[CAVO] Online contracts and voting
Lawrence Rosen
lrosen at rosenlaw.com
Sun Jun 5 15:31:04 UTC 2016
Finally, an online discussion here rather than merely quotes from
newspapers! :-)
Juan Gilbert wrote:
> Taxes, banking, etc, allow you to verify your data. If your account
balance is wrong, you can verify it and take action. Voting is the opposite,
you are not allowed to verify your ballot. This is why we need a physical
ballot that can be hand counted that is not attached to a single voter.
Yes, and that is why I suggested, in my previous email, that both the voter
and the county print and email the anonymous ballot (with unique bar code,
perhaps), so that it can be hand counted if necessary in an audit. I'm not
qualified to design an unbreakable system - just a better system.
> Sorry, but it's a fact, electronic ballots can be hacked and you would
never know it.
I am not naive. I own lots of hackable devices on which I perform essential
tasks much more important than voting. And by way of comparison, I just
voted by paper ballot and mail in California, a system that could trivially
be hacked if someone really wanted to.
I joined this project because we advocate open source. Even Linux inside a
heart-lung machine can be hacked, but I expect our community to see that and
complain, and fix the hacks.
/Larry
From: Gilbert,Juan E [mailto:juan at ufl.edu]
Sent: Sunday, June 5, 2016 4:21 AM
To: lrosen at rosenlaw.com; CAVO <cavo at opensource.org>
Subject: Re: [CAVO] Online contracts and voting
Any 100% electronic voting can be manipulated. If you have an electronic
voting system, I can guarantee you it can be hacked, meaning the outcome of
the election can be changed undetected.
Taxes, banking, etc, allow you to verify your data. If your account balance
is wrong, you can verify it and take action. Voting is the opposite, you are
not allowed to verify your ballot. This is why we need a physical ballot
that can be hand counted that is not attached to a single voter.
Rocket science is actually easier than voting.
Sorry, but it's a fact, electronic ballots can be hacked and you would never
know it. You would suspect something was hacked because of the outcome but
you couldn't prove anything. I don't think anyone wants that scenario.
If any of you know if an electronic system that can't be hacked, please let
me know.
Thanks,
---
Sent from my iPhone
On Jun 5, 2016, at 12:58 AM, Lawrence Rosen <lrosen at rosenlaw.com
<mailto:lrosen at rosenlaw.com> > wrote:
David, thanks for continuing this thread. It is good that this CAVO list
discusses actual solutions to real-world California voting problems rather
than merely share our fears and newspaper press releases.
I want a very simple replacement for the error-prone and insecure paper
ballot that I used this week to pick our president. I hear that the majority
of California voters vote this way by mail. There is NOTHING about this
system that prevents any of the evil frauds and corruption that you expect
from businesses and politicians, so be scared about our current third world
voting system.
I want something simpler:
? I want to receive an electronic ballot at my email address on my
computer or mobile device. That's how the county and the U.S. government
currently deal with me for almost everything else of significance, including
my taxes!
? I want to vote at my leisure.
? I want to print out and/or save my completed ballot. I'll keep it
secret if I want to or show my friends.
? I want to send my ballot electronically to the county. (Yesterday I
placed my completed paper ballot in a metal box in front of the county
offices - with no security or auditability whatsoever. I am now paranoid!)
? I want the county to email me a confirmation and a copy of my
completed ballot.
? I want the county to process my ballot on election day.
? I want this entire procedure to be auditable with email addresses,
PINs, or whatever the kind of technology our Facebook and LinkedIn friends
are willing to accept for security.
If we can't do that without sending astronauts to Mars, then your technology
solution is perhaps way too complex and paranoid. :-)
/Larry
From: David RR Webber (XML) [mailto:david at drrw.info]
Sent: Saturday, June 4, 2016 9:09 PM
To: CAVO <cavo at opensource.org <mailto:cavo at opensource.org> >
Subject: Re: [CAVO] Online contracts and voting
Larry,
You are right to compare the USA to a third world country - its getting
there.
The Kenya system is called M-Pesa - "Mobile money". It is using a secure
system invented in England - and the password is a simple PIN code.
Notice you will NOT be able to do this is the USA because the banks and the
IRS do not want you doing that - creating an alternative financial system
with no central tracking system - that actually empowers small business and
entrepreneurship. Here we still use paper cash money for that purpose.
It is terribly inconvenient that people have to use old arcane paper ballots
- but it is VERY necessary. You only have to look at how corrupt
politicians are - and how adept they are at deflecting responsibility to
realize that opening the flood gates to digital fraud is not prudent. Not
to mention routine hacking of systems in 3 out of every 4 businesses in the
USA.
Everything in the USA is being gamed. What is the real price of bread, milk,
eggs, gas, cars, paper, sugar, corn... ? Again - the current primaries
system tells you much. Want to make primaries voting all digital - so no one
has any clue who actually voted, and for whom really?
May as well walk those envelopes over to your recycle bin and just toss them
in there.
But I'm not paranoid - I just have a healthy distrust and cynicism built in.
Cheers, David
-------- Original Message --------
Subject: Re: [CAVO] Online contracts and voting
From: "Lawrence Rosen" <lrosen at rosenlaw.com <mailto:lrosen at rosenlaw.com> >
Date: Thu, June 02, 2016 5:54 pm
To: "'CAVO'" <cavo at opensource.org <mailto:cavo at opensource.org> >
Cc: Lawrence Rosen <lrosen at rosenlaw.com <mailto:lrosen at rosenlaw.com> >
David Webber wrote:
> Please send money and we can engineer this for you.
Such unreasonable paranoia about voting!
I have on my desk right now two signed and sealed ballots for the California
primary next week. I know that my partner voted for a different candidate
than I did. I'm going to walk into the County office and drop these two
ballots, probably unmodified :-), into a wooden box on their counter.
Somehow our votes will be counted by some machine that reads ink in bubbles.
Results next Tuesday. Perhaps some of our votes will count.
And so our president will be chosen!
Please don't waste your design time engineering a solution for problems I
don't have. Just give me a simple way to vote - securely and with a trusted
record - more effectively and cheaply than those two silly envelopes on my
desk.
BTW, in Kenya almost all financial transactions are made through ordinary
cell phones with passwords. And even here, in the U.S., my bank will accept
deposits sent through pictures of signed checks from my phone. But we're
much more paranoid here, especially about voting.
/Larry
From: David RR Webber (XML) [mailto:david at drrw.info]
Sent: Thursday, June 2, 2016 2:39 PM
To: lrosen at rosenlaw.com <mailto:lrosen at rosenlaw.com> ; CAVO
<cavo at opensource.org <mailto:cavo at opensource.org> >
Subject: RE: [CAVO] Online contracts and voting
Larry,
That's why the USPS now accepts digital copies of money orders, instead of
having to send the paper one.
Not! That could of course be digital too - but - you would need a way to
track all that - matching digitally presented versions to repository.
That's called Paypal, Google, Square or ApplePay et al.
Similarly registering to vote - concur - that can be a digital process - but
then its gets more tricky. Yes - I can issue you with a digital voting token
- but then how do I know you really cast that ballot? Parties could cast
proxy votes for party members - and maybe there's nothing wrong with that -
but - we're not there yet.
Unlike in the money order or check situation - where tracking who does what
inbetween is not part of the process - with balloting it is. Except there's
a twist - in the banking transaction - everything can be logged to a
specific user entity - whereas in voting it has to be anonymous. And that
is where things get problematic. It's a bit like Heisenberg's uncertainty
principle - the more anonymous you make it - the less you know what happened
- the more you know what happened - the less anonymous.
And then who do you trust? Personally I want to see 3 separate systems of
record - and be able to cross check. So if 1 gets compromised its obvious.
And then to compromise all 3 simultaneously - that's really hard to do.
And it all needs to be open source and accredited.
Please send money and we can engineer this for you.
David
-------- Original Message --------
Subject: [CAVO] Online contracts and voting
From: "Lawrence Rosen" < <mailto:lrosen at rosenlaw.com> lrosen at rosenlaw.com>
Date: Thu, June 02, 2016 1:54 pm
To: "'CAVO'" < <mailto:cavo at opensource.org> cavo at opensource.org>
Cc: Lawrence Rosen < <mailto:lrosen at rosenlaw.com> lrosen at rosenlaw.com>
I haven't executed a contract in recent years - even with the federal or
state or county government - that wasn't immortalized by some form of
electronic signature. Sometimes they also require a paper signature on paper
forms that they file somewhere and then throw away. But I'm as legally bound
by my scanned signature as I am by my hand-signed document.
One of my clients recently complained about the boxes of printed documents
that they passed, from year to year, to their non-profit volunteer corporate
secretary. But instead, I told them, PDF copies of most documents, stored in
an online repository with security and backup, is all anyone needs nowadays.
Registering and voting should be no more difficult than what the government
already accepts on almost everything nowadays.
/Larry
From: David RR Webber (XML) [mailto:david at drrw.info]
Sent: Thursday, June 2, 2016 10:11 AM
To: CAVO <cavo at opensource.org <mailto:cavo at opensource.org> >
Subject: Re: [CAVO] Article
And these same people will be the first ones to cry "Foul" if someone gets
on the ballot with dubious credentials that they can neither refute nor
confirm - via some "Kickstarter" like campaign...
David
-------- Original Message --------
Subject: [CAVO] Article
From: Brent Turner <turnerbrentm at gmail.com <mailto:turnerbrentm at gmail.com> >
Date: Thu, June 02, 2016 1:01 pm
To: CAVO <CAVO at opensource.org <mailto:CAVO at opensource.org> >
http://www.mercurynews.com/michelle-quinn/ci_29959886/quinn-elections-should
-ditch-paper-embrace-technology
_____
_______________________________________________
CAVO mailing list
CAVO at opensource.org <mailto:CAVO at opensource.org>
https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
_____
_______________________________________________
CAVO mailing list
CAVO at opensource.org <mailto:CAVO at opensource.org>
https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
_____
_______________________________________________
CAVO mailing list
CAVO at opensource.org <mailto:CAVO at opensource.org>
https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
_______________________________________________
CAVO mailing list
CAVO at opensource.org <mailto:CAVO at opensource.org>
https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20160605/bb7cbd0a/attachment.html>
More information about the CAVO
mailing list