Don't trust computers for voting. Bits are easy to tamper with, specially when the populace doesn't know shit about computers (and rightfully so).<p>You can envision a system as complicated as you want, but it'll always have some sort of flaw because, well, bits are bits. I've had this discussion with many people and the same solutions arise again and again... but most are useless.<p>You could get the source code for the voting program... what if your compiler is backdoored? You could compile the compiler yourself, with which compiler? The backdoored one?<p>And even if the compiler is trustworthy... who's guaranteeing that the real binary is installed in the machine? You could download it in an USB drive and check yourself or get a hash from the machine but... how can you be sure the machine is reporting the binary that's actually running and not just a fake reply? Could you trust the reported MD5/downloaded binary from the machine?<p>Easy! - you say - You could upload the binary yourself to the machine! But how would you be sure you're running the uploaded binary and not a fake one?<p>And what if any of the machines inbetween are rigged?<p>Then cryptoguys come in: you could digitally sign your vote (forget secrecy) with a state-issued certificate (we have those in Spain with our NID). Maybe encrypt it so that only the far end could read it. You'd then check if your vote's been cast fine online. But how'd you be sure you got the real result?<p>Once the data left the machine you have to trust that everything's fine on the receiving end. What if the vote count just ignores votes and just does whatever it wants?<p>And the worst of all... how's your granny supposed to check it herself?<p>There are some advanced cryptographic techniques relevant to e-vote (some are quite clever) but even the best cryptographers will tell you: do not trust electronic voting!<p>My advice is: keep with pen and paper! It's easy to tamper with too, but more people know how it works and it's easy to see the inner workings compared to bits over the wire.
I'm utterly opposed to electronic ballots. No touchcreens, no email voting, no internet voting. Elections with electronic ballots (records) cannot be audited. Nor can the voter's privacy be protected. [1]<p>That said, in my opinion, Clint Curtis is not a credible witness. What he claims is certainly plausible. But he doesn't have the technical chops to pull it off.<p>For something more reality-based, check out voteraction's lawsuit in New Mexico. <a href="http://voteraction.org/legalaction" rel="nofollow">http://voteraction.org/legalaction</a><p>VoterAction proved that Kerry won NM in 2004. What happened in NM certainly happened elsewhere. Especially Ohio, which had so much going on in so many directions, there's no way to summarize other than to say "death by a thousand cuts".<p>Briefly, in NM, spanish language touchscreens did not count votes cast for Kerry. Further, "faulty" storage devices (memory cards) were sent to back vendor HQ to be fixed, totally mooting the chain of custody, etc.<p>The whole election integrity thing is like a jumping down the rabbit hole. Things are so ridiculous, it's hard to believe. And when you try to explain to people what's happened, you're dismissed as a "sweaty paranoid kook" (that's a quote).<p>Speaking for myself, I used to think that I mail my ballot and it gets counted, what could be more simple? The more I learned, the more my confidence was shaken.<p>I could go on and on and on about this topic...<p>[1] Yes, I've studied the crypto proposals. They're included. Briefly, crypto schemes rely on a secure one-way hash to hide your ballot in the herd of ballots. Alas, US elections are administered per precincts (1-1000 voters) and typically have a dozen or more issues per ballots. Meaning combinatorially there's no way to hide an individual's ballot. Crypto works for simple ballots with thousands of voters.
Neither the description nor the first few minutes of the video state what Court or tribunal or committee or whatever this testimony is for, nor when it is taking place, nor what other witnesses might have testified that contradicted this witness.<p>Without that context, this is pretty meaningless.<p>Several comments so far have discussed ways to improve voting. Good cryptographers have already solved this problem. See <a href="http://scantegrity.org" rel="nofollow">http://scantegrity.org</a>
I am Jack's complete lack of surprise.<p>I think a startup to fix voting would actually be a really cool (anyone here doing that already?), although I imagine it would be fraught with danger.<p>I think we need to step back to first principles here. In an ideal voting system, we need two properties:<p>1.) The vote must be anonymous (to remove the possibility of persecution)
2.) There has to be some way to detect if a vote has been tampered with.<p>Here's the thing... we can solve BOTH those problems with common cryptographic algorithms. Problem #1 can be solved with a hashed identity, problem #2 can be solved with a checksum.<p>Right now we try to solve that with a "paper trail". That's one solution, but it's very problematic. First, you're putting a lot of trust in the people doing the counting. Second, we can't trace those pieces of paper back to people to ask them "is this really who you voted for?"<p>I'm not claiming these are /easy/ problems to solve. There are a lot of considerations. But I will claim that we already have the required cryptographic toolset to make it possible, and that simple counting machines are entirely inadequate.
This wasn't news then, why is it news now?<p>Less is demanded of our voting system than of our ATM system. The irony is that it is the same system. People vote with their money every day. Western democracy is realized through the market system on a national level. Locally it is still in tact as a function of voting ballots and money.<p>Governance is largely about the use of limited resources and less about civil liberties. Civil liberties are largely a function of popular majority and politicians just reflect the popular opinion of the day.
I've had the following idea for a while and was wondering if anyone can point out the flaw:<p>Imagine a system where every individual has their own public/private key pair (backed by tying it to their SSN). You then have two SQL tables:<p><pre><code> CREATE TABLE voterVote (
id INT,
category VARCHAR(255),
vote VARCHAR(255),
PRIMARY KEY (id,category)
);
CREATE TABLE voterVoteId (
voter_id INT PRIMARY KEY,
voter_city VARCHAR(255),
vote_id INT FOREIGN KEY REFERENCES voterVote(id)
);
</code></pre>
Both tables are published. The one thing I forgot to mention though is that the vote_id is encrypted with the users public key. This way any individual voter can check that his vote is what is should be and people on the whole can check that votes were tallied properly. Furthermore, we dont need to worry about hacking compilers, etc. because this can be done on the internet. The last thing we need to worry about is that the machine is lying to people when they go to check their vote. The only solution to this is to have the code which decrypts the persons row in the voterVoteId open source, but still since the protocol is open source and the data is open source, we can bet that there exists one honest person to build a tool to check. One more thing: how can we tell that extra rows werent added to VoterVote? We can check that the number of people in a city matches the number of keys issued to every person in that city (which again is backed by SSN).<p>This will probably fail miserably at something simple I've overlooked, but it was fun to dream up :)
For anybody who is interested in the concept of verifiable voting protocols, and a real life election applying them, I am currently working on the front end of such an application, with the election to be held in November 2014 for our state election.<p>We are working with academics in Surrey, UK, and elsewhere on the cryptography and verifiability of the election. So I can't answer any of the hard questions, but can point you at some of the documentation that Surrey has developed, shown below.<p>Using Pret a Voter in Victorian State elections
<a href="http://epubs.surrey.ac.uk/726039/1/EVT.pdf" rel="nofollow">http://epubs.surrey.ac.uk/726039/1/EVT.pdf</a><p>Software Design for VEC vVote System
<a href="http://www.computing.surrey.ac.uk/personal/st/S.Schneider/papers/2013/SDSTechReport.pdf" rel="nofollow">http://www.computing.surrey.ac.uk/personal/st/S.Schneider/pa...</a>
Very simple solution to the problem:<p>When you vote, you get a piece of paper saying your name, your vote, voter-id, and the machine's salt.<p>Whenever a vote is counted, it is added to a public website of HASHES. Thus anybody can verify the totals.<p>If anybody's recorded vote on the website (taken by hashing their info) doesn't match their receipt, fraud is caught (thus removing votes or changing votes isn't possible). Also, if I didn't vote or am dead, and my info is entered, we can verify no tally appears for my hash.<p>If the hashes don't match up with all the registered voters via registration forms, then votes have been added. Thus in order to add fake votes, fake voter registration forms must be filled out manually [leaving a paper trail to catch the perpetrator].
Check out the other videos posted by 91177info on YouTube. A huge variety of paranoid fantasies mixed in with lots of half-truths. Their focus seems to be pro-Iran and anti-US and Israel propoganda.<p>Also it would be nice to know what the forum was where these statements were being made. Just because they are in a fancy looking room does not indicate it is actually meaningful that the statements are "under oath".<p>That said you can definitely rig almost any large scale election. There are just too many way to attack the process. In theory computers could help make elections more reliable but in practice they just add new and powerful ways to attack the process.
Doesn't surprise me the least. Where money is, there is fraud, and where there is fraud, there is money. The US have plenty of both.<p>The problem is, how can we as programmers/IT field guys react when we are e.g. coerced into rigging systems?
As soon as you use something you did not make yourself, your project could theoretically be compromised. This ranges from drivers, compilers, OSs, hardware, to the text editor you wrote anything and everything with.
In the real world, we can protect things with a reasonable expectation of security. We can't exactly have a CCTV camera watch an incredibly small count of bits tamper with every other one in countless server closets and data centers, but we can have CCTV cameras watch an unscrupulous public servant write some extra ballots and put them in a box to be sent to DC (or wherever else).
I get the feeling that this guy isn't trustworthy. He starts by saying that he was directly told to build software to fix the election. Then he says that he 'thought' he was told to see if it was possible to build software to fix the election, then finding out that he was supposed to actually build it.
Can anyone tell me what are the precautions the election officers are taking so that this does not happen again?<p>I also saw Hacking Democracy[1] recently that shows about the 2004 elections.<p>[1] <a href="http://en.wikipedia.org/wiki/Hacking_Democracy" rel="nofollow">http://en.wikipedia.org/wiki/Hacking_Democracy</a>
Interesting individual. Wiki on Clint Curtis: <a href="http://en.wikipedia.org/wiki/Clint_Curtis" rel="nofollow">http://en.wikipedia.org/wiki/Clint_Curtis</a>.