Computer voting was a mistake. It has been shown over and over that voting machine security is abysmal.
Voting is one of the few things that shouldn't be computerized. It's far easier to swing an election by hacking a few voting machines than to forge thousands of ballots.
No matter where you live, do yourself a favor and vote only on paper.
> It's far easier to swing an election by hacking a few voting machines than to forge thousands of ballots.
Millions of ballots.
You can go further. Australia has independent electoral commissions which run the elections. Voting is compulsory and preferential. The entire process is overseen by scrutineers -- individuals appointed by candidates -- so there are always multiple mutually-suspicious observers in the room. Many of the most subversible steps in the voting process, for example replacing a ballot box that is full, have to be cross-signed by an electoral official and at least two scrutineers appointed by different candidates.
A hand count is performed three times, again under the supervision of scrutineers.
If there is a arithmetical doubt about the outcome of the election, it can be voided and is re-run from scratch. This has actually happened once when several ballot boxes for the Western Australian senators were lost during a federal election. It was very unlikely, but possible, that those votes could have changed the outcome of the final senate position.
The High Court voided the entire Senate election and it was redone.
Elections must be trustworthy. Cumbersome, people-intensive systems are paradoxically better at this. The odds that a malicious attacker could replace millions of hand-written ballots, subvert hundreds of independent professionals, subvert thousands of independent volunteers, subvert thousands of mutually-hostile scrutineers and also fool thousands of journalists is low.
I would say substantially lower than the odds for being able to subvert a single programmer or sysadmin.
I think it's a great example of our governments' misunderstanding of modern technology and security. Our current governmental computer systems appear extremely fragile[1] and prone to tampering.
If governments were actually serious about electronic voting, they need dedicated committees and bureaucratic entities whose sole responsibility is the maintenance and security of these systems.
I expect the United State to be absolutely crippled by cyber-warfare in the coming decades. On a state level, our government is simply incapable of recognizing the many vulnerabilities their systems have and compensating for them.
While personally I think electronic voting is a trash idea (couldn't we instead still vote via paper, and then read the results via ML? This would give us a "margin of error" of votes, but we would always have the paper ballots to fall back on), I think that tightening IT security is a good thing for governments to do. Especially considering just how poor computer security is for government entities.
[1]. Just want to mention I'm not a security guru. This is just my interpretation after visiting many government websites, reading stories, etc
There is always major opposition to anything which would cause many more people to vote, because that would utterly change the current political landscape. The turkeys won't be voting for Thanksgiving.
Voting is still done on paper in Norway. The votes are often counted automatically by scanning the ballot papers. In addition they will now be counted manually at least once as a security measure.
Hand-counting only. Hand-count twice for security. To hell with the scanners. Don't introduce fallible, hackable image recognition nonsense to a process which can be entirely paper-based.
I have participated several times to the counting operations in elections in France. Here is how you set it up:
- Open the ballot box.
- Separate the ballots in packs of 100.
- Make tables of 4 volunteers. Each gets a pack.
- One person opens the envelop
- One person reads the ballot
- Two persons tally the score on a sheet
- Compare both tallies at the end. If they are not in sync, do over.
- Compare the sums to the envelopes in the pack. If it is not 100, do over.
All of these tasks are really easy, so you don't have to be smart of even literate to participate. Also, everybody can check what everybody is doing. The person reading the ballot shows it, so they can't change the name. The person opening the envelope sees the names and you can easily follow the counting too.
If people come as a group to volunteer they are typically spread around several tables.
That way, you have triple check of the count, and actually in the end I think the people responsible for the voting station also compare the voting registers (you sign next to your name after voting) to the tallied total of envelopes and votes. So that would be quadrupled checked in the end.
We typically get official results the evening of the day the voting stations closed.
To this day I don't see any practical reason to switch to electronic voting unless someone wants to fraud.
I keep hearing this, but I can't quite bring myself to agree. Let's stay tech-positive and use this problem to advance our industry.
The problem is this: we don't have any machine that simplifies vote counting while being as trustworthy as having many people count marks on many sheets of paper. And since that is prone to errors and manipulation as well, so the bar is actually much lower than "perfection".
Can we really not do trustworthy vote counting better than humans? Can we not make a computer that defeats a human at reliable counting? If we cannot do that, we should reconsider our craft and wonder why. I am not enough of a computer scientist to come up with a good verification plan, but I'd be very surprised if we couldn't do it.
Gullible or corrupt government officials, sneaky sales people and shady politicians are a very different problem. Our job should be to make the machine so good and reliable that these people are driven out of the game.
The problem is that using a computer reduces this to a single point of failure. It only takes one hack of the vote counting machine to compromise the whole election. Even if you use multiple machines, they're probably running the same software and could all be compromised simultaneously. Computers have no morals and blindly do what they're told to.
When the votes are counted by a group of humans, one person making a mistake (maliciously or not) isn't a big deal because nobody expects humans to be perfect. There are checks in place to catch those mistakes. It would take a huge conspiracy to compromise the entire system.
I suppose there could be a solution in the future, maybe with blockchains or something. Until then, manual counting is the best option.
Anything networked is a fail. If machines were offline and had an extremely simple, embedded code base, and all they did was to mark (highly visible, perhaps square) marks on a paper, 100 to a line, of vote tallies to be humanly summed, it seems like it would reduce error. There could still be punch card ballots that each person verified were entered correctly (ie directly read) to have a better trail as well. But there isn't really a need for a computer for that. It could all be analog/mechanical.
> The problem is this: we don't have any machine that simplifies vote counting while being as trustworthy as having many people count marks on many sheets of paper.
Except there's no problem. Hand counts work fine.
Impatience is not a reason to substantially weaken the foundations of democratic legitimacy.
Computerized/electronic voting is extremely dangerous to attempt. That said, I feel like I am not well represented with paper ballots behind an electoral college. I feel that we MUST attempt designing and securing this in the open to move forward as a society in the interest of someday having a direct democracy.
(sidenote: direct democracies aren't always pleasant..)
I have no problem with a computer printing out a paper ballot, that the voter can inspect. I have no problem with automated counting of paper ballots. Totally auditable system.
Two phases. One system to print, a separate system to submit. A manual recount looks at the printed ballots which are inspected by the voter for correctness.
Like are we gonna read about the U.S. power grid being shut down, or an entire state / nation wide election tampering?
It's absolutely terrifying how incompetent these folks are. Why is there no one marketing their skills to governments who have actual skills? Why aren't governments hiring employees with actual skills?
We used to have the most talented structural, mechanical, and industrial engineers in government positions or as government contractors. Is tech simply too young for that to have happened yet? Or are governments failing to adequately respond to their massive skills' gaps?
Not obvious enough. Power grid hacked, widespread blackouts = somebody obviously hacked it. Meanwhile, poll numbers slightly off from opinion polls, but enough to sway an election = could he hacks, or could be sampling error. And thanks to the 2 party system, both parties will poll close to 50% it's very easy to hide in the noise.
Vivaldi browser developer Patricia Aas has done a terrific job bringing awareness to election security issues ahead of the upcoming Norwegian election:
I agree. She raised this concern as a private citizen and debated it on national tv and radio with the ballot bureaucrats who initally dowplayed the issue. If it hadn't been for her, probably nothing would have been done about it.
Was a big deal earlier this week that the keys and stuff for some municipalities were posted online on their web pages. Edit: it was certificates you had to install in the browser to verify that you were in the position to enter the total amount of votes in your municipality. The url for download were unique and random, but got indexed by search engines because they spy on urls you visit.
Yes, rather than "recounting" votes on the same/similar machine - you now need a large conspiracy for large scale election fraud, rather than a single software exploit...
Yes. So if you instead of attachments of large files in email send an URL such as https://acme.pri/?id=cafe-babe-deadbeeff00d, which is not secured by any other method than obscurity, then Edge will submit it to Bing, which indexes it and then the content is available if you can come up with some keywords that match.
It is fairly well known in Norway, due to having been in the national news earlier this spring, but I have no reason to think it doesn't apply universally.
There were similar reports earlier this year as well. Autopass, a Norwegian company responsible for most road tolls reported that a bunch of reports became publicly accessible as a result of people using Edge internally, and Evry reported the same regarding a bunch of invoices and other financial information from a client of theirs. (https://www.digi.no/artikler/16-mai-ble-det-full-krisebereds...)
In Australia, you can go to any polling station in your electorate, where they find your name in a book of paper (of which there are several copies in each station, and several stations in each electorate), cross it off, and give you a ballot paper from a stack. Presumably they process the names lists after the fact to see if anyone voted twice, though by that point there's no way to get the votes out of the mix.
Here in Norway at least, all voting is on paper ballot.
You receive an election card (valgkort) in the mail to bring to the polling station containing all your info. ID is also required.
If you forget this card, they can print it out for you.
Then you enter the booth containing party lists. You can't "punch" the wrong party as each have their own ballot. You can erase/add/reprioritize names on the party list you choose though.
Then you put this ballot into an anonymous envelope.
This envelope is then put into another envelope along with your election card.
When they count it, they pull out the ballot envelope and the election card, register that you have voted, then someone else will open and count the actual vote.
Voting is one of the few things that shouldn't be computerized. It's far easier to swing an election by hacking a few voting machines than to forge thousands of ballots.
No matter where you live, do yourself a favor and vote only on paper.