Is Venezuela Ahead of Us on E-Voting?

by on November 29, 2006 · 10 comments

Mike Masnick notes that Venezuela is ahead of the United States when it comes to adopting voter-verified paper trails for their electronic voting machines. Several commenters objected that given the level of corruption in Venezuela’s government, this doesn’t really mean anything: corrupt government officials can mis-count paper voting records as easily as electronic ones.

I don’t know enough about Venezuelan politics to have a definite opinion on whether the election is likely to be rigged, but the general point is quite true. Voting security ultimately turns on human factors, not technological ones. If the people running your election system are systematically corrupt, your election results are going to be suspect no matter what technological safeguards you put in place. E-voting (with or without a voter-verified paper trail) can’t make dishonest officials follow the rules. It simply obfuscates the voting process, making it less likely that someone will spot foul play should it occur.

  • http://tieguy.org/ Luis Villa

    It is also worth noting that the same corrupt, no checks-and-balances Venezuelan government owns the voting machine company (which is now selling their wares in the US!). If that isn’t a recipe for disaster, I don’t know what is.

  • http://tieguy.org/ Luis Villa

    It is also worth noting that the same corrupt, no checks-and-balances Venezuelan government owns the voting machine company (which is now selling their wares in the US!). If that isn’t a recipe for disaster, I don’t know what is.

  • http://www.digitalproductions.co.uk Crosbie Fitch

    E-voting does (dare I stick my head above the crenellated parapet) permit greater transparency and accuracy.

    Imagine that 100 voters submit their votes into a photocopying machine that redistributes votes to each of the 99 other voters. We have 100 people with 100 votes and 100 counts. If all counts are the same, it would seem that the count is accurate.

    Magnify 100 to 100,000,000 and the photocopying machine to the Internet…

    The trouble is, proprietary solutions are immune to any and all detractors picking holes in their inevitably fundamentally flawed sec-via-obsc e-voting solutions, whereas this, public solution, has every geek in Christendom taking pot shots at it as though it were an alien invader intent on destroying civilisation as we know it.

    Let the people count their own votes for Christ’s sake.

  • http://www.digitalproductions.co.uk Crosbie Fitch

    E-voting does (dare I stick my head above the crenellated parapet) permit greater transparency and accuracy.

    Imagine that 100 voters submit their votes into a photocopying machine that redistributes votes to each of the 99 other voters. We have 100 people with 100 votes and 100 counts. If all counts are the same, it would seem that the count is accurate.

    Magnify 100 to 100,000,000 and the photocopying machine to the Internet…

    The trouble is, proprietary solutions are immune to any and all detractors picking holes in their inevitably fundamentally flawed sec-via-obsc e-voting solutions, whereas this, public solution, has every geek in Christendom taking pot shots at it as though it were an alien invader intent on destroying civilisation as we know it.

    Let the people count their own votes for Christ’s sake.

  • http://www.techliberation.com Tim Lee

    Crosbie, I don’t see how that would work. How would you do it in a way that preserved the secret ballot. And how would each voter know that the authorities weren’t withholding some of the ballots? Also, how do we prevent ordinary voters–who are not computer security experts–from having their votes stolen by malware or phishing?

  • http://www.techliberation.com Tim Lee

    Crosbie, I don’t see how that would work. How would you do it in a way that preserved the secret ballot. And how would each voter know that the authorities weren’t withholding some of the ballots? Also, how do we prevent ordinary voters–who are not computer security experts–from having their votes stolen by malware or phishing?

  • http://www.digitalproductions.co.uk Crosbie Fitch

    I’ll put my special handwaving gloves on for this. ;-)

    Votes are stored in discrete encrypted files that use public key encryption in various ways.

    People can vote anywhere, at any web terminal, using a piece of free software that creates their vote file. People can vote any number of times – each vote supercedes the previous.

    All files are redundantly replicated to as many who want them. This enables any voter to later check at any other station that their vote is correct.

    Until a key is released to reveal all votes’ selections (but not the voters’ human identities), the only counting that can occur is how many votes have been made (including multiple votes).

    It is nevertheless possible for a voter in conjunction with the software to generate a pattern that will enable the retrieval of their vote (possibly along with a few other similar votes).

    Once the count key is published (which also specifies a time code to invalidate subsequent votes), all votes’ selections can be decrypted and counted (with overrides of multiple votes being prioritised appropriately).

    Thus all people in possession of all votes can perform a count. But, the identities of the voters remains anonymous – though a voter can still retrieve their vote.

    So, you have a pre-count period in which it’s up to each voter to convince themselves that their vote has been registered correctly (by checking at multiple sites), and a post-count period in which this checking is superfluous (nothing can be done for those voters convinced everyone has deleted/changed their vote).

    And for prevention of vote selling, we also have a pin number that enables a voter to issue a higher priority vote. All pins appear to operate the same, but only the correct pin actually achieves the desired effect.

    This system also requires mutual/social human identity accreditation, i.e. we all certify each other as bonafide humans entitled to vote. You could probably start the ball rolling with a part-centralised/part-distributed system, but ideally you’d have to distribute the trusted authority among the people.

    So, yes, apparently simple, but technically exotic.

    You’d only need 1% of the population to continuously challenge and verify the software.

  • http://www.digitalproductions.co.uk Crosbie Fitch

    I’ll put my special handwaving gloves on for this. ;-)

    Votes are stored in discrete encrypted files that use public key encryption in various ways.

    People can vote anywhere, at any web terminal, using a piece of free software that creates their vote file. People can vote any number of times – each vote supercedes the previous.

    All files are redundantly replicated to as many who want them. This enables any voter to later check at any other station that their vote is correct.

    Until a key is released to reveal all votes’ selections (but not the voters’ human identities), the only counting that can occur is how many votes have been made (including multiple votes).

    It is nevertheless possible for a voter in conjunction with the software to generate a pattern that will enable the retrieval of their vote (possibly along with a few other similar votes).

    Once the count key is published (which also specifies a time code to invalidate subsequent votes), all votes’ selections can be decrypted and counted (with overrides of multiple votes being prioritised appropriately).

    Thus all people in possession of all votes can perform a count. But, the identities of the voters remains anonymous – though a voter can still retrieve their vote.

    So, you have a pre-count period in which it’s up to each voter to convince themselves that their vote has been registered correctly (by checking at multiple sites), and a post-count period in which this checking is superfluous (nothing can be done for those voters convinced everyone has deleted/changed their vote).

    And for prevention of vote selling, we also have a pin number that enables a voter to issue a higher priority vote. All pins appear to operate the same, but only the correct pin actually achieves the desired effect.

    This system also requires mutual/social human identity accreditation, i.e. we all certify each other as bonafide humans entitled to vote. You could probably start the ball rolling with a part-centralised/part-distributed system, but ideally you’d have to distribute the trusted authority among the people.

    So, yes, apparently simple, but technically exotic.

    You’d only need 1% of the population to continuously challenge and verify the software.

  • http://tieguy.org/ Luis Villa

    A little more on the firm that provides Venezuela’s machines. Being investigated for bribery and tax fraud.

  • http://tieguy.org/ Luis Villa

    A little more on the firm that provides Venezuela’s machines. Being investigated for bribery and tax fraud.

Previous post:

Next post: