The 2020 US elections were a reality check for how fragile the legitimacy of elections really is. This is something that paper ballot advocates have been beating the drum on for decades, even before Bush v Gore.

In much of the world, elections are carried out by voters hand-marking paper ballots that they place in ballot boxes whose chain of custody and tallying are observed by representatives from political parties. This works in rural, urban, dense and remote places.

1/

The US, however, has a bizarre love-affair with glitchy and poorly secured voting machines, despite the fact a) we shouldn't use voting machines AT ALL, and b) we REALLY shouldn't use THESE voting machines.

media.defcon.org/DEF%20CON%202

2/

Show thread

The manufactured controversy over Dominion is only possible because all voting machines are flaming garbage piles. Yes, there's no Dominion hack that would have changed the outcome, but the deserved disrepute of the whole sector is the only reason we're talking about it.

In a move that's totally on-brand for 2020, cryptocurrency advocates are now promoting the idea that rather than moving to hand-marked paper ballots, we should just put it all on the blockchain. This is a terrible idea.

3/

Show thread

As Matt Blaze says:

* It doesn't solve any problems civil elections actually have.

* It's basically incompatible with "software independence", considered an essential property

* It can make ballot secrecy difficult or impossible.

twitter.com/mattblaze/status/1

4/

Show thread

If that's too terse for you, try this MIT paper on the inability of blockchain to make voting more secure (co-authored by Ron Rivest, the "R" in RSA): "Going from Bad to Worse: From Internet Voting to Blockchain Voting."

people.csail.mit.edu/rivest/pu

They recap the five criteria for an "evidence-based election":

I. Ballot secrecy

II. Software independence

III. Voter-verifiable ballots

IV. Contestability

V. Auditability

5/

Show thread

From there, they discuss how blockchain either fails to satisfy these requirements or actually worsens the problems of existing touchscreen and internet voting systems.

One thing to understand about internet-based voting is that it is subject to attacks that are both SCALABLE (one attacker can change a LOT of votes) and UNDETECTABLE (you can't be sure if the attack has taken place).

6/

Show thread

This is true of all internet-based voting, including blockchain voting. Attackers can compromise users' devices, vote tallying software, "or any other systems that the device relies upon to cast the vote."

There have been numerous theoretical attempts to address this in internet voting, like zero-knowledge systems and coercion resistance - but all of these are complex, with extensive attack surfaces, and all rely on users' devices not being compromised.

7/

Show thread

Blockchain voting introduces new problems over the baseline problems of all internet voting systems: the fact that a lost key means a lost vote, for example. And permissioned blockchains just make the problem worse, by making it harder for voters to validate their votes.

8/

Show thread

The authors point out that all existing blockchain-based voting systems do not require ballot secrecy, an ironclad requirement of electoral voting, and that nonsecret voting challenges are completely different to those in a secret ballot.

9/

Show thread

But in case you're not convinced by all of that, the authors finish the paper with an appendix of questions that any blockchain-based electoral voting system should be able to answer. It's a good check against the wishful thinking of internet OR blockchain voting.

10/

Show thread

Right after last month's elections, a number of smart people who aren't technologists said, "This uncertainty and chaos is unacceptable! We have to put all of this on the internet!" They were and are very, very wrong (sorry, my dudes).

The US voting system is a clusterfuck BECAUSE of technology. The way to fix it is to replace all that tech with paper, pencils, and scrutineers - not to add more tech. As we say in computing circles, "Then you'd have TWO problems."

11/

Show thread
Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.