Saturday, October 11, 2008
The Star on paper and electronic voting
"It's a very human system. It works," says Akerman, 40, an Ottawa technology planner and security expert. "You mark your ballot in private, but it's in a public setting. And it balances interests. You have scrutineers from different parties watching each other. It's hands on, easy to understand."
The ballot question: Paper or not? - The Toronto Star - October 11, 2008 - by Leslie Scrivener
Previously:
The Star had a very good article about the electronic voting issue in 2004, but unfortunately it doesn't seem to be online anymore, I wrote about it at
July 13, 2004 Is the future in line or online? - Toronto Star - published July 12, 2004
Labels: canada, electronic voting, newspaper
Friday, October 10, 2008
Spark plug
That reminds me I should put up some info about voting places and election results on the 13th, since I usually get a pile of hits on election day.
UPDATE: In case you're wondering, most of the hits are people searching for general voting/election information (where to vote, how to vote), not about the specific issue of electronic voting in Canada.
Labels: meta
Wednesday, October 08, 2008
the security stuff problem
Here's the problem: lots of people have tried to create secure systems for a long time, and have failed miserably.
I don't have to get technical at all, I can just talk in the consumer space.
1. For years, games companies put elaborate efforts and skilled people into trying to protect their games from piracy. They had special codes, special floppy disks with holes punched into the magnetic media or deliberate errors, physical dongles, you name it.
And yet their games were always pirated. Eventually most of them just gave up on protecting their games.
2. For years, continuing today, media companies like the record and movie industry have attempted to protect their content from piracy with Digital Rights Management (DRM). They have sophisticated hardware, elaborate codes, highly skilled people and a large monetary incentive. And they have failed.
iTunes music DRM? There's a hack.
DVD DRM? There's a hack.
3. Apple has an incentive to protect its iPhone from being used on any network, as it has an exclusive deal with AT&T. Their phone is "locked".
iPhone locking? There's a hack
THERE IS ALWAYS A HACK.
Because any piece of software or hardware you can create, I can put a layer in front of. Your software talks to a hardware dongle? I write a layer of software that pretends to be the hardware.
And we're not talking big power or political incentives here, we're talking smart kids (mostly) who wanted to play some games, listen to some music, or watch some movies.
So if they couldn't even protect SONGS, do you seriously think they're going to be able to protect AN ENTIRE ELECTION?
There is no unbreakable "security stuff" to do that, it simply doesn't exist.
And even if it did, the incredible complexity of it would mean that the entire election would boil down to "trust the machine and the computer guys".
Wouldn't you rather trust a piece of paper you can see, a counting system so simple elementary school students could perform it, and volunteers and scrutineers from your own neighbourhood that you can watch?
Labels: security
HRM e-voting success...fully eliminates the secret ballot
There were e-voters in more than 30 countries, with the oldest born in 1913, they said.
"We had people vote from Sri Lanka, from Korea, from over 50 Canadian cities and 25 American states," said Cathy Mellett, e-voting project manager for the Halifax Regional Municipality.
10% of HRM voters cast e-ballots (via Carol) and 28,709 cast municipal e-votes (via sparkcbc Twitter)
Hmm, so let's see. You assign a PIN number to each citizen, and mail the PIN to their address, and the verification info is their birth year, AND you're tracking their voting location, which can only be done by tracking their IP address, which semi-uniquely identifies their computer.
So you know who they are multiple times over, through the combination of PIN, birth year, mailing address, and IP address.
So number one, goodbye secret ballot.
Are you seriously going to take it on trust that they won't be tempted to check to find out who voted for whom? That no one will ever be tempted to check this?
Number two, in a world full of good people and lots and lots of bad people, from Nigerian scammers to Russian mafia, letting people vote in a Halifax election from any computer anywhere in the world is a feature? Are you kidding me?
Labels: halifax, hrm, internet voting
Tuesday, October 07, 2008
short piece on electronic voting on CBC Radio Spark
Dan talks to Ilona Dougherty, Richard Akerman, and Grace Lake about voting online
Episode 48 - October 8 & 11, 2008 - CBC Radio - Spark - posted October 07, 2008
The audio is available as an MP3 download, or you can subscribe to the podcast, or get it through iTunes.
Just a couple quotes from me were used, but I think I got my points across.
Labels: audio, canada, cbc radio, cbc radio spark, electronic voting
terminology
Internet voting = web voting = Using the Internet to record your vote on some central election servers.
Electronic voting machine (or I sometimes just say "voting machine") = any of a number of different technologies for voting, primarily about touch-screen voting machines, but I would extend it to mark-sense optical scanners as well, in its broadest sense.
Electronic voting encompasses both using electronic voting machines, and Internet voting (which you can think of as using an electronic voting machine, at a distance, over the net).
This is fairly consistent with the use at
http://en.wikipedia.org/wiki/Electronic_voting
Labels: electronic voting
more thoughts on electronic voting
This is what I just said in an email to a newspaper interviewer:
Ultimately it comes down to a choice between a very simple system in the physical world where we use a combination of privacy, being in public, and the competing interests of strangers (the scrutineers and election workers) to provide results based on physical evidence that everyone can agree upon,
or an incredibly complex system involving your computer, many computer networks, and computer servers, all running software created by strangers, with all the possibilities this raises for either malicious attacks on the election, or normal computer errors, a situation where there simply is no evidence to rely upon other than what the computer says, and the computer can lie.
In other words, electronic voting is no different than telling a stranger how you want to vote ("I want to vote for the blue party"), and then having to trust that they actually voted the way you asked, despite the fact you know that they can lie.
Can you imagine if we had used Internet voting for the last Quebec referendum? We would still be arguing about the results.
In short, although I love technology, I know the difference between appropriate technology and unnecessary technology.
Paper and pen is the appropriate technology for voting.
Labels: canada, electronic voting