2030: "Voting Software"

This forum is for the individual discussion thread that goes with each new comic.

Moderators: Moderators General, Prelates, Magistrates

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3721
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

2030: "Voting Software"

Postby Soupspoon » Wed Aug 08, 2018 5:19 pm UTC

Image
Title text: There are lots of very smart people doing fascinating work on cryptographic voting protocols. We should be funding and encouraging them, and doing all our elections with paper ballots until everyone currently working in that field has retired.

How do you +1 a comic for topicality? Without it changing to a vote for Jeb Bush?

Mutex
Posts: 1388
Joined: Wed Jan 09, 2008 10:32 pm UTC

Re: 2030: "Voting Software"

Postby Mutex » Wed Aug 08, 2018 5:24 pm UTC

Just write it in Rust, then it'll be secure.

qvxb
Posts: 158
Joined: Mon Sep 19, 2016 10:20 pm UTC

Re: 2030: "Voting Software"

Postby qvxb » Wed Aug 08, 2018 5:42 pm UTC

Many blame faulty voting software for the election of President Maurice Povich.

User avatar
CardcaptorRLH85
Posts: 15
Joined: Wed Feb 27, 2013 6:06 am UTC

Re: 2030: "Voting Software"

Postby CardcaptorRLH85 » Wed Aug 08, 2018 5:47 pm UTC

I voted on a paper ballot yesterday...and then slid that piece of paper into a scanner that detects the bubbles I filled in, looks for over/under votes (informs me of those if I want to declare my ballot spoiled and try again), tabulates the votes on a memory card, and finally stores the piece of paper in a locked box where it won't be seen again unless either the scanner breaks (this happened at a number of precincts in Detroit during the 2016 Presidential election and was why Michigan took so long) or there's a recount needed which requires counting the actual paper ballots.

We've been using this system in Michigan since 2003 (the year I turned 18) and we replaced the scanners this year after the 2016 fiasco since they were clearly getting a bit old (yesterday was my first time using the new one).

Concerning the alt-text, I actually like some of those verifiable cryptographic voting methods that are being worked on. Those methods even get rid of the danger of basic vote counting fraud. The voter can verify that their vote was counted correctly but there's no way to prove to someone outside of the booth who you voted for. Also, it becomes impossible to alter the counts afterward without causing the entire set of votes from a machine/precinct to fail a cryptographic check.

SuicideJunkie
Posts: 345
Joined: Sun Feb 22, 2015 2:40 pm UTC

Re: 2030: "Voting Software"

Postby SuicideJunkie » Wed Aug 08, 2018 5:55 pm UTC

Software development is like juggling chainsaws, but with loops and recursion.

So maybe actually more like juggling rabid tribble/velociraptor hybrids.

User avatar
MartianInvader
Posts: 796
Joined: Sat Oct 27, 2007 5:51 pm UTC

Re: 2030: "Voting Software"

Postby MartianInvader » Wed Aug 08, 2018 6:29 pm UTC

Even if someone invents an actually secure voting method, whatever company makes the voting machines will probably implement only half of it to save costs, leaving it vulnerable. Plus they'll insert a couple backdoors just in case they need to use them, and they'll use compiler software they bought from Russia because it was a quarter the price.
Let's have a fervent argument, mostly over semantics, where we all claim the burden of proof is on the other side!

richP
Posts: 190
Joined: Wed Aug 17, 2011 3:28 pm UTC

Re: 2030: "Voting Software"

Postby richP » Wed Aug 08, 2018 6:37 pm UTC

CardcaptorRLH85 wrote:I voted on a paper ballot yesterday...and then slid that piece of paper into a scanner that detects the bubbles I filled in, looks for over/under votes (informs me of those if I want to declare my ballot spoiled and try again), tabulates the votes on a memory card, and finally stores the piece of paper in a locked box where it won't be seen again unless either the scanner breaks (this happened at a number of precincts in Detroit during the 2016 Presidential election and was why Michigan took so long) or there's a recount needed which requires counting the actual paper ballots.
...

MN uses the same or a very similar system. In MN the Secretary of State will also randomly hand-recount a certain percentage of precincts every year regardless of the reported outcome in any of the races.
I represented a candidate in a hand-recount a few years back. I was absolutely amazed at the accuracy when compared to the machine count. We had zero challenged ballots and zero changed ballots. Maybe our precinct's voters were used to Scantron tests in school and we just very good at filling in bubbles.

User avatar
Diadem
Posts: 5654
Joined: Wed Jun 11, 2008 11:03 am UTC
Location: The Netherlands

Re: 2030: "Voting Software"

Postby Diadem » Wed Aug 08, 2018 7:20 pm UTC

I loved this comic. One of those instant classics.

As a software engineer, the idea of software so bad you have to wear gloves the handle the medium its stored really hit home.

I see an awesome practical joke here too, to put on gloves and safety goggles the next time I have to review code from a colleague.
It's one of those irregular verbs, isn't it? I have an independent mind, you are an eccentric, he is round the twist
- Bernard Woolley in Yes, Prime Minister

User avatar
Old Bruce
Posts: 174
Joined: Tue Jun 28, 2016 2:27 pm UTC

Re: 2030: "Voting Software"

Postby Old Bruce » Wed Aug 08, 2018 7:44 pm UTC

Diadem wrote:I loved this comic. One of those instant classics.

As a software engineer, the idea of software so bad you have to wear gloves the handle the medium its stored really hit home.

I see an awesome practical joke here too, to put on gloves and safety goggles the next time I have to review code from a colleague.

I must go to near full on pedant and point out that it would be an inside joke or a sight gag. But you are in an enviable position if you have the intestinal fortitude to pull it off with a straight face and do so consitantly. Perhaps use it with just one person's work and have them in on it, they could bring the gloves to you or something.
Totally awesome though, an internets will be awarded if you do do it.

RogueCynic
Posts: 390
Joined: Sun Nov 22, 2009 10:23 pm UTC

Re: 2030: "Voting Software"

Postby RogueCynic » Wed Aug 08, 2018 7:46 pm UTC

The comic would have worked for me if they finished at the last panel. Still good though.
I am Lord Titanius Englesmith, Fancyman of Cornwood.
See 1 Kings 7:23 for pi.
If you put a prune in a juicer, what would you get?

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26533
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: 2030: "Voting Software"

Postby gmalivuk » Wed Aug 08, 2018 8:27 pm UTC

They did finish at the last panel, though. Like, by definition.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
Archgeek
Posts: 205
Joined: Wed May 02, 2007 6:00 am UTC
Location: Central US
Contact:

Re: 2030: "Voting Software"

Postby Archgeek » Wed Aug 08, 2018 8:35 pm UTC

CardcaptorRLH85 wrote:I voted on a paper ballot yesterday...and then slid that piece of paper into a scanner that detects the bubbles I filled in, looks for over/under votes (informs me of those if I want to declare my ballot spoiled and try again), tabulates the votes on a memory card, and finally stores the piece of paper in a locked box where it won't be seen again unless either the scanner breaks (this happened at a number of precincts in Detroit during the 2016 Presidential election and was why Michigan took so long) or there's a recount needed which requires counting the actual paper ballots.

We've been using this system in Michigan since 2003 (the year I turned 18) and we replaced the scanners this year after the 2016 fiasco since they were clearly getting a bit old (yesterday was my first time using the new one).

Concerning the alt-text, I actually like some of those verifiable cryptographic voting methods that are being worked on. Those methods even get rid of the danger of basic vote counting fraud. The voter can verify that their vote was counted correctly but there's no way to prove to someone outside of the booth who you voted for. Also, it becomes impossible to alter the counts afterward without causing the entire set of votes from a machine/precinct to fail a cryptographic check.


This fellow on the tweetzone actually managed to pop open the back of one with a spudger, revealing a phone modem and a dang PCMCIA slot. Worse, this direct memory address access can write to the board's battery controller, which for some reason has a few megs of free space on it. A weird and very hard to check place to store malicious shenanigans designed to hitch a ride to the central datacentre and mess up the results after everything else is already verified.

SuicideJunkie wrote:Software development is like juggling chainsaws, but with loops and recursion.

So maybe actually more like juggling rabid tribble/velociraptor hybrids.

Loops and recursion...ah, so like juggling chainsaw factory factories that are churning out operating chainsaw factories, all while balancing on a ball that keeps getting swapped out for a different ball at irregular intervals?
"That big tube down the side was officially called a "systems tunnel", which is aerospace contractor speak for "big tube down the side."

RogueCynic
Posts: 390
Joined: Sun Nov 22, 2009 10:23 pm UTC

Re: 2030: "Voting Software"

Postby RogueCynic » Wed Aug 08, 2018 9:05 pm UTC

gmalivuk wrote:They did finish at the last panel, though. Like, by definition.


Sorry, I meant the third panel.
I am Lord Titanius Englesmith, Fancyman of Cornwood.
See 1 Kings 7:23 for pi.
If you put a prune in a juicer, what would you get?

Mikeski
Posts: 1044
Joined: Sun Jan 13, 2008 7:24 am UTC
Location: Minnesota, USA

Re: 2030: "Voting Software"

Postby Mikeski » Wed Aug 08, 2018 10:58 pm UTC

RogueCynic wrote:The comic would have worked for me if they finished at the last panel. Still good though.

RogueCynic wrote:
gmalivuk wrote:They did finish at the last panel, though. Like, by definition.

Sorry, I meant the third panel.

During the recount, we found these comments to represent an overvote. We're throwing them out.

(1000 comments! I need a life!)

anathae
Posts: 1
Joined: Wed Aug 08, 2018 11:34 pm UTC

Re: 2030: "Voting Software"

Postby anathae » Wed Aug 08, 2018 11:38 pm UTC

How do I upvote this? The comic.

mishka
Posts: 49
Joined: Mon Mar 28, 2011 3:47 am UTC

Re: 2030: "Voting Software"

Postby mishka » Thu Aug 09, 2018 12:52 am UTC


User avatar
orthogon
Posts: 3006
Joined: Thu May 17, 2012 7:52 am UTC
Location: The Airy 1830 ellipsoid

Re: 2030: "Voting Software"

Postby orthogon » Thu Aug 09, 2018 12:34 pm UTC

Do I take it that the pairs-programming paradigm also extends to press interviews?
xtifr wrote:... and orthogon merely sounds undecided.

marsilies
Posts: 17
Joined: Thu May 10, 2012 3:56 am UTC

Re: 2030: "Voting Software"

Postby marsilies » Thu Aug 09, 2018 1:02 pm UTC

To be fair, airplanes and elevators had a lot of safety issues at first, which they've been able to iron out in the intervening decades, and "computerized voting" is an entirely new field.

We tend to thing of "software" as this conglomerate, when in reality each piece of software is it's own animal. Being a software engineer is like being an elevator engineer when the materials used to build an elevator change every few years, along with the machines that build them. And then you have to deal with ever shifting project goals like "we'd like the elevator to go sideways now, and between buildings."

Engineer: You mean, like a car?
Project Manager: That's right. What's the problem, it's just an elevator with wheels, right?

Plus, airplane and elevator engineers don't have to deal with people deliberately trying to tamper and break them from thousands of miles away.

User avatar
Shamino
Posts: 29
Joined: Wed May 16, 2012 2:02 pm UTC

Re: 2030: "Voting Software"

Postby Shamino » Thu Aug 09, 2018 1:52 pm UTC

There are plenty of very secure algorithms to make sure that each registered account only votes once. That part is easy.

The hard part is making sure that the person casting the vote is the the actual owner of the registered account. There's no way to prove that electronically. And it's massively politically incorrect to suggest that it be done through any other mechanism

And you can be certain that malware and phishing attacks will allow all kinds of crooks to get access to login credentials, no matter how secure the server might be. You can be certain that if some popup ad on a web page said "give me your voting credentials in exchange for a $1 Amazon gift card", millions of people would do it. And then complain to the press when they find that they can't vote because someone else already did it using their account.

Case in point, there have been "viruses" distributed in the form of encrypted zip files (to avoid detection by scanners), where the body of the associated e-mail includes instructions for how to unpack it and manually install the virus. These things spread quite a lot, proving that people are stupid enough to fall for literally anything.

These days, I think people are dumb enough to fall for a "manual virus" - an e-mail that has no active content but tells the reader to forward it to everybody in their address book and then reformat their own hard drive.

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3721
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 2030: "Voting Software"

Postby Soupspoon » Thu Aug 09, 2018 2:23 pm UTC

Shamino wrote:These days, I think people are dumb enough to fall for a "manual virus" - an e-mail that has no active content but tells the reader to forward it to everybody in their address book and then reformat their own hard drive.

The old ones are the oldest. (Note that it'd only half work, if done properly.)

((And, seriously, warning against it? It's an excellent introduction to the mechanism, to any remaining Eternal September inductees yet to get a clue-by-four, that acts as a effective inoculant against a live virus… And just about everyone else is as smart or as dumb as they were going to be before they got this.))

(((PPPS: If the Thing From The Encrypted Zip gets past the realtime scanner (or there isn't a real-time scanner, or the receiver has happily disabled/exceptionalised the real-time scanner) and gets to do its thing, there's problems other than any mail-gateway-level AV being unable to check it.)))

hamjudo
Posts: 100
Joined: Wed Feb 16, 2011 6:56 pm UTC

Re: 2030: "Voting Software"

Postby hamjudo » Thu Aug 09, 2018 4:20 pm UTC

Diadem wrote: As a software engineer, the idea of software so bad you have to wear gloves the handle the medium its stored really hit home.

I see an awesome practical joke here too, to put on gloves and safety goggles the next time I have to review code from a colleague.


When I was about twenty, I sometimes wore a hardhat while programming. It was a safety thing. The code kept blowing up.

User avatar
rhhardin
Posts: 69
Joined: Fri Apr 09, 2010 2:11 pm UTC

Re: 2030: "Voting Software"

Postby rhhardin » Thu Aug 09, 2018 4:21 pm UTC

You can't have secure voting software. The incentive to corrupt it is too great, so it will be corrupted.

The method of corruption is in Ken Thompson's Turing Lecture. Even if you have all the source code, and are perfect at formally verifying it, you can't trust it, because you have to secure the compiler too. And if you secure that, you have to secure the assembler and microcode and the microcode compiler software, which in turn depends on another compiler, and so forth.

https://www.archive.ece.cmu.edu/~ganger ... ompson.pdf

hamjudo
Posts: 100
Joined: Wed Feb 16, 2011 6:56 pm UTC

Re: 2030: "Voting Software"

Postby hamjudo » Thu Aug 09, 2018 4:54 pm UTC

Shamino wrote:The hard part is making sure that the person casting the vote is the the actual owner of the registered account. There's no way to prove that electronically. And it's massively politically incorrect to suggest that it be done through any other mechanism

... And then complain to the press when they find that they can't vote because someone else already did it using their account.


It is a rare election where stealing just one vote would be significant. If hundreds of people who don't know each other claim that their voting credentials were used without their permission, then an independent press which values truth will take notice.

If a randomly selected 3% of voters lose their votes, then more than half of voters will personally know someone who lost their vote. Even complete control of the press won't hide that level of manipulation.

If people can easily see whose votes were counted and when, then in a large election it will become obvious pretty quickly if someone is using otherwise unused votes at the end of election day. In the US, around 80 people a day die in auto accidents. Far more end up in the hospital. It is pretty obvious that votes cast while the voter was demonstratedly dead, in surgery, unconscious while surrounded by their close family, otherwise obviously not in a condition to cast their own vote, are cases of voter fraud.

We don't need voter ID if we have easy to audit voter registration and a public record of who voted.

Schadrach
Posts: 2
Joined: Thu Jun 08, 2017 7:22 pm UTC

Re: 2030: "Voting Software"

Postby Schadrach » Thu Aug 09, 2018 5:28 pm UTC

My state is actually doing a limited pilot of a blockchain-based mobile voting software this year. Limited only to military service who are deployed, and they can still opt to use a paper absentee ballot should they prefer. The idea is that they store a copy of your government ID, have you take a selfie for facial recognition, then record your vote on blockchain.

So at least it will be small scale enough to limit any damage.

On the one hand, blockchain seems like a good way to ensure that the recorded votes are both tamper-proof and public record. On the other, proving that they were actually *added to* the blockchain correctly is another matter entirely without being able to prove who you voted for (which in turn opens up vote coercion), whatever server they are keeping the IDs on is a damn jackpot for identity thieves, and I doubt their facial recognition is perfect (though it's probably better than the security at our actual polling places -- seriously, before we added our very broad voter ID law it was literally just tell them who you are and they recorded that that person had voted and would only find an issue if you had already voted at that location).

Schadrach
Posts: 2
Joined: Thu Jun 08, 2017 7:22 pm UTC

Re: 2030: "Voting Software"

Postby Schadrach » Thu Aug 09, 2018 5:42 pm UTC

rhhardin wrote:You can't have secure voting software.


I mean you *could*, but it would have to produce a verifiable and human readable paper trail and be subject to routine random auditing to ensure that it is behaving as expected, whether error is a result of design flaw or malice. Something like check 5% of polling locations, selected randomly, every election. Any discrepancy triggers a full recount of the paper ballots statewide.

Also regarding formally verifying the code and it still being untrustworthy -- ultimately you can verify the produced machine code, though it would take forever to do so sufficiently. Then you just have to worry about the hardware, but we don't seem to worry too much about trusting the voting machines that already exist, or the scantrons that count paper ballots in other places.

User avatar
Pfhorrest
Posts: 5007
Joined: Fri Oct 30, 2009 6:11 am UTC
Contact:

Re: 2030: "Voting Software"

Postby Pfhorrest » Thu Aug 09, 2018 5:50 pm UTC

Even with paper ballots, how and when is any individual supposed to be sure that their vote was counted correctly?

I go down to the polling place, or mail in my ballot, and get a little slip of paper that's some kind of confirmation receipt that I voted.

The next day I see that the election went the way I didn't want it to go. Normally I would assume that it's just because most people are idiots, but I guess... suppose I'm paranoid and think it must be foul play, and my vote wasn't counted and that's why the results are wrong.

But I've got this little slip of paper. What do I do with that?
Forrest Cameranesi, Geek of All Trades
"I am Sam. Sam I am. I do not like trolls, flames, or spam."
The Codex Quaerendae (my philosophy) - The Chronicles of Quelouva (my fiction)

User avatar
somitomi
Posts: 654
Joined: Fri Nov 06, 2015 11:21 pm UTC
Location: can be found in Hungary
Contact:

Re: 2030: "Voting Software"

Postby somitomi » Thu Aug 09, 2018 6:25 pm UTC

Soupspoon wrote:
Shamino wrote:These days, I think people are dumb enough to fall for a "manual virus" - an e-mail that has no active content but tells the reader to forward it to everybody in their address book and then reformat their own hard drive.

The old ones are the oldest. (Note that it'd only half work, if done properly.)

((And, seriously, warning against it? It's an excellent introduction to the mechanism, to any remaining Eternal September inductees yet to get a clue-by-four, that acts as a effective inoculant against a live virus… And just about everyone else is as smart or as dumb as they were going to be before they got this.))

(((PPPS: If the Thing From The Encrypted Zip gets past the realtime scanner (or there isn't a real-time scanner, or the receiver has happily disabled/exceptionalised the real-time scanner) and gets to do its thing, there's problems other than any mail-gateway-level AV being unable to check it.)))

Image
—◯-◯

densely
Posts: 1
Joined: Thu Aug 09, 2018 7:06 pm UTC

Re: 2030: "Voting Software"

Postby densely » Thu Aug 09, 2018 8:35 pm UTC

This isn't a software problem. It's a system problem. UI design, data management design, software, hardware, operating systems, communication protocols. Chain of custody of machines and of data. Reproducibility, auditability, voter-visible correctness confirmation, meaningful recounts.

It can't be fixed in software, which may well be the most robust part of the system. Software developers are justified in declining to take responsibility for the problem.

User avatar
da Doctah
Posts: 927
Joined: Fri Feb 03, 2012 6:27 am UTC

Re: 2030: "Voting Software"

Postby da Doctah » Thu Aug 09, 2018 9:46 pm UTC

Refresh my memory: what software design flaw was responsible for selecting the winner of People's "50 Most Beautiful People" title as Hank the Angry Drunken Dwarf?

User avatar
SecondTalon
SexyTalon
Posts: 26295
Joined: Sat May 05, 2007 2:10 pm UTC
Location: Louisville, Kentucky, USA, Mars. HA!
Contact:

Re: 2030: "Voting Software"

Postby SecondTalon » Thu Aug 09, 2018 10:47 pm UTC

da Doctah wrote:Refresh my memory: what software design flaw was responsible for selecting the winner of People's "50 Most Beautiful People" title as Hank the Angry Drunken Dwarf?

The one where the average People magazine reader didn't use the internet in 1998.
heuristically_alone wrote:I want to write a DnD campaign and play it by myself and DM it myself.
heuristically_alone wrote:I have been informed that this is called writing a book.

Krenn
Posts: 16
Joined: Mon Sep 08, 2008 5:18 am UTC

Re: 2030: "Voting Software"

Postby Krenn » Fri Aug 10, 2018 1:33 am UTC

densely wrote:This isn't a software problem. It's a system problem. UI design, data management design, software, hardware, operating systems, communication protocols. Chain of custody of machines and of data. Reproducibility, auditability, voter-visible correctness confirmation, meaningful recounts.

It can't be fixed in software, which may well be the most robust part of the system. Software developers are justified in declining to take responsibility for the problem.


That's true, but.....

hypothetically, if done right, and in a truly paranoid fashion, all of those things should be dual-redundant or even triple-redundant....

There should be the actual physical version and written procedures for those things, plus a completely separate physical/human audit trail of how those things work in practice, plus a SOFTWARE version of those things which exists to programmatically verify that EVERYTHING is verifiably working as intended.

In a perfect world, something like the voter machine operating system should work like this...
1. It's a sealed, encrypted, read-only module with chain-of-custody tracking from factory to voting booth.
2. It's subject to random physical audits by trained humans, who both verify the chain-of-custody and lack of physical tampering, AND run the entire OS ROM module through a hardware/software data integrity check. Presumably a DESTRUCTIVE test, since most valid forms of testing will violate the anti-tamper seal.
3. AND, the actual voting software runs an encrypted platform verification handshake test before it agrees to even run itself on the machine it's been loaded onto in the first place.

Properly defensive software refusing to run at all unless surrounded by dozens of verified hardware and software communication keys should be about 1/3 of all the solutions implemented to protect voting.... and thus software engineers are arguably responsible for 1/3 of all blame. Maybe more than 1/3, since the other two types of checks exist mostly just to provide a platform for the software in the first place.

User avatar
Sir Lunch-a-lot
Posts: 48
Joined: Sat Apr 02, 2011 4:43 am UTC

Re: 2030: "Voting Software"

Postby Sir Lunch-a-lot » Fri Aug 10, 2018 3:09 am UTC

mishka wrote:https://nakedsecurity.sophos.com/2013/10/22/doctors-disabled-wireless-in-dick-cheneys-pacemaker-to-thwart-hacking/

I suppose it could be worse.


What? A politician making an informed and rational technology decision?

User avatar
Sir Lunch-a-lot
Posts: 48
Joined: Sat Apr 02, 2011 4:43 am UTC

Re: 2030: "Voting Software"

Postby Sir Lunch-a-lot » Fri Aug 10, 2018 3:25 am UTC

marsilies wrote:Plus, airplane and elevator engineers don't have to deal with people deliberately trying to tamper and break them from thousands of miles away.

I can't remember who said it, but I have heard of airplanes being described as flying Solaris boxes... and with onboard internet connectivity... it's only a matter of time...

hamjudo wrote:It is a rare election where stealing just one vote would be significant. If hundreds of people who don't know each other claim that their voting credentials were used without their permission, then an independent press which values truth will take notice.

Unless more and more outlandish things keep being done by public officials and large corporations and never get addressed, at which point the public may become largely desensitized/demoralized and not raise their voices in any meaningful way to demand that something be done about it. But perhaps I am just becoming overly cynical.

densely wrote:This isn't a software problem. It's a system problem. UI design, data management design, software, hardware, operating systems, communication protocols. Chain of custody of machines and of data. Reproducibility, auditability, voter-visible correctness confirmation, meaningful recounts.

It can't be fixed in software, which may well be the most robust part of the system. Software developers are justified in declining to take responsibility for the problem.

Fair point. I can be a software problem in as much as all sufficiently complex pieces of software will have bugs that can be exploited. As you point out, same goes for the operating system and the hardware... and people (social engineering...).

At the end of the day, ignoring issues of ensuring that your build of the software is good/chain of custody issues, I think any secure electronic voting system is going to have be open source from the ground up such that anyone and everyone can audit it, tested in much the same way as crypto routines are tested so that the brightest minds can keep hammering away at trying to break it until we are reasonably certain that it is secure.

bbluewi
Posts: 15
Joined: Mon Jul 09, 2018 11:18 pm UTC

Re: 2030: "Voting Software"

Postby bbluewi » Fri Aug 10, 2018 3:27 am UTC

Sir Lunch-a-lot wrote:
mishka wrote:https://nakedsecurity.sophos.com/2013/10/22/doctors-disabled-wireless-in-dick-cheneys-pacemaker-to-thwart-hacking/

I suppose it could be worse.


What? A politician making an informed and rational technology decision?


It's easy when the consequences actually fall onto them. It seems to be a little harder when us plebeians are involved.

User avatar
Solra Bizna
Posts: 55
Joined: Fri Dec 04, 2015 6:44 pm UTC

Re: 2030: "Voting Software"

Postby Solra Bizna » Fri Aug 10, 2018 4:46 am UTC

marsilies wrote:Plus, airplane and elevator engineers don't have to deal with people deliberately trying to tamper and break them from thousands of miles away.

MIM-104 Patriot Surface-to-Air Missile System

Okay, so that's only ≈100 miles away instead of thousands... :)

Kit.
Posts: 1098
Joined: Thu Jun 16, 2011 5:14 pm UTC

Re: 2030: "Voting Software"

Postby Kit. » Fri Aug 10, 2018 12:36 pm UTC

There are a lot of reasons why "computerized voting" is "terrifying". I'll try to pick the most important one from the engineering point of view:

The customer is not liable for the mistakes in the requirements specification.

cryptoengineer
Posts: 134
Joined: Sun Jan 31, 2010 4:58 am UTC

Re: 2030: "Voting Software"

Postby cryptoengineer » Fri Aug 10, 2018 1:35 pm UTC

I'm a software engineer, and have been working with crypto protocols for decades.

This panel is *right* *on*.

I'm in New England, and have stood up in my Town Meeting to voice vigorous opposition when there was a discussion of switching
from mark-sense (Scantron??) machines which used, and retained a bubble-form paper ballot, to pure electronic machines. (We did
not switch).

They can't be trusted. Period. Anyone who tells you differently is lying, misled, or ignorant.

Its not really that we're all bad at what we do, but the problem is different than the other cases cited. How safe would commercial air travel be
if surface to air missile attacks on flights were a common occurrence? How would you engineer elevators if there were dedicated teams of experts
reverse engineering every safeguard and defeating with the goal of making them plunge?

There aren't many fields of engineering where you have to assume that there are skilled, well funded state actors determined to break what you build.

User avatar
Shamino
Posts: 29
Joined: Wed May 16, 2012 2:02 pm UTC

Re: 2030: "Voting Software"

Postby Shamino » Fri Aug 10, 2018 1:41 pm UTC

cryptoengineer wrote:There aren't many fields of engineering where you have to assume that there are skilled, well funded state actors determined to break what you build.

And those fields tend to be for military and related systems. Not systems where you are going to mass-market it to municipal governments nationwide, where they will be configured, used and supervised by non-technical people with only minimal training.

You can have a super-secure encrypted phone, but it won't help if you're discussing your secrets on the subway during rush hour.

User avatar
pogrmman
Posts: 550
Joined: Wed Jun 29, 2016 10:53 pm UTC
Location: Probably outside

Re: 2030: "Voting Software"

Postby pogrmman » Fri Aug 10, 2018 4:33 pm UTC

cryptoengineer wrote:They can't be trusted. Period. Anyone who tells you differently is lying, misled, or ignorant.

Yeah. My precinct only uses electronic voting machines, and I can’t stand it. There’s no real way for me to be sure that my votes are being recorded appropriately or that they’re even counted. Oddly enough, I trust when I vote absentee more — even though it’s mailed across the country.

Really the only reason I have any trust in it is because I live in a big county — so I presume there are semi-competent people in charge and any election tampering would be a pretty big deal.

Krenn
Posts: 16
Joined: Mon Sep 08, 2008 5:18 am UTC

Re: 2030: "Voting Software"

Postby Krenn » Sat Aug 11, 2018 8:22 am UTC

Shamino wrote:
cryptoengineer wrote:There aren't many fields of engineering where you have to assume that there are skilled, well funded state actors determined to break what you build.

And those fields tend to be for military and related systems. Not systems where you are going to mass-market it to municipal governments nationwide, where they will be configured, used and supervised by non-technical people with only minimal training.

You can have a super-secure encrypted phone, but it won't help if you're discussing your secrets on the subway during rush hour.


Well, there's also online banking. that's a big target.

Plus, per various antics by the NSA, North Korea, China, and others, we kind of have to assume that most office software, web-enabled devices, operating systems, and industrial control devices will be targeted at one point or another.

And the best-paid civil engineers have been designing nuclear reactors and skyscrapers for the possibility of "accidental" small- or medium plane crashes for a while now. Ever since the 1940's, I think. The Twin Towers could have been a lot worse, really.


Return to “Individual XKCD Comic Threads”

Who is online

Users browsing this forum: No registered users and 34 guests