On Mon, Jul 19, 1999 at 09:40:04PM +1200, Joop Teernstra wrote:
[...]
>
> Kent, expertise in Network security does not translate in expertise in
> political manipulations with real human beings, ballot stuffing, vote
> buying and other forms of electoral cheating that generally comes from the
> top down.
Agreed. Incidentally, I signed up to be a member of IDNO a couple
of days ago. How come I haven't been allowed in?
> I have told you once on the IDNO list why I am motivated to do all this.
> In my eyes your objections that the IDNO polling system is not secure are
> a smokescreen. The voting system allows us to take democratic decisions, on
> line, without expensive f2f meetings. This has enormous value.
> The integrity of the system is far less important than the integrity of the
> people.
Double agreed. Precisely the problem in the IDNO case, I'm afraid,
from my point of view -- your heavy-handed, "top down" manipulations
destroyed any confidence in the integrity of the process that I might
have had. And indeed, your manipulations were exactly the "political
manipulations with real human beings, ballot stuffing, vote buying
and other forms of electoral cheating" that you warn against, except
on a slightly more subtle level. The fact that you don't see that
is the most troubling thing of all.
> I also think that in case the entity running the election is not trusted by
> its voters, there *is* an easy way to verify election results, and it has
> nothing to do with system security or detecting Trojan software.
>
> Assuming that there is no question about the authenticity of the voters,
> the voting website could be duplicated , or even triplicated at several
> trusted third-party locations.
That's a good idea. Right now the IDNO voting software is *not*
being run by a trusted third party at all -- it is being run by a
partisan to the debates.
> The voters will be asked to vote at both sites. If there is no difference
> in voting results, you can assume that no tampering has taken place. In
> case there would be a significant difference (people may change their vote
> or make mistakes, but this should not be significant) then you declare the
> election void and let them vote again at yet another site.
>
> Sure, all sites could be tampered with at the same time.
Unlikely, of course, unless the software was defective to begin with.
> When elections
> would be repeated every three months, you would wonder if a tampering
> effort would not be mainly directed at sabotage, rather than gaining office.
>
> You deal in "security" and I tell you that *all* security is an illusion.
> Is that an argument against using the Net for cheap and often repeatable
> voting?
Of course not. As I said, PAB *has* a voting system, *and* it is secure.
But given your heavy-handed attempts to manipulate things, I don't
trust *you* to run the polling booth, unless I can see every ballot.
--
Kent Crispin "Do good, and you'll be
[EMAIL PROTECTED] lonesome." -- Mark Twain
