Hi! I know I'm coming too late with this, but maybe it's something that can be considered as for future developments of the voting bot:
On 04/10/21 13:08, Daniel Smith wrote: > If anyone wishes to verify that their personal vote has been recorded > correctly, they can email [email protected] to have an independent > party with database access verify their vote appears correctly in the system. IMHO the bot should make the vote public: there should be a static page, visible to everybody (even non authenticated users), containing a list of names (or signatures) and their vote next to each signature. The trick is that these names do not need to be real: once the voter authenticates him/herself into the system, he/she casts a vote and types in a signature, which of course does not need to be his/her real name, but anything that he/she will now know to be associated with the vote: it can be a name like Napoleon, or a sentence like "The lazy fox jumped again". In this way every voter would be able to independently verify that his/her vote was counted correctly by just looking at this static page ("is my signature there, and with the vote I casted next to it?"), and everyone interested can know (by seeing that no voter is protesting about his/her vote not being in the page) that no fraud occurred. This still leaves the door open to hackers inserting more votes into the voting bot, but then this could also be tackled by showing at the top of the page the list of the usernames of the people who voted: if the total number of voting usernames is not equal to the total number of votes registered, again we know that the vote is not correct. Ciao, Alberto -- http://www.mardy.it - Geek in un lingua international _______________________________________________ Development mailing list [email protected] https://lists.qt-project.org/listinfo/development
