Once again, xkcd tries to explain what everybody's known for years and fails miserably.

Electronic voting is not a bad idea because we programmers are idiots. It's a bad idea because it cannot be proved to be secure, and election results are too important to simply be ‘trusted.’

“B-but open software!” Can you prove that the software in some public repo is the same one that they installed on the machine? Did they compile it in front of you? On a completely new, empty machine?

“Open hardware, then!” No. That's even more stupid.

Forget about it! You can't prove the security of electronic voting. Just use paper ballots and transparent boxes, and let regular people chosen at random direct the process and count the results in front of a representative of each party.

Follow

@josemanuel

Yup. Paper voting is the gold standard for democracy.

Paper voting is anonymous, it's physically limited to one vote per person, recounts are easy, it's unhackable, you can check for counterfeit votes through forensics, the boxes can be physically sealed and stored forever in case of disputes etc.

It's the ultimate in transparency as literally anyone can watch a paper vote being counted, and we have centuries of experience on avoiding paper fraud. This is a solved problem.

@switchingsocial
There is no need of sophisticated fraud schemes:
A dictatorship only needs to make sure only those they want will vote, and, in the end, just ignore the results of calculations and announce the numbers they'd like to get. This way, they may look as popular as desired.
Of course, some countries are more susceptible / immune to this than others, but by now I'm not sure of anything.
@josemanuel

@switchingsocial @josemanuel I don't disagree with any of this, but thought you might enjoy this post from Schneier exploring how you might hack the papal election that is done on paper:

schneier.com/blog/archives/200

Sign in to participate in the conversation
Mastodon

mastodon.at is a microblogging site that federates with most instances on the Fediverse.