Even being FOSS and cryptographically signed is just partial solution, frankly.
Even if the software is FOSS and publicly reviewed, that doesn’t ensure it’s what is actually running on the hardware, or that the hardware can be trusted. The whole system needs comprehensive open design and review - and it gets complicated fast.
Throwing cryptography at voting creates some intriguing complications with interesting solutions, what with the usual voting system requirements (separation of voter identity from ballots, while still allowing the voter to verify the ballot was received correctly, is a huge problem).
And there’s always someone going “WhY wE dOn’t jUst uSe bLoCkChAiN” as if that magically solves all of the problems 🤦🏻♀️
Right, the hardware is the problem. If we do some software solution, it’ll be through a web browser or app, both controlled and developed by some independent group (to prevemt bias from the current admin) monitored by the government and released as FOSS. It would do challenge-based tamper protection on launch and submission of the vote, and you could use a separate, government-produced verification website to check your vote.
Even with all that, I still think we should stick with paper ballots. However, if we absolutely need something digital, that’s less bad than the current voting machine system.
If we do electronic voting, it needs to be FOSS and cryptographically signed. And even then I don’t think I want it.
Even being FOSS and cryptographically signed is just partial solution, frankly.
Even if the software is FOSS and publicly reviewed, that doesn’t ensure it’s what is actually running on the hardware, or that the hardware can be trusted. The whole system needs comprehensive open design and review - and it gets complicated fast.
Throwing cryptography at voting creates some intriguing complications with interesting solutions, what with the usual voting system requirements (separation of voter identity from ballots, while still allowing the voter to verify the ballot was received correctly, is a huge problem).
And there’s always someone going “WhY wE dOn’t jUst uSe bLoCkChAiN” as if that magically solves all of the problems 🤦🏻♀️
Right, the hardware is the problem. If we do some software solution, it’ll be through a web browser or app, both controlled and developed by some independent group (to prevemt bias from the current admin) monitored by the government and released as FOSS. It would do challenge-based tamper protection on launch and submission of the vote, and you could use a separate, government-produced verification website to check your vote.
Even with all that, I still think we should stick with paper ballots. However, if we absolutely need something digital, that’s less bad than the current voting machine system.