<$BlogRSDURL$>

Saturday, October 11, 2008

The Star on paper and electronic voting

I had the good fortune to be interviewed for The Toronto Star by Leslie Scrivener--which incidentally is a great name for a journalist. She quoted me quite a bit, I think the article came out well, I'm grateful to her for the opportunity.
"It's a very human system. It works," says Akerman, 40, an Ottawa technology planner and security expert. "You mark your ballot in private, but it's in a public setting. And it balances interests. You have scrutineers from different parties watching each other. It's hands on, easy to understand."

The ballot question: Paper or not? - The Toronto Star - October 11, 2008 - by Leslie Scrivener

Previously:
The Star had a very good article about the electronic voting issue in 2004, but unfortunately it doesn't seem to be online anymore, I wrote about it at

July 13, 2004 Is the future in line or online? - Toronto Star - published July 12, 2004

Labels: , ,

Friday, October 10, 2008

Spark plug

Bump in stats from being on CBC Spark on October 8.



That reminds me I should put up some info about voting places and election results on the 13th, since I usually get a pile of hits on election day.

UPDATE: In case you're wondering, most of the hits are people searching for general voting/election information (where to vote, how to vote), not about the specific issue of electronic voting in Canada.

Labels:

Wednesday, October 08, 2008

the security stuff problem

I recognize that most people don't spend much time thinking about computer security. To the extent that they do, they either assume that there's some "security stuff" that is protecting their computer and transactions, or that such stuff could be created.

Here's the problem: lots of people have tried to create secure systems for a long time, and have failed miserably.

I don't have to get technical at all, I can just talk in the consumer space.

1. For years, games companies put elaborate efforts and skilled people into trying to protect their games from piracy. They had special codes, special floppy disks with holes punched into the magnetic media or deliberate errors, physical dongles, you name it.

And yet their games were always pirated. Eventually most of them just gave up on protecting their games.

2. For years, continuing today, media companies like the record and movie industry have attempted to protect their content from piracy with Digital Rights Management (DRM). They have sophisticated hardware, elaborate codes, highly skilled people and a large monetary incentive. And they have failed.

iTunes music DRM? There's a hack.
DVD DRM? There's a hack.

3. Apple has an incentive to protect its iPhone from being used on any network, as it has an exclusive deal with AT&T. Their phone is "locked".

iPhone locking? There's a hack

THERE IS ALWAYS A HACK.

Because any piece of software or hardware you can create, I can put a layer in front of. Your software talks to a hardware dongle? I write a layer of software that pretends to be the hardware.

And we're not talking big power or political incentives here, we're talking smart kids (mostly) who wanted to play some games, listen to some music, or watch some movies.

So if they couldn't even protect SONGS, do you seriously think they're going to be able to protect AN ENTIRE ELECTION?

There is no unbreakable "security stuff" to do that, it simply doesn't exist.
And even if it did, the incredible complexity of it would mean that the entire election would boil down to "trust the machine and the computer guys".

Wouldn't you rather trust a piece of paper you can see, a counting system so simple elementary school students could perform it, and volunteers and scrutineers from your own neighbourhood that you can watch?

Labels:

HRM e-voting success...fully eliminates the secret ballot


There were e-voters in more than 30 countries, with the oldest born in 1913, they said.

"We had people vote from Sri Lanka, from Korea, from over 50 Canadian cities and 25 American states," said Cathy Mellett, e-voting project manager for the Halifax Regional Municipality.

10% of HRM voters cast e-ballots (via Carol) and 28,709 cast municipal e-votes (via sparkcbc Twitter)

Hmm, so let's see. You assign a PIN number to each citizen, and mail the PIN to their address, and the verification info is their birth year, AND you're tracking their voting location, which can only be done by tracking their IP address, which semi-uniquely identifies their computer.

So you know who they are multiple times over, through the combination of PIN, birth year, mailing address, and IP address.

So number one, goodbye secret ballot.

Are you seriously going to take it on trust that they won't be tempted to check to find out who voted for whom? That no one will ever be tempted to check this?

Number two, in a world full of good people and lots and lots of bad people, from Nigerian scammers to Russian mafia, letting people vote in a Halifax election from any computer anywhere in the world is a feature? Are you kidding me?

Labels: , ,

Tuesday, October 07, 2008

short piece on electronic voting on CBC Radio Spark

Dan talks to Ilona Dougherty, Richard Akerman, and Grace Lake about voting online

Episode 48 - October 8 & 11, 2008 - CBC Radio - Spark - posted October 07, 2008

The audio is available as an MP3 download, or you can subscribe to the podcast, or get it through iTunes.

Just a couple quotes from me were used, but I think I got my points across.

Labels: , , , ,

terminology

Just trying to sort out my terminology:

Internet voting = web voting = Using the Internet to record your vote on some central election servers.

Electronic voting machine (or I sometimes just say "voting machine") = any of a number of different technologies for voting, primarily about touch-screen voting machines, but I would extend it to mark-sense optical scanners as well, in its broadest sense.

Electronic voting encompasses both using electronic voting machines, and Internet voting (which you can think of as using an electronic voting machine, at a distance, over the net).

This is fairly consistent with the use at

http://en.wikipedia.org/wiki/Electronic_voting

Labels:

more thoughts on electronic voting

I'm trying to gather my rather rambling thoughts on this topic.
This is what I just said in an email to a newspaper interviewer:

Ultimately it comes down to a choice between a very simple system in the physical world where we use a combination of privacy, being in public, and the competing interests of strangers (the scrutineers and election workers) to provide results based on physical evidence that everyone can agree upon,

or an incredibly complex system involving your computer, many computer networks, and computer servers, all running software created by strangers, with all the possibilities this raises for either malicious attacks on the election, or normal computer errors, a situation where there simply is no evidence to rely upon other than what the computer says, and the computer can lie.

In other words, electronic voting is no different than telling a stranger how you want to vote ("I want to vote for the blue party"), and then having to trust that they actually voted the way you asked, despite the fact you know that they can lie.

Can you imagine if we had used Internet voting for the last Quebec referendum? We would still be arguing about the results.

In short, although I love technology, I know the difference between appropriate technology and unnecessary technology.

Paper and pen is the appropriate technology for voting.

Labels: ,

<- Older Posts - Newer Posts ->

This page is powered by Blogger. Isn't yours?