Re: [atlarge-discuss] Internet Voting...

["J-F C. (Jefsey) Morfin" <jefsey@club-internet.fr>]

At 19:39 04/06/03, Walter Schmidt wrote:
> Over the years, two of the top reasons for making it difficult to report
> positively in an attest engagement involving automated procedures is the
> lack of documentation that that proves "today," "it" was done "yesterday,"
> and the inability to "today" trace specific transactions through all
> stages of the process they underwent, "yesterday."
>
> I don't see this getting any easier...but that's my opinion.
I dont think there is any problem in that. The basic problem is to make 
sure that the ballot cannot be traced to a voter (like real ballots) while 
making sure everything is reported as it happened. A non reversible 
algorithm like MP5 permits the fist thing. Synchronous reporting registered 
by trusted third parties permit the second one. The problem is not the 
voting mechanism but the trust. The way to build a secure trust is to split 
among different parties controlling one another. The solution we took was 
to make voters the main trustees, watchdogs could be fakes, PC Members 
could be crooks as long as they were not a gang. In real votes in most of 
the countries the observervers/watchdogs are representatives of the 
candidates. In e-vote they can be programs of the candidates. This is a 
fairly secure system. But it does make anyone to make money: here is THE 
problem :-)

The real problem is a problem of culture: candidates do not know yet what 
an e-vote can be and why one could be better than the other. Those who want 
to be a watchdog want often to apply their own rules and not the rules of 
the system they use. This is normal, netocracy will not build in one day.

Anyway, you challenged me on the last vote on a precise point you and I 
make the core of the solution and you did not commented my response. Be 
sure this is not dispute: I do believe we can very easily find a good 
voting solution which scales - different from the physical one - but that 
people may trust the same on the long range. And I am interested in 
building it as I think it is rather simple ... but free.

Let consider these two shocking propositions:
1. for a physical voter: "the ballot should be burnt as soon as voted, so 
no one can trace it to the voter"
2. for an educated e-voter "the ballot must be archived so it may be 
recounted".

Today there are more physical voters, so destroying the ballot is 
unthinkable. But more and more we will see the physical vote disapear. And 
no hybrid solution can be accepted. An accepted vote is a "burnt" vote.

Why will physical vote disapear? Because it it is physically not protected. 
Mafia asks people to use their mobile to take a snapshot of their vote to 
prove who they voted for. Many people will come with other ideas. What is 
an error is to believe physical votes cannot not be tampered. I thing 
e-vote may be _less_ tampered, only it permits because a larger number of 
different concerned people to watch them through different synchronous and 
asynchronous processes.

This does not solve the ID problem. But IMHO the ID problem can only be 
solved the day e-Human Rights are first written and the e-Naming Rights 
defined. Joey's and my own attacks in here plainly shown the problem and 
how the demands of some (who are genuinely cocnerned) conflict wiht many 
existing laws and moral duties.

jfc


---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de