• petrescatraian@libranet.de
    link
    fedilink
    arrow-up
    18
    ·
    1 year ago

    @Penguincoder I have no degree in Computer Science. I graduated International Relations. However I am still really passionate about FOSS due to the way it brings real world democracy into technology.

    While there are some places in which technology has no place (particularly voting), I believe that technology can help our societies become more open, transparent, involving and better functioning.

    • GreyBeard
      link
      fedilink
      arrow-up
      9
      ·
      1 year ago

      There’s nothing wrong with using technology in voting, it just has to be done in an open, verifiable way.

      • megopie@beehaw.org
        link
        fedilink
        arrow-up
        12
        ·
        1 year ago

        The problem is how difficult it is to ensure it is open and verifiable. Not to mention how much easier it is to scale up attacks on digital voting systems.

        If I want to forge enough paper ballets to swing an election I’m going to need a few hundred people in on it, with a group that large, someone is going to squeal, or get caught doing something dumb and uncover the conspiracy, if I want to forge digital ballots, well, I just need one person with know how and the right exploit.

        It is certainly possible to make a digital voting system that is immutable once the votes are submitted, it is nearly impossible to make one that ensures that the votes being submitted are legitimate.

        It’s a lot of effort and increased risk to roll out an acceptable electronic voting system, it is much easier and safer to just keep using paper ballots.

        • RandoCalrandian@kbin.social
          link
          fedilink
          arrow-up
          5
          ·
          edit-2
          1 year ago

          Believe it or not those are all solved problems

          The largest blockers to implementing them for voting are no longer technological, they’re political

          We can absolutely cryptographically verify your voting choice from your phone, and have you and everyone be able to verify when it changed, where, on what device, etc, while also preserving the anonymity of the voter.

          (Edit: while also making it far easier to combat fraud by making elections trivial enough to go “ok, everyone go check and resubmit your choices!” And immediately validate the majority of the votes as valid, minus those who don’t have internet access who would still need to travel)

          Problem is, there are a lot of very powerful organizations who would suddenly lose much of that power if voting were in any way convenient and accessible to everyone.

          • Slotos@feddit.nl
            link
            fedilink
            arrow-up
            8
            ·
            1 year ago

            Every time someone confidently claims that we can cryptographically verify voting, they are deliberately or ignorantly keeping the complexity and necessity of verifying the verifier runtime, the data source, and the communication channels out of the picture.

            Cryptography doesn’t solve voting verification problem, it obscures and shifts it.

            • davehtaylor@beehaw.org
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              Rando there is really talking about about putting elections on a blockchain and trying really hard not to say the word.

          • _Z1useri@sopuli.xyz
            link
            fedilink
            arrow-up
            4
            ·
            1 year ago

            OK, cool now teach your family that calls their web browser “The internet” enough computer science to adequately understand and audit this proposed open system and convince themselves that their votes are counted in a fair, verifiable and secret manner. Also that the implementation does not have obvious side channels and what is actually running is built from the published source code.

            Like, If I was part of some shady powerful elite I’d love a fully automated setup. Most people will not be able to check the system deeper than “phone displays green check mark” without an unreasonable time investment.

            On the other hand, “room full of people opens box full of papers and counts them while verifying each other” is intuitive enough for almost anyone to grasp and gain confidence in.

          • megopie@beehaw.org
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            You may be able to verify that a given code is correct, or that a given device is correct, but no amount of software can conclusively prove that a given person has voted. All that cryptography prevents is a man in the middle attack, it does not prevent bad inputs from being entered by people who have stolen credentials.

            Voting should be easy and convenient, but paper ballots and voting booths can be easy and convenient.

        • smollittlefrog@lemdro.id
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          All 3 systems use openssl and get attacked using Heartbleed.

          (And even if they don’t reuse even a single piece of code, attackers can still just use multiple exploits.)

          • PoisonedPrisonPanda@discuss.tchncs.de
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            yes but 3 different exploits would result in different results. which is an indication that the voting result is irrelevant, and should be repeated

            edit: I am by far no expert, yet having anykind of kniwledge in that area, so I apologize for naivity in advance.