Assuage my paranoia. Explain to me why I should have faith in E-voting machines

[XT]

black rabbit:

That’s funny, because I see the most opposition to non-verified electronic voting coming from the communities that are more familiar with technology than the average person. I’ve got a background in Unix systems and network security, and I’m uncomfortable with it.

And your background in technology means what exactly? I have 20 years as a network engineer, and I’m quite comfortable with the technology, conceptually…I use it all the time when I take money out or use a credit card in fact. Secure transactions are quite do-able and have been for some time now. The IMPLEMENTATION of the eVoting I’ve seen leave a bit to be desired, I’ll agree there…but what do you expect? Its a GOVERNMENT contract after all…which means that the first few versions are going to be complete crap, as the government sucks at specifying exactly what it wants/needs in its initial RFP’s. But the technology? If you have a back ground in UNIX as you say, and you are uncomfortable with the concept…well, all I can say is, you need to find yourself a new field. Oh, and don’t use that credit card or your ATM card for gods sake! I hear that there are some organic farms looking for a few good black rabbits…

-XT

[spazattak]

xtisme:

And your background in technology means what exactly? I have 20 years as a network engineer, and I’m quite comfortable with the technology, conceptually…I use it all the time when I take money out or use a credit card in fact. Secure transactions are quite do-able and have been for some time now. The IMPLEMENTATION of the eVoting I’ve seen leave a bit to be desired, I’ll agree there…but what do you expect? Its a GOVERNMENT contract after all…which means that the first few versions are going to be complete crap, as the government sucks at specifying exactly what it wants/needs in its initial RFP’s. But the technology? If you have a back ground in UNIX as you say, and you are uncomfortable with the concept…well, all I can say is, you need to find yourself a new field. Oh, and don’t use that credit card or your ATM card for gods sake! I hear that there are some organic farms looking for a few good black rabbits…

-XT

Financial transactions and voting transactions are 2 entirely different beasts. First off, you don’t want to be able to track who voted for who. In fact, you want to prevent the ability to tie a specific vote to an individual altogether. Yet at the same time you need the audit trail, so that the individual can verify that their vote counted. I don’t think anyone is uncomfortable with the technology. What we’re uncomfortable with is these closed loops of acquiring and counting votes. Open up the software and the process to citizen review and it would alleviate many of these fears. I liken it to using the old mechanical system - only hiring a private company with no public accountability to do the counting of the ballots.

[black_rabbit]

xtisme:

And your background in technology means what exactly? I have 20 years as a network engineer, and I’m quite comfortable with the technology, conceptually…I use it all the time when I take money out or use a credit card in fact. Secure transactions are quite do-able and have been for some time now. The IMPLEMENTATION of the eVoting I’ve seen leave a bit to be desired, I’ll agree there…but what do you expect? Its a GOVERNMENT contract after all…which means that the first few versions are going to be complete crap, as the government sucks at specifying exactly what it wants/needs in its initial RFP’s. But the technology? If you have a back ground in UNIX as you say, and you are uncomfortable with the concept…well, all I can say is, you need to find yourself a new field. Oh, and don’t use that credit card or your ATM card for gods sake! I hear that there are some organic farms looking for a few good black rabbits…

-XT

I’m talking about secure transactions - I’m talking about the notion that wanting a verifiable paper trail is somehow “luddite.”

We do secure B2B transactions out the wazoo, and each one of them that actually results in the exchange of funds or confidential data produces some kind of paper receipt, whether it’s an invoice, a contract, a product activity report, or whatever. It’s not foolproof, but it’s certainly more secure than simply relying on the integrity of the systems and the honesty of our trading partners.

[black_rabbit]

Gah… frickin’ Submit button…

If every local board of elections were to implement some kind of public key infrastructure based on peer-reviewed/open source systems, I’d have less of a problem with electronic-only recording.

The BOE issues me a key pair, my vote is immediately encrypted and signed before being inserted, and decrypted/verified with my public key at tabulation time = OK.

Dumping it out to a flatfile that’s then inserted into an unsecured Access database on a network-connected Windows machine with no way to verify the integrity of the process = Not OK.

[XT]

I agree…I’ve said that the WAY its been implemented is less than optimal. The CONCEPT though is quite do-able. Basically the gubberment got what they asked for…not what they needed. As usual.

spazattak:

Financial transactions and voting transactions are 2 entirely different beasts.

No they aren’t. The data you are collecting and associating is different, but the key concepts and underpinnings are the same. You are just talking about the details being different…such as the difference between a sports car and a long haul 18 wheeler. Different needs and requirements, but both use essentially the same concept of locomotion.

-XT

[XT]

black rabbit:

I’m talking about secure transactions - I’m talking about the notion that wanting a verifiable paper trail is somehow “luddite.”

I disagree…paper trails are a bolt on patch to a fundamental flaw in the current system. And yeah, I think that they ARE rather ‘luddite’, especially the way most people think about it. Its not going to fix the underlieing problem, just give folks who are clueless a warm and fuzzy that now that they can see in on paper, it must be good! Bah! Instead of bolting on a fix to a flawed system, my thought, radical as it is, would be to fix the system and make it secure.

-XT

[spazattak]

xtisme:

I agree…I’ve said that the WAY its been implemented is less than optimal. The CONCEPT though is quite do-able. Basically the gubberment got what they asked for…not what they needed. As usual.

No they aren’t. The data you are collecting and associating is different, but the key concepts and underpinnings are the same. You are just talking about the details being different…such as the difference between a sports car and a long haul 18 wheeler. Different needs and requirements, but both use essentially the same concept of locomotion.

-XT

yet both are used for disparately different goals, have completely different maintenance infrastructures and use completely different fuels Yes, the ‘secure’ part of secure transactions can be applied, but everything else is totally different from everything else there currently is in the private sector. Its a different problem to solve and requires some serious thought to nail down. Thats why I think the Help America Vote Act, and its early timelines, are what made this mess.

[black_rabbit]

xtisme:

I disagree…paper trails are a bolt on patch to a fundamental flaw in the current system. And yeah, I think that they ARE rather ‘luddite’, especially the way most people think about it. Its not going to fix the underlieing problem, just give folks who are clueless a warm and fuzzy that now that they can see in on paper, it must be good! Bah! Instead of bolting on a fix to a flawed system, my thought, radical as it is, would be to fix the system and make it secure.

-XT

I think we both agree that the technological basis of the current implementations are utter shit.

I still don’t get what your problem is with a paper receipt, per se. Does the fact that you get a receipt for your credit card and ATM transactions mean that there’s some kind of fundamental flaw in those systems? What about the packing lists that Newegg includes with every order? Bank statements? Stubs for direct-deposit paychecks? W-2’s?

[E-Sabbath]

spazattak:

hah! You’re hannibal? Small world… I’ve been reading ars for like 10 years.

I’m not hannibal. That is, however, the precise device and technique I was talking about.

And go ahead and smash the old voting machines. The paper ballots will be safe, and even in fragments, can be repaired. Not to mention, of course, it’s a wee bit louder, and the paper ballots can be hauled off. The electronic, paperless ones, though, aren’t verifiable in the same way.

I’m assuming that people will treat electronic voting machines the way they treat normal ones. My place of work has been a polling station for the last three years, and if I wanted to, I’m sure I could get access to 'em on the night before the election, as they haul 'em in the day before.

xtisme: I don’t think anyone’s against electronic voting machines. Just the current implementation of them is utter crap.

Okay, I’m sure you could find someone who was against electronic voting machines, but not someone with a good argument against 'em.

Let’s see. A good e-voting machine must have… A: verified code. Preferably open source, but not necessarily. But it has to be built as mission-critical code like a F-22, not built on top of crap like WinCE.
B: A paper trail for verification. The paper trail should have barcodes and a name, so it can be scanned and spot-checked, to be sure the barcodes match the name. The proposal of having it behind a glass window, only one voter’s vote showing at a time, is completely acceptable.
C: Tactile response, if possible, directly linked to a ballot that is not confusing. Switches, not touchpads, if at all possible.
D: A secure chassis, preferably with a sizable battery.

Anyone else got any specs?

[black_rabbit]

E-Sabbath:

Let’s see. A good e-voting machine must have… A: verified code. Preferably open source, but not necessarily. But it has to be built as mission-critical code like a F-22, not built on top of crap like WinCE.
B: A paper trail for verification. The paper trail should have barcodes and a name, so it can be scanned and spot-checked, to be sure the barcodes match the name. The proposal of having it behind a glass window, only one voter’s vote showing at a time, is completely acceptable.
C: Tactile response, if possible, directly linked to a ballot that is not confusing. Switches, not touchpads, if at all possible.
D: A secure chassis, preferably with a sizable battery.

Anyone else got any specs?

I’d like it if, at voting time, the voter got some kind of receipt with a hash of their voter ID and their votes. After the votes are tabulated, they would then be able to go to the county BOE web site, enter their hash, and verify that their votes were counted.

[E-Sabbath]

A note: The barcodes and name suggestion I have would be something like

||||| |||||| ||| || || || ||||| |||||| ||| || || || ||||| |||||| ||| || || || ||||| |||||| ||| || || ||
Studs Terkel, Pres. Johnny Rotten, Gov Larry Laffer, Judge

Not the voter’s ID.

[XT]

black rabbit:

I think we both agree that the technological basis of the current implementations are utter shit.

Definitely.

black rabbit:

I still don’t get what your problem is with a paper receipt, per se. Does the fact that you get a receipt for your credit card and ATM transactions mean that there’s some kind of fundamental flaw in those systems? What about the packing lists that Newegg includes with every order? Bank statements? Stubs for direct-deposit paychecks? W-2’s?

Won’t anyone think of the TREES!!! I just don’t think such paper receipts are necessary except for a fretting public, worried about all this new fangled technology. And I’ve already conceeded the point…put in paper receipts for gods sake. And I like your idea about a hash code, again, its a warm and fuzzy for John Q citizen to feel like his vote was counted. As an actual security measure, I think its well neigh useless, as if John Q citizens types in his hash code and it DOESN’T come up, its not likely someone is going to take his paper receipt and say, so sorry, and re-insert his vote into the system (too many possibilities of fraud), but it will make the public feel good about the system…and thats what counts.

To me, such changes are cosmetic at best. Its the underlieing core system I’m more concerned with.

-XT

[E-Sabbath]

What about my parallel print storage idea? In case of system malfunction, you have a way to reload and continue.

Oh, and take a special look at around page 6 of that article. They’re using an Access database to tabulate.

And some computers have PCanywhere on 'em. They’ve been successfully remotely accessed.

I’m going to be over here, whimpering.

[BobLibDem]

I can save the trees and democracy. When the e-voter is done with his selections, he presses the submit ballot button. Then the machine comes up with this prompt:
“Would you like to verify your vote on line?” If he wants it, out comes a slip of paper no bigger than a playing card. On it would be a URL and a confirmation ID. Go home and log in, and you see your vote. Even better is this: Each precinct would report votes in a tabular format with the confirmation IDs next to it. Look on the official tabulation, check the row with your ID, and see your vote on its own line.

[elucidator]

Whether or not public skepticism is justified hardly matters. It exists, and it casts suspicion on the most fundamental fact of democracy, the vote. I do not believe, even for an instant, that an utterly transparent and bugger-proof system cannot be devised, if the will be there.

I suspect that Republican reluctance is not so much based in treacherous and cunning skullduggery but a reluctance to call attention to the voting process. The fact is that one variety of citizen (urban, poor, minority) finds the process of voting difficult and time consuming and another citizen (suburban, upper-income, white) finds the process about as difficult as stopping by the QuikeeMart for a quart of milk.

The Pubbies like it like that, it suits their agenda. And even though they might not actively thwart such a program, they are not likely to rush to support it with wild enthusiasm, and would sooner deflect attention from the process so long as that is feasible.

[rjung]

spazattak:

This seems relevant: How to steal an election by hacking the vote

But it can’t be done! xtisme and WeirdDave said so!

(Gives E-Sabbath the secret Arsian handshake ;))

[XT]

rjung:

But it can’t be done! xtisme and WeirdDave said so!

In point of fact, I never said it couldn’t be done. I said I’ve seen no compelling evidence that it WAS done using eVoting machines. Its a distinction that is appearently (as always) lost on you.

-XT

[Weirddave]

rjung:

But it can’t be done! xtisme and WeirdDave said so!

Really? Care to quote where I said this? Since you’re not pulling it out of your ass or anything.

[rjung]

Weirddave:

Really? Care to quote where I said this? Since you’re not pulling it out of your ass or anything.

Hit the tape, boys!

Weirddave:

:rolleyes: Yea! And we can use the black helicopters to get from one polling place to the next in no time!

[XT]

Seems pretty vague rjung. Weak. I also note, you haven’t produced a quote from me saying it was impossible as yet…

-XT