It's incredible how people just don't learn. Case in point: this glowing article about the wonders of online voting using blockchains.
Like everything to do with computerized voting, this is a totally idiotic idea if you favor free and fair elections. If you're the Republican Party or Russia's GRU, blockchain voting is great because you can easily dictate the result.
The promise of blockchain is that it's decentralized and somehow magically invulnerable to fraud and theft. This is manifestly untrue.
Nine times out of ten when you read about Bitcoin -- the most prominent user of blockchains -- it's because someone got ripped off for millions of dollars. Fraud and theft are rampant with Bitcoin: blockchains do nothing to stop that.
The author thinks that people can use their phones and home computers to vote online. This is totally naive and completely idiotic: personal phones and and home computers are the most insecure devices on the internet. They are riddled with viruses and malware, because the average person doesn't take the most basic security precautions, and the operating systems are inherently insecure because they allow users to install new software, like the voting app.
Yeah, blockchains might be a technical solution to the "double spend problem" (though I am skeptical about this -- the blockchains have to be hosted somewhere, and how secure are those systems?) .
But the real problem is the application used to register your votes. Phones and home computers will never be secure enough to ensure that the candidate you selected in the app is the one that actually receives your vote on the back end. Malware on your phone could be used to select a different candidate from the one you picked, through an infinite number of possible hacks.
Even if the voting app were magically made bulletproof, the companies that control the app stores and the web browsers (Apple, Google and Mozilla) are the companies that will control your vote. How can we trust that the programmers didn't put some kind of backdoor into the app?
Then there's authentication. Many states require picture ID to vote. With app-based voting there is absolutely no way to ensure that you were the person who cast your vote. (And no, taking your picture or your fingerprint when you vote on your phone isn't any kind of proof because those things are already available elsewhere.)
Instead of showing up at your polling place, the government would have to send you some kind of authorization or password to vote. That goes through email or your phone's text app. These are not secure. These authorizations could be intercepted anywhere along the line, and anyone who has your phone or your login will be able to vote in your stead. A hacker who got hold of the database of voting authorizations could cast millions of votes.
Voter information is exposed on the internet all the time (for example, in Georgia, and this Republican contractor). Inevitably this same mistake would happen to the authorization file.
But the ultimate reason that you can never use computers for registering votes is that there is absolutely no way in hell to do a legitimate recount. Recounts are totally impossible with any form of voting that does not use a physical token, like a paper ballot.
I'm a computer programmer, I don't believe for one second that you can guarantee that every vote will be properly counted with blockchains. Blockchain systems are supposed to be wonderful because they arrive at a "consensus," essentially some kind of majority rule. That means that there will always be disagreements, and they will be arbitrated by some kind of consensus mechanism.
If a single entity controls more than 50% of the hosts, they can dictate the results. This is an acknowledged problem with Bitcoin (known as the 51% attack), and they just shrug it off. Well, they argue, no single entity could control 51% of the Bitcoin miners.
But this is false. With Bitcoin, it's completely possible for one country (China, for example), to devote sufficient resources (large numbers of fast processors that do bitcoin mining) to gain a 51% majority.
What computers will store the blockchains used for voting? Anyone with a server? Including servers in China and Russia? Or servers authorized by the federal, state and local governments? Clearly the latter.
Whoever controls those servers controls the vote, with no possibility of a recount, because there are no physical ballots, because everything is done in the computer.
Because the basis of our system is the secret ballot, there can be no link between you and your vote in the system. That means you cannot validate that your vote was properly recorded: you just have to trust that your vote goes through. This comes up often during recounts in close elections: ballots are discarded if they can be linked to individual voters -- that is, if they have signatures or other identifying marks.
I agree that the voting process is often manipulated for partisan gain, for all the reasons specified by the author of the article:
Messing with polling stations is one of the most common voter suppression tactics. Across the country, polling stations have been closed in minority neighborhoods, had their locations changed from election to election, and have been kept understaffed, or inaccessible, or ill-equipped, so that voters must stand in line for hours.But the "blockchain solution" would allow Russia or China or Julian Assange to completely hose every election in the country. They wouldn't even have to do much hacking: if they hacked just one race, every other race in the country would be in doubt, throwing the country into total chaos.
Paper ballots are the only viable solution for free and fair elections. Yes, it's still possible to mess with them through official fraud, ballot box stuffing, criminal poll workers, theft, and so on. But these issues can be mitigated through proper election monitoring, hand-counted audits of random precincts in every jurisdiction and well-established chain-of-custody procedures.
With computers, everything happens in a black box that no one can see inside and no one can verify. This will always be the case, no matter what kind of mumbo-jumbo blockchain snake-oil salesmen spew at us.
There is no magic internet or computer-based solution to voting. Physical ballots that allow for manual recounts are the only verifiable voting mechanism. Instead of wasting time on pipe-dreams about blockchains and the internet, the federal government needs to step up enforcement of voting rights to ensure that local officials don't screw with the vote. Early voting should be the norm everywhere, and election day should be a holiday so everyone is guaranteed an opportunity to vote.
Remember, a successful hack of the an election doesn't actually have to install a particular candidate in office: it just has to cast doubt on the result, leaving the country leaderless and divided.
No comments:
Post a Comment