[nSLUG] Evoting Rant

Mike Doherty doherty at cs.dal.ca
Wed Oct 17 18:48:42 ADT 2012


Can cryptographic techniques not be used to provide an audit trail?

-Mike


On 12-10-17 05:36 PM, Jack Warkentin wrote:
> Hi Everybody
> 
> Well, again, FWIW, I am absolutely against evoting, for several reasons.
> 
> 1. There is no possible audit trail. Paper-based systems contain many
> checks and balances.
> 
> 2. There is no possibility of any kind of recount. With paper-based
> systems, every single ballot can be reassessed.
> 
> 3. There is no secure way of distributing the necessary usernames and
> passwords to voters. Snail mail is too easily compromised.
> 
> Rory wrote:
>> FWIW: I'm not against evoting at all; conceptually it's a great idea
>> with potentially major benefits.
>>
>> However, I think doing it wrong is worse than not having it at all.
>> Especially if the 'wrongness' of the implementation opens up new
>> potential for fraud and other irregularities. We have a hard enough time
>> compensating for the older and well known types of fraud and error.
>>
>>
>> On 2012-10-17, at 8:52 AM, Doooh Head wrote:
>>
>>> When it comes to "evoting" I have never been so astounded at the
>>> ignorance's that abound at that simple term.
>>>
>>> People get all wierded out at what they think it represents but don't
>>> consider how broken our "paper" voting system really is and what
>>> evoting actually delivers
> 
> I do not believe our "paper" voting system is broken at all. I have
> acted as a scrutineer at a couple of federal and provincial elections
> and can state that the opportunities for fraudulent voting are
> vanishingly small.
> 
>>>
>>> J
>>>
>>>
>>> ------------------------------------------------------------------------
>>> Date: Wed, 17 Oct 2012 08:30:33 -0300
>>> From:dennis.dentremont at gmail.com <mailto:dennis.dentremont at gmail.com>
>>> To:nslug at nslug.ns.ca <mailto:nslug at nslug.ns.ca>
>>> Subject: Re: [nSLUG] Evoting Rant
>>>
>>> I used to work for the same folks who run Intellivote. If anyone
>>> remembers knowledge house then you should know that it's some of the
>>> same folks...
>>>
>>> On Wed, Oct 17, 2012 at 8:10 AM, Rory<rory at unixism.org
>>> <mailto:rory at unixism.org>>wrote:
>>>
>>>     I wish this was surprising.
>>>
>>>     Given the pool of web application devs outs there, though, it
>>>     doesn't surprise me at all. I continually run into sites that cost
>>>     considerable money to build (devs, consultants, etc) and are full
>>>     of all the classic newbie security holes. Or that use 'encryption'
>>>     to virtually zero effect.
>>>
>>>     You'd think more of us had learned a thing or two about secure
>>>     development over the last decade or so.
>>>
>>>     Add to that all the complexities inherent in elections and voting,
>>>     you've got a recipe for disaster.
>>>
>>>     R
>>>
>>>     On 2012-10-17, at 12:08 AM, Daniel AJ Sokolov wrote:
>>>
>>>     > Let me set this straight: I think that Evoting is a bad idea for
>>>     any public election. There is but a single group that I would see
>>>     it warranted for: voters with certain handicaps.
>>>     >
>>>     > Putting aside my general approach to Evoting, I have observed
>>>     what is going on in the HRM. And it is appalling.
>>>     >
>>>     > They have sent Login AND Password, in plain visibility, on ONE
>>>     and the same page in an easily identifiable envelope - and they
>>>     even put a "do not forward" message on it so voters who are out of
>>>     town can not evote after all.
>>>     >
>>>     > They did not set up DNSSec.
>>>     >
>>>     > They force you to use JavaScript.
>>>     >
>>>     > The website officially supports only certain operating systems
>>>     and browsers (no word of Linux) and apparently a single
>>> screenreader.
>>>     >
>>>     > No source code has been disclosed (however, a single HRM employee
>>>     was tasked with verifying that the source code is perfect - what a
>>>     relief).
>>>     >
>>>     > They are unable to verify fingerprints of the SSL certificates in
>>>     use. They were very nice, talked to the Returning Officer and
>>>     called me back: "You just need to type in https and then it is
>>>     secure."
>>>     >
>>>     > Sure.
>>>     > Daniel AJ
>>>     > _______________________________________________
>>>     > nSLUG mailing list
>>>     >nSLUG at nslug.ns.ca <mailto:nSLUG at nslug.ns.ca>
>>>     >http://nslug.ns.ca/mailman/listinfo/nslug
>>>
>>>     _______________________________________________
>>>     nSLUG mailing list
>>>     nSLUG at nslug.ns.ca <mailto:nSLUG at nslug.ns.ca>
>>>     http://nslug.ns.ca/mailman/listinfo/nslug
>>>
>>>
>>>
>>> _______________________________________________ nSLUG mailing
>>> listnSLUG at nslug.ns.ca
>>> <mailto:nSLUG at nslug.ns.ca>http://nslug.ns.ca/mailman/listinfo/nslug
>>> _______________________________________________
>>> nSLUG mailing list
>>> nSLUG at nslug.ns.ca <mailto:nSLUG at nslug.ns.ca>
>>> http://nslug.ns.ca/mailman/listinfo/nslug
>>
>>
>>
>> _______________________________________________
>> nSLUG mailing list
>> nSLUG at nslug.ns.ca
>> http://nslug.ns.ca/mailman/listinfo/nslug
> 



More information about the nSLUG mailing list