@CraginSFully expected this reaction, but obviously there are others fully involved in the technology, and they are stuck in their "lobster pot" by default.   The Russians and Chinese Hacking groups are simply going to make good on manipulation promises on those who go have gone down this road already.

 

Regards

 

Caute_cautim

Rob summarized my feelings on this one....

 

> DAlexander (Newcomer III) posted a new reply in Tech Talk on 08-16-2019 06:53 AM

> I'd be interested to hear what anyone thinks IS the answer.

Having been a poll clerk and deputy returning officer, I'd say that everything safe
involves paper in some way. I know that Americans say their elections are much
more complex than ours, but there are systems wheree you mark the paper ballot,
the machine reads and counts the votes, but it keeps the (paper) ballots in a bin so
that there can be a recount or a check.

>    I am not an
> election history expert but I would venture to go out on a limb here and say
> that there has likely never been a fully trustworthy voting system.

Probably true, in the sense that we can never guarantee 100% security in pretty
much anything, but the extent voting machines and online voting systems are
massively insecure. Check out http://catless.ncl.ac.uk/Risks/search?query=voting
for some studies and discussions.

>   Paper
> ballots seem like a popular way to avoid the evil hackers and ensure a fair
> election but, as I understand, China and Russia both still use paper ballots

Well, yes, you *do* have to have just a wee bit of independent scrutiny and
oversight ...

>   Can we leverage technology to do that better than the traditional
> paper methods?

As noted, there are machines to do the counting, but retain the ballots for
recounts. There are also some interesting paper ballots where the voter retains
part of the ballot which can prove what the original vote was.

>  I believe we can and I also think block chain has a lot of
> potential to reduce single points of manipulation.

Oh, dear, he's drunk the blockchain koolaid ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
As one gets older, one discovers everything is going to be
exactly the same with different hats on. - Noel Coward
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

---

@DAlexander wrote:

I'd be interested to hear what anyone thinks IS the answer. 

 

I am not an election history expert but I would venture to go out on a limb here and say that there has likely never been a fully trustworthy voting system.  ...

...

 The challenge here is to manage the risks so you can better defend against the threats.  Can we leverage technology to do that better than the traditional paper methods?  I believe we can and I also think block chain has a lot of potential to reduce single points of manipulation.  There are aspects that need to be addressed before it can go mainstream but I think the larger issue will be ensuring every voter has access to the technology to begin with.

---

Daniel,

If we are to approach the idea of a "voting system," we must understand that it is in reality a system of systems, which involve a complex set of paper and electronic systems and processes. To see my quick list of that set, please review my blog post

DHS Security Tip 19-001, Best Practices for Securing Election Systems

 

When you understand the interconnected processes and multiple very different paper and computer systems, you will see that there is no single computer system capable of managing a safe and secure election. 

As for believing you can "solve" election security with a blockchain solution, please tell us the framework you think blockchain might fit into.

 

As @rslade Grandpa Rob noted, I, too, am concerned t you may have drunk the blockchain koolaide. However, if you can describe a meaningful use of blockchain for any one of the 10 processes I list in my blog post, I will correct that concern.

 

 

 

 

Gentlemen, I must admit, I like Kool Aid.  They have some interesting new flavors including Sharkleberry Fin (which, I’m shocked the PETA folks haven’t called for a world-wide boycott of yet due to the similarity to “shark fin” rather than Huck Fin) but my favorite has always been Tropical Punch.  Easy now, back away from the keyboard slowly so you don’t break a hip…that was a joke and I am fully aware that the phrase refers to Jim Jones and his Jonestown followers.  Save yourselves the effort of typing out a history lesson for us.

 

Now, your Kool Aid comments do exemplify a major problem with our cyber security field and worse, with current trends in general.  See, the world is not binary.  Not everything is good/bad, yes/no, blue/red, etc.  Likewise, not all innovation is done by an evil enterprise out to steal our souls like the technophobes want us to believe.  You may remember back when Socrates spoke out against writing because it would instill “forgetfulness in the learners’ souls, because they will not use their memories.”  The same sort of doom-and-gloom statements were also made regarding the printing press, radio, television, and the Internet yet, here we are, alive and well.

 

Douglas Adams once described a set of rules that describe our reactions to technologies:

1.       Anything that is in the world when you’re born is normal and ordinary and is just a natural part of the way the world works.

2.       Anything that’s invented between when you’re fifteen and thirty-five is new and exciting and revolutionary and you can probably get a career in it.

3.       Anything invented after you’re thirty-five is against the natural order of things.

 

To be clear, I was very deliberate in saying that blockchain has a lot of POTENTIAL; not that it is the answer today.  It no doubt has areas of insecurity that must be addressed before applying it blindly to a system (or systems within a system as if that matters) that is as important as the voting process.  It does seem to me that things like transparency and auditability in our elections would be a good thing to strive for.  All I am saying is that blockchain is something that should be explored.  It is based on cryptography meaning, based on math, so in theory, a solution would be able to be proven mathematically.  Wouldn’t it be great to PROVE an election is accurate?

 

@CraginS, I can think of at least one of your 10 processes that could benefit from this.  Think of a case where a voter is issued a token (think “coin”) upon registration and the global blockchain record then gets updated with that transaction.  Regardless of location, this person could vote electronically after “depositing” the token.  This could provide better accessibility for people that may not have the means to physically travel to the voting station due to cost, security, health, or any other reason.  It could also ensure every voter only cast one vote.  Just my two cents (pun intended).

 

@rslade, I find it difficult to make the connection that your duties as a poll clerk and deputy returning officer correlate directly to the claim that “everything safe involves paper in some way.”  Seems a bit of a stretch to make that claim with such a small sample size.  I suppose paper ballots are sufficient in countries with populations less than the state of California (don’t apologize Canada, it’s not your fault; people just tend to avoid cold climates and those moose are huge!!!) but it doesn’t scale well when accuracy or speed matter.  It also goes without saying that the more human hands you add to any process, the more opportunity you provide for human emotions, motives, incompetence, or plain old mistakes to contaminate the results.

 

In the end, am I drinking the Kool Aid?  No, but I am guilty of taking a few sips to see how it tastes.