This is a terrible idea. Paper ballots work, are secure, and the processes are well understood. The value an attacker could garner via control over elections is enormous, so there's a big incentive to do so.
Imagine we start putting cryprokitties technology to better use.
1. Voter registration cards are manufactured with in the US with tight supply chain controls.
2. US based security researchers with a history of vulnerability identification are qualified and selected at random to hands-off oversee that manufacturing process is free of supply chain attacks. Firmware builds similarly are done deterministically on different platforms overseen by different security research firms, etc.
3. Electronic cards are picked up in person, at random, after traditional voting registration is complete.
4. Each card generates two subkeys via a KDF. A public "verify" keypair and unlimited private "vote" keypairs.
5. The user publishes a signed statement to a public database with their "verify" keypair including their real name and voter registration number.
5. Every election, a private "vote" keypair is allowed to sign a digital vote ballot to this public database.
6. Voters are required to view the public database at a later date to confirm their random vote keypair signed their intended values. They publish a signed statement that their verification was complete.
7. The vote is only considered valid when the the number of verified statements matches the number of cast votes, or after a cutoff time if the difference is not enough to change the outcome.
8. The vote database is forever public and can be counted and verified by anyone at any time.
---
Yes there is some handwaving here but I really feel we have the technical tools to have provably accurate digital voting.
This becomes possible when most citizens have enough education to understand and trust cryptography.
That would require a generation of much better education. We should vote on that.
Depending on how the registration is handled, the advantage could be in reduced friction, resulting in higher turnout. Even the reduced turnaround time in totaling votes could have a positive impact on turnout.
I don't see how derping around with a computer can have less friction than checking some boxes on a piece of paper. Either way, if I vote for minor offices, researching them even superficially takes longer than filling in the ballot.
Fair point, the online scheme may likely entail more than just checking some boxes. My view of the ideal online scheme would bring the typical "instant gratification/response/feedback" attributes often associated with online stuff, though perhaps its not viable.
Also true that friction with paper is minimal compared to that of doing research. In my anecdotal experience, research can be done while filling out the ballot, perhaps reducing the perceived friction from research alone or making it secondary at least.
You can't prove your paper ballot was counted or that ballots were not omitted or stuffed in mass. You also end up with "hanging chad" ambiguous votes.
All this nonsense about recounts last election is because provably counting paper is hard.
You can however prove this in a cryptographic election with results published publicly.
I've said it before and I'll say it again. Pick any two:
- Protection of voter identity (who is the voter)
- Protection of vote integrity (what was their vote)
- Protection of vote validity (is this vote the actual vote of an actual voter)
This is not a technical problem. Generally, countries that take Election Day off and make it compulsory don't have anything like the problems the US does.
I have been pondering a scheme where each ballot would have a field for an arbitrary token in addition to the vote. After the election voters could query a database of what ballots were cast with some token. So they could check that their vote was counted without revealing who they voted. While people are poor randomness generators, those who happened to pick a popular token would just use another one in the next election.
Any system where you can prove who you voted for (a receipt) has de problem that it allows people to buy votes. In this case, they could pay you after verifying who you voted for.
They would make you use an unused token for certainty, so buying a significant number of votes could be observed statistically from unusually high numbers of new tokens.
This works fine for verifying your own vote. It doesn't protect against ballot stuffing. If you can't map votes to people, you can't (definitively) say all the votes were cast by eligible voters. There is no tech solution to this.
EDIT: Actually, reading more carefully it doesn't even do that. It's not super useful to verify simply that you voted--you want to make sure your vote was counted correctly.
But even if we know that, you can't verify the final count (which is the ultimate point). To illustrate, this is the information you have:
camgunz: voted for Ross Perot
Totals: Perot: 1,894 | Bush: 49,762 | Clinton: 70,888
Nothing ensures that the totals reflect your actual vote.
My scheme requires every individual verify their random ballot id (which they can verify is theirs but no one else can) was counted correctly.
Only when a decisive majority has done this can the vote be considered valid and binding.
The verifications must be signed by the published verify keys that -are- identifiable so they can't be stuffed.
We can therefore prove every vote is tied to a voter registration private key and that that key holder confirmed their vote, but not who they voted for.
These are the ideal properties for a vote IMO and stronger proofs than you get from a paper election as -anyone- that disputes the results can count them for themselves.
Implementing and maintaining this system, as well as training administrators how to use it, would cost millions of dollars, and lead to all kinds of controversies because people don't remember their votes all that well [1]. Further, it's not useful to verify your own vote if you can't verify the total. All your system tells a voter is that there's a mapping somewhere of their key to their vote. It doesn't say that vote is included in the total. So it doesn't help us verify elections, introduces doubt, and costs lots of money.
It's also worth saying whether or not your vote was counted is already public record, resulting in even less relative benefit for a system like this.
> All your system tells a voter is that there's a mapping somewhere of their key to their vote. It doesn't say that vote is included in the total.
It's a database of votes and tokens used to cast them. You could also query what tokens were used to vote X and check that they make up the total. You could see the token you used on the list of Y you voted.
> Implementing and maintaining this system, as well as training administrators how to use it, would cost millions of dollars, and lead to all kinds of controversies because people don't remember their votes all that well [1].
It's one thing to remember what you voted a few days after the election, and another to remember it months later when polled, which is what [1] is about. This system is meant to increase public confidence in the election result. Wouldn't you think it worth a few millions, considering the aftermath of 2020 elections?
> It's also worth saying whether or not your vote was counted is already public record, resulting in even less relative benefit for a system like this.
You are assured that it is counted, but with this scheme you could easily check that there's a vote cast with token you used.
Btw, this system sort of exists already in countries where you write the candidate's name or number on the ballot, and ballots are publicly available for recounting; the token is your handwriting. It just isn't anonymous as someone else could also recognise it.
> It's a database of votes and tokens used to cast them. You could also query what tokens were used to vote X and check that they make up the total. You could see the token you used on the list of Y you voted.
Not everyone will use a token or remember it. If even 50% of voters do this 100% accurately, it still isn't statistically helpful.
> It's one thing to remember what you voted a few days after the election, and another to remember it months later when polled, which is what [1] is about.
Maybe, but to me it's about the frailty of memory, and the US has a lot of elections. They won't remember who they voted for for State House/Senate, Judge, Sheriff, Lieutenant Governor, Attorney General, etc. Ballots are also complicated; maybe your vote for US Representative counted, but you goofed on Mayor and it didn't. You might look up your vote and think "shenanigans!", and there won't be any way of looking at your original ballot to find out what happened. And even if there were, you still wouldn't have any way of verifying that your vote was included in the count.
It's also worth saying that if there's any problem with this system, it calls the entire election into question, even if the election itself was fine or statistically far from error.
> Btw, this system sort of exists already in countries where you write the candidate's name or number on the ballot, and ballots are publicly available for recounting; the token is your handwriting. It just isn't anonymous as someone else could also recognise it.
Sure and I can see your system as an anonymized upgrade of it. But again, because you can't audit the count and there's a wide gulf between the votes you can audit and the count, it doesn't move us closer to the goal of verifying an election.
Continuing down the path of existing election systems, there is of course the recount system. So for most elections where it might make a difference, recounts go through all the ballots meticulously with party representatives, government officials, and lawyers present. Barring things like SCOTUS interference, these processes are really good, oftentimes finding more votes, curing lots and lots of ballots, and contributing to the corpus of wacky ballot analysis (counties get to design ballots and, wow, they could use some assistance).
Which is to say, we already have a system that maps voters to votes, audited by elected officials, legal officials, and partisan representatives. Whenever there's any question, we activate that system that has maximum information in order to verify an election result. Cryptography only muddles this system--perhaps hopelessly.
> This system is meant to increase public confidence in the election result. Wouldn't you think it worth a few millions, considering the aftermath of 2020 elections?
This is a great topic change! We (especially in tech) focus myopically on election fraud in the US, as though that's the thing that would undermine the legitimacy of an election. But the incidence of that is basically nil, and doesn't merit any effort to improve. The current hullabaloo (which is an inflated case of the going hullabaloo) comes from Republican leaders gaslighting Americans in order to cling to power. I am 100% sure that even if we implemented this system, they would still work just as hard to undermine election legitimacy. It's not a tech problem.
If we want to make our elections more legitimate, we need to make them simpler, cheaper, and more accessible. Policies that do this include: early voting, same day registration, mail voting, compulsory voting, election day holidays, mandated time off to vote, adequate polling place capacity, non-partisan districting boards, and enforced laws about voter intimidation and misinformation. Or, even something as simple as common ballot design would help a lot of older voters and voters with low levels of literacy.
> Not everyone will use a token or remember it. If even 50% of voters do this 100% accurately, it still isn't statistically helpful.
I think this is its main weakness. Those who don't care enough to use a token would leave the token of zero effort (nothing)
open for manipulations. Unless those are few, this system won't make the election more secure.
It would however give those who care a way to ensure that their vote was counted, increasing public confidence in the results.
For I assume that those who care enough to question the results also care enough to use a token and check it.
> It's also worth saying that if there's any problem with this system, it calls the entire election into question, even if the election itself was fine or statistically far from error.
> You might look up your vote and think "shenanigans!", and there won't be any way of looking at your original ballot to find out what happened.
The token is only needed to identify a vote, so it could be dead simple,
like a bitmap that could be a grid to be painted on paper ballot. It can be just added to existing systems.
> And even if there were, you still wouldn't have any way of verifying that your vote was included in the count.
How is querying the tokens used to vote what you voted, seeing your token in the list,
and checking that the tokens make up the reported total not verifying it?
> We (especially in tech) focus myopically on election fraud in the US, as though that's the thing that would undermine the legitimacy of an election.
I think it's just because it seems like something that could be solved.
> I am 100% sure that even if we implemented this system, they would still work just as hard to undermine election legitimacy.
It would be a little harder when those who care can just check that their vote was counted.
> I think we'd both like to increase the legitimacy of elections --
It seems to me that we have somewhat different aims.
You have zeal for democracy and are willing to compromise ballot secrecy to verify the election result.
I accept that verifying it is impossible while maintaing the secrecy, unless everyone is willing to check that his vote was counted.
In practice I would be content if everyone just had that possibility, as I don't have unrealistic expectations of its popularity.
>> And even if there were, you still wouldn't have any way of verifying that your vote was included in the count.
> How is querying the tokens used to vote what you voted, seeing your token in the list, and checking that the tokens make up the reported total not verifying it?
There can still be two separate systems: the system that has your actual vote and the system we use to determine who won the election. One of the (many) issues I have with cryptographic vote verification systems is that they don't prove there isn't a "second set of books" that all checks out, meanwhile we use the crooked books to determine who won. Fundamentally, without a way to know all the possible voters and how they voted, you can't defend against that.
>> We (especially in tech) focus myopically on election fraud in the US, as though that's the thing that would undermine the legitimacy of an election.
> I think it's just because it seems like something that could be solved.
Yeah but it's typical, and sorry for the bluntness here, tech arrogance--or maybe tech optimism is nicer. But either way, there's a consistent dynamic of tech people trying to solve things with tech that they really don't know a lot about. I've worked as a Democratic operative specifically on elections on the past few cycles and I'm pretty close to an expert. I'm not making an appeal to authority or anything, and I'm more than happy to talk about ways we can use tech to improve US elections, but it's just that I know these schemes are way, way more trouble than they're worth and either hinder a lot of the techniques we currently use to verify elections, or make political firestorms that make the election process even more fragile than it already is way more likely.
It's also worth saying experts get this wrong too! The Iowa caucuses in 2020 had some tech hiccups, and that's, in my opinion, because no one can make sense of a caucus. They're beyond broken, and the more you measure them the more you'll find they're 100% unreliable and indicative of nothing. We certainly shouldn't be showering the person who wins by .5% with millions of dollars of donor money and earned media.
But more broadly, it's also that elections are fundamentally messy, and the more you measure the more you find problems. Either we accept that and build solutions that accept that, or we don't and we live with constant allegations that our elections are fraudulent, courtesy of the perspective that we should be able to have 100% certainty.
> It seems to me that we have somewhat different aims. You have zeal for democracy and are willing to compromise ballot secrecy to verify the election result.
Honestly, I'm not sure what my ideal system is. I think anonymous voting is really important, but I also strongly support compulsory voting, and those two things are in direct tension. I think it's just hard to accept that elections are fuzzy measurements of sentiment and that the role of math in their verification is limited to some basic statistical analysis while the rest is process and politics.
And I think it's really easy to be nerd sniped by the verification part, when tech actually could do so much good in the process and politics part. For example, a lot of States have "wet ink" statutes that mean voter registration forms have to be signed by a literal pen. So guess what Democrats did: they built a robot that holds a pen and signs a voter registration form remotely when someone fills out a voter reg form online. Hooray for tech!
But also, that cost a lot of money and time. Wouldn't it have been easier if State legislatures just weren't assholes?
Anyway, I would say if we're gonna implement a system that costs whatever the cheapest cryptographic verification system costs, we should just fund early voting programs and law enforcement initiatives against voter intimidation and misinformation. I know ...
> One of the (many) issues I have with cryptographic vote verification systems is that they don't prove there isn't a "second set of books" that all checks out, meanwhile we use the crooked books to determine who won.
How could you fail to use the totals indicated by the database and not get caught?
> I know these schemes are way, way more trouble than they're worth and either hinder a lot of the techniques we currently use to verify elections, or make political firestorms that make the election process even more fragile than it already is way more likely.
Don't worry; I'm not going to spend the rest of my life pushing my scheme forward.
I might make a toy implementation that people can use for vanity voting with friends. It might gain traction and wider acceptance that way.
> I also strongly support compulsory voting
That reminds me of Soviet Russia and satellites that always had 90+% turnouts.
I can't imagine any reason for compulsory voting beside maintaining a facade of popular support for the system.
There's a difference between returning invalid ballot and not voting; in the latter case you shouldn't appear on the list of voters.
> law enforcement initiatives against voter intimidation
I think the hard part isn't agreeing that voter intimidation is bad. The hard part is specifying what constitutes voter intimidation.
I doubt that legislation could root it out, and there's a working solution to it: ballot secrecy.
Ballot confidentiality isn't good enough, as someone could tell voters that an inside man will check how they voted.
> and misinformation
Carefulness here is essential to avoid sliding to an Orwellian dystopy.
I'm not sure what measures I would be comfortable with, and I don't wonder if legislators feel the same way.
>> One of the (many) issues I have with cryptographic vote verification systems is that they don't prove there isn't a "second set of books" that all checks out, meanwhile we use the crooked books to determine who won.
> How could you fail to use the totals indicated by the database and not get caught?
Because unless you get enough people to use the token (and use it perfectly), you can fudge the margin enough to win. Let's imagine a town of 10,000 people where 2,000 people use the token, and the margin of victory for the mayor is 3,000 people. You can verify 2,000 of these votes (again, let's say we can do that reasonably accurately, which is already a big lift), but that leaves 8,000 votes the corrupt mayor can play with. Unless you get > 7,000 people to use the token very accurately, this system doesn't help.
How would you actually fudge the vote you ask? My answer is that it's extremely, extremely hard to do, and therefore any system making this even harder to do isn't worth it. Someone else's answer is probably a person who wants a verification system like this in the first place; they might say bribery, machine tampering, whatever, all things we've never had even a single instance of ever. Well, there's this Republican County Clerk that maybe did something fishy, we'll see how that pans out, but yeah very very very few instances of.
And imagine the downsides. 2,000 people used the token, but 500 of them misremembered it, and when they went looking their vote wasn't there. Shenanigans! Do over! Stop the steal! Etc. etc.
And let's add on some other stuff:
- Recounts work, and are triggered when small margins matter. Crypto systems almost certainly make recounts much harder.
- Most of this system is already in place: the fact that you voted is already public record.
- Adding the information of who you voted for is also very easy, but we don't do it to avoid pay-for-votes (I know your argument here is such kingpins would force voters to use new tokens and we'd detect it, but 1 no we wouldn't because we couldn't disambiguate that from population changes or people just being forgetful, and 2 tokens would either be tied to a single election or contain a voting history so you wouldn't need a new one anyway).
- Any problems with this system introduce doubt into an election, and since it's very easy for a small number of partisan voters to do this ("hey my vote isn't in the system!"), we're asking for 5,000 diehard Republicans to call shenanigans in every urban Democratic precinct every election.
>> I also strongly support compulsory voting
> That reminds me of Soviet Russia and satellites that always had 90+% turnouts. I can't imagine any reason for compulsory voting beside maintaining a facade of popular support for the system. There's a difference between returning invalid ballot and not voting; in the latter case you shouldn't appear on the list of voters.
You can't imagine reasons for compulsory voting because, and this is gonna sound a little rude but I think that's where we are here, you don't know a lot about elections and voting and haven't spent a lot of time learning and thinking about them. I suggest starting here [1].
>> law enforcement initiatives against voter intimidation
> I think the hard part isn't agreeing that voter intimidation is bad. The hard part is specifying what constitutes voter intimidation.
It's not actually hard at all. There are two major forms of voter intimidation: the cops will lock you up, and someone will beat you up. Generally voters are made aware of these possibilities with phone calls, emails, direct mail, and police/vigilante presence at polling places. These things are easy to outlaw, in fact they're already illegal! We just need cops to enforce the laws. If you're gonna say that'll take more than money, then I'd agree with you....
> It's not actually hard at all. There are two major forms of voter intimidation: the cops will lock you up, and someone will beat you up. Generally voters are made aware of these possibilities with phone calls, emails, direct mail, and police/vigilante presence at polling places. These things are easy to outlaw, in fact they're already illegal!
Those are clear cases and I would have been surprised if they had not been crimes already.
> We just need cops to enforce the laws. If you're gonna say that'll take more than money, then I'd agree with you.
As any crime it must be proved in court to convince the culprit.
> People assume this is about learning how someone voted, but you can actually just keep certain people from voting and achieve that result.
Ballot secrecy still more than halves the effects of voter intimidation. Instead of making people vote certain way,
you can only keep them from voting because you don't know how they would vote. Such intimidators could actually harm their preferred candidate.
> you tell women that their husbands will find out how they voted
Admittedly this is something ballot secrecy can't fix, but neither can legislation.
Married couples spend a lot of time together privately, leaving ample opportunity for intimidation with little risk of getting caught.
> Because unless you get enough people to use the token (and use it perfectly), you can fudge the margin enough to win.
Of course, but you have to fudge it in the database too to avoid detection. Also you can alter only the counts of popular tokens (such as no token)
without detection. People could give a token with no intent to check it just to prevent exactly this.
For that corrupt mayor can't know which tokens are really checked, so he can manipulate only the counts of popular tokens or risk getting caught.
> 2,000 people used the token, but 500 of them misremembered it, and when they went looking their vote wasn't there.
To help their memory they could keep a copy of the token with the risk of someone discovering it.
> I know your argument here is such kingpins would force voters to use new tokens and we'd detect it, but 1 no we wouldn't because we couldn't disambiguate that from population changes or people just being forgetful, and 2 tokens would either be tied to a single election or contain a voting history so you wouldn't need a new one anyway
If they allowed using an existing token, they wouldn't know whether the voter they pay used it or someone else just happened to vote as they wanted.
The effect of population changes could be detected from the records of who voted.
Forgetfulness is a real confounding factor but it shouldn't vary much between elections.
> "hey my vote isn't in the system!"
They would be mostly ignored unless they would be numerous, as anyone that cares could just check whether his own vote was counted.
> I suggest starting here [1].
They point at demographic underrepresentation as grounds for compulsory voting. I think members of underrepresented groups just vote by their feet;
they don't have a candidate they would vote, and compulsory voting won't give them one.
It would end up being exactly the kind of facelift I would call keeping up appearance of working democracy.
There's also a list of countries with compulsory voting. I think it tells more of those countries than of compulsory voting. Also some discontinued historical cases are mentioned. In my mind those weigh far more than current adopters.
It's not hard to imagine that people don't want to go through the trouble of voting if their options are "more of the same" and "even more of the same".
> this kind of misinformation is usually incorrect polling place information or time--sometimes it's more creative like "drop your ballot off at this (fake) mailbox", but that kind of thing is rare. Again this is also super illegal (the FEC...
>> People assume this is about learning how someone voted, but you can actually just keep certain people from voting and achieve that result.
> Ballot secrecy still more than halves the effects of voter intimidation. Instead of making people vote certain way, you can only keep them from voting because you don't know how they would vote. Such intimidators could actually harm their preferred candidate.
We already have ballot secrecy and we still have bonkers voter intimidation. Again the way it works is you intimidate women voters and voters of color to suppress the votes of people who vote Democrat (way) more likely than not.
>> you tell women that their husbands will find out how they voted
> Admittedly this is something ballot secrecy can't fix, but neither can legislation. Married couples spend a lot of time together privately, leaving ample opportunity for intimidation with little risk of getting caught.
The problem here isn't that it's possible for a husband to discover his wife's vote (it's actually almost impossible to do this). It's the well-funded ad campaigns that intimidate women. Those are pretty easy for law enforcement to crack down on, if they cared.
>> Because unless you get enough people to use the token (and use it perfectly), you can fudge the margin enough to win.
> Of course, but you have to fudge it in the database too to avoid detection. Also you can alter only the counts of popular tokens (such as no token) without detection. People could give a token with no intent to check it just to prevent exactly this. For that corrupt mayor can't know which tokens are really checked, so he can manipulate only the counts of popular tokens or risk getting caught.
How do people get tokens? Don't they have to be unique? You can't just scratch a token in there because you might pick a non-unique one, tanking the whole system (or they might put identifiable information in there). Maybe you can salt them with some PII, but there goes anonymity. I can also imagine all kinds of extra guidance you'd have to give like "don't use the same token across multiple elections because then a corrupt mayor can see that you really do check your number" or whatever else. I think this system has some serious logistics to plan out.
But more broadly, I think you wildly overestimate how much voters are able and willing to do any of this. You keep tacking on tactics voters can employ to attempt to foil corruption, effectively asking more of voters to solve a non-existent problem.
>> I know your argument here is such kingpins would force voters to use new tokens and we'd detect it, but 1 no we wouldn't because we couldn't disambiguate that from population changes or people just being forgetful, and 2 tokens would either be tied to a single election or contain a voting history so you wouldn't need a new one anyway
> If they allowed using an existing token, they wouldn't know whether the voter they pay used it or someone else just happened to vote as they wanted.
So someone exploiting this system would have to:
- Perfectly guess a token
- Perfectly predict who the owner of the token would vote for
- Risk some kind of punishment if any of that failed
Any kind of nefarious organization would just threaten the people doing this, rather than risk statistical detection. Further, pay-for-votes margins are bonkers. You can have something like 70% of your voters cheat you and you still bought 30% of the votes you wanted. That's more effective than advertising by multiple orders of magnitude. The reason people don't do it isn't because it's unverifiable, it's because it's impossible to keep secret at the scale where it would matter, and you go to jail if you try. Which is why we need cops to enforce other voting laws: they work.
> Not to be snippy here but, whoever wrote the Bible clearly lived in an era before Fox News and conservative talk radio. They are anything but afraid.
The point is that trying to control what others may say, see or hear is suspicious. That's what the whole paragraph is about. It would likely hurt your cause.
> > Generally I think the most effective way to combat misinformation is spreading correct information and trusting that people can discern the truth.
> Democrats and non-partisan organizations spend millions of dollars trying this, and it definitely isn't keeping up. Other problems that require millions of dollars to fix are thought to be crises, and I think we should start thinking of misinformation in general as a crisis.
If you can't win that way, your chances are slim no matter what you do. Btw, you can change a few words and get what Papists probably thought
when people began reading the Bible: "The Inquisition spends millions to root out heresy, and it definitely isn't keeping up.
Other problems that require millions to fix are thought to be crises, and I think we should start thinking of heresy in general as a crisis."
> Your other counter arguments are essentially: compulsory voting doesn't fix everything. Fortunately for me, that's not my claim.
Hiding indifference and possible demand for fresh ideas is detrimental. People don't get involved in new political movements if it seems that almost everybody
is content to vote the status quo. And that's what it would seems like: you need to fill ballot anyway so you try to at least pick the least evil.
> Here are the Democracy Index scores of the countries they list (I've omitted 3 micro-states and 3 cities):
Wikipedia has a criticism section on Democracy Index that reads:
"Investment analyst Peter Tasker has criticised the Democracy Index for lacking transparency and accountability beyond the numbers."
It may be based on gut feelings of unnamed experts. Compulsory voting may have fooled them to some extent.
Beside this I'm going to just ignore it as I never meant that the list would predict their standing in some ranking.
Just that it didn't change how I view compulsory voting, but it did change my views of countries on the list (when it was new to me).
> If you believe there are organizations out there that would pay for votes, why don't you believe there are organizations that would pay people to do this?
I expect that making a fool of oneself publicly and taking the risk of the conspiracy being exposed, would cost a lot more than a vote.
> So someone exploiting this system would have to --
You seem to think of a scenario where the buyers have a list of bribed voters and tokens they should use. Such a list would be highly suspicious if discovered.
I have been thinking that they would pay the voter after reporting voting by the token they gave and can verify.
> The reason people don't do it isn't because it's unverifiable, it's because it's impossible to keep secret at the scale where it would matter, and you go to jail if you try.
That reminds me of something I read from a detective: the difficulty of concealing a conspiracy increases as more people get involved.
In that case vote buying isn't a problem at all.
> How do people get tokens? Don't they have to be unique? You can't just scratch a token in there because you might pick a non-unique one, tanking the whole system.
The token space should be large enough to make collisions unlikely.
Recording the polling station used to cast the vote would limit the uniqueness requirement to that station, but it isn't as difficult as it sounds.
There are over 500 trillion (2*49) unique 7x7 bitmaps. Chances are that 16 million such tokens randomly generated are all unique.
The number of 9x9 bitmaps is 2*81, and a trillion random ones are likely all unique.
> (or they might put identifiable information in there)
>> Not to be snippy here but, whoever wrote the Bible clearly lived in an era before Fox News and conservative talk radio. They are anything but afraid.
> The point is that trying to control what others may say, see or hear is suspicious. That's what the whole paragraph is about. It would likely hurt your cause.
I'm assuming what you're being coy about here is that the current election system hides voters' votes from them? Great, please see our entire discussion about why this is a super hard problem to solve and why it's not worth solving.
>> Democrats and non-partisan organizations spend millions of dollars trying this, and it definitely isn't keeping up. Other problems that require millions of dollars to fix are thought to be crises, and I think we should start thinking of misinformation in general as a crisis.
> If you can't win that way, your chances are slim no matter what you do. Btw, you can change a few words and get what Papists probably thought when people began reading the Bible: "The Inquisition spends millions to root out heresy, and it definitely isn't keeping up. Other problems that require millions to fix are thought to be crises, and I think we should start thinking of heresy in general as a crisis."
This is dismissive and contributes nothing. There are core differences between the Inquisition (?) and sending texts to people telling them when and where they can vote. Your argument distills to "truth wins out" and I'm saying there's lots of good evidence to the contrary.
>> Your other counter arguments are essentially: compulsory voting doesn't fix everything. Fortunately for me, that's not my claim.
> Hiding indifference and possible demand for fresh ideas is detrimental. People don't get involved in new political movements if it seems that almost everybody is content to vote the status quo. And that's what it would seems like: you need to fill ballot anyway so you try to at least pick the least evil.
>> Here are the Democracy Index scores of the countries they list (I've omitted 3 micro-states and 3 cities):
> Wikipedia has a criticism section on Democracy Index...
I think you're trying to reason through this from your understanding and first principles, but a lot of things in life are non-intuitive, especially to non-experts. What usually happens in compulsory voting is that voters just scratch their ballots, the incidence of that is super low in Australia, it's a non-issue. You keep trying to make a link between totalitarianism and compulsory voting, but where's your evidence? Some irrelevant moralizing about the lesser evil and that Wikipedia has a criticism section on the Democracy Index (are you seriously taking issue with like, Australia being a democracy)? Is that even compulsory voting's fault (see where I said I agree compulsory voting doesn't fix everything)?
>> If you believe there are organizations out there that would pay for votes, why don't you believe there are organizations that would pay people to do this?
> I expect that making a fool of oneself publicly and taking the risk of the conspiracy being exposed, would cost a lot more than a vote.
You should read about Lee Atwater, and while you're doing it, remember all that was 20 years ago or more, and not even state of the art today.
>> So someone exploiting this system would have to --
> I have been thinking that [pay for vote schemes] would pay the voter after reporting voting by the token they gave and can verify.
Why wouldn't every voter just do this? I'd love to get paid for the votes I was going to make anyway. This is essentially compulsory voting but with carrots rather than sticks.
>> The reason people don't do it isn't because it's unverifiable, it's because it's impossible to keep secret at the scale where it would matter, and you go to jail if you try.
(I have been busy lately, and postponed this answer, as you also wrote that you end your part. You may consider any questions rhetorical.)
> > The point is that trying to control what others may say, see or hear is suspicious. That's what the whole paragraph is about. It would likely hurt your cause.
> I'm assuming what you're being coy about here is that the current election system hides voters' votes from them?
I meant it as related to fighting misinformation in general. Here's the context where it was used:
"Yea, so unwilling they are to communicate the Scriptures to the people’s understanding in any sort, that they are not ashamed to confess that we forced them to translate it into English against their wills. This seemeth to argue a bad cause, or a bad conscience, or both. Sure we are, that it is not he that hath good gold, that is afraid to bring it to the touchstone, but he that hath the counterfeit; neither is it the true man that shunneth the light, but the malefactor, lest his deeds should be reproved; neither is it the plaindealing merchant that is unwilling to have the weights, or the meteyard, brought in place, but he that useth deceit."
Papists tried to protect people from what they deemed heresy (ie. misinformation)
by withholding the Bible from them and punishing whomever they apprehended of those spreading it, but that way they lost whatever credibility they still had.
Of course they were wrong anyway, but I don't recall any historical cases where the users of similar tactics would have turned out to be right.
However I do believe that the ability to see that your own vote was counted would help trust the election result. That's basically the aim of my scheme.
> > If you can't win that way, your chances are slim no matter what you do. Btw, you can change a few words and get what Papists probably thought when people began reading the Bible: "The Inquisition spends millions to root out heresy, and it definitely isn't keeping up. Other problems that require millions to fix are thought to be crises, and I think we should start thinking of heresy in general as a crisis."
> This is dismissive and contributes nothing. There are core differences between the Inquisition (?) and sending texts to people telling them when and where they can vote.
I just wanted to point out how similar your description is to what it must have looked like to Papists in the 17th century.
> Your argument distills to "truth wins out" and I'm saying there's lots of good evidence to the contrary.
I do believe that truth must prevail in the end; there are no eternal lies. Truth resurfaces like a cork from the flood of lies. Nevertheless,
"there is enough light for those who only desire to see, and enough obscurity for those who have a contrary disposition." Blaise Pascal.
It seems to be a law of nature.
> I think you're trying to reason through this from your understanding and first principles, but a lot of things in life are non-intuitive, especially to non-experts.
Life already feels too short to learn all that I would like to, so I aim for general instead of specific knowledge.
In practice I learn new things when I need to, or when they are irresistibly interesting.
> What usually happens in compulsory voting is that voters just scratch their ballots, the incidence of that is super low in Australia, it's a non-issue.
That's just what I said would happen. People scratch ballots when they don't want to support anyone and
are afraid to NOT appear at the polling station. Otherwise they wouldn't bother to come or would try to at least minimise evil.
> You keep trying to make a link between totalitarianism and compulsory voting
Compulsory voting is totalitarian; everybody votes.
> (are you seriously taking issue with like, Australia being a democracy)?
Haven't there been mass protests for months? They find need to crowd the stree...
1.5 million seems woefully inadequate for just the security element of a pre-established plan.
> The internet voting project is, for reasons unclear, categorized under the Open Source Voting project, despite “open-source” not being mentioned in the grant paperwork, Jerdonek, an open-source voting proponent, says. Open-source voting technology uses public computer code to process paper ballots. It is unrelated to online voting. On Tuesday, San Francisco Supervisors began crafting legislation to conduct a long-awaited open-source voting pilot.
1.5 M might be a nice number to start with as a bounty to anyone who demonstrably cracks the online voting system. Perhaps premiums paid if the vote tally numbers can be manipulated to be special numbers…pi, or a repeating pattern like 837-5309.
This lack of transparency, public oversight, and engagement seems to be a trend. I would love to hear how other cities have managed to steer their elected officials into community oversight. Financial influence cannot be the only option.
Vote by mail is an equally awful idea. We should instead not have a single day to vote and allow people to cast their votes over the course of a week or so, with legislation for employers to give employees at least one day off to vote.
Voting in person is the most fool-proof way of maintaining some sense of democracy.
Based on what evidence, exactly? We don't have to argue hypotheticals here - it's been working great across multiple states for many years.
> We should instead not have a single day to vote and allow people to cast their votes over the course of a week or so, with legislation for employers to give employees at least one day off to vote.
There should be no doubt in anyones mind regarding the validity of results. Things like a national voter ID, and being in person except for the most extreme circumstances where someone cannot physically be there, ensures that.
It's been working great most of the time but it should be a system that always works. We don't need to speak hypotheticals, the news is fraught with articles about people not receiving their ballots, being told they already voted by mail when they go in person, people double voting, voting in someone elses name, etc.
Vote By Mail always works. Oregon has decades now, and it beats every other election method by every metric you can name.
All it takes is a reasonable implementation, which Oregon did and has exported to other States who all have performed.
The stuff you are talking about is last minute pandemic triggered fuckery and is not representative at all.
There are great answers to every exception you put here.
Want to vote in person? Go to an elections office and do that.
Did not get a ballot? Same deal, and there is ample time available. Does not land on a single day.
Were you coerced? Visit an elections office, get your vote sorted, report them, and they could end up in jail.
Worried about mailing it in? Don't. You can use a collections box, or hand deliver.
Did it count? Go online to see status, ballot received, votes will count. Go to an elections office to fix or recast ballot.
Are you registered? Check online, register online, done. Or do in person.
Auto registration happens for all citizens at the DMV. This had to ramp up, and a citizenship check had to get done, but all the people are done and we are just managing the usual churn.
Worried about turnout? Oregon has great metrics. People have a couple weeks to get their votes cast and turned in somehow.
Want to cast the right votes? No screens, no pressure, check your voter guide, research, check them off one by one at your leisure.
Worried about process?
The ballots have a chain of custody, can be hauled into court, and have for manual counts.
Audits are performed against the optical scan machines. Physical voter intent records mean they can always be counted, checked, litigated, whatever the process demands.
I can tell you we vote better and more often, even doing the little elections that happen because it is easy and robust.
No vote challengers bullying people at the polls.
No bullshit voter roll garbage. Everyone checks well in advance of elections. Anyone needing their record updated, party changed, whatever gets it quick and easy and one can call real people too. Almost nobody does, but there are people to call.
Need help voting? Yup. Got that too. I did it a year or two for fun. You sign up and help voters however they need it. Can't see, can't read, whatever.
A National ID does not get us there. The good stuff that makes elections run well happen at the State levels and below. Those are where all the trouble is.
We have problem States. Those people there need to get behind something and lean on it, until their State runs better. Many States that do VBM will do what Oregon does and that is the Secretary of State is available to advise and share everything. There is no need for secrets.
I'm sorry I'm not going to read your essay. I'll respond to your first point about "pandemic triggered fuckery" by pointing out that the things I mentioned have been occuring for decades.
I understand you're proud of Oregon but voting by mail will never be more secure than voting in person. There is no way to verify the identity of who actually mailed the ballot. In person someones identity and eligibility can be verified.
And I am completely sincere. The pandemic efforts were a mess. Rushed, among other things.
As for identity and eligibility, it is clear you have not actually taken the time to understand much of this as it has been done, and tested, for years. Non issue.
I have been active in voting advocacy and activism since the late 90's. Have been cited in policy papers a few times related to the inherent untrustworthy nature of all known electronic voting systems that do not personally identify voters.
In person voting is great! We do need to clean up obvious manipulations in some States, but if that is the decision, I am fine with it because it works.
VBM also works, and like in person, some places could use a clean up pass.
Where electronic voting is being considered, I always make sure VBM and the Oregon implementation are a part of the discussion because a clear move to change without it means electronic voting gets in easily.
South Carolina has not known who won an election there for a long time, over a decade due to the use of paperless touch screen voting. They recently went to paper, but still have a whole lot of problems.
Frankly, the strongest VBM argument is the well distributed votes cast making it impossible to bias with lack of machines and polls. There are no 8 hour voting queues in poor districts, for just one very notable metric in favor.
I will end with the stats disproving your assertion. Like I said, name a metric and VBM outperforms consistently.
In theory, I will not disagree with you.
In real world outcomes, the US currently and largely fails the Carter Standards, always where electronic voting is in use, and a lot of the time where in person voting is used. And those failures boil down to shady voter roll tactics, caging, challenges at polling places and discrimination in both the number and accessibility of polling sites.
But hey! So long as you aren't an electronic voting advocate, it is all good with me.
Either, implemented well can execute democracy. And they coexist. Easy peasy.
VBM will continue to garner share as more people vote using by mail options that exist today. Early and absentee mainly. They spread the word nicely enough.
How the US ended up using electronic voting machines is through ADA requirements, convincing state officials that they had to budget and choose one. That deadline was why it appeared they were all "upgrading" in lockstep.
Note that Dominion voting systems, used by 26 states in the 2020 election, appears to be owned by the CCP.
If there is going to be online voting, then at a bare minimum there must be a public anonymous API that can be used with the voters key material to validate their entire voting choices actual choices not counts so that random people at random times can validate that every specific detail they entered was not tampered with, even if this requires semi-technical people to validate, then fraudsters will know there is a risk of being caught. Even one invalid record must trigger an audit by a truly independent third party. Voter keeps a copy of what they submitted along with checksums and cryptographic signatures. Audit logs must be proven immutable with a chain of custody and attestation throughout the entire system. Even admins of the system must not be able to tamper with it even if their life depended on it. Look to vaulting appliances for some mediocre examples on how to start this process. This will need to be a better implementation than the vaulting appliances however and I can not imagine anyone building this for $1.5M.
Whatever is built must be submitted to the public for penetration testing along with a large bug bounty program. Invite the best penetration testers from all around the world and encourage them to use whatever hacking and social engineering methods they can dream up and provide them with full legal immunity and a low bar to entry.
Understood. I've actually heard that before, though it does not change my personal belief that anything short of what I described is not a voting system. It has always been my opinion that every voting system in human history has by design been a facade. But that is an unpopular opinion.
Buying millions of votes is risky at best. Hacking millions of votes is trivial if the system is purpose built to facilitate this. Every few years an engineer testifies before congress they were required to make the system weak and then the public quickly forgets because the higher priority is for the public to have confidence in the system. I do not know how to break the public out of this loop. Maybe this is how it is supposed to work.
Can’t we just vote on a blockchain? With asymmetrically encrypted transactions? I mean perhaps elections should not be conducted online, but surely the integrity would be improved if governments were to require votes be tallied on a blockchain.. just a thought
If only there were some means of establishing consensus via a distributed and publicly verifiable means.
DAO’s are the future of governance, they are proven working in the wild and should replace the archaic systems we allow others to manipulate in the name of “governance”.
For reference, these are what are required for a just, trustworthy election:
Anonymity. No voter shall be linked to a personally identifiable record of their vote intent.
Freedom. Voters may vote or not.
Transparency. A human readable, physical record of voter intent shall be recorded from each voter. This record is used directly for the final tally.
Oversight. The law, means, methods, records, shall be performed and made available to the watchful public eye.
The problem areas for electronic voting are:
No linking of voters to expressions of voter intent. The record of vote cast.
When voters express intent to a machine, the actual physical expression ends up as a smudge of grease on some input device. The machine interprets that fleeting expression used for the final tally.
Any electronic vote is, by the nature of the technology, a vote by proxy thus placing voters in a position of forced trust, unable to require their actual vote record be hauled into court if needed, and the record is subject to manipulation the voter will have no knowledge of.
Even worse?
Voters cannot verify their vote record captured by the machine reflects their vote intent. The display may show them something, anything at all and who are they to know what actually got recorded, if anything at all was?
Banking gets around this by personally identifiable transactions, double, triple records, receipts and other means and methods people can use to understand whether the right thing happened, and or was manipulated.
Anonymonity denies us all these tools. The product of that is we really need to use a physical expression of the voter intent if we were to have any chance at all of having a trustworthy election.
At the moment of that expression, the voter has a chain of trust between their own internal intent and the mark they made on the physical media. After that moment has passed it doesn't come again, and that is the one and only opportunity to correctly capture and then make use of voter intent in an election.
67 comments
[ 3.2 ms ] story [ 124 ms ] thread1. Voter registration cards are manufactured with in the US with tight supply chain controls.
2. US based security researchers with a history of vulnerability identification are qualified and selected at random to hands-off oversee that manufacturing process is free of supply chain attacks. Firmware builds similarly are done deterministically on different platforms overseen by different security research firms, etc.
3. Electronic cards are picked up in person, at random, after traditional voting registration is complete.
4. Each card generates two subkeys via a KDF. A public "verify" keypair and unlimited private "vote" keypairs.
5. The user publishes a signed statement to a public database with their "verify" keypair including their real name and voter registration number.
5. Every election, a private "vote" keypair is allowed to sign a digital vote ballot to this public database.
6. Voters are required to view the public database at a later date to confirm their random vote keypair signed their intended values. They publish a signed statement that their verification was complete.
7. The vote is only considered valid when the the number of verified statements matches the number of cast votes, or after a cutoff time if the difference is not enough to change the outcome.
8. The vote database is forever public and can be counted and verified by anyone at any time.
---
Yes there is some handwaving here but I really feel we have the technical tools to have provably accurate digital voting.
This becomes possible when most citizens have enough education to understand and trust cryptography.
That would require a generation of much better education. We should vote on that.
https://duckduckgo.com/?q=receipt-free+voting
Also true that friction with paper is minimal compared to that of doing research. In my anecdotal experience, research can be done while filling out the ballot, perhaps reducing the perceived friction from research alone or making it secondary at least.
All this nonsense about recounts last election is because provably counting paper is hard.
You can however prove this in a cryptographic election with results published publicly.
And
>increased turnout
Are somewhat or the orthogonal concepts.
It also makes it practical to vote much more often allowing more direct democracy.
- Protection of voter identity (who is the voter)
- Protection of vote integrity (what was their vote)
- Protection of vote validity (is this vote the actual vote of an actual voter)
This is not a technical problem. Generally, countries that take Election Day off and make it compulsory don't have anything like the problems the US does.
EDIT: Actually, reading more carefully it doesn't even do that. It's not super useful to verify simply that you voted--you want to make sure your vote was counted correctly.
But even if we know that, you can't verify the final count (which is the ultimate point). To illustrate, this is the information you have:
Nothing ensures that the totals reflect your actual vote.Only when a decisive majority has done this can the vote be considered valid and binding.
The verifications must be signed by the published verify keys that -are- identifiable so they can't be stuffed.
We can therefore prove every vote is tied to a voter registration private key and that that key holder confirmed their vote, but not who they voted for.
These are the ideal properties for a vote IMO and stronger proofs than you get from a paper election as -anyone- that disputes the results can count them for themselves.
- You don't get a "decisive majority" of verifications?
- Republicans decide it's better to cast doubt on an election by all saying their votes were counted incorrectly rather than accept the results?
- People don't remember who they voted for--they probably remember President; do they remember State Senator?
- A corrupt government allocates extra keys and says all those keys voted for them?
- Voters lose/misremember their key (how do you revoke the old key without mapping it to that person)?
- People gain/lose voting eligibility (they move, are imprisoned, etc.)?
It's also worth saying whether or not your vote was counted is already public record, resulting in even less relative benefit for a system like this.
[1]: https://yougov.co.uk/topics/politics/articles-reports/2019/0...
It's a database of votes and tokens used to cast them. You could also query what tokens were used to vote X and check that they make up the total. You could see the token you used on the list of Y you voted.
> Implementing and maintaining this system, as well as training administrators how to use it, would cost millions of dollars, and lead to all kinds of controversies because people don't remember their votes all that well [1].
It's one thing to remember what you voted a few days after the election, and another to remember it months later when polled, which is what [1] is about. This system is meant to increase public confidence in the election result. Wouldn't you think it worth a few millions, considering the aftermath of 2020 elections?
> It's also worth saying whether or not your vote was counted is already public record, resulting in even less relative benefit for a system like this.
You are assured that it is counted, but with this scheme you could easily check that there's a vote cast with token you used.
Btw, this system sort of exists already in countries where you write the candidate's name or number on the ballot, and ballots are publicly available for recounting; the token is your handwriting. It just isn't anonymous as someone else could also recognise it.
Not everyone will use a token or remember it. If even 50% of voters do this 100% accurately, it still isn't statistically helpful.
> It's one thing to remember what you voted a few days after the election, and another to remember it months later when polled, which is what [1] is about.
Maybe, but to me it's about the frailty of memory, and the US has a lot of elections. They won't remember who they voted for for State House/Senate, Judge, Sheriff, Lieutenant Governor, Attorney General, etc. Ballots are also complicated; maybe your vote for US Representative counted, but you goofed on Mayor and it didn't. You might look up your vote and think "shenanigans!", and there won't be any way of looking at your original ballot to find out what happened. And even if there were, you still wouldn't have any way of verifying that your vote was included in the count.
It's also worth saying that if there's any problem with this system, it calls the entire election into question, even if the election itself was fine or statistically far from error.
> Btw, this system sort of exists already in countries where you write the candidate's name or number on the ballot, and ballots are publicly available for recounting; the token is your handwriting. It just isn't anonymous as someone else could also recognise it.
Sure and I can see your system as an anonymized upgrade of it. But again, because you can't audit the count and there's a wide gulf between the votes you can audit and the count, it doesn't move us closer to the goal of verifying an election.
Continuing down the path of existing election systems, there is of course the recount system. So for most elections where it might make a difference, recounts go through all the ballots meticulously with party representatives, government officials, and lawyers present. Barring things like SCOTUS interference, these processes are really good, oftentimes finding more votes, curing lots and lots of ballots, and contributing to the corpus of wacky ballot analysis (counties get to design ballots and, wow, they could use some assistance).
Which is to say, we already have a system that maps voters to votes, audited by elected officials, legal officials, and partisan representatives. Whenever there's any question, we activate that system that has maximum information in order to verify an election result. Cryptography only muddles this system--perhaps hopelessly.
> This system is meant to increase public confidence in the election result. Wouldn't you think it worth a few millions, considering the aftermath of 2020 elections?
This is a great topic change! We (especially in tech) focus myopically on election fraud in the US, as though that's the thing that would undermine the legitimacy of an election. But the incidence of that is basically nil, and doesn't merit any effort to improve. The current hullabaloo (which is an inflated case of the going hullabaloo) comes from Republican leaders gaslighting Americans in order to cling to power. I am 100% sure that even if we implemented this system, they would still work just as hard to undermine election legitimacy. It's not a tech problem.
If we want to make our elections more legitimate, we need to make them simpler, cheaper, and more accessible. Policies that do this include: early voting, same day registration, mail voting, compulsory voting, election day holidays, mandated time off to vote, adequate polling place capacity, non-partisan districting boards, and enforced laws about voter intimidation and misinformation. Or, even something as simple as common ballot design would help a lot of older voters and voters with low levels of literacy.
But to wrap up: I think we'd both like t...
I think this is its main weakness. Those who don't care enough to use a token would leave the token of zero effort (nothing) open for manipulations. Unless those are few, this system won't make the election more secure. It would however give those who care a way to ensure that their vote was counted, increasing public confidence in the results. For I assume that those who care enough to question the results also care enough to use a token and check it.
> It's also worth saying that if there's any problem with this system, it calls the entire election into question, even if the election itself was fine or statistically far from error.
> You might look up your vote and think "shenanigans!", and there won't be any way of looking at your original ballot to find out what happened.
The token is only needed to identify a vote, so it could be dead simple, like a bitmap that could be a grid to be painted on paper ballot. It can be just added to existing systems.
> And even if there were, you still wouldn't have any way of verifying that your vote was included in the count.
How is querying the tokens used to vote what you voted, seeing your token in the list, and checking that the tokens make up the reported total not verifying it?
> We (especially in tech) focus myopically on election fraud in the US, as though that's the thing that would undermine the legitimacy of an election.
I think it's just because it seems like something that could be solved.
> I am 100% sure that even if we implemented this system, they would still work just as hard to undermine election legitimacy.
It would be a little harder when those who care can just check that their vote was counted.
> I think we'd both like to increase the legitimacy of elections --
It seems to me that we have somewhat different aims. You have zeal for democracy and are willing to compromise ballot secrecy to verify the election result. I accept that verifying it is impossible while maintaing the secrecy, unless everyone is willing to check that his vote was counted. In practice I would be content if everyone just had that possibility, as I don't have unrealistic expectations of its popularity.
> How is querying the tokens used to vote what you voted, seeing your token in the list, and checking that the tokens make up the reported total not verifying it?
There can still be two separate systems: the system that has your actual vote and the system we use to determine who won the election. One of the (many) issues I have with cryptographic vote verification systems is that they don't prove there isn't a "second set of books" that all checks out, meanwhile we use the crooked books to determine who won. Fundamentally, without a way to know all the possible voters and how they voted, you can't defend against that.
>> We (especially in tech) focus myopically on election fraud in the US, as though that's the thing that would undermine the legitimacy of an election.
> I think it's just because it seems like something that could be solved.
Yeah but it's typical, and sorry for the bluntness here, tech arrogance--or maybe tech optimism is nicer. But either way, there's a consistent dynamic of tech people trying to solve things with tech that they really don't know a lot about. I've worked as a Democratic operative specifically on elections on the past few cycles and I'm pretty close to an expert. I'm not making an appeal to authority or anything, and I'm more than happy to talk about ways we can use tech to improve US elections, but it's just that I know these schemes are way, way more trouble than they're worth and either hinder a lot of the techniques we currently use to verify elections, or make political firestorms that make the election process even more fragile than it already is way more likely.
It's also worth saying experts get this wrong too! The Iowa caucuses in 2020 had some tech hiccups, and that's, in my opinion, because no one can make sense of a caucus. They're beyond broken, and the more you measure them the more you'll find they're 100% unreliable and indicative of nothing. We certainly shouldn't be showering the person who wins by .5% with millions of dollars of donor money and earned media.
But more broadly, it's also that elections are fundamentally messy, and the more you measure the more you find problems. Either we accept that and build solutions that accept that, or we don't and we live with constant allegations that our elections are fraudulent, courtesy of the perspective that we should be able to have 100% certainty.
> It seems to me that we have somewhat different aims. You have zeal for democracy and are willing to compromise ballot secrecy to verify the election result.
Honestly, I'm not sure what my ideal system is. I think anonymous voting is really important, but I also strongly support compulsory voting, and those two things are in direct tension. I think it's just hard to accept that elections are fuzzy measurements of sentiment and that the role of math in their verification is limited to some basic statistical analysis while the rest is process and politics.
And I think it's really easy to be nerd sniped by the verification part, when tech actually could do so much good in the process and politics part. For example, a lot of States have "wet ink" statutes that mean voter registration forms have to be signed by a literal pen. So guess what Democrats did: they built a robot that holds a pen and signs a voter registration form remotely when someone fills out a voter reg form online. Hooray for tech!
But also, that cost a lot of money and time. Wouldn't it have been easier if State legislatures just weren't assholes?
Anyway, I would say if we're gonna implement a system that costs whatever the cheapest cryptographic verification system costs, we should just fund early voting programs and law enforcement initiatives against voter intimidation and misinformation. I know ...
How could you fail to use the totals indicated by the database and not get caught?
> I know these schemes are way, way more trouble than they're worth and either hinder a lot of the techniques we currently use to verify elections, or make political firestorms that make the election process even more fragile than it already is way more likely.
Don't worry; I'm not going to spend the rest of my life pushing my scheme forward. I might make a toy implementation that people can use for vanity voting with friends. It might gain traction and wider acceptance that way.
> I also strongly support compulsory voting
That reminds me of Soviet Russia and satellites that always had 90+% turnouts. I can't imagine any reason for compulsory voting beside maintaining a facade of popular support for the system. There's a difference between returning invalid ballot and not voting; in the latter case you shouldn't appear on the list of voters.
> law enforcement initiatives against voter intimidation
I think the hard part isn't agreeing that voter intimidation is bad. The hard part is specifying what constitutes voter intimidation. I doubt that legislation could root it out, and there's a working solution to it: ballot secrecy. Ballot confidentiality isn't good enough, as someone could tell voters that an inside man will check how they voted.
> and misinformation
Carefulness here is essential to avoid sliding to an Orwellian dystopy. I'm not sure what measures I would be comfortable with, and I don't wonder if legislators feel the same way.
> How could you fail to use the totals indicated by the database and not get caught?
Because unless you get enough people to use the token (and use it perfectly), you can fudge the margin enough to win. Let's imagine a town of 10,000 people where 2,000 people use the token, and the margin of victory for the mayor is 3,000 people. You can verify 2,000 of these votes (again, let's say we can do that reasonably accurately, which is already a big lift), but that leaves 8,000 votes the corrupt mayor can play with. Unless you get > 7,000 people to use the token very accurately, this system doesn't help.
How would you actually fudge the vote you ask? My answer is that it's extremely, extremely hard to do, and therefore any system making this even harder to do isn't worth it. Someone else's answer is probably a person who wants a verification system like this in the first place; they might say bribery, machine tampering, whatever, all things we've never had even a single instance of ever. Well, there's this Republican County Clerk that maybe did something fishy, we'll see how that pans out, but yeah very very very few instances of.
And imagine the downsides. 2,000 people used the token, but 500 of them misremembered it, and when they went looking their vote wasn't there. Shenanigans! Do over! Stop the steal! Etc. etc.
And let's add on some other stuff:
- Recounts work, and are triggered when small margins matter. Crypto systems almost certainly make recounts much harder.
- Most of this system is already in place: the fact that you voted is already public record.
- Adding the information of who you voted for is also very easy, but we don't do it to avoid pay-for-votes (I know your argument here is such kingpins would force voters to use new tokens and we'd detect it, but 1 no we wouldn't because we couldn't disambiguate that from population changes or people just being forgetful, and 2 tokens would either be tied to a single election or contain a voting history so you wouldn't need a new one anyway).
- Any problems with this system introduce doubt into an election, and since it's very easy for a small number of partisan voters to do this ("hey my vote isn't in the system!"), we're asking for 5,000 diehard Republicans to call shenanigans in every urban Democratic precinct every election.
>> I also strongly support compulsory voting
> That reminds me of Soviet Russia and satellites that always had 90+% turnouts. I can't imagine any reason for compulsory voting beside maintaining a facade of popular support for the system. There's a difference between returning invalid ballot and not voting; in the latter case you shouldn't appear on the list of voters.
You can't imagine reasons for compulsory voting because, and this is gonna sound a little rude but I think that's where we are here, you don't know a lot about elections and voting and haven't spent a lot of time learning and thinking about them. I suggest starting here [1].
>> law enforcement initiatives against voter intimidation
> I think the hard part isn't agreeing that voter intimidation is bad. The hard part is specifying what constitutes voter intimidation.
It's not actually hard at all. There are two major forms of voter intimidation: the cops will lock you up, and someone will beat you up. Generally voters are made aware of these possibilities with phone calls, emails, direct mail, and police/vigilante presence at polling places. These things are easy to outlaw, in fact they're already illegal! We just need cops to enforce the laws. If you're gonna say that'll take more than money, then I'd agree with you....
Those are clear cases and I would have been surprised if they had not been crimes already.
> We just need cops to enforce the laws. If you're gonna say that'll take more than money, then I'd agree with you.
As any crime it must be proved in court to convince the culprit.
> People assume this is about learning how someone voted, but you can actually just keep certain people from voting and achieve that result.
Ballot secrecy still more than halves the effects of voter intimidation. Instead of making people vote certain way, you can only keep them from voting because you don't know how they would vote. Such intimidators could actually harm their preferred candidate.
> you tell women that their husbands will find out how they voted
Admittedly this is something ballot secrecy can't fix, but neither can legislation. Married couples spend a lot of time together privately, leaving ample opportunity for intimidation with little risk of getting caught.
> Because unless you get enough people to use the token (and use it perfectly), you can fudge the margin enough to win.
Of course, but you have to fudge it in the database too to avoid detection. Also you can alter only the counts of popular tokens (such as no token) without detection. People could give a token with no intent to check it just to prevent exactly this. For that corrupt mayor can't know which tokens are really checked, so he can manipulate only the counts of popular tokens or risk getting caught.
> 2,000 people used the token, but 500 of them misremembered it, and when they went looking their vote wasn't there.
To help their memory they could keep a copy of the token with the risk of someone discovering it.
> I know your argument here is such kingpins would force voters to use new tokens and we'd detect it, but 1 no we wouldn't because we couldn't disambiguate that from population changes or people just being forgetful, and 2 tokens would either be tied to a single election or contain a voting history so you wouldn't need a new one anyway
If they allowed using an existing token, they wouldn't know whether the voter they pay used it or someone else just happened to vote as they wanted.
The effect of population changes could be detected from the records of who voted. Forgetfulness is a real confounding factor but it shouldn't vary much between elections.
> "hey my vote isn't in the system!"
They would be mostly ignored unless they would be numerous, as anyone that cares could just check whether his own vote was counted.
> I suggest starting here [1].
They point at demographic underrepresentation as grounds for compulsory voting. I think members of underrepresented groups just vote by their feet; they don't have a candidate they would vote, and compulsory voting won't give them one. It would end up being exactly the kind of facelift I would call keeping up appearance of working democracy.
There's also a list of countries with compulsory voting. I think it tells more of those countries than of compulsory voting. Also some discontinued historical cases are mentioned. In my mind those weigh far more than current adopters. It's not hard to imagine that people don't want to go through the trouble of voting if their options are "more of the same" and "even more of the same".
> this kind of misinformation is usually incorrect polling place information or time--sometimes it's more creative like "drop your ballot off at this (fake) mailbox", but that kind of thing is rare. Again this is also super illegal (the FEC...
>> People assume this is about learning how someone voted, but you can actually just keep certain people from voting and achieve that result.
> Ballot secrecy still more than halves the effects of voter intimidation. Instead of making people vote certain way, you can only keep them from voting because you don't know how they would vote. Such intimidators could actually harm their preferred candidate.
We already have ballot secrecy and we still have bonkers voter intimidation. Again the way it works is you intimidate women voters and voters of color to suppress the votes of people who vote Democrat (way) more likely than not.
>> you tell women that their husbands will find out how they voted
> Admittedly this is something ballot secrecy can't fix, but neither can legislation. Married couples spend a lot of time together privately, leaving ample opportunity for intimidation with little risk of getting caught.
The problem here isn't that it's possible for a husband to discover his wife's vote (it's actually almost impossible to do this). It's the well-funded ad campaigns that intimidate women. Those are pretty easy for law enforcement to crack down on, if they cared.
>> Because unless you get enough people to use the token (and use it perfectly), you can fudge the margin enough to win.
> Of course, but you have to fudge it in the database too to avoid detection. Also you can alter only the counts of popular tokens (such as no token) without detection. People could give a token with no intent to check it just to prevent exactly this. For that corrupt mayor can't know which tokens are really checked, so he can manipulate only the counts of popular tokens or risk getting caught.
How do people get tokens? Don't they have to be unique? You can't just scratch a token in there because you might pick a non-unique one, tanking the whole system (or they might put identifiable information in there). Maybe you can salt them with some PII, but there goes anonymity. I can also imagine all kinds of extra guidance you'd have to give like "don't use the same token across multiple elections because then a corrupt mayor can see that you really do check your number" or whatever else. I think this system has some serious logistics to plan out.
But more broadly, I think you wildly overestimate how much voters are able and willing to do any of this. You keep tacking on tactics voters can employ to attempt to foil corruption, effectively asking more of voters to solve a non-existent problem.
>> I know your argument here is such kingpins would force voters to use new tokens and we'd detect it, but 1 no we wouldn't because we couldn't disambiguate that from population changes or people just being forgetful, and 2 tokens would either be tied to a single election or contain a voting history so you wouldn't need a new one anyway
> If they allowed using an existing token, they wouldn't know whether the voter they pay used it or someone else just happened to vote as they wanted.
So someone exploiting this system would have to:
- Perfectly guess a token
- Perfectly predict who the owner of the token would vote for
- Risk some kind of punishment if any of that failed
Any kind of nefarious organization would just threaten the people doing this, rather than risk statistical detection. Further, pay-for-votes margins are bonkers. You can have something like 70% of your voters cheat you and you still bought 30% of the votes you wanted. That's more effective than advertising by multiple orders of magnitude. The reason people don't do it isn't because it's unverifiable, it's because it's impossible to keep secret at the scale where it would matter, and you go to jail if you try. Which is why we need cops to enforce other voting laws: they work.
>> "hey my vote isn't in the system!"
> They would be mostly i...
The point is that trying to control what others may say, see or hear is suspicious. That's what the whole paragraph is about. It would likely hurt your cause.
> > Generally I think the most effective way to combat misinformation is spreading correct information and trusting that people can discern the truth.
> Democrats and non-partisan organizations spend millions of dollars trying this, and it definitely isn't keeping up. Other problems that require millions of dollars to fix are thought to be crises, and I think we should start thinking of misinformation in general as a crisis.
If you can't win that way, your chances are slim no matter what you do. Btw, you can change a few words and get what Papists probably thought when people began reading the Bible: "The Inquisition spends millions to root out heresy, and it definitely isn't keeping up. Other problems that require millions to fix are thought to be crises, and I think we should start thinking of heresy in general as a crisis."
> Your other counter arguments are essentially: compulsory voting doesn't fix everything. Fortunately for me, that's not my claim.
Hiding indifference and possible demand for fresh ideas is detrimental. People don't get involved in new political movements if it seems that almost everybody is content to vote the status quo. And that's what it would seems like: you need to fill ballot anyway so you try to at least pick the least evil.
> Here are the Democracy Index scores of the countries they list (I've omitted 3 micro-states and 3 cities):
Wikipedia has a criticism section on Democracy Index that reads: "Investment analyst Peter Tasker has criticised the Democracy Index for lacking transparency and accountability beyond the numbers." It may be based on gut feelings of unnamed experts. Compulsory voting may have fooled them to some extent.
Beside this I'm going to just ignore it as I never meant that the list would predict their standing in some ranking. Just that it didn't change how I view compulsory voting, but it did change my views of countries on the list (when it was new to me).
> If you believe there are organizations out there that would pay for votes, why don't you believe there are organizations that would pay people to do this?
I expect that making a fool of oneself publicly and taking the risk of the conspiracy being exposed, would cost a lot more than a vote.
> So someone exploiting this system would have to --
You seem to think of a scenario where the buyers have a list of bribed voters and tokens they should use. Such a list would be highly suspicious if discovered. I have been thinking that they would pay the voter after reporting voting by the token they gave and can verify.
> The reason people don't do it isn't because it's unverifiable, it's because it's impossible to keep secret at the scale where it would matter, and you go to jail if you try.
That reminds me of something I read from a detective: the difficulty of concealing a conspiracy increases as more people get involved. In that case vote buying isn't a problem at all.
> How do people get tokens? Don't they have to be unique? You can't just scratch a token in there because you might pick a non-unique one, tanking the whole system.
The token space should be large enough to make collisions unlikely. Recording the polling station used to cast the vote would limit the uniqueness requirement to that station, but it isn't as difficult as it sounds.
There are over 500 trillion (2*49) unique 7x7 bitmaps. Chances are that 16 million such tokens randomly generated are all unique. The number of 9x9 bitmaps is 2*81, and a trillion random ones are likely all unique.
> (or they might put identifiable information in there)
It...
> The point is that trying to control what others may say, see or hear is suspicious. That's what the whole paragraph is about. It would likely hurt your cause.
I'm assuming what you're being coy about here is that the current election system hides voters' votes from them? Great, please see our entire discussion about why this is a super hard problem to solve and why it's not worth solving.
>> Democrats and non-partisan organizations spend millions of dollars trying this, and it definitely isn't keeping up. Other problems that require millions of dollars to fix are thought to be crises, and I think we should start thinking of misinformation in general as a crisis.
> If you can't win that way, your chances are slim no matter what you do. Btw, you can change a few words and get what Papists probably thought when people began reading the Bible: "The Inquisition spends millions to root out heresy, and it definitely isn't keeping up. Other problems that require millions to fix are thought to be crises, and I think we should start thinking of heresy in general as a crisis."
This is dismissive and contributes nothing. There are core differences between the Inquisition (?) and sending texts to people telling them when and where they can vote. Your argument distills to "truth wins out" and I'm saying there's lots of good evidence to the contrary.
>> Your other counter arguments are essentially: compulsory voting doesn't fix everything. Fortunately for me, that's not my claim.
> Hiding indifference and possible demand for fresh ideas is detrimental. People don't get involved in new political movements if it seems that almost everybody is content to vote the status quo. And that's what it would seems like: you need to fill ballot anyway so you try to at least pick the least evil.
>> Here are the Democracy Index scores of the countries they list (I've omitted 3 micro-states and 3 cities):
> Wikipedia has a criticism section on Democracy Index...
I think you're trying to reason through this from your understanding and first principles, but a lot of things in life are non-intuitive, especially to non-experts. What usually happens in compulsory voting is that voters just scratch their ballots, the incidence of that is super low in Australia, it's a non-issue. You keep trying to make a link between totalitarianism and compulsory voting, but where's your evidence? Some irrelevant moralizing about the lesser evil and that Wikipedia has a criticism section on the Democracy Index (are you seriously taking issue with like, Australia being a democracy)? Is that even compulsory voting's fault (see where I said I agree compulsory voting doesn't fix everything)?
>> If you believe there are organizations out there that would pay for votes, why don't you believe there are organizations that would pay people to do this?
> I expect that making a fool of oneself publicly and taking the risk of the conspiracy being exposed, would cost a lot more than a vote.
You should read about Lee Atwater, and while you're doing it, remember all that was 20 years ago or more, and not even state of the art today.
>> So someone exploiting this system would have to --
> I have been thinking that [pay for vote schemes] would pay the voter after reporting voting by the token they gave and can verify.
Why wouldn't every voter just do this? I'd love to get paid for the votes I was going to make anyway. This is essentially compulsory voting but with carrots rather than sticks.
>> The reason people don't do it isn't because it's unverifiable, it's because it's impossible to keep secret at the scale where it would matter, and you go to jail if you try.
> That rem...
> > The point is that trying to control what others may say, see or hear is suspicious. That's what the whole paragraph is about. It would likely hurt your cause.
> I'm assuming what you're being coy about here is that the current election system hides voters' votes from them?
I meant it as related to fighting misinformation in general. Here's the context where it was used: "Yea, so unwilling they are to communicate the Scriptures to the people’s understanding in any sort, that they are not ashamed to confess that we forced them to translate it into English against their wills. This seemeth to argue a bad cause, or a bad conscience, or both. Sure we are, that it is not he that hath good gold, that is afraid to bring it to the touchstone, but he that hath the counterfeit; neither is it the true man that shunneth the light, but the malefactor, lest his deeds should be reproved; neither is it the plaindealing merchant that is unwilling to have the weights, or the meteyard, brought in place, but he that useth deceit." Papists tried to protect people from what they deemed heresy (ie. misinformation) by withholding the Bible from them and punishing whomever they apprehended of those spreading it, but that way they lost whatever credibility they still had. Of course they were wrong anyway, but I don't recall any historical cases where the users of similar tactics would have turned out to be right.
However I do believe that the ability to see that your own vote was counted would help trust the election result. That's basically the aim of my scheme.
> > If you can't win that way, your chances are slim no matter what you do. Btw, you can change a few words and get what Papists probably thought when people began reading the Bible: "The Inquisition spends millions to root out heresy, and it definitely isn't keeping up. Other problems that require millions to fix are thought to be crises, and I think we should start thinking of heresy in general as a crisis."
> This is dismissive and contributes nothing. There are core differences between the Inquisition (?) and sending texts to people telling them when and where they can vote.
I just wanted to point out how similar your description is to what it must have looked like to Papists in the 17th century.
> Your argument distills to "truth wins out" and I'm saying there's lots of good evidence to the contrary.
I do believe that truth must prevail in the end; there are no eternal lies. Truth resurfaces like a cork from the flood of lies. Nevertheless, "there is enough light for those who only desire to see, and enough obscurity for those who have a contrary disposition." Blaise Pascal. It seems to be a law of nature.
> I think you're trying to reason through this from your understanding and first principles, but a lot of things in life are non-intuitive, especially to non-experts.
Life already feels too short to learn all that I would like to, so I aim for general instead of specific knowledge. In practice I learn new things when I need to, or when they are irresistibly interesting.
> What usually happens in compulsory voting is that voters just scratch their ballots, the incidence of that is super low in Australia, it's a non-issue.
That's just what I said would happen. People scratch ballots when they don't want to support anyone and are afraid to NOT appear at the polling station. Otherwise they wouldn't bother to come or would try to at least minimise evil.
> You keep trying to make a link between totalitarianism and compulsory voting
Compulsory voting is totalitarian; everybody votes.
> (are you seriously taking issue with like, Australia being a democracy)?
Haven't there been mass protests for months? They find need to crowd the stree...
> The internet voting project is, for reasons unclear, categorized under the Open Source Voting project, despite “open-source” not being mentioned in the grant paperwork, Jerdonek, an open-source voting proponent, says. Open-source voting technology uses public computer code to process paper ballots. It is unrelated to online voting. On Tuesday, San Francisco Supervisors began crafting legislation to conduct a long-awaited open-source voting pilot.
This really concerns me.
As long as the record of voter intent is NOT electronic, the election can be hailed into court and sorted out worst case.
backed by blockchain based auditable backend and stored in webscale database via JSON over HTTPs secured by certified authority
You currently can't go anywhere without the SF vax pass. No bars, restaurants, gyms, nothing.
YOU MUST SHOW VAX PASS EVERYWHERE!
Yet, you can vote online? Without identification?
We recently had a CA recall election and anyone could vote for a whole entire month. No ID - NOTHING!
I personally received my neighbor's ballots whom I could've easily wrote in Larry Elder (obviously I dutifully returned to their mailbox).
You must have id to buy cigarettes, alcohol, but to vote? Fuck it.
The "officials" in charge of this should be arrested. Immediately.
I HOPE YOU ALL FUCKING DIE CHOKING ON FAUCI'S FUCKING DICK!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK YOU!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
COMMIE FAGGOTS!
FUCK LONDON BREED! FUCK GAVIN NEWSOM!
Increasingly complex systems featuring a mix of tokens and crypto have costs that exceed simple, human readable ballots and do not add any value.
I can only conclude the driving force is to undermine democracy with what is basically a man in the middle attack.
There is literally trillions of dollars in value there. Not exactly great for the disenfranchised.
Vote by mail works and we should be using it.
Voting in person is the most fool-proof way of maintaining some sense of democracy.
Based on what evidence, exactly? We don't have to argue hypotheticals here - it's been working great across multiple states for many years.
> We should instead not have a single day to vote and allow people to cast their votes over the course of a week or so, with legislation for employers to give employees at least one day off to vote.
Love all of these ideas too.
It's been working great most of the time but it should be a system that always works. We don't need to speak hypotheticals, the news is fraught with articles about people not receiving their ballots, being told they already voted by mail when they go in person, people double voting, voting in someone elses name, etc.
All it takes is a reasonable implementation, which Oregon did and has exported to other States who all have performed.
The stuff you are talking about is last minute pandemic triggered fuckery and is not representative at all.
There are great answers to every exception you put here.
Want to vote in person? Go to an elections office and do that.
Did not get a ballot? Same deal, and there is ample time available. Does not land on a single day.
Were you coerced? Visit an elections office, get your vote sorted, report them, and they could end up in jail.
Worried about mailing it in? Don't. You can use a collections box, or hand deliver.
Did it count? Go online to see status, ballot received, votes will count. Go to an elections office to fix or recast ballot.
Are you registered? Check online, register online, done. Or do in person.
Auto registration happens for all citizens at the DMV. This had to ramp up, and a citizenship check had to get done, but all the people are done and we are just managing the usual churn.
Worried about turnout? Oregon has great metrics. People have a couple weeks to get their votes cast and turned in somehow.
Want to cast the right votes? No screens, no pressure, check your voter guide, research, check them off one by one at your leisure.
Worried about process?
The ballots have a chain of custody, can be hauled into court, and have for manual counts.
Audits are performed against the optical scan machines. Physical voter intent records mean they can always be counted, checked, litigated, whatever the process demands.
I can tell you we vote better and more often, even doing the little elections that happen because it is easy and robust.
No vote challengers bullying people at the polls.
No bullshit voter roll garbage. Everyone checks well in advance of elections. Anyone needing their record updated, party changed, whatever gets it quick and easy and one can call real people too. Almost nobody does, but there are people to call.
Need help voting? Yup. Got that too. I did it a year or two for fun. You sign up and help voters however they need it. Can't see, can't read, whatever.
A National ID does not get us there. The good stuff that makes elections run well happen at the State levels and below. Those are where all the trouble is.
We have problem States. Those people there need to get behind something and lean on it, until their State runs better. Many States that do VBM will do what Oregon does and that is the Secretary of State is available to advise and share everything. There is no need for secrets.
I understand you're proud of Oregon but voting by mail will never be more secure than voting in person. There is no way to verify the identity of who actually mailed the ballot. In person someones identity and eligibility can be verified.
Where?
And I am completely sincere. The pandemic efforts were a mess. Rushed, among other things.
As for identity and eligibility, it is clear you have not actually taken the time to understand much of this as it has been done, and tested, for years. Non issue.
I have been active in voting advocacy and activism since the late 90's. Have been cited in policy papers a few times related to the inherent untrustworthy nature of all known electronic voting systems that do not personally identify voters.
In person voting is great! We do need to clean up obvious manipulations in some States, but if that is the decision, I am fine with it because it works.
VBM also works, and like in person, some places could use a clean up pass.
Where electronic voting is being considered, I always make sure VBM and the Oregon implementation are a part of the discussion because a clear move to change without it means electronic voting gets in easily.
South Carolina has not known who won an election there for a long time, over a decade due to the use of paperless touch screen voting. They recently went to paper, but still have a whole lot of problems.
Frankly, the strongest VBM argument is the well distributed votes cast making it impossible to bias with lack of machines and polls. There are no 8 hour voting queues in poor districts, for just one very notable metric in favor.
I will end with the stats disproving your assertion. Like I said, name a metric and VBM outperforms consistently.
In theory, I will not disagree with you.
In real world outcomes, the US currently and largely fails the Carter Standards, always where electronic voting is in use, and a lot of the time where in person voting is used. And those failures boil down to shady voter roll tactics, caging, challenges at polling places and discrimination in both the number and accessibility of polling sites.
But hey! So long as you aren't an electronic voting advocate, it is all good with me.
Either, implemented well can execute democracy. And they coexist. Easy peasy.
VBM will continue to garner share as more people vote using by mail options that exist today. Early and absentee mainly. They spread the word nicely enough.
Passersby do read.
You might as well be secure in how you want to play it. Those same passersby will see, "did not read..." You may want to apologize to them.
No worries here.
Passes the Carter standards, and has been time tested, production proven here.
I am fine with in person, however doing that actually performs worse given the mess most States have implemented.
Really curious about you're thinking there.
1) Open ballot elections. (e.g. lawmakers voting on a nomination)
2) Small consequences elections. (E.g. flag change)
3) "Non binding elections" (i.e. opinion polls with huge sample size and marketing)
4) Small groups of tech savvy people.
Note that Dominion voting systems, used by 26 states in the 2020 election, appears to be owned by the CCP.
Whatever is built must be submitted to the public for penetration testing along with a large bug bounty program. Invite the best penetration testers from all around the world and encourage them to use whatever hacking and social engineering methods they can dream up and provide them with full legal immunity and a low bar to entry.
Buying millions of votes is risky at best. Hacking millions of votes is trivial if the system is purpose built to facilitate this. Every few years an engineer testifies before congress they were required to make the system weak and then the public quickly forgets because the higher priority is for the public to have confidence in the system. I do not know how to break the public out of this loop. Maybe this is how it is supposed to work.
DAO’s are the future of governance, they are proven working in the wild and should replace the archaic systems we allow others to manipulate in the name of “governance”.
They are a commonly used form of governance for many established defi protocols and networks.
Anonymity. No voter shall be linked to a personally identifiable record of their vote intent.
Freedom. Voters may vote or not.
Transparency. A human readable, physical record of voter intent shall be recorded from each voter. This record is used directly for the final tally.
Oversight. The law, means, methods, records, shall be performed and made available to the watchful public eye.
The problem areas for electronic voting are:
No linking of voters to expressions of voter intent. The record of vote cast.
When voters express intent to a machine, the actual physical expression ends up as a smudge of grease on some input device. The machine interprets that fleeting expression used for the final tally.
Any electronic vote is, by the nature of the technology, a vote by proxy thus placing voters in a position of forced trust, unable to require their actual vote record be hauled into court if needed, and the record is subject to manipulation the voter will have no knowledge of.
Even worse?
Voters cannot verify their vote record captured by the machine reflects their vote intent. The display may show them something, anything at all and who are they to know what actually got recorded, if anything at all was?
Banking gets around this by personally identifiable transactions, double, triple records, receipts and other means and methods people can use to understand whether the right thing happened, and or was manipulated.
Anonymonity denies us all these tools. The product of that is we really need to use a physical expression of the voter intent if we were to have any chance at all of having a trustworthy election.
At the moment of that expression, the voter has a chain of trust between their own internal intent and the mark they made on the physical media. After that moment has passed it doesn't come again, and that is the one and only opportunity to correctly capture and then make use of voter intent in an election.