is enforcing American law in this very case.
Respect Authorities. Know your social status. Woke responsibly.
(Score: 2) by barbara hudson on Sunday September 13 2020, @10:02AM (2 children)
Nobody is tried in Canada for violations of American law. Ever. Same as nobody is tried in the US for violations of Canadian law. Ever.
So sad that most Americans don't understand how laws work.
Assange, for example, isn't being tried in England for violating American law. He's just fighting an extradition attempt. The English court will not rule as to his guilt or innocence. Just whether, under existing treaties, he can be extradited. And without a treaty, you can't extradite.
Under the treaty, violations of American law that would not be considered violations iof Canadian law are simply not extraditable,
So no, I am not a liar and you once again show you don't know what you're talking about.
It's like trying to extradite someone from Canada for simple possession or use of weed in the US. Not a crime in Canada, so not extraditable, or even an impediment to entry.
Neither country enforced the other country's laws. The courts simply don't have that power.
Otherwise someone who murders in the US could be tried in Canada for murder and escape the death penalty.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 4, Insightful) by Mojibake Tengu on Sunday September 13 2020, @11:05AM (1 child)
Extradition is the enforcement of foreign law. Even the mere arrest is enforcement of foreign law.
You deliberately contradict the reality. Both Meng and Assange cases are examples of enforcement of foreign law.
Respect Authorities. Know your social status. Woke responsibly.
(Score: 2) by barbara hudson on Sunday September 13 2020, @04:59PM
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @04:58AM
Just fuck off. I like to kick a Canuck now and then - especially when the Canuck kicks back. But fuck you and your inferiority bullshit.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @03:09PM
** WOOSH **
(Score: 2) by Immerman on Sunday September 13 2020, @03:05PM (1 child)
You joke (I think), but there are some interesting options along those lines that still do a decent job of preserving vote secrecy. For example:
- The government cogenerates a unique public/private "VoterID" encryption key pair, which can be replaced whenever you suspect it may have been compromised.
- Your vote is cast through the interaction of 3+ very simple independent servers:
* Voting Roll server (government operated) which
- - - keeps track of all IDs for the current election, and whether they're unused, have cast a vote, or have been replaced with another ID (though they can't tell with which one)
- - - keeps track of exactly which Anonymity server reported each ID change, and how many new IDs they report
* Anonymity Server (multiple, independently operated by trusted sources) which
- - - Accepts your proof-of-identity and reports your ID as used to the central rolls, then cogenerates a new AnonID public/private key pair with you once it's confirmed the old key was valid
- - - Your New AnonID gets submitted as a new addition to the Voting Roll at some time during the next 24 hours, in one of many randomly shuffled batches so that the Voting Roll has no way to connect your VoterID to a specific AnonID
- - - You can repeat this step as many times as you wish using different Anonymity Servers, replacing your old ID on the rolls with a new one. So long as any one server is trustworthy, the chain of identification is broken.
- - - Also passes on Ballot submissions in a similar way
* Ballot collecting server (government operated, potential with official independent observers)
- - - Collects ballots from Anonymity servers
- - - Publicly publishes all ballots with associated AnonIDs after the election is closed so that (1) everyone can confirm their ballot was included, and (2) everyone can count the ballots for themselves to confirm the outcome.
If you include a cryptographic receipt with each exchange of information, then everyone involved can prove if a compromises occurred, and at exactly which stage for assigning responsibility and repair. You can probably even manage a decent worst-case estimate of how badly compromised the election was, giving you an uncertainty envelope that would allow you to know if the results were still valid - e.g. if worst-case 20% of votes were compromised, but something still won by 71%, then you know it passed with at least 51% of the "real" vote.
(Score: 2) by Immerman on Sunday September 13 2020, @03:24PM
Oh, and shouldn't forget - the completely independent "Vote Integrity" servers to which everyone can anonymously submit their proof to assemble a timely collection of evidence.
And perhaps it's also worth mentioning the voting app - which could be a phone app, though perhaps a dedicated mini-tablet or some other easily securable and auditable device. Which can
- - - automatically does all the multiple ID exchanges
- - - allows you to read and vote on the ballot (perhaps with the aid of a HDMI output for easier reading, with the tablet going into "touchpad mode" while plugged in)
- - - verifies that your ballot was included in the final list, and that all ballots were tallied correctly
- - - submits proof of any compromise to the Vote Integrity servers
(Score: 1) by fustakrakich on Sunday September 13 2020, @12:22AM (2 children)
Otherwise forget about it. Just get enough people out there to monitor paper ballots. No "Cyber" needed
La politica e i criminali sono la stessa cosa..
(Score: 2) by Opportunist on Sunday September 13 2020, @12:05PM (1 child)
A fax machine? A tool that sends unencrypted, unsigned data over a public wire?
I'm not sure whether you're joking, Poe's Law ain't just for religion anymore...
(Score: 1) by fustakrakich on Sunday September 13 2020, @02:02PM
Yeah, it should work at least as good as voice transmissions
La politica e i criminali sono la stessa cosa..
(Score: 3, Disagree) by Rosco P. Coltrane on Sunday September 13 2020, @12:36AM (3 children)
Voting is mostly a sham in the US: whatever you vote, you can be sure you'll end up with the best millionaire corporate money can buy, with the most well-connected buddies, from one of the two major parties that are pretty much carbon-copies of one another on the major issues and don't offer any real choice.
So, just don't vote. You may as well: voting for any candidate on offer won't change a damn thing. And not voting is perfectly anonymous.
(Score: 1) by fustakrakich on Sunday September 13 2020, @02:07PM
It only ends up that way because a full 95% vote for the "best" millionaires. We do have other choices on the ballots. Voters have to turn their backs on celebrity bling if they want to see a difference. Otherwise... c'est la vie...
La politica e i criminali sono la stessa cosa..
(Score: 1) by wArlOrd on Sunday September 13 2020, @08:24PM
[...] whatever you vote, you can be sure you'll end up with the best millionaire corporate money can buy
Not necessarily, sometimes you end up with the worst millionaire money has bought.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @09:17PM
Well, here’s the thing: even in presidential races where you see the highest turnout, barely half of the eligible age population turns out.
So, already almost half of the population are sitting out the election. Which means people using your strategy are actually throwing the election to the evil corporate dudes. If you actually got most of the people who sit out the election to vote, you could easily outvote the corporate candidates if you really wanted to.
But that would require getting of your ass. Which half of Americans aren’t interested in doing apparently, even if it could vote for someone less evil.
(Score: 2, Insightful) by fakefuck39 on Sunday September 13 2020, @12:45AM (7 children)
This is a huge issue in America right now. I don't get it. I watch france24, listen to franceinfo - all in french. Then I listen to business fm in russian. No issues with this type of bullshit.
So they're comparing secure voting with the security of online banking systems. But the comparison is you logging in to your bank account and doing stuff. Then the misdirection - "banking online is insecure." Of course it is. But how do we claim it's insecure? Let's dump it in with the larger category of credit card fraud online, and call it insecure. Yes, because someone logging into your bank's website as you has anything to do with someone using your credit card number and billing zip at an online chinese dildo store is the same thing.
Yes, there are some occasions where someone actually hacked something and logged in to a bank as that user, social engineering 2FA. Almost non-existent.
And mentioning this little turd of bullshit makes me look at the entire article as bullshit propaganda wannabe, or something written by an idiot. Why would I give a crap about what a manipulative or stupid person wants me to read?
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @01:01AM
So basically:
(Score: 3, Informative) by Thexalon on Sunday September 13 2020, @01:08AM (5 children)
The reason banking isn't *too* insecure for all practical purposes is related to the first point, namely that nothing is anonymous. Humans like yourself can and do discover mistakes and fraud by looking at the transactions on your own account and responding to whatever went wrong (including, of course, needing to file divorce papers if it's a joint account!). Whereas voting has to be anonymous enough that nobody knows how you voted, nor can you prove to anybody else how you voted.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by c0lo on Sunday September 13 2020, @04:44AM (1 child)
The requirements are even stronger than that (and the paper system fails it).
Specifically, the voter should be able to verify her vote has not been tempered with, in plain view of everybody while still nobody knowing how she voted, nor being able to prove to anybody else how she voted.
See also end-to-end auditable voting systems [wikipedia.org].
Note: due to authentication and voting security reasons, no electronic voting can work exclusively over the internet.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by Thexalon on Sunday September 13 2020, @04:13PM
The paper systems don't allow the *voter* to verify that nobody is tampering with it, but does allow the political parties, candidates and campaigns, and sometimes random citizens too, to observe and verify things like:
1. The ballot box is empty before voting starts.
2. Nothing else got into the ballot box during voting.
3. The count from that ballot box matches what the ballots actually said, especially if things look a bit fishy.
So while it's not impossible to tamper with those results, it requires a substantially bigger conspiracy than when the results can be easily changed by somebody in an office in the state capitol building, who may have a personal stake in the outcome, with no records available to re-count.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by fakefuck39 on Sunday September 13 2020, @08:00AM (2 children)
and the anonymous voting that needs to be verified is lightly addressed in the summary. which is a shame, since because of the credit card fraud lie, the whole article and any data or claims it makes are now coming from a manipulative bullshit source, or a stupid source, and should be ignored like a fox news report.
but you absolutely can make something anonymous, and verifiable by its source. and i bet if voting was as easy as going to a website and logging in with a code you are given and a password only you know, a heck of a lot more people would do it. which is a bad thing. because if you don't give a fuck enough to come in person and vote - if voting is less important than running out for a pack of smokes, those people shouldn't be making any decisions about how laws that govern other people and other people's money is spent.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @12:30PM (1 child)
Nothing online is anonymous.
(Score: 2) by fakefuck39 on Sunday September 13 2020, @08:44PM
yes, because showing up in person where you're on camera and everyone can see your face is fully anonymous..
if I get a key at the dmv for voter registration, then use that key, without a my name, to create a password, and use both to vote - it's anonymous. Yes, someone could grab my IP from the ISP and figure out that one of the people using my wifi router is the one with the vote, narrowing it down to several possible people, or a guest just using my wifi. Not fully anonymous. We're talking a court order to even get the IP, and a lot of forensics just to narrow it down to several possible people.
yes, most encrypted things online is anonymous for 99.999etc% of the cases, unless a government agency gets involved and spends a hundred man-hours investigating you specifically. Much more anonymous than you, in person, at the polls, or by mail.
Tell me, do you not lock your house? Because I guarantee you that there are a few people within a mile radius of your house who can pick that lock. Locks are useless! Torrenting is not anonymous either, yet using an encrypted connection, I strangely haven't been sued since the day torrents became a thing, or scour.net or winmx before that.
DRM works great. Locks work great. Online anonymity works great. Perfect is the enemy of good.
(Score: 0, Funny) by Anonymous Coward on Sunday September 13 2020, @01:37AM (4 children)
So here we have another nutherguy (Runaway1956) submission, trying to argue that
Climate change is not real/America is not systematically racist/ Mail-in voting is not secure!! Oh, noes! Guess we should just buy Greenland, now. We can sell Puerto Rico, and throw Arkansas in for free!(Score: 2) by The Mighty Buzzard on Sunday September 13 2020, @03:00PM
You don't like food? The Mississippi delta is far and away the best farmland in the nation and Arkansas has a very large chunk of that.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @03:25PM (1 child)
You've either got some serious reading comprehension problems, or you don't know the difference between mail-in and on-line... either way, I'm inclined to discount anything you say about the subject, for obvious reasons.
(Score: -1, Flamebait) by Anonymous Coward on Monday September 14 2020, @09:11AM
Feeling is mutual, for equally or greater obvious reasons. Dogwhistler!
(Score: 2) by fakefuck39 on Sunday September 13 2020, @08:52PM
I don't think you're getting this. It's the "wasting water" argument, which you make look stupid by omitting crucial parts. It's what trumpster fox people do.
No one is arguing climate change is not real. Man-made climate change, from what I can see, is not real. If you look at earth's temperature historically, it goes up and down all the time, often at a greater slope than it's going up now. If you look at CO2 emissions historically, they go up and down too, but now they're going up at a greater slope than ever before. If CO2 was the cause, temp should be going up faster now than ever before. It's not - it's very average looking at, say the last million years.
No one is arguing we're not greatly increasing CO2. No one is arguing temperature isn't going up. But I am arguing the CO2 is not the major, or any statistically significant portion of the temp going up.
Mail-in voting is indeed not secure. A redneck in a truck can drive to a left district, pour some lighter fluid into a mailbox, and burn your votes. That hasn't been a problem because there haven't been mailboxes stuffed full of votes in previous elections - it's been very few by mail, so setting a mailbox may or may not have removed a single vote. Now if you let it burn, you remove several city blocks full of votes.
You don't need studies for this. You need common sense. Not supporting runaway in anyway - he's an idiot. But you are also an idiot.
(Score: 2) by SomeGuy on Sunday September 13 2020, @01:55AM (2 children)
Yea, I've been wondering why big companies don't try to sell people on voting with cell phones or smart TVs (vote with your remote!). It works for DRM apparently. Idiots would love that. And then get rid of paper. And make sure that "old" devices won't work because security. Buy a new one! Every four years. Then a giant cell phone gets elected president.
(Score: 2) by Opportunist on Sunday September 13 2020, @12:08PM
It worked for American Idiot, why not for presidential elections? If we entrust it with something that most Americans are highly invested in, it should be good enough for something that only affects a tiny minority.
(Score: 2) by Immerman on Sunday September 13 2020, @03:27PM
It could possibly work - I described a method several posts above, but I think key aspects are that all ballots have to be published after the vote, with each voter being able to prove if their ballot wasn't included, and be able to tally the votes for themselves to verify the official results.
(Score: 0) by Anonymous Coward on Sunday September 13 2020, @04:12AM
Two completely different problem domains. In online banking, fraudsters want to take victims' money, who can get it restituted. In online voting, fraudsters want to change a single result determined by masses of participants. The ability to reverse this is not desired, because that would break the secrecy of the vote.
Maybe it can please the writer that we are using the same LCD technology for the voting machine, as we use for ATMs.
(Score: 1, Informative) by Anonymous Coward on Sunday September 13 2020, @09:52AM
They're missing a 'supposedly' there.
Here in the UK, when you go to vote they check your name at the polling station on the printed ledger of eligIble voters for that area, issue you with a numbered ballot paper, whose number they then mark against your entry in the ledger, oh, another fun fact, they fill this in ink, but they supply pencils for voters to fill in the ballot papers with..luckily, I always carry a pen when I go to vote (what do you mean?, suspicious cynical bastard?, why would you think that?)
Anyways, voting here is anonymous, but only at the 'point of delivery' and at the count, afterwards......should anyone (hello, spooks...) really desire the information as to who voted for whom, they can happily get at it, as, by law, the completed ballot papers are kept for a year after the vote.
(Score: 2) by Opportunist on Sunday September 13 2020, @12:10PM
Online banking is horribly insecure. Mostly due to people being unable, unwilling and unfit to do secure business online. You can literally rob them via phone and mail.
The reason you don't hear about it is that banks generally will cover the cost in exchange for you STFU about it, because yes, it costs them millions each year, but it's still cheaper than hiring more bank tellers because people lose faith in online banking and want to do their banking business with humans again.