Huh? How can Watchdogs act independently to verify the ballots if they are
not allowed to see them until you have edited all identifying marks?
Straight to the point.
I asked Jan and Walt to be poll watchers in the April membership poll.
Jan did not want to ask for the raw ballot results (I would have to remove
voter ID, but leave only the passwords for checking) and consequently did
not deliver a report.
He probably realized that if he got the raw results from the Polling
Officer with the highest access above root, there would still be no
guarantee that this person could not doctor the results before passing
them on, especially when asked to remove names and emails.
To give anyone root access (even the owner of the PB does not have it, as
it is a commercial provider that hosts the PB site) is not possible and to
allow a watchdog access to the server on the level of "admin of the admins"
also means that the watchdogs need to be trusted not to abuse any of that
access.
The moment such access is given the possibility of anyone tampering with
results increases. Even if watchdogs check each other, any conflict about
the integrity of the data would render an election contested.
The thinking behind the Booth is to step around this dilemma and make the
voters themselves watchers of the count.
For the small price of allowing some feedback during the vote, they can
verify the count at any time.
If there occurred any tampering with the data during the vote, they would
notice a diminishing in the tabulation.
Obviously the final data passed on to the watchdogs are protected against
any tampering because they cannot be different from what all the voters
have witnessed during the voting period.
The Booth has not been programmed to allow access for active watchdogs and
to do it properly and still eliminate tampering (by one of the dogs) and
security holes that may be opened by making the code more complex and allow
the Booth to send data to the watchdogs during the voting is not trivial.
Who will guarantee that the code is not extended a little and the data flow
elsewhere too...?
The simplest systems are the most secure.
In the end you can trust no-one except yourself.
The role of watchdog should not be focused on vote counting only, but also
on the way the Polling Officer conducts the election.
i.e.
-is there an element of railroading?
-is she not giving the voters enough choice?
-is the PO behaving ethically?
-are voters given the time to examine their choices?
-etc.
-joop-
---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de