West Virginia is running an experiment: they’re using Voatz, a mobile-phone based voting system, to help overseas soldiers vote. It’s commendable to try new voting ideas in limited pilot settings, and it’s really commendable to help our military vote. However, … Continue reading Voting Security by Example: Voatz
Blockchain and Bitcoin may prove to be amazing innovations that change our daily lives, but I doubt they will materially impact how we vote. Here’s why. What Blockchain Is and Isn’t The common way to describe Blockchain is something like: … Continue reading Blockchain and Voting
My friend Alon Rosen is leading an effort with colleagues Amon Ta-Shma, Ben Riva, and Yoni Ben-Nun in Israel to implement and deploy in-person open-audit voting. The project is called Wombat Voting. It combines a number of existing cryptographic techniques in a very nice package. Oh, and they’ve implemented it and used it to run a 2000+ voter election, with apparently a few more elections in the pipeline. There’s a ton of press about them. Here’s how it works: Voters use an intuitive, touch-screen interface, receive a paper ballot they can physically cast in a transparent ballot box, and they … Continue reading Wombat Voting: Open Audit Elections in Israel
Voting online for public office is a terrifying proposition to most security experts. The paths to subversion or failure are many: the server could get overwhelmed by attackers, preventing voting altogether the server could get hacked and the votes changed surreptitiously the users’ machines could get compromised by a virus, which would then flip votes as it chooses with little or no trace even if somehow we secure the entire digital channel, there’s still the issue of your spouse looking over your shoulder, strongly suggesting you vote a certain way So, terrifying. And yet, I’m now pretty sure it is … Continue reading Online Voting is Terrifying and Inevitable
Tonight, American Idol began online voting. Yes, I’m a fan of American Idol, but don’t let that fool you: I’m still a bitchin’ cryptographer. I suspect that American Idol online voting will give rise to many questions such as “wow, awesome, now when can I vote in US Elections with my Facebook account?” and “Why is online voting so hard anyways?” Perhaps I can be of assistance. the voting process So the process is much like other Facebook-connected sites: using Facebook Connect, you log in and grant the American Idol Voting site some permissions, including reading your profile info (ok), … Continue reading everything I know about voting I learned from American Idol
There is a bit of a crisis in the Java community: the Apache Foundation just resigned its seat on the Java Executive Committee, as did two individual members, Doug Lea and Tim Peierls. From what I understand, the central issue appears to be that Oracle, the new Java “owner” since they acquired Sun Microsystems, is paying lip service to the Java Community while taking the language and, more importantly, its licensing, into the direction they prefer, which doesn’t appear to be very open-source friendly. That said, I’m not a Java Community expert, so I won’t comment much more on this … Continue reading Crisis in the Java Community… could they have used a secret-ballot election?
So Alex Halderman and team hacked the DC Internet Voting pilot. The voting system they attacked was not particularly well secured, and the type of attack used is a fairly simple web input corruption attack with little novelty. This hack, however, performs a very useful task: educating election officials and the public about what hacks against an Internet Voting System look like. What happens next is going to be very interesting. The folks who have been fighting hard against Internet Voting should be careful not to use the same faulty logic they’ve been criticizing for years. When the discussion was … Continue reading faulty logic, even for good, is still faulty