[pp.int.general] Agora Voting System for a Liquid Democracy at FOSDEM
Eduardo Robles Elvira
edulix at gmail.com
Wed Jan 19 12:56:47 CET 2011
On Wed, Jan 19, 2011 at 11:24 AM, Yves Quemener <quemener.yves at free.fr> wrote:
> No, that won't even work. How can I trust that you will really boot on the
> CD ? Or that you don't have a BIOS spying on my vote ? Or that you don't
> sniff keyboard and screen outputs ? There are many ways to cheat. That was
> one of my arguments against black box voting machines : they pretend that
> they are inspected but nowadays we could even hide a computer in any of the
> connectors used by the "inspected" machine. Trusting a given hardware is
> very hard nowadays and it will only get worse. That is why cryptography is
> so important.
No voting system to date is perfect, that's true and will never
change. Vote by mail is widely accepted and used all over the globe,
and it's far more insecure in that you need to trust the handlers of
your mail in order for the vote to remain anonymous, for example. And
it's equally prone to coercion as Internet Voting.
In the end, all systems need robust check & balances procedures to
make things reasonably secure and avoid fraud.
You don't trust my hardware even if it has been checked by a lot of
experts? Fine. Take an old machine that was created even before this
voting system existed, a machine you can trust. Disconnect it from the
Internet. Reset the BIOS. Install GNU/Linux. Configure it to be able
to do the encryption needed. Find in the papers or somewhere what are
the election administrators for the election you want to vote. Then go
one by one asking their public keys for this election. Then encrypt
your vote in this machine and sign the encrypted vote too with your
signature. The vote is prepared. Copy it to a pendrive and go to my
untrusted machine and emit the vote (or connect that machine you had
to Internet).
Now you are confident that your vote is correct, and that it's
correctly encrypted, so you can check the bulletin board and yada
yada.
On Wed, Jan 19, 2011 at 11:55 AM, Yves Quemener <quemener.yves at free.fr> wrote:
> Except that :
> - In consumer electronic transactions you can spot fraud. Something is
> provably missing from an account. Transaction can be traced.
You can see if you vote is missing in the bulletin board. And if some
of the authorities doing the mixnet anonimization process is corrupt,
you *will* know. Electronic voting lets everyone check that the
tallying process was correct, and that's an added security feature in
contrast with traditional voting systems.
> - Banking system do not pretend to provide absolute privacy
Neither do these cryptographic systems: they provide *reasonable* privacy.
On Wed, Jan 19, 2011 at 12:26 PM, Maxime Rouquet
<maxime.rouquet at partipirate.org> wrote:
> If you find a bank fraud you can sue the author and get money back. If this
> caused more problems, you can ask for more money.
>
> If you find a vote fraud after it occurred, you cannot repair things easily.
> You simply cannot cancel all the decisions taken after this vote. So you
> need to be as sure as possible that there cannot be fraud.
If you have been the victim of bank fraud, you can lose your home,
your car, you can become stressed and you might lose your job, wife,
children, even you might kill yourself. That's not easily repairable
either.
OTOH If only a few votes have been fraudulent, the voting results
might not change. If many votes have been fraudulent, it's easier to
detect.
Regards,
Eduardo.
More information about the pp.international.general
mailing list