Usenix Security, voting and health security

I’m at Usenix Security 2010 in DC, starting with the EVT/WOTE Workshop on voting where I’ll be presenting an update on Helios, then the HealthSec workshop where I’ll be on a panel discussing my paper with Zak Kohane and Ken Mandl on using a Personally Controlled Health Record for health-information exchange [PDF].

The voting crowd is emerging from a 2-day workshop with election officials on remote voting for military and overseas voters. I’m trying to get a sense of attendees’ impressions from that workshop, but suffice it to say that it seems to have been “exciting.” Ron Rivest compared online voting for public-office elections to drunk driving, as in “there’s no good way to do it,” and that apparently didn’t go over very well with some folks. I agree with the metaphor, however harsh it may seem.

Meanwhile, there is plenty of room for online voting in the numerous elections people hold that are not for public office: corporate boards, clubs, student government, etc. That’s why I’m excited that last night, we released Helios v3. Try it out right now by voting in our super geeky sample election and in a current-events election (Wyclef for Haiti?).

More than 25,000 votes have been cast using Helios technology. We’ve learned some very interesting lessons already, and there are many more to come. I’m hoping that, as we add more social aspects to Helios, we’ll see more usage, more data, and a unique chance to improve the technology based on real-world experience.