ISF Logo   IS Forum
Forum Index Register Members List Events Mark Forums Read Help

Go Back   International Skeptics Forum » General Topics » USA Politics
 


Welcome to the International Skeptics Forum, where we discuss skepticism, critical thinking, the paranormal and science in a friendly but lively way. You are currently viewing the forum as a guest, which means you are missing out on discussing matters that are of interest to you. Please consider registering so you can gain full use of the forum features and interact with other Members. Registration is simple, fast and free! Click here to register today.
Reply
Old 4th August 2018, 06:41 PM   #241
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by Mongrel View Post
On a more thorough reading though, what's the proof of work? How are you going to be able to generate the robust key that is one of the lynchpins of blockchain while still being able to process people at a speedy rate?

How do you stop a 51% attack, and you may want to read up on botnet swarms before answering.
A search for 'Blockchain security' got this article from MIT Technology Review, from the article;
Good questions.

If blocks were added to the chain at the bitcoin rate of one every 10 minutes then depending on how many votes were stored in a block, we could be looking at years to build the complete chain and this would be totally unacceptable. If there were (say) one blockchain for each electoral district then that would solve the time problem.

A 51% attack would make it possible for votes to be prevented from being added to the block chain. I don't really have a satisfactory answer to this ATM (but see below). I guess that this is like the originating computer malware problem.

At the end of the day, if individuals examine the blockchain and find that their vote is missing or incorrect then they would need an avenue to complain and have action taken.

Originally Posted by Mongrel View Post
I apologise, you gave an explaination for how one sort of blockchainWP worked.
Yes, I described the "proof of work" model which can be considered a competitive model.

The other main method is known as "consensus" (as used in Ripple and Stellar). This can be considered a cooperative model. In this system, each node goes through several rounds of voting to decide which electoral votes get added to a block. If an electoral vote misses out then it gets considered for the next block.

Since it takes a matter of seconds to add a new block to the chain and there is no limit to how many electoral votes can be included (other than the time restraint) the time to complete the blockchain is considerably reduced.

I am not aware of any weaknesses in this system (but there are probably some).
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 7th August 2018, 07:54 PM   #242
WilliamSeger
Illuminator
 
WilliamSeger's Avatar
 
Join Date: Nov 2006
Posts: 3,390
Vote From Your Phone? West Virginia To Test Blockchain-Based Voting In 2018 Election

Originally Posted by International Business Times
In an era of increased anxiety over the possibility of election fraud, one state will allow certain residents to vote using their mobile phones for the first time. West Virginia is set to give mobile voting privileges to military personnel serving overseas through the use of a blockchain-based startup during the upcoming midterm elections, CNN reported.

*snip*
Anyone trying to vote with Voatz needs to go through a digital vetting process first to reduce the threat of voter fraud. They will need to provide a photo of their ID and then take a video of their face. The photo and the video will be matched up using facial recognition software, which will then allow the user to vote after approval.

One potential problem with this method is that facial recognition software has been criticized for its inconsistency. A study conducted by the Massachusetts Institute of Technology earlier this year found that facial recognition technology was far less accurate for people with dark skin, particularly women. The study found that 35 percent of women of color were misidentified, while men of color produced errors 12 percent of the time.

Both figures were significantly higher than that of their white counterparts.

There are also other general concerns with the security of voting via mobile phones. Multiple experts told CNN that mobile voting is a bad idea, one that could potentially open the democratic process up to digital meddling. These digital votes would leave no paper trail and would occur on devices and over networks that have not been properly secured, they said.
Multiple experts say it's a bad idea, but the Republican Secretary of State thinks it's great, so they're going to use it. The ridiculous "digital vetting process" alone should have disqualified this system.
WilliamSeger is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 01:32 AM   #243
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by WilliamSeger View Post
Multiple experts say it's a bad idea, but the Republican Secretary of State thinks it's great, so they're going to use it. The ridiculous "digital vetting process" alone should have disqualified this system.
"Multiple experts" and "digital meddling" are so vague to be meaningless. Of course if the GOP is planning to use it they will stuff it up. If it is for military use then there should be a better system than "digital vetting".

Again, each voter will be able to see how their vote was recorded on the blockchain ("paper" trail or not) so it is up to the organizers to come up with a complaints procedure if a voter says that their vote was recorded incorrectly or not at all.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 03:34 AM   #244
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by psionl0 View Post
"Multiple experts" and "digital meddling" are so vague to be meaningless.
What an odd thing to say. We've spent most of the thread describing what could be called "digital meddling". Why would that be confusing to you now?

Also, "multiple experts"? You can deduce no meaning from that phrase based on the context?

Originally Posted by psionl0 View Post
Again, each voter will be able to see how their vote was recorded on the blockchain ("paper" trail or not) so it is up to the organizers to come up with a complaints procedure if a voter says that their vote was recorded incorrectly or not at all.
That would require a level of skill very few people have and, again, ignores the core problems entirely.
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 06:53 AM   #245
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by Upchurch View Post
What an odd thing to say. We've spent most of the thread describing what could be called "digital meddling". Why would that be confusing to you now?
I can barely make out what you mean by "digital meddling". I have no idea what the article means when it uses the term.

Originally Posted by Upchurch View Post
Also, "multiple experts"? You can deduce no meaning from that phrase based on the context?
Nope.

Originally Posted by Upchurch View Post
That would require a level of skill very few people have and, again, ignores the core problems entirely.
If you mean that the GOP can't do it then I agree.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 07:19 AM   #246
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by psionl0 View Post
I can barely make out what you mean by "digital meddling". I have no idea what the article means when it uses the term.
Hacking. They're talking about hacking. "Digital meddling" in this context means hacking in any of its various forms and attack vectors. It is always about hacking.

tl;dr: Hacking


Originally Posted by psionl0 View Post
Nope.
"Multiple experts" means people who have knowledge and experience of a particular topic, specifically digital security and hacking in this context. Also, there are more than one of these people.


Originally Posted by psionl0 View Post
If you mean that the GOP can't do it then I agree.
I mean most of America can't do it without third-party help, which provides the vector needed for them to be fooled and negates the benefit of blockchain being transparent.


eta: Hacking
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 09:53 AM   #247
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by Upchurch View Post
Hacking. They're talking about hacking.
Says you.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 10:00 AM   #248
acbytesla
Penultimate Amazing
 
acbytesla's Avatar
 
Join Date: Dec 2012
Posts: 17,915
Originally Posted by psionl0 View Post
Says you.
Can you think of a different kind of 'digital meddling' ?
__________________
“ A wise man proportions his belief to the evidence. ”
― David Hume
acbytesla is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 10:40 AM   #249
paulhutch
Master Poster
 
Join Date: Mar 2010
Location: Blackstone River Valley, MA
Posts: 2,215

The hover text from https://xkcd.com/2030/: "There are lots of very smart people doing fascinating work on cryptographic voting protocols. We should be funding and encouraging them, and doing all our elections with paper ballots until everyone currently working in that field has retired."
paulhutch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 10:45 AM   #250
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by Upchurch View Post
Hacking. They're talking about hacking.
Originally Posted by psionl0 View Post
Says you.
Originally Posted by acbytesla View Post
Can you think of a different kind of 'digital meddling' ?
...uh, hrm. I can:
  • Photoshopping an image.
  • Rearranging the numbers on a keypad.
  • Pick-pocketing using your fingers.
  • Poking your toes in wet cement.

Of course, none of those make any sense in the context of an article referring to the security of voting via mobile phones.


eta: I'm still curious how "multiple experts" are vague and meaningless.
"experts" = people who are knowledgeable and experienced on a topic.
"multiple" = more than one of these ^
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.

Last edited by Upchurch; 8th August 2018 at 10:48 AM.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 10:54 AM   #251
beren
Graduate Poster
 
beren's Avatar
 
Join Date: Nov 2010
Location: Dallas, Tx
Posts: 1,125
Originally Posted by paulhutch View Post
https://imgs.xkcd.com/comics/voting_software.png
The hover text from https://xkcd.com/2030/: "There are lots of very smart people doing fascinating work on cryptographic voting protocols. We should be funding and encouraging them, and doing all our elections with paper ballots until everyone currently working in that field has retired."
Daaaaaamit. Ninjad.

Sent from my moto x4 using Tapatalk
__________________
Drive-by snark artist.
Deep thinker as long as I can do it quickly with minimal effort.
Band wagon pile-oner
beren is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 10:58 AM   #252
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by paulhutch View Post
Timely.

eta: Fun side story: I've been googling various online voting systems the last few days and most of my first page has, indeed, been companies selling voting software.

*grabs gloves*
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.

Last edited by Upchurch; 8th August 2018 at 11:11 AM.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 11:15 AM   #253
Mongrel
Begging for Scraps
 
Mongrel's Avatar
 
Join Date: Aug 2004
Location: 20 minutes in the future
Posts: 1,819
Originally Posted by WilliamSeger View Post
Vote From Your Phone? West Virginia To Test Blockchain-Based Voting In 2018 Election



Multiple experts say it's a bad idea, but the Republican Secretary of State thinks it's great, so they're going to use it. The ridiculous "digital vetting process" alone should have disqualified this system.
A bit more info at The Register article, including
Quote:
Meanwhile, Unix systems administrator David Gerard has picked apart Voatz's use of a private blockchain, which is basically not much more than a single-user append-only database.
. There are a lot of links within the article which are worth reading.
__________________
“Ignorance more frequently begets confidence than does knowledge: it is those who know little, and not those who know much, who so positively assert that this or that problem will never be solved by science.” - Charles Darwin

...like so many contemporary philosophers he especially enjoyed giving helpful advice to people who were happier than he was. - Tom Lehrer
Mongrel is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 12:49 PM   #254
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by psionl0 View Post
"Multiple experts" and "digital meddling" are so vague to be meaningless. Of course if the GOP is planning to use it they will stuff it up. If it is for military use then there should be a better system than "digital vetting".

Again, each voter will be able to see how their vote was recorded on the blockchain ("paper" trail or not) so it is up to the organizers to come up with a complaints procedure if a voter says that their vote was recorded incorrectly or not at all.
It still isn't transparent to most people, and is complex. Complex systems have more points of attack. With the system as used in the UK, the nature of any potential attack is understood and protected against, whilst it would only be limited in effect. Any attack has to involve lots of people at lots of polling stations and would rely on complete and secret control - which *is* practically impossible when the candidates have rights of inspection.

How many computer security issues have occurred due to an attack at the expected point? It's fairly easy to protect against a brute-force attack. But that's not the issue.

The term "meddling" is vague precisely because the nature of attacks on complex systems are often unpredictable, and often rely on social engineering or looking at the hardware via a Side-channel attack. By their very nature they are undetermined until discovered.

A state player would have a very strong incentive to try breaking any part of the system. Putting their candidates in power would obviously be great, but breaking the trust in the electoral system would also be good for a hostile power.

Entire elections could be compromised.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending

Last edited by jimbob; 8th August 2018 at 01:08 PM.
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 01:50 PM   #255
The_Animus
Master Poster
 
The_Animus's Avatar
 
Join Date: Nov 2006
Posts: 2,830
Quote:
Georgia defends voting system despite 243-percent turnout in one precinct
https://arstechnica.com/tech-policy/...-one-precinct/

Reminder that in Georgia when the results looked funny and information was requested they deleted the data and then deleted the backup data. There are also tons of cases of voters suddenly not being registered, having their votes not counted for unspecified reasons and who had polling places changed to across town in a building out of the way at the end of a dirt road.

Quote:
Russian operatives have "penetrated" some of Florida's election systems ahead of the 2018 midterms, Sen. Bill Nelson said Wednesday, adding new urgency about hacking.
https://www.tampabay.com/florida-pol...ction-systems/

I have very little hope for this country anymore
__________________
Straw Man, Ad Hominem, Moving the Goalposts, and a massive post count are all good indicators that a poster is intellectually dishonest and not interested in real discussion.

Feeding trolls only makes them stronger, yet it is so hard to refrain.
The_Animus is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 04:19 PM   #256
PhantomWolf
Penultimate Amazing
 
PhantomWolf's Avatar
 
Join Date: Mar 2007
Posts: 17,292
Originally Posted by paulhutch View Post
https://imgs.xkcd.com/comics/voting_software.png
The hover text from https://xkcd.com/2030/: "There are lots of very smart people doing fascinating work on cryptographic voting protocols. We should be funding and encouraging them, and doing all our elections with paper ballots until everyone currently working in that field has retired."
It's not really that Software Engineers are bad at their jobs, but rather the fact that if there were a lot of people who were at least as as good as the aerospace engineers that build planes, and the lift engineers that make lifts, constantly working to develop ways to get around the flight protocols and crash those planes, or to cause the lifts fail safes to fail and allow the lifts to drop, then you'd see a lot more aerospace engineers and plane designers taking trains, and elevator engineers taking the stairs.
__________________

It must be fun to lead a life completely unburdened by reality. -- JayUtah
I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question. -- Charles Babbage (1791-1871)

PhantomWolf is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 06:16 PM   #257
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by Upchurch View Post
eta: I'm still curious how "multiple experts" are vague and meaningless.
"experts" = people who are knowledgeable and experienced on a topic.
"multiple" = more than one of these ^
It's in the same category as "studies have shown . . . . .".

Without a name, without an opportunity to examine their creds and without knowing exactly what they have said, I am justified in assuming that it is a LIE.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 8th August 2018, 08:00 PM   #258
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by psionl0 View Post
It's in the same category as "studies have shown . . . . .".

Without a name, without an opportunity to examine their creds and without knowing exactly what they have said, I am justified in assuming that it is a LIE.
I see.

You’ve admitted that online voting won’t work, at least not yet. Why would CNN lie about sources when security experts would confirm what they're reporting?

Anyway, it’s not a lie. A quick google easily finds a few articles where security experts tell CNN that online voting is a horrible idea, just like they said in the article:
https://money.cnn.com/2018/05/08/tec...tem/index.html
https://www.cnn.com/2011/11/08/tech/...ing/index.html
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 9th August 2018, 06:47 AM   #259
paulhutch
Master Poster
 
Join Date: Mar 2010
Location: Blackstone River Valley, MA
Posts: 2,215
Originally Posted by PhantomWolf View Post
It's not really that Software Engineers are bad at their jobs, but rather the fact that if there were a lot of people who were at least as as good as the aerospace engineers that build planes, and the lift engineers that make lifts, constantly working to develop ways to get around the flight protocols and crash those planes, or to cause the lifts fail safes to fail and allow the lifts to drop, then you'd see a lot more aerospace engineers and plane designers taking trains, and elevator engineers taking the stairs.
Very true.

However despite security failures being a continuously repeating problem in software systems for 4+ decades they are still a nearly daily occurrence. Of course then there's the backlash when a company improves security and the user base screams bloody murder because it's slightly less convenient. Frankly software engineers, myself included, are stuck between a rock and a hard place. Which is why although I agree on the over simplification of the comic strip I do believe strongly that electronic voting is still a very long way from being secure enough to rely on.
paulhutch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 9th August 2018, 07:08 AM   #260
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by paulhutch View Post
Very true.

However despite security failures being a continuously repeating problem in software systems for 4+ decades they are still a nearly daily occurrence. Of course then there's the backlash when a company improves security and the user base screams bloody murder because it's slightly less convenient. Frankly software engineers, myself included, are stuck between a rock and a hard place. Which is why although I agree on the over simplification of the comic strip I do believe strongly that electronic voting is still a very long way from being secure enough to rely on.
I reiterate:
Originally Posted by Upchurch View Post
There is a line from Harry Potter that I always thought summed up computer security perfectly:
Quote:
The Prime Minister gazed hopelessly at the pair of them for a moment, then the words he had fought to suppress all evening burst from him at last.
“But for heaven’s sake — you’re wizards! You can do magic! Surely you can sort out — well — anything!”
Scrimgeour turned slowly on the spot and exchanged an incredulous look with Fudge, who really did manage a smile this time as he said kindly, “The trouble is, the other side can do magic too, Prime Minister.”
From Harry Potter and the Half-Blood Prince, Chapter 1 - "The Other Minister"
No matter how many very smart, very talented people and money we throw at solving the problem of electronic voting. There will always be very smart, very talented people and money thrown at hacking that electronic voting system. They don't even have to own the whole system, just enough to get the desired outcome. The ROI is too high and the bar for success is very low.
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 9th August 2018, 01:41 PM   #261
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by psionl0 View Post
Good questions.

If blocks were added to the chain at the bitcoin rate of one every 10 minutes then depending on how many votes were stored in a block, we could be looking at years to build the complete chain and this would be totally unacceptable. If there were (say) one blockchain for each electoral district then that would solve the time problem.

A 51% attack would make it possible for votes to be prevented from being added to the block chain. I don't really have a satisfactory answer to this ATM (but see below). I guess that this is like the originating computer malware problem.

At the end of the day, if individuals examine the blockchain and find that their vote is missing or incorrect then they would need an avenue to complain and have action taken.


Yes, I described the "proof of work" model which can be considered a competitive model.

The other main method is known as "consensus" (as used in Ripple and Stellar). This can be considered a cooperative model. In this system, each node goes through several rounds of voting to decide which electoral votes get added to a block. If an electoral vote misses out then it gets considered for the next block.

Since it takes a matter of seconds to add a new block to the chain and there is no limit to how many electoral votes can be included (other than the time restraint) the time to complete the blockchain is considerably reduced.

I am not aware of any weaknesses in this system (but there are probably some).
If the electronic systems are subverted, what is to stop them adding a few votes from people who didn't bother to vote?

Such people are unlikely to check that their vote hadn't been cast. Adding say, 2% to one side across the nation would probably be quite effective and pretty hard to detect.

If you just wanted chaos, then you could be more overt. Spear phishing would also be viable.

The attacks would not be where the system is strong, they would be where it is weak.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 9th August 2018, 05:08 PM   #262
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by jimbob View Post
If the electronic systems are subverted, what is to stop them adding a few votes from people who didn't bother to vote?
It's the same reason why somebody can't spend money from somebody else's bitcoin wallet.

Each wallet or voting card holder had a private key and a public key. Whenever they do a transaction or a vote, they have to digitally "sign" the transaction/vote using their private key. Anybody who knows the public key may determine if the transaction/vote was signed with the correct private key (without knowing what the private key is). If a node finds that the private key is incorrect then the transaction/vote will not get onto the blockchain.

So any vote tampering has to be done on the source computer itself. This is the one that is storing the actual wallet/vote. It is true that if the computer is malware infected then it could do a vote without the human's input. Bitcoin users are constantly warned not to leave unsecured wallets stored on their computers for this reason.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 9th August 2018, 11:18 PM   #263
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by psionl0 View Post
It's the same reason why somebody can't spend money from somebody else's bitcoin wallet.

Each wallet or voting card holder had a private key and a public key. Whenever they do a transaction or a vote, they have to digitally "sign" the transaction/vote using their private key. Anybody who knows the public key may determine if the transaction/vote was signed with the correct private key (without knowing what the private key is). If a node finds that the private key is incorrect then the transaction/vote will not get onto the blockchain.

So any vote tampering has to be done on the source computer itself. This is the one that is storing the actual wallet/vote. It is true that if the computer is malware infected then it could do a vote without the human's input. Bitcoin users are constantly warned not to leave unsecured wallets stored on their computers for this reason.
We are talking about state-level interference in an election. Malware would be used in such a situation.

The public signature only tells you that the private key agrees with the signature. What is to stop a compromised system from creating voters that only exist in their database, and all of whom have valid public keys?



Of course that might happen in ion the UK, but what happens in that system? You get a load of aliases, and go in person to vote. There are a few hundred voters for each polling station - say 2000 for a large polling station. By the time you have voted three or four times, the people in the polling station will be getting a bit suspicious. And you have only cast three or four votes.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 03:37 AM   #264
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by jimbob View Post
What is to stop a compromised system from creating voters that only exist in their database, and all of whom have valid public keys?
It's not like bitcoin where you can create a new wallet at the click of a button. Part of the validation process would include verifying that the public key is the same as that assigned to the voter by the electoral office (yes, I know that the electoral office is likely to cut corners).

The only thing that can be done is to steal a person's vote and that is only possible if the computer is infected or doesn't have enough security against spyware.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 04:10 AM   #265
Mongrel
Begging for Scraps
 
Mongrel's Avatar
 
Join Date: Aug 2004
Location: 20 minutes in the future
Posts: 1,819
Originally Posted by psionl0 View Post
It's the same reason why somebody can't spend money from somebody else's bitcoin wallet.
Which would be fine if you didn't see so many stories about peoples wallets being compromised.
http://fortune.com/2018/02/14/bitcoi...-wallet-hack/#
http://www.itpro.co.uk/digital-curre...sh-15-year-old
https://www.digitaltrends.com/comput...mcafee-wallet/
https://cryptodaily.co.uk/2018/08/ha...-bitcoin-hack/

There are many more, that was just from the first page of a Google search but to say blockchain is totally secure is naive\optimistic\foolish (pick whichever apply)

From that last article;
Quote:
Bitcoin hacks are seemingly more and more sophisticated by the day. I see it like this, for every ‘level up’ the technology industry reaches, the criminal underworld seem to get a multiplier and level up twice as fast. Hackers are always two steps ahead of the game.
.

Originally Posted by psionl0 View Post
So any vote tampering has to be done on the source computer itself. This is the one that is storing the actual wallet/vote. It is true that if the computer is malware infected then it could do a vote without the human's input. Bitcoin users are constantly warned not to leave unsecured wallets stored on their computers for this reason.
Don't forget sometimes, no matter how much you've protected your system, you can get infected by Malware. As with most aspects of security all you can do is have a 'best practice' to reduce the chances of infection, the security companies are mostly reactive and have to wait for the more 'innovative' attacks before they can work out how to stop them.

https://www.theregister.co.uk/2018/0..._their_intent/
https://www.theregister.co.uk/2018/0...twork_malware/ (This is the scary one)

So people who have real reasons (money) to protect their wallets still have sub-optimal practices and lose control of their wallets. Handwaving away a $23.6 billion industry to make your idea feasible means your idea probably isn't feasible.
Some people on this forum have gone through a process of "How can I stop getting malware infections" and opted to go the Mac route rather than go through the hassle of protecting their PC.
Oh, I use my Mother as a metric for "User" and find the expected competence level for "Oh, you've just got to make sure X happens" is worryingly high.
__________________
“Ignorance more frequently begets confidence than does knowledge: it is those who know little, and not those who know much, who so positively assert that this or that problem will never be solved by science.” - Charles Darwin

...like so many contemporary philosophers he especially enjoyed giving helpful advice to people who were happier than he was. - Tom Lehrer
Mongrel is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 04:35 AM   #266
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by psionl0 View Post
Part of the validation process would include verifying that the public key is the same as that assigned to the voter by the electoral office (yes, I know that the electoral office is likely to cut corners).
Or it can be compromised. Or it can be spoofed. Or any other number of attack vectors.

Originally Posted by psionl0 View Post
The only thing that can be done is to steal a person's vote and that is only possible if the computer is infected or doesn't have enough security against spyware.
Or is phished. Or is tricked into a spoofed system. Or any other number of attack vectors.
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 06:07 AM   #267
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by psionl0 View Post
It's not like bitcoin where you can create a new wallet at the click of a button. Part of the validation process would include verifying that the public key is the same as that assigned to the voter by the electoral office (yes, I know that the electoral office is likely to cut corners).

The only thing that can be done is to steal a person's vote and that is only possible if the computer is infected or doesn't have enough security against spyware.
Yes and how does that prevent a compromised electoral office system creating phantom voters?
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 07:37 AM   #268
WilliamSeger
Illuminator
 
WilliamSeger's Avatar
 
Join Date: Nov 2006
Posts: 3,390
Originally Posted by psionl0 View Post
It's not like bitcoin where you can create a new wallet at the click of a button. Part of the validation process would include verifying that the public key is the same as that assigned to the voter by the electoral office (yes, I know that the electoral office is likely to cut corners).

The only thing that can be done is to steal a person's vote and that is only possible if the computer is infected or doesn't have enough security against spyware.

No, the easiest way to steal votes would be to trick voters into logging in to a bogus system to vote.

ETA: and even if that were the "only possible" way, it would be enough to disqualify such a system.

Last edited by WilliamSeger; 10th August 2018 at 07:41 AM.
WilliamSeger is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 09:10 AM   #269
Leftus
Muse
 
Join Date: Sep 2007
Posts: 820
Originally Posted by WilliamSeger View Post
No, the easiest way to steal votes would be to trick voters into logging in to a bogus system to vote.

ETA: and even if that were the "only possible" way, it would be enough to disqualify such a system.
Steal their IDs, register to vote for them. Given the low turnout, most of them won't even notice. Most of that data is already out there. See the Equifax breach for an example.
Leftus is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 09:23 AM   #270
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by Leftus View Post
Steal their IDs, register to vote for them. Given the low turnout, most of them won't even notice. Most of that data is already out there. See the Equifax breach for an example.
And, just to head off the obvious counter argument, yes, you could do this with paper voting as well. The problem is, you need far more people to pull it off. If one guy keeps getting back into line to vote over and over, poll workers are probably going to pick up on it.

Online, all you need is one person with a botnet to do the thing.
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 09:30 AM   #271
WilliamSeger
Illuminator
 
WilliamSeger's Avatar
 
Join Date: Nov 2006
Posts: 3,390
Originally Posted by Upchurch View Post
And, just to head off the obvious counter argument, yes, you could do this with paper voting as well. The problem is, you need far more people to pull it off. If one guy keeps getting back into line to vote over and over, poll workers are probably going to pick up on it.

Online, all you need is one person with a botnet to do the thing.

… with virtually no chance of ever being arrested. There has to be a high risk from cheating or many will attempt it.
WilliamSeger is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 09:42 AM   #272
psionl0
Skeptical about skeptics
 
psionl0's Avatar
 
Join Date: Sep 2010
Location: 31°57'S 115°57'E
Posts: 12,933
Originally Posted by jimbob View Post
Yes and how does that prevent a compromised electoral office system creating phantom voters?
Administrative weaknesses are a separate issue to the question of technical feasibility.

Originally Posted by WilliamSeger View Post
No, the easiest way to steal votes would be to trick voters into logging in to a bogus system to vote.
You are clearly posting about a completely different system of electronic voting.
__________________
"The process by which banks create money is so simple that the mind is repelled. Where something so important is involved, a deeper mystery seems only decent." - Galbraith, 1975
psionl0 is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 09:55 AM   #273
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by psionl0 View Post
Administrative weaknesses are a separate issue to the question of technical feasibility.


You are clearly posting about a completely different system of electronic voting.
No they are not a separate issue, when such a weakness would not be a significant problem with the alternative due to the massive manpower that would be needed on the day to significantly exploit such a compromised electoral register.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 09:56 AM   #274
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Originally Posted by psionl0 View Post
Administrative weaknesses are a separate issue to the question of technical feasibility.
Technical feasibility is trivial, if you don't care about technical weaknesses.


Originally Posted by psionl0 View Post
You are clearly posting about a completely different system of electronic voting.
Spoofing. WilliamSeger is talking about spoofing.
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.

Last edited by Upchurch; 10th August 2018 at 10:02 AM.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 10:03 AM   #275
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by Upchurch View Post
Technical feasibility is trivial, if you don't care about technical weaknesses.



Spoofing. WilliamSeger is talking about spoofing.
Yes, our systems are robust as long as bad actors avoid attacking their weak points.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 10:07 AM   #276
phunk
Illuminator
 
phunk's Avatar
 
Join Date: Aug 2007
Posts: 3,737
Originally Posted by psionl0 View Post
You are clearly posting about a completely different system of electronic voting.
Not really. To use the system you propose, people need to get registered with the system to get their keys. Phishing attacks can steal votes at that time by getting people to register with a fake system, then using their stolen info to register with the real one.
phunk is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 10:13 AM   #277
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
I am sure that blockchain is very elegant and with many useful applications. However it only addresses one aspect of the requirements for a suitable voting system.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 10:15 AM   #278
Upchurch
Papa Funkosophy
 
Upchurch's Avatar
 
Join Date: May 2002
Location: St. Louis, MO
Posts: 30,835
Hell, if we don't care about security, Survey Monkey is a technically feasible method of national online voting. We could have it ready in an hour or so, depending on how you feel about typos.
__________________
"There is nothing more deceptive than an obvious fact." -- Sherlock Holmes.
"It’s easier to fool people than to convince them that they have been fooled." -- Mark Twain, maybe.
Upchurch is online now   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 10:21 AM   #279
LSSBB
Devilish Dictionarian
 
LSSBB's Avatar
 
Join Date: Oct 2011
Location: An elusive house at Bachelors Grove Cemetery
Posts: 17,693
Originally Posted by jimbob View Post
I am sure that blockchain is very elegant and with many useful applications. However it only addresses one aspect of the requirements for a suitable voting system.
I can put a turbo on my lawn tractor.

It's still a lawn tractor.
__________________
"You must not let your need to be right be more important than your need to find out what's true." - Ray Dalio, Principles
LSSBB is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Old 10th August 2018, 10:29 AM   #280
jimbob
Uncritical "thinker"
 
jimbob's Avatar
 
Join Date: Jan 2007
Location: UK
Posts: 18,194
Originally Posted by Upchurch View Post
Technical feasibility is trivial, if you don't care about technical weaknesses.



Spoofing. WilliamSeger is talking about spoofing.
Originally Posted by phunk View Post
Not really. To use the system you propose, people need to get registered with the system to get their keys. Phishing attacks can steal votes at that time by getting people to register with a fake system, then using their stolen info to register with the real one.
And that is only one approach, albeit the one that requires almost zero technical knowledge of the system implementation.

If you have the resources, or are, say the people running the election, then a blockchain system is easy to set up to give the "desired" results with little chance of detection.

Paper elections can be monitored by independent observers.
__________________
OECD healthcare spending
Expenditure on healthcare
http://www.oecd.org/els/health-systems/health-data.htm
link is 2015 data (2013 Data below):
UK 8.5% of GDP of which 83.3% is public expenditure - 7.1% of GDP is public spending
US 16.4% of GDP of which 48.2% is public expenditure - 7.9% of GDP is public spending
jimbob is offline   Quote this post in a PM   Nominate this post for this month's language award Copy a direct link to this post Reply With Quote Back to Top
Reply

International Skeptics Forum » General Topics » USA Politics

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -7. The time now is 09:15 AM.
Powered by vBulletin. Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.

This forum began as part of the James Randi Education Foundation (JREF). However, the forum now exists as
an independent entity with no affiliation with or endorsement by the JREF, including the section in reference to "JREF" topics.

Disclaimer: Messages posted in the Forum are solely the opinion of their authors.