[Fsfe-ie] perspective on e-voting
s_fsfeurope2 at nedprod.com
Thu Mar 4 02:14:38 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
On 3 Mar 2004 at 10:49, Fergal Daly wrote:
> > x86 processors are /vastly/ more complex than they need to be
> > because of the legacy requirements. Really they're a RISC CPU
> > nowadays with a translation front-end converting the x86 into RISC
> > ops. However that said, there is a huge scale of economy in x86
> > chips only ARM could probably come close to - hence me suggesting
> > the Atmel.
> Thank you, I know what modern x86s do and why they're cheap, hence my
> impression that it would be cheaper than a specialised processor.
Sorry, I didn't mean to sound condescending - I merely meant to say
that military CPU's are cheaper because they're much simpler than x86
> Again, it doesn't matter in the slightest whether the chip is hardened
> or commodity, cheap or expensige or anything else it will still be
> easy to replace it with a rigged look-a-like.
I'd like to see anyone design a CPU which can recognise when the
software running on it is tallying votes and adjust them
> This current government has a slim majority and they have gutted the
> Freedom of Information Act despite public and media outcry. They are
> probably about to pass fundamentally change our voting system a
> completely united opposition and massive media and public discomfort.
> Once you have a majority in the Dail you can do what you like as long
> as it's constitutional and in 5 years that covers a hell of a lot of
> bad stuff. There is no "congress" which will come to the rescue. The
> closest thing is the Seanad which can only delay legislation, it
> cannot stop it.
Well, that's what governments do - get into power, spread government
cash among their friends and change the system to ensure they stay in
power. What else did you expect? The system has been identical for
over 2000 years!
This is why I like rainbow coalitions - the more they hate each
other, the less chance of corruption. Unfortunately they're not very
> "Fairly" is not enough. The stakes are very high, high enough that
> someone could decide to invest quite a chunk of money into winning.
Really? And you honestly believe elections aren't already bought?
> Finding tampering after the fact is a disaster, it's possible that
> laws would be unmade, tax "uncollected" and criminals "unconvicted"
> and it totally undermines the credibility of any future system.
Certainly not, that would undermine public confidence and besides, I
know of no government that wasn't extremely keen to enact more laws,
collect more taxes and lock up more criminals. The principal purpose
of government is to create more need for government.
> There is only 1 improvement needed and it makes tamper proofing, open
> source and everything else nice to have but not essential. Add paper.
> Once you have paper, it doesn't matter how badly the machines perform
> whether through tampering or through other errors the paper will not
> change. Paper is not perfect of course but it's a hell of a lot harder
> to fiddle and the attacks are well known and well understood by the
> people who are keeping guard.
When you have lots of people in a system, you get the best chance for
whistleblowing. An automated system will not flag abuse except in
very obvious easily circumvented ways.
Therefore the least corruptible voting system is one with the least
machines in it. Paper trails help, but it's the people who really
> I don't see how distributed and peer to peer makes vote revocation and
> recasting any easier. If anything it makes it harder because you could
> have multiple copies of both your new and your old vote(s) floating
> around the system.
You need to look into how capabilities are revoked in a capability
system. Obviously there must be a closing time after which votes
cannot be changed - after that the network propagates changes until
all nodes are in homeostasis which couldn't take more than an hour
for a population of 4 million. Until that final point your mobile
merely reports the (inaccurate) state of the voting so far, thus
enabling people to recast their vote based on who's winning or
losing. I think this system would improve on PR substantially.
> The requirements for voting are unusual. In this system you must
> retain anonymity without allowing multiple voting which is quite
> different to Freenet for example. In the system you favour, you must
> combine anonymity with the ability to cancel your old vote and vote
> again. Also, anonymity and audit trails do not go well together.
I see no problem. The technology required is similar for anonymous
p2p systems whereby your encrypted vote travels randomly along a
random set of other nodes similarly to anonymous remailers.
Backtracing that vote wouldn't be impossible, but it would be
extremely hard - harder than installing a spycam into a voting booth.
In terms of auditing, your mobile knows your vote and so can ask
other nodes for what they think your vote is. Your mobile possesses
the only key to read that vote, thus ensuring anonymity. An
alternative method could be a kohonen style neural network which by
its regularity indicates the quality of the network.
While you can't guarantee your vote was cast correctly in such a
system, you can to a better percentile than the current manual system
loses votes. This is good enough being an improvement and all.
> While it may be theoretically possible to design this system
> correctly, it would complex, it would still require that you trust the
> central server (which could wrongly deny you your right to vote or
> could be DOSed) and most importantly, it would be totally
> incomprehensible to the vast majority of voters, including many IT
The voter merely need navigate a menu and choose their candidate.
They can also check a real time graph of the current voting results.
I can't see this being incomprehensible for anyone able to use a
I admit that there is no current system implementing such an idea but
from what I know of ancillory technologies, it is feasible. We do
need mobile phones to be considerably better number crunchers than at
present plus the government would have to buy the bandwidth off the
operators so it's free for everyone to use. But I bet it'd be vastly
cheaper than current election costs and besides, I really think
people will like the immediacy of it.
-----BEGIN PGP SIGNATURE-----
Version: idw's PGP-Frontend 184.108.40.206 / 9-2003 + PGP 8.0.2
-----END PGP SIGNATURE-----
More information about the FSFE-IE