Written By:
all_your_base - Date published:
2:05 pm, December 15th, 2008 - 23 comments
Categories: interweb -
Tags: electronic voting
Last Thursday, while our new government was making it easier for businesses to fire employees, politicans in Estonia were making it easier for people to vote.
In Estonia’s 2011 parliamentary election people will be able to vote via mobile phone. The system apparently “requires that voters obtain free, authorized chips for their phones” which are used to verfiy their identies and enrollment. The article’s a little short on detail so it’s hard to know if the system is likely to overcome the many criticisms of electronic voting. Sounds like if it works out in Estonia though, Finland and Sweden might not be far behind.
Heck, I go away for a few days to see the great Billy Joel, I come back to see you guys are still trying to make up the employers protection bill a news a story??
Give it up, guys.
they love their tech over there. They’ve got this E-stonia strategy – Cabinet ministers haven’t used paper at their meetings for years. there was online voting in 2007 and i’m told it seemed to work fine using a two-key system to prevent fraud. The potentia problem isn’t individial fraud though it’s, as the simpsons allude to, misrecording of the vote accidently or intnetionally with no physical votes to be checked.
they’re a good country for pioneering this kind of stuff – small grographically, small population, concentrated in Tallinn, well-educated, forward-looking.
The “employers protection bill” – oh Brett, sometimes I just want to give you a hug.
i love the estonian parliament. the only one i know of laid out with no curve at all. looks like a school class room http://www.einst.ee/historic/images/hip/28.jpg
It always seems to me a little odd that we can trust the banks to record our last cent correctly but we can’t do the same with our vote.
Having said that, there is something about the rustic charm of getting out and about on election day.
More so, with scrutineers and the like, it’s not just fair, but seen to be fair.
Tane:
I think it has a nice ring to it, imagine taking a risk as a small business owner, hiring someone and then finding out they are not up to scratch and wont ever be, now you have a safety net.
Daveski,
It’s even odder when you consider Diebold who make the questionably accurate voting machines used in the U.S. have themselves been making ATMs for years with no issues. And ditto on the seen to be fair. I like the way we do it.
btw Brett who is “the great Billy Joel”? Any relation to the tired old mediocre one? (Sorry couldn’t help it.)
Felix:
Anyone who saw his concert in Auckland on saturday wouldn’t say that, his songs stood the test of time, his voice was great, one of the best concerts I have ever seen, the guy is a legend.
BD I’m with Felix on this one 🙂
I was devastated to miss out on the AK79 reunion – particularly the Scavs. Just showing my age now.
Last Thursday, while our new government was making it easier for businesses to fire employees…
You say that like it’s a bad thing.
And Brett,
Don’t go changing to try and please Felix.
True, Billy – he should go changing for his own good 😉
Glad you enjoyed it anyway Brett. There’s nothing wrong with liking awful music – it’s the people who don’t get excited by any music that worry me.
“It’s even odder when you consider Diebold who make the questionably accurate voting machines used in the U.S. have themselves been making ATMs for years with no issues”
There are serious security problems with ATMs and credits cards all over the world, just the reports are never published because the banks stomp on anyone daring to threaten their business model (rather than actually taking responsibility and fixing the problems – that’d be too expensive). There was an article on slashdot a while ago about this. No I don’t have a link – you’ll have to take my word for it.
As to the actual topic of the post, voting by phone doesn’t seem like a great idea. All you need to do is mug someone and steal their phone and/or chip, and you have their vote. Then again I guess it wouldn’t be hard to get someone’s easyvote card and pretend to be them, either.
I’m with Brett – I’d liked to have gone to that concert.
I think it has a nice ring to it, imagine taking a risk as a small business owner, hiring someone and then finding out they are not up to scratch and wont ever be, now you have a safety net.
Imagine being a small business owner, hiring someone and realising they might need some training. Now you can just fire them instead. You don’t even need to manage the employee to give them a chance to see if they could perform. You can even fire them because you don’t think they’ll perform, even though there was nothing wrong with them as such, you just thought they didn’t seem quite right. Maybe it was because they were {insert minority here}. At least you don’t have to tell them why.
Our workforce is just going to thrive!
I wonder how long it takes the lazy idiots out there to realise they only need to pretend to be good for 90 days – survive that and it seems the entire business-owning population of New Zealand is too stupid to write two letters of warning to an underperforming empoloyee, so they’ll be sweet after that. I mean everyone knows it is thoroughly imposible to write a letter saying “your performance is an issue” followed up with “you have not addressed the issue, and are on notice”. Nope, that just can’t be done.
Fundamentally, this is a bad idea – unless it’s done right, which it’s technically extremely hard to do. It’s hard to really explain how hard large-scale cryptographic identity verification is to do while retaining the fundamental qualities a voting system must: anonymity, protection from ballot-stuffing, verifiability and simplicity.
There’s no useful information in the articles and a quick search doesn’t yield anything much on the matter, but I’ll be curious to see what people who understand systems like this (folks like Bruce Schneier) have to say about it once further details become available. Voting technology is something of a catch-22 – it’s so technically complex that it can’t be entrusted to even the best-briefed politicians, and so critically important that it mustn’t be entrusted to anyone without direct oversight by elected politicians. I can’t support or endorse any such system unless the whole thing – from start to finish – has been exposed to a long, detailed, public process of scrutiny along the sort of lines that NIST runs for the SHA crypto algorithms. Until then, it’s a nice idea but fundamentally worse than what we already have.
Oh, and for the record – Billy Joel is humbug, in my view.
L
I met Billy Joel when my company did the video (for the stadium screens) for his concerts over here. Nice guy, but he’s surrounded by more goons with worse attitudes than Frank Sinatra ever was. I’d heard the term “frogmarched” but had never had it happen to me till I was quite literally frogmarched to bhis chief of security goon for the crime of taking photos of the great man on our screens (to illustrate our screens and that we’re favourites of the Depends set (we almost landed *shudder* Andre Rieu, and have done Elton John and the Three Tenors)).
Anyway… turns out the problem is Billy doesn’t like closeups that show his jowls, so they were summarily deleted from my camera. Similarly we were told that any closeups of his fingers on the piano weren’t to tilt up to show his profile.
Now that’s what I call rock ‘n’ roll cred 😀
Meanshile Lanthanide claims:
Right, so to cover up this massive insecurity in ATMs and online banking our banks – who are notoriously hard nosed and avaricious in every other facet of their operations – are giving money away so no one will notice what’s missing. Excuse me if I’m dubious.
I too like the ceremony of strolling to a polling booth to cast my vote, but the reason I’ve been advocating for e-voting since 1999 is because it would allow a far greater level of participation in our democracy between elections. And I’m highly suspicious of anyone who opposes it… they’re usually entrenched somewhere in the status quo.
I’d hate the idea of electronic voting. There are so many things that I could probably do to the systems.
BTW: I still like Billy Joel, at least all of the old albums. I thought he’d died years ago.
I’d be happy if NZ could start by just copying Estonia’s long established system for paying for the bus with your mobile.
Lynn, that’s correct; Billy joel did die years ago.
It hasn’t stopped him performing though 😉
Re: Rex
Actually I never said anything about the banks paying people out, just that they squash the reports so they don’t get published, via threats of lawsuits.
Since you’re skeptical, here are two articles I know of that I found with a minute or two or googling. I’m sure there are much more serious things lurking out in academia (security studies, etc) that get buried without them ever being published.
http://it.slashdot.org/article.pl?sid=07/05/24/136207
http://consumerist.com/5043831/mythbusters-gagged-credit-card-companies-kill-episode-exposing-rfid-security-flaws
Lanthanide:
Your first link illustrates the theft of credit card numbers using a Google search technique that extracts them from insecure third party sites (i.e. people who sell stuff on the web) not banks.
Sure it illustrates that Visa et al have been too damned lazy to do anything about it (no doubt because they’re gouging us for so much in interest and fees they don’t care) but not that the banks’ security has been compromised.
Online voting, however, would be controlled by one central system (and if I were running it I’d hire a techy skeptic like lprent and pay him lots of money to attack it first… indeed as part of the NZ Electronic Electoral Trial in 1999 we were planning to offer an all-comers “hackers prize”).
Your second link is about the reasonably well known insecurity of RFID chips, in this case implanted in credit cards. No one is suggesting RFID for e-voting.
I stand by my assertion that e-voting could be made as secure as online banking, if not moreso, if sufficient time and money were invested. The technology was there in 1999… it can only have gotten better in the last decade.
Rex:
I brought this up because Felix is under the illusion that ATM machines are safe. There was a news report on stuff.co.nz just recently about two people skimming a bunch of cards that were used in Hamilton during the V8 races.
I am simply pointing out that ATM machines are not safe and it is an assumption that they are. I’m not saying, and never did, that voting via cellphone can’t be made safe and secure.
The main problem with electronic voting outside polling booths cannot be solved by improved technology. It’s that without voting being confined to a supervised area, there is no way to enforce a secret ballot.
Electronic voting in polling booths should be achievable, although it’s a different problem to ATMs. If a thousand fraudulent ATM transactions go through, it’s a tolerable loss for the bank. However, less than a thousand fraudulent votes could lead to an electorate being stolen.
Also, our voting system works very well and there is no real reason to improve it. Anyone can vote at any polling station, there are no queues and the count is pretty much complete within hours.