• GreyBeard@lemmy.one
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    There’s nothing wrong with using technology in voting, it just has to be done in an open, verifiable way.

    • megopie@beehaw.org
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago

      The problem is how difficult it is to ensure it is open and verifiable. Not to mention how much easier it is to scale up attacks on digital voting systems.

      If I want to forge enough paper ballets to swing an election I’m going to need a few hundred people in on it, with a group that large, someone is going to squeal, or get caught doing something dumb and uncover the conspiracy, if I want to forge digital ballots, well, I just need one person with know how and the right exploit.

      It is certainly possible to make a digital voting system that is immutable once the votes are submitted, it is nearly impossible to make one that ensures that the votes being submitted are legitimate.

      It’s a lot of effort and increased risk to roll out an acceptable electronic voting system, it is much easier and safer to just keep using paper ballots.

      • RandoCalrandian@kbin.social
        link
        fedilink
        arrow-up
        5
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Believe it or not those are all solved problems

        The largest blockers to implementing them for voting are no longer technological, they’re political

        We can absolutely cryptographically verify your voting choice from your phone, and have you and everyone be able to verify when it changed, where, on what device, etc, while also preserving the anonymity of the voter.

        (Edit: while also making it far easier to combat fraud by making elections trivial enough to go “ok, everyone go check and resubmit your choices!” And immediately validate the majority of the votes as valid, minus those who don’t have internet access who would still need to travel)

        Problem is, there are a lot of very powerful organizations who would suddenly lose much of that power if voting were in any way convenient and accessible to everyone.

        • Slotos@feddit.nl
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          Every time someone confidently claims that we can cryptographically verify voting, they are deliberately or ignorantly keeping the complexity and necessity of verifying the verifier runtime, the data source, and the communication channels out of the picture.

          Cryptography doesn’t solve voting verification problem, it obscures and shifts it.

          • davehtaylor@beehaw.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Rando there is really talking about about putting elections on a blockchain and trying really hard not to say the word.

        • _Z1useri
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          OK, cool now teach your family that calls their web browser “The internet” enough computer science to adequately understand and audit this proposed open system and convince themselves that their votes are counted in a fair, verifiable and secret manner. Also that the implementation does not have obvious side channels and what is actually running is built from the published source code.

          Like, If I was part of some shady powerful elite I’d love a fully automated setup. Most people will not be able to check the system deeper than “phone displays green check mark” without an unreasonable time investment.

          On the other hand, “room full of people opens box full of papers and counts them while verifying each other” is intuitive enough for almost anyone to grasp and gain confidence in.

        • megopie@beehaw.org
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          You may be able to verify that a given code is correct, or that a given device is correct, but no amount of software can conclusively prove that a given person has voted. All that cryptography prevents is a man in the middle attack, it does not prevent bad inputs from being entered by people who have stolen credentials.

          Voting should be easy and convenient, but paper ballots and voting booths can be easy and convenient.

      • smollittlefrog@lemdro.id
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        All 3 systems use openssl and get attacked using Heartbleed.

        (And even if they don’t reuse even a single piece of code, attackers can still just use multiple exploits.)

        • PoisonedPrisonPanda@discuss.tchncs.de
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          yes but 3 different exploits would result in different results. which is an indication that the voting result is irrelevant, and should be repeated

          edit: I am by far no expert, yet having anykind of kniwledge in that area, so I apologize for naivity in advance.