Generally a lot of voting security experts advocate for paper ballots with electronic counting. It is very robust, efficient, has great fallback, and lots of systems available to keep secure.
I envision a system where after I vote I rip off the top of the card and am able to use that hash like token to later verify that my vote was counted correctly
That's only viable in countries/situations where secret ballots are not a strict requirement and vote buying is not perceived to be a problem
With paper ballots if you want to be sure that your vote was counted correctly you generally can go and see the counting process, as a bonus like that you help ensure that every vote is counted correctly
It’s possible to keep it secret, it’s just more complicated. I proposed one such setup in an old comment. Quoted here with some fixes.
“What if you get the receipt with UUID and your voting choices, then at a separate kiosk only in the polling station, you can enter your UUID to view the full results as posted online (meaning electronically recorded and stored). Along with your UUID and results, a hash of the two is displayed and can be printed onto your receipt. Before leaving the station, you must detach and dispose of the plaintext voting choices portion, but you can hang onto the UUID + hash.
At any time in the future, you can enter your UUID into the site, which will compute and display only the hash, giving you verification of no tampering but not disclosing any results to nefarious third parties.”
It’s not foolproof and still requires more trust in maths than just showing your voting choices would. But it does solve vote buying and voter intimidation.
The only time vote buying was historically a problem was when it was decriminalized or legal and done out in the open. The instant it was criminalized it evaporated completely.
Doing it on a scale that is large enough enough that it becomes meaningful quickly becomes impossible even if the police only do a few half hearted sting operations.
Im not particularly in favor of electronic voting but i wish this particular meme would die coz it's mainly gonna be used to excuse voting systems corrupted at the source that the voter cant check.
> The 2010 and 2012 surveys for the Americas Barometer showed that 15% of surveyed voters in Latin America had been offered something of value in exchange for voting a particular way
> 16% of voters [in Africa] were offered money or other goods in exchange for voting a particular way in the most recent election
And yeah, in developed countries and stable democracies it probably wouldn't be an issue, but then maybe it would eventually be, and it's a pretty big flaw to introduce in order to achieve something that is not an issue
You can already check that your vote is being counted with paper ballots, you sign up as a poll observer or worker and you look at the vote counting operations
Brazil was a clear example of where it started out legal (until 1999!). After it was made illegal it declined a lot in spite of really inconsistent enforcement.
Where it happened it was perfectly obvious who was doing it, but the cops wouldnt touch them. It was a crime committed out in the open.
A similar pattern played out in America in the 1800s where it was widespread, made illegal, started out not particularly well enforced and then it gradually became extinct.
Everywhere it's been a problem it's basically been officially tolerated. The crime quickly becomes impossible to commit if it isnt.
This is in stark contrast to many other crimes (e.g. drugs) where even strict enforcement doesnt do much.
No, you could do it in a way where the voter can verify their vote was recorded correctly but can't prove it to anyone else. Trivial method: require the voter to assign random numbers to each candidate. They remember the number of the candidate they chose. The voting system later says "you voted for 6".
You have all of the recording done to a paper tape that the user can inspect as their vote is made. That paper tape is read by machine later. That means you only need to trust the counting machine, which is pretty easy because you can easily do random samples to check it is working, or have both parties count or whatever.
You can't eliminate the possibility that your paper vote is completely discarded and replaced by fake ones. But that's not really any different to existing non-electronic voting.
I think the problem is who builds it. I wouldn’t trust election software that wasn’t open source with a lot of eyeballs on it. Diebold wasn’t exactly a shining example to set. Preferably a non profit organization backing it and then having it adopted as a standard. I just don’t see that happening in the US where voter obstruction is part of at least one party’s strategy.
Open source doesn’t actually matter here. A closed source electronic system should work just as well. Why?
The way it should work is the machine should just print out a scantron AND a human legible copy (probably with a bar code linking the two). The person submits both by hand. You get early results by counting the scantron. Before certification, there is a statistically significant manual counting of the human legible ballots. For tighter races you recount all. The linked barcode lets you also statistically cross-validate in case there was a discrepancy between the machine readable copy printed and the hand ballot (you sample randomly).
Open source means absolutely 0 here. There are too many vectors of attack (eg physically compromising a machine, chain of custody, malware etc). Better to assume the machine is compromised and build a system that doesn’t care.
How does open source help? If I place a device in front of you and tell you it's open source, there is no guarantee that it is running what you can download from github.
It’s just that windows is quite a bit more complex and vulnerable compared to much simpler and security focused OSs like a BSD back then or maybe Alpine Linux these days.
That's the point of the system I described. Vulnerabilities of the automated system don't matter. You verify the manual result and the digital result are the same.
The issue is verification - how do you verify the elctronic count was accurate?
And if you're going to manually count it to verify the electronic count, then why have the electronic count in the first place?
A small, statistically representative sample of the paper ballots are counted by hand and compared against the electronic count. If discrepancy arises, a more thorough audit is performed.
Interesting, makes sense. Is this actually the recommended resolution process by the vendors as well or is this something that needs to be approved and adopted by each voting precinct?
Spot checks are good enough in such a case; if you manually count 1% of the votes and the margin of error is negligible, the electronic count is sound. If there's too many errors / differences, stop using the electronic counting and just count by hand.
This is what a lot of states get wrong, with the voting machine itself being the gateway to entering your vote and having it read. For the machines in my Georgia county, it prints a paper ballot that you drop it into a counting/scanner machine, but the issue is that the only thing on the paper is a QR code that is likely encrypted (nothing readable when scanned with a standard QR reader), so there really isn't a way to verify that the paper you got actually matched what you entered into the ballot machine.
The ideal system is: ballot machine entry -> prints paper ballot scantron style, so the only information the scanner will see is what you've verified is correct -> scanner reads it and enters it into their database while also saving the paper.
This is how it works in India: Once we click the button for a candidate, There will be light highlighting the selection on the voting machine. A printer that is connected to the voting machine prints the voted candidate symbol (and name?) and shows us the printed paper through a glass for a few seconds for verification and then drops it in.
Later during the counting procedure, random ballots are counted for both. If someone arises some issues about the voting, those are then counted using printed ballot papers.
