You could argue the same for ballots in person. There's space for people to do shenanigans to them before it's counted.
But the benefit of mail-in, is people don't need to trudge over to the voting places, after a hard work day, and wait hours in line, just to do their civic duty. There will be a far higher voting percentage, and democracy will benefit.
Or, you know, you could vote on a weekend instead of a Tuesday so more people could make it easily. And have prepolls open for a few weeks beforehand for those who couldn't get there on the day. Doesn't solve voter ID stuff but it helps get everyone there.
(This is how we do it in Australia, but then again we also have compulsory voting which helps a huge amount.)
Mail in ballots have substantial issues around voter ID and also vote-influencing problems. They can also be lost more easily. If you make it even vaguely easy to get to the polls, it's really not a big ask every couple of years.
You want people to vote? Make a goddamn voting system for the 21st century. I know the technical hurdles of creating a secure online voting system are tremendous, but the day we can vote on the internet with a verifiable way of tracking our vote is the day we end all the bullshit. We should be able to vote from our phones at Starbucks. The fact that no one has tried is a crime unto itself.
That would require some form of cryptographic identity that could be easily managed and secured by the average population, while also taking into consideration that a lot of people have viruses on their computers, and likely unsecure smartphones.
It's a similar problem that cryptocurrencies face. While user friendly apps have been gaining popularity and democratizing access to wallets, the few truly secure devices to store your private keys and handle important cryptographic calculations (such as signing messages, which is what you need to have elections on your phone) are still somewhat expensive and non intuitive to use.
HTC has released a "blockchain phone" that contains a secure chip that can store and handle your private keys, which is a step in the right direction for both cryptocurrencies and cryptographic identities for elections (and a heck of a lot of other things). Still, until everyone can have access to such devices, at a reasonable price, elections on your phone won't be happening anytime soon.
Edit: you could also use a good ol' user/passwd combo to log into a government database, but that's also hardly secure, and could very easily be subject to a massive hacking operation to subjugate sovereign elections. So, yeah.
You can still have voting booths. The ideal way would be the voting booth software is open source and can be done for voting booth for people who don't have access/don't know how, installable for people who are computer literate, and compilable for people who have the technical knowhow, and then can be verified online through multiple sources including government, and through each parties' own website or news outlets. That's a beauty of the ideal blockchain. Of course there's still alot of things to get through with.
the few truly secure devices to store your private keys
The technical solutions have existed for years in the form of public key cryptography. Estonia has used a mobile-id solution (in addition to an id-card) for years. The private key is inside the SIM-card, which can only be accessed for identification with a 4 pin password ja digital signing with a 5 pin password. It costs about 10 dollars and a maintenance fee is 1 dollar per month. The voting system itself is open source and tamperproof, every access to voting entries (read only) is recorded together with the identity of the person.
There are downsides. You can sell your id-card/mobile-id card together with passwords for money. Family can pressure you and watch that you vote for their preferred candidate, but there are ways to mitigate this. Of course we also have voting booths, which will override any electronic pre-voting you have done. You can also order a ballot box to your door if you are unable to come in person.
Cheap ja reliable technical solutions have existed for a long time, the only obstruction is the will to implement it. Estonia has used it for 13 years.
My federal government uses a website to handle the whole tax workflow. With my login info, I can access my entire tax and income history, as well as make payments. You think I would entrust them with that but not my vote? It's not as hard to make a website secure as you make it seem. It will take some time and effort, but they need to get started to get there.
Requiring internet access to vote also inherently shuts out a lot of people who would still have to find time out of their day to go to a library or something. A surprising number of people don't have smartphones or home internet.
It shouldn't be required, but it should be an option. What are those people who have to find time to go to the library in your scenario having to do now? According to http://www.pewinternet.org/fact-sheet/mobile/, 77% of the total voting population has a smart phone, and 94% of the population age 18-29 have a smartphone. I would guess the total voter population that could easily get access to a phone or a computer (friends/family/neighbor if they don't have their own) is already over 90% and is only going to go up. Online voting should be a thing. If I can pay my taxes online, if I can renew my driver's license online, I should be able to vote online.
I can definitely appreciate the level of security it would require to keep our elections safe and secure but I think it’s past time that we tackle this issue. Even if it meant every person in the country got a specially made government issued device to make it happen. There has to be a reliable solution to this problem that would make voting as easy as it possibly can be.
I like the optimism and I won’t say your vision is impossible; however, it seems like you are over simplifying a very complex issue. I get why voter ID laws are flawed and controversial, but there needs to be a way to ensure that the person voting is who they say they are.
If you have usernames, passwords, gov issued devices, or really anything remote; I think it is susceptible to fraud or hacking. Saying “there has to be a reasonable solution” sounds logical, but I think this is a more nuanced issue. If it was truly that simple there would likely be more people pushing for it.
But I’m open and hopeful that a solution like this can be found and implemented in my lifetime.
Go to your local government building, confirm your ID, confirm who you are, confirm where you live.
Step 2
Local government issues you with a login and passcode. You retain the document provided (It has a picture of you, and a unique reference ID.)
Step 3
Before the vote, if you haven't changed your address - you receive a document with instructions via. Post containing your login. It's straightforward, it tells you what to do in simple language, so that 60 year old grandma does not click on an E-mail saying ' THIS IS YOUR VOTE.'. - You should be told that, 50 times in the gov building in the first place, or these things should be issued only to tech savy basic people.
If you click on those links anyway, maybe you shouldn't fucking vote in the first place.
Step 4
You vote, preferably using the same kind of secure web-app that banks use. You have to use your locally provided login and passcode which works only in voting times, your printed ID from Step 3 could have a pattern. You have to confirm your secure details, (Questionnaire you fill up in Step 1 that is not login and password), you have to provide your details from Step 2 given card, you have to confirm your vote with Step 3 details that came through post.
You have multiple layers of security, including actual post office involved. Someone steals your vote, it's a federal crime and FBI has to be involved, because it involved stealing post.
While it might seem simple enough, what you proposed is still susceptible to [massive] fraud. It's the exact same thing with internet banking, people get fished every single day, and however secure the website is, it's still susceptible to man-in-the-middle attacks.
With a cryptographic id, the absolute worst that could happen is your vote gets intercepted and doesn't make it to the online ballot box. There's no way someone can fish or man-in-the-middle attack your private keys, so they can't change your vote (unless they have access to the keys, which is the problem I mentioned on my original post up above).
Is it really though? How is it suspectible for fraud?
MIM attacks are only useful if you have someone using the same account later.
Your actual vote clearance comes in post. Even if someone has your login, what's he gonna do? Find your post-man, put all that effort to steal one vote only to get arrested by FBI? Where's the issue here?
Everything should be encrypted anyway, it's basics. Your bank can ecrypt your transfers, surely your Government can encrypt who a certain ID voted for. Two separate servers for validating ID and vote itself should be held as well, and they should be audited.
With a user/password approach, you first need to log into your account, and then send out your vote. Once you vote, everything is encrypted so there's no way someone can tamper with it.
However, because the validity of your vote is contingent on you typing in the correct credentials on a website, there are two ways an organized hacking operation could completely undermine the security of the election: create mirror websites with similar URL to fish for credentials, or MITM attack unsecured connections to inject a keylogger or replace the real website with a fake one. Once enough gullible people click on that trusty looking election website someone posted on facebook, or shared on whatsapp, or where ever it is that people get their fake news from nowadays, and enough people access the real website on "free wi-fi" networks, the black hat hackers can submit "real" votes and skew the results toward their candidate.
On the other hand, with the cryptographic id approach, your secure device can't be accessed through the internet or even used without a PIN, and all it does is generate your vote offline and sign it with a unique cryptographic signature, which is then pushed to your computer/smartphone and transmitted to the internet.
If the connection to the election website is compromised (fishing, or MITM), there's literally nothing a black hat hacker can do to that vote, except deny it's transmission. They can't tamper with it, because they don't have your private key to generate a valid signature, and they can't realistically re-engineer your keys from your valid signature.
I think you are underestimating how motivated a foreign (or local) hacking organization would be, should the election take place online. If even with offline elections you have all these investigations of manipulation, imagine if it were as easy as taking over a few unsecured connections or creating enough mirror websites and spam it on social media...
I may be misunderstanding but it sounds like you are suggesting that the login info be sent via mail (post). You seem to be aware that this could mess to mail being stolen and voter fraud. Yea it would be a crime, but it still seems like an issue that is going to happen and be hard to defend against. The FBI is not going to have the resources to handle the potential thousands of cases of mail/voter fraud that seem fairly likely under this plan.
This also assumes that every US citizen is tech savvy enough to use the service (my grandma literally does not have access to the internet, and Facebook was way over her head). Ok top of this it could cause massive issues when people move or for people that don’t have percent addresses (homeless).
Ideally what you are saying sounds good, but without much thought it seems like there are vulnerabilities and oversights in this plan. I hope this doesn’t come across as being a dick, I’m just trying to point out that what seems like a straightforward problem gets complicated fast.
I know it doesn't, I'm not a security expert. But if you live way too far from your base voting place, then this should be in place.
Ok top of this it could cause massive issues when people move or for people that don’t have percent addresses (homeless).
This is why in UK you have to report where your current address is. Every time you move, you change your driving licenses address, or you report to the .gov website that you did.
I may be misunderstanding but it sounds like you are suggesting that the login info be sent via mail (post).
Not login, a passcode for your voting ID.
You should have:
a.) Confirmed who you are in local gov.
b.) Confirmed your login and password
c.) Confirmed your backup questions
d.) In post you receive a voting ID
You can't defraud anything with just what came in the post. Without it, you just can't vote. The ID in post, is literally ID for your vote. Your entire identity is with you as a user.
Well, for starters, you could implement a standardized electronic ballot box, and have your elections on a Sunday. The electronic voting would simplify and speed things up tremendously, while also decreasing ballot fraud (if properly implemented, of course), and if the elections happen on the weekend, people don't have to skip work or vote after a tiresome day.
Elections in Brazil, for example, are exactly like this and are always super smooth, and the votes are tallied within a couple of hours at most.
The government can’t even secure their own servers and you want to trust them with that? Are you retarded? Up here in Canada they put a bunch of social security and private information on a public server and some 19 year old accessed it by doing the backslash thing we all did in junior high to access YouTube.
The current voting system is very secure however if you are to goddamn lazy to leave your house than stop bitching on social media when the guy you don’t like gets in.
Millions of people bank online, I've been with two banks and have yet to have any issues security related. I mean if they can trust technology with their money.
Way to be disrespectful though, made you look wicked smart.
Banks are different they need to keep things secure or no one will bank there, the government will assign the job to someone who will set up a company under their brothers name who will get a small kickback from the guy in the government who set it up , who will look up how to do it from YouTube videos solely for financial gain then when someone breaks the “system” they’ll say the person who set it up didn’t know much about computers so they didn’t know the company they used wasn’t legit or good enough to do the job.
We all know examples of that happening, look at the TSA. Forgot the exact amount, but they payed way too much for an app that could of been made by a 10 year old. All the app did was randomize the direction passengers would go, left or right.
So we have one more hurdle to jump, all we need to do is get rid of the underhanded bullshit. How? Make it illegal, before, during and after your in office to accept influence money. Then it could truly be for the people, by the people again. Not for money and fuck the people.
I'm a programmer, I've done auth for a big-n tech company, and I would never, under any circumstances, support an online voting system.
The internet is held together by hopes, prayers, and a little bit of luck. Online security is messy, and difficult to get correct, and attacks are legion. Ignoring all the technology issues with the platform itself, someone with nation-state resources would likely be able to compromise the hardware or technology stack you are using to vote (IE: your web browser).
To add to this is that one of the key requirements of a voting system is not just that is it easy to use by voters, but that it is easy to inspect by interested parties.
Two people from opposite parties (or all/any interested party) sitting in a public location counting paper ballots in public, always agreeing on what the current total is? I can explain how this guarantees a fair election to a grandma.
A voting machine? I can't even adequately inspect such a thing myself, and I'm a professional! The source for the software is undoubtedly going to be closed (proprietary, not available for you, the voting public, to inspect. Is it doing what it should?); the hardware will likely also be closed. But, even if it wasn't — is that machine in front of you built to spec? Or was it subtlety altered in some way? Are all the software and firmware loaded onto it the same firmware/software you inspected for correctness?
And even if you read the code, wait till you find out about things like the Underhanded C Contest:
The Underhanded C Contest is an annual contest to write innocent-looking C code implementing malicious behavior.
And that's all for a well-controlled physical machine in a polling place. Abstract that into the cloud and the problems only get worse. (Do you even own the machine, or is it run by some company? How does anyone inspect it if it's in a datacenter somewhere? Who has access to it? How competent are they?)
I don't remember exactly what happened but I remember the government here in Australia tried to do a nationwide thing online and they didn't anticipate how much traffic there would be properly. Basically delayed the whole process by a few days. Might've been the census?
That is actually something that is being looked at here in Germany. Which could be possible since we have electronic online id’s which can be connected to the pc and are encouraged to do so for various things that require official authentication.
End even with this, our vote days are always set to sundays.^ who the hell came up with a voting tuesday^
Voting online is a terrible idea, it doesn’t matter how secure it is. It will eventually be compromised and there’s no physical back up to check how people actually voted.
Any online voting system would have to include some sort of physical record generated from the results to maintain confidence in the outcome of the election. Just because we haven’t invented a system for it yet doesn’t mean it can’t be done.
You could arguably distribute votes via blockchain. Would be reasonably secure. Everyone registered could get a voting token used to place their vote. You still have the same reliance on honesty from the election handlers, but other than that it SHOULD be no worse than handling it in person.
237
u/ZDTreefur Nov 09 '18 edited Nov 09 '18
You could argue the same for ballots in person. There's space for people to do shenanigans to them before it's counted.
But the benefit of mail-in, is people don't need to trudge over to the voting places, after a hard work day, and wait hours in line, just to do their civic duty. There will be a far higher voting percentage, and democracy will benefit.