Electronic voting in 2013 ?
The city is looking at the possibility of electronic voting in the next Edmonton civic election.
E-voting, which can include choosing representatives through the Internet, with an electronic ballot or over the telephone, has been tried for over the last decade in other parts of Canada and several European countries, says a report for Wednesday’s council meeting.
http://www.edmontonjournal.com/news/...430/story.html
Noah's ark was built by volunteers...... The Titanic was built by professionals.
I'll still trot down to the polling station. Feels more legit
$2.00$2.25$2.50$2.75$2.85$3.00$3.20$3.25
Sweet, but I doubt it would affect voting turnout too much. See campus elections... email voting but <10% turnout. Comes down to people caring.
Wasn't it electronic voting in Florida that got George Dubya into the white house dubiously ?
Then those people who actually take the time out of their day to show up in person should have their vote count as two
I like the idea of electronic voting, especially in locations like hospitals and continuing care centres where many seniors continue to vote. I wonder, though, if something like this would incur the same costs as 311 did.
"Talk minus action equals zero." - Joe Keithley, D. O. A.
No, but an infamous butterfly ballot and an outrageous Supreme Court decision both arguably did.Originally Posted by Drumbones
Absolutely not. Paper ballots only.
I like the potential convenience of it, but I just can't comprehend a system that's capable of ensuring security and integrity.
"Men never do evil so completely and cheerfully as when they do it from religious conviction" - Blaise Pascal
Its about time
youtube.com/BrothersGrim
facebook.com/BrothersGrimMusic
Sure hope it's not as disjointed as the City of Edmonton website . . .
I don't think Electronic Voting can be a fair democratic vote.
First of all there are the massive security issues. Computer systems fallible and corruptible. In the absence of actual paper ballots there is no possibility of a recount if there are problems. The only option would be redoing the vote.
Second, the principle of the secret ballot can not be maintained when people vote from home. Voter intimidation and control become issues when someone can look over your shoulder and make sure you vote for who you're told to.
Finally, there is little evidence that e-voting systems address the one thing they're alleged to help with: voter turnout. The simple fact is that low turnout has little to do with the convenience of voting and everything to do with disillusionment with the political system.
"For every complex problem there is an answer that is clear, simple, and wrong"
For those of you that that love good 'fiction'.... The last video gets quite interesting.
Republican IT Guru Dies In Plane Crash
http://www.cbsnews.com/stories/2008/...n4684431.shtml
Republican IT Specialist Dies in Plane Crash
http://www.democracynow.org/2008/12/..._dies_in_plane
BUSTING the 'Man-in-the-Middle'
http://www.youtube.com/watch?v=BRW3B...e_gdata_player
Last edited by KC; 13-12-2011 at 11:27 PM.
The City Report on E-Voting
This bit addresses one of my major concerns:
In response to concerns surrounding fraud and coercion, Estonia brought in the principle of multiple votes. In the event a voter is pressured to vote a certain way, a voter is able to change their vote as many times as they like and can even cast a paper ballot on Election Day. Only the last ballot cast is counted. Estonia is able to blend these two systems (e-voting and paper) because the last ballot issued to the registered voter’s identification card is counted.
"For every complex problem there is an answer that is clear, simple, and wrong"
They really need to watch this interview about vote rigging and computer security. I'm posting the link again. At the very least watch the last ten minutes though he does get quite interesting at the 30 minute mark.
Since data can be changed at both ends, how are electronic votes reconciled to the voters actions?
http://www.youtube.com/watch?v=BRW3B...e_gdata_player
I have to agree, it still is a lot different with going down to the voting station and casting it there rather than doing it online. And while things are now more advanced with security and all that, there are still loopholes that need fixing should they want to fully implement electronic voting already.
There are also a number of people who do not use computers or do not know how to, which could make for more problems than how it poses as a solution.
Some interesting quotes:
http://www.sciencecodex.com/computer..._paper_ballots
“This research shows that voting machines must be secure even against attacks that were not yet invented when the machines were designed and sold. Preventing not-yet-discovered attacks requires an extraordinary level of security engineering, or the use of safeguards such as voter-verified paper ballots,” said Edward Felten, an author on the new study; Director of the Center for Information Technology Policy; and Professor of Computer Science and Public Affairs at Princeton University."
By Brad Friedman on 12/19/2011 2:10pm**
GOP Fears Iowa Caucus May be Hacked Following Purported Video Threat by 'Anonymous'
Last minute 'security by obscurity' defense unlikely to ensure integrity of results...
http://www.bradblog.com/?p=8997
"Unfortunately, however, it appears as though the steps the GOP are planning to take to try and counter the threat will do little ensure the public can trust the results that the party eventually reports to the public. "
Iowa GOP worried by hacker threat to caucus vote
By RYAN J. FOLEY, Associated Press – 4 hours ago*
http://www.google.com/hostednews/ap/...ab76f21d3c91ab
"When elections officials in Washington D.C. tested an online voting system last year, University of Michigan researchers were able to use an SQL injection to quickly invade the system and make it play the Wolverine fight song every time someone voted, he said.
"These SQL vulnerabilities are notorious, widely known and yet it's a mistake people keep making," Jones said. "It is one of the first things that you try these days."
Last edited by KC; 19-12-2011 at 10:07 PM.
http://www.edmonton.ca/city_governme...volvement.aspx
I'm pleased with the level of attention they're giving this and the amount of public involvement they're providing for.
However, having just done the initial survey I'm disappointed that the questions all skewed to why I would vote online with no questions about why I would not or what problems or objections I would have to it. My initial impression is that the research group is biased towards promoting online voting rather than gauging actual public opinion.
"For every complex problem there is an answer that is clear, simple, and wrong"
14 years after Bush v. Gore, we still can’t get voting tech right
Regions across the US experience tech glitches on Election Day.
by Cyrus Farivar - Nov 4 2014
http://arstechnica.com/tech-policy/2...ng-tech-right/
Potential Attacks on the Diebold TS Electronic Voting Machine
Nuclear Engineering, Vulnerability Assessment Team of Argonne National Laboratory
Published on Mar 4, 2014
http://www.youtube.com/watch?v=xrYkvHFie6o
http://www.ne.anl.gov/capabilities/vat/
The trick is finding something that is both easy and secure. The best I've seen is Edmonton's municipal elections with the electronically counted cards. Counting is faster and more accurate but you're still left with a means of doing a non-electronic recount.
"For every complex problem there is an answer that is clear, simple, and wrong"
Cities have done this and allowed internet voting, in other countries for years, its fine, and makes sense, especially for City council elections (which aren't on the same scale of "critical" as a provincial or federal election). It will result in more people voting. PS. all the fears of coertion apply to postal votes to.
Last edited by moahunter; 05-11-2014 at 05:46 PM.
Which cities and what are the methods they have used? I have yet to hear about a system that is guaranteed secure and un-hackable. I'm also unsure as to how coercion would only be a factor with postal votes. How are other jurisdictions preventing it with online voting?
"For every complex problem there is an answer that is clear, simple, and wrong"
^better than that, within Canada:
http://www.timminspress.com/2013/05/...oting-for-2014A city report stated that 32 municipalities in Ontario had some form of Internet voting in 2010.
A lot of cities around the world have gone to only postal voting for municiple elections (e.g. the city I grew up in, Christchurch, NZ which has over 400 thousand people), internet voting just takes it one step further, you get a code in mail, you go on line, and you vote with it, rather than put it in the post. Its exactly the same.
Or look at Estonia (a developed baltic country), they have online voting:
http://www.vox.com/2014/11/4/7154571...g-risk-hacking
Nothings perfect though, even regular balot boxes its almost impossible to prove the person voting is actually that person. Personally, I don't think the risk of a major hacking operation for a municiple election is very high at all, especially if the technology is well thought out.Here's how it works: All Estonians are issued a government ID with a scannable chip and a PIN number that gives them a unique online identity. They can then use card readers and authentication software to vote (they can also use their cards to file their taxes or pay library fines). The votes are then encrypted to preserve anonymity.
More recently, Estonians have been able to vote via mobile phones with special SIM cards for authentication. In the 2013 election, this accounted for 9 percent of all online votes.
Last edited by moahunter; 06-11-2014 at 08:49 AM.
The biggest threat in my mind is the man in the middle threat. And if it's easy and cheap to do, the history of municipal corruption makes it highly likely that someone would employ it the first chance they get. I'd expect to see it first used in Quebec.
This is conspiracy theory stuff (link below) but it's still a great video to watch to see what people spend their time thinking about. And I figure if they think it, in this often sick world, someone will eventually do it. (The second link mentions religious motivations. And we all know frequently how extreme actions come out of extreme religious and other beliefs. Muni corruption though seem to usually occur for monetary reasons such as construction, lucrative supply or service contracts, etc. )
'Man-in-the-Middle' of Ohio Vote Rigging
"STEPHEN SPOONAMORE, a lifelong Rebublican, successful serial entrepreneur, and top level cyber-security sleuth for major credit card companies and U.S. Federal defense and security agencies, blows the whistle on the design of the hacked computer system that delivered the vote to George Bush in 2004..."
https://www.youtube.com/watch?v=BRW3Bh8HQic
MIKE CONNELL: Man in the Middle
excerpt:
Published on Oct 30, 2012
From the film... — The Man in the Middle scheme subverts election results reporting. This maneuver occurred in Ohio 2004, in the Bush-Kerry Election. The man who oversaw the Man in the Middle operation, Mike Connell, died mysteriously in a plane crash soon after giving a deposition in 2008. ..."
https://www.youtube.com/watch?v=JNNHSpM-Z-w
.
Last edited by KC; 06-11-2014 at 09:19 AM.
Nothing you linked to provided any actual evidence that voter turnout has been increased, which is the major benefit touted with electronic voting. Every article I've read, and it's been quite a number now, talks about the promise of increased turnout but rarely provides any numbers showing it has actually happened.
Looking at actual numbers from Estonia shows a small increase in the time period but it certainly hasn't been significant, particularly when they've adopted a system that can be transparently hacked:
the Estonian system can also be targeted with server-side attacks, an even more worrisome approach that could lead to votes being completely rigged after the fact. "The attack’s modifications would replace the results of the vote decryption process with the attacker’s preferred set of votes," said the researchers. The researchers concludes that Estonia's voting infrastructure is littered with "serious design weaknesses" and urges the company to cease e-voting until it can lock things down tighter.
The idea that we should adopt weaker systems because the risk of actual hacking is low is dangerous complacency regarding the central institution of our governance. Looking at the amounts of money involved in current development in Edmonton, plus some of the electoral scandals happening at other levels of government, I think it's very plausible someone would try to tweak the results particularly if it was easy to do.
But even if the risk of hacking low, it's still riskier than the current system and provides no means of recounting. When people already distrust the system making it less reliable is not progress.
"For every complex problem there is an answer that is clear, simple, and wrong"
^I do my banking online, I don't worry about hackers breaking in and stealing all my money, and I'm a lot more concerned about that, than I am about the possibility of my vote being stolen. If we can manage that technology in the 21st century, we can manage online voting. Its fine to keep saying "its not broken, why change?", but then, we'd still be riding horses to work. When I look at my kids, they are so connected and tech savy now, I don't think the next generation should be held back by those who are scared of change.
The reason you don't worry about online banking that much is not because fraud isn't happening but because banks generally protect their customers from it when happens and eat the cost themselves. There is no analog to absorbing the cost of fraud in electronic voting. In fact, with electronic voting, if an election is stolen we might not even know. We wouldn't even have a means of checking.
"For every complex problem there is an answer that is clear, simple, and wrong"
Paper ballots protect against hacks, but other election cyberthreats loom | CTV News
Joan Bryden, The Canadian Press
Published Saturday, January 13, 2018
Excerpt:
As... Canadians can take some comfort in the fact that national elections in this country are still conducted the old-fashioned way. ...”
The same can't be said of some other countries...
For that matter, it can't be said of local elections in many Canadian municipalities, which Mayrand notes have been much more enthusiastic about embracing technology like electronic ballot scanners and tabulators and online voting -- and which consequently leave municipal elections with a "higher degree of vulnerability" to hacking....”
https://www.ctvnews.ca/politics/pape...loom-1.3758116
Last edited by KC; 14-01-2018 at 09:48 AM.
^ ^^
to start with, we probably need to differentiate between voting machines and vote counting machines. the latter provide results in a similar time but how they are used creates an auditable paper trail. the paperless machines and casting internet ballots does not.
and for fairness in the discussion when determining preferences, paper ballots are not foolproof either - the expression “stuffing the ballot box” existed long before voting and vote counting machines.
"If you did not want much, there was plenty." Harper Lee
State of Georgia goes to court to defend voting machines that recorded 243% voter turnouts / Boing Boing
“The most dramatic failing in the state's 16-year-old voting machines was in Habersham County's Mud Creek precinct, where 670 ballots were cast, even though only 243 voters are registered in the precinct. No one can explain how 243% of eligible voters turned out on election day, but the State of Georgia's official legal position is that nothing is wrong here.”
https://boingboing.net/2018/08/09/just-peachy.html
Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States
Remote-access software and modems on election equipment 'is the worst decision for security short of leaving ballot boxes on a Moscow street corner.'
By Kim Zetter
Jul 17 2018
“The nation's top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them.”...
“The statement contradicts what the company told me and fact checkers for a story I wrote for the New York Times in February. At that time, a spokesperson said ES&S had never installed pcAnywhere on any election system it sold. "None of the employees, … including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software," the spokesperson said.”
https://motherboard.vice.com/en_us/a...sold-to-states
Last edited by KC; 13-08-2018 at 02:07 AM.
America Continues to Ignore the Risks of Election Hacking | The New Yorker
“...
One of the enduring myths about American elections, and one that persists even after the revelations of 2016, is that they are largely insulated from hacking because we have no centralized voting system— ...”
https://www.newyorker.com/news/news-...ection-hacking
Irregularities discovered in WinVote voting machines
Excerpts:
“...Schuermann noted there are actually two problems with insecure voting machines. The first is obvious: The systems can be easily hacked.
"That's a real threat," he said. "But the other threat is equally important and equally dangerous, and that is the threat of...”
“Those vulnerabilities in themselves didn't prove the machines had been hacked, but a closer examination of files on some of the WinVote voting machines showed unexplained anomalies. One of the machines, for example, had MP3s of a Chinese pop song and traces of CD-ripping software, and data showed the machine broadcast the song on the internet. That was strange, he said, but there were more concerning voting machine irregularities.
For example, three of the machines used during the 2005 Virginia gubernatorial election dialed out via their modems on Election Day, though the data didn't explain why. Schuermann speculated that perhaps the systems were getting a security update, but one of the machines actually dialed the wrong number.
In addition, two of the systems that were used in the 2013 Virginia state elections had more than 60 files modified on Election Day before the polls closed. And USB devices connected to one of the machines while the polls were open.
"That's really bizarre," he said.
It was unclear whether the files were modified as part of a system update, he said, and there wasn't enough data to explain what those USB connections were for. Schuermann cautioned the audience that the voting machine irregularities weren't necessarily evidence of hacking, but he said the uncertainty about the irregularities should serve as a call to action. Only a few states, he said, have electronic voting systems that produce paper ballots and can be audited.”
https://searchsecurity.techtarget.co...oting-machines
Last edited by KC; 13-08-2018 at 02:27 AM.
How hard could it be?
An 11-year-old changed election results on a replica Florida state website in under 10 minutes
Nico Sell, the co-founder of the the non-profit r00tz Asylum, which teaches children how to become hackers and helped organize the event, said an 11-year-old girl also managed to make changes to the same Florida replica website in about 15 minutes, tripling the number of votes found there.
Sell said more than 30 children hacked a variety of other similar state replica websites in under a half hour.
“These are very accurate replicas of all of the sites,” Sell told the PBS NewsHour on Sunday. “These things should not be easy enough for an 8-year-old kid to hack within 30 minutes, it’s negligent for us as a society.”
https://www.pbs.org/newshour/nation/...der-10-minutes
I think using paper ballets provide a better paper trail for elections than recording everyone's votes electronic machines does.
It is possible to do both. I built a system for our board elections where voting happens on iPads in booths, paper ballots are printed for the voters as a backup. It vastly sped up the voting process and the counting process and when there was a tight vote we were able to do manual recount to confirm.
The big thing is to have the paper trail and have it visible to the voters so they can confirm the paper ballot matches their on screen choices.
I'm also partial to the system the City uses where we mark a paper ballot and but the cards can be machine counted.
"For every complex problem there is an answer that is clear, simple, and wrong"
This is a bit over the top for effect the point has some validity.
"For every complex problem there is an answer that is clear, simple, and wrong"
To be fair, and speaking from my field of work; the graphic above is funny because it's partly true. However, it's in the way IT sectors are run and managed, or rather, mismanaged. Big data can be hard to crunch and keep 100% reliable when it comes from thousands of sources and the validity of it all needs to be 100% checked.
It's also a lack of skill. Not that people lack them, but there's always someone somewhere that is better. Companies keep their programs and source code hidden away, assuming nobody can hack it. They're usually wrong.
This is why open-source projects are far superior. All the source code for how the program works can be viewed by anyone. And anyone can contribute to it, and review contributions. This means some kid somewhere in the world could even find a flaw or security hole and do a pull request to submit a fix. You have way more eyes on how things work. And believe it or not, large open-source projects are actually some of the most secure applications out there.
Yup. :/ The IT world, whether development or operations is still very thin in terms of the people are really good at it or have access to well developed resources to make up for that. Where you do have talent they can be hamstrung by organization they're in. I've heard many stories where the developers wanted robust security but were blocked by managers who didn't want to spend the money.
"For every complex problem there is an answer that is clear, simple, and wrong"
Posting Permissions
Reply With Quote
Bookmarks