Why Electronic Voting Is Still A Bad Idea

By | December 15, 2019


Five years ago, I made a video for a channel
called Computerphile about why electronic voting is a bad idea. And I still get emails, occasionally, asking: things must have changed by now, right? There’s this new idea,
and maybe it’ll help. Surely electronic voting is
just around the corner? No. No, it’s really not. Here is why electronic voting
is still a bad idea. Elections have some very unusual requirements. There are two key features that are almost
opposed to each other: anonymity and trust. So first, your vote should be completely anonymous. There should be no way that anyone
can find out who you voted for, even after everything’s been counted. That way, no-one can bribe you or
threaten you to vote a particular way. In the UK, if you mark your ballot in a way
that could potentially identify you, so if you sign it, for example, then
that ballot is not counted. This is why election officials are
worried about people taking selfies with their completed ballots: because you should not be able to
prove how you voted afterwards. Otherwise, you can have attacks like
“$10 off for blue voters!” or “Entry to this party
only for yellow voters!” or “vote red or you’ll regret it.” Votes have to be anonymous. The second requirement is
absolute, transparent trust. The system needs to make sure that your vote
is securely and accurately counted, sure. But it also needs to be obvious to everyone,
no matter their technical knowledge, that the system can be trusted. So if you’re using paper, you place your
ballot in a sealed box that doesn’t get unsealed until
everyone with a stake in the election has someone representing them
in the room. There should always be people from more than
one side guarding it, or at the very least, witnessing that there’s a tamper-proof seal
being used for transport. Voters need to be able to trust that their
vote will be counted even though they’ll never see it again and
it can’t be traced back to them. And at no point is a single person put in
a position of trust. People can be corrupt, or threatened, or
incompetent, or all three at the same time. Now, physical voting is not perfect. It can be attacked, it has been attacked. The UK’s own paper system doesn’t fulfil
both of those requirements perfectly, it is possible to identify voters from their
ballots if a court orders it, and there are stories about that being done
outside the law too. But the key point is not that paper voting
is perfect: it isn’t. But attacks against it don’t scale well. Physical voting is centuries old. And in that time almost every conceivable
fraud on the system has been tried, and defences have been found. The more physical votes you need to change, the more people you need to influence, the more time and money it takes, and the less likely it is that your
little conspiracy will stay secret. In a UK election, there are hundreds of polling
stations across the country, with staff made up of scores of employees
and thousands of volunteers. The job of changing a
significant number of votes, enough to sway an election,
becomes very, very difficult. People have attempted it,
some people have been convicted, a few have probably gotten away with it
on some scale. “Granny farming” is the term that
shady operatives use for going round all the retirement homes and getting vulnerable elderly people to sign
a proxy vote, a paper saying that someone else can vote
on their behalf. And yeah, on a small scale,
that has worked. But once you start scaling up that attack it becomes extremely difficult and time-consuming and the chances are you’re going to get
found out. With electronic voting, that’s not the case. So first, let’s talk about
electronic voting machines. That’s where there’s a computer at the
polling station: so voters still go into a booth, it’s just that they are pushing buttons,
or tapping things on a touchscreen, not writing on paper. Problem number one:
trusting the software and the hardware. In theory, our voting computer could be running
open source software where anyone can see and
check the source code. In practice, that doesn’t happen: it’s probably going to be closed source, it’s probably going to be loaded off
an easily-compromised USB stick, on a computer that’s been sitting unguarded and sometimes just idly and inexplicably connected
to the internet for years. And those systems only ever get a full-scale
test when an election actually takes place. That in itself should be enough to stop
electronic voting ever being a thing. But, okay, let’s say that we do, magically, have the most stable, secure,
open source software possible. How does a voter know and trust that the correct
software is actually installed on the machine they’re using? Maybe we could use some sort of checksum or
some other system to make sure the voting
is running correctly. But then you’re just moving the problem, now you have to trust that checksum hasn’t
been forged. And almost no voters actually will understand
what that check even means, or why they should trust it. In the United States, voting machines are
regularly tested every year… at the Voting Village at DEFCON, one of the
world’s largest hacker conventions. It’s not an official thing. Hackers there have managed to alter the stored
vote tallies, change the ballots displayed to voters,
and in one case, have got a machine to run
the video game Doom. Imagine if, instead of a machine, there was
just a person in the voting booth, and you had to whisper your vote to them,
and they promised, oh, yes, you can absolutely trust them to
accurately record your vote and pass it on to the people
who are doing the count. No, you can’t see how or where they’re
writing it down, you can’t actually call and find out where they are or what they’re doing, but they absolutely promise. That’s basically what’s happening with
an electronic voting machine. You just have something that says:
trust me. I’ve counted your vote and I have absolutely
not been compromised. Honest. Problem number two is votes in transit. How do you get the votes off that machine
to the central counting place? There are three possible ways. One, you could take all the voting machines
to the count. You could seal them all up,
and transport them physically from where the voting took place
to where the counting takes place. No one does that. So, you could download all the results from
each machine onto a USB stick and take that. One bit of sleight-of-hand and you’ve got
a completely different set of results. If you’re about to propose some system where
the results are checksummed and trusted: please explain that to the average voter in
a way they can understand and implicitly trust. Okay, so, maybe we could transmit the votes
electronically over the internet. Which is… optimistic. Man-in-the-middle attacks
are more difficult now, but they’re not impossible, particularly if you can’t trust
the software on either end. And now you’re connecting the voting machines
directly to the internet. Deliberately. Which brings us to problem number three:
the central counting server. Right at the end of the process
there is the server that tallies the votes and gives the
final count. Which has all the same problems
with trust and verification as the individual voting machines, but now only a few people can
even see that computer. That’s also true about
electronic counting machines: ones that take stacks of paper ballots
and return totals. How do you trust they aren’t quietly changing
some votes? We live in a world where Volkswagen
got away with specifically designing their cars to cheat
on emissions tests for years. And that’s before we include user error. In one Scottish election,
trialing electronic voting, a result was corrected after one observer
noticed it didn’t make sense, and stopped the announcement at the last minute. Turns out that someone forgot to scroll
all the way to the right to read the columns on an
Excel spreadsheet with the results in. And even if you can’t compromise the election,
you can still break trust. You can still cast doubt on a voting
machine, or the entire counting system, just by leaving an unknown USB drive in it,
taking a picture, and posting it online. Or just faking a photo of that. To break an electronic election,
you don’t actually need to break it: you just need to cast enough
doubt on the result. It is a lot more difficult to do that with
paper and physical ballot boxes. And all this is before we get to
the really terrible idea: that people should be able to use their phone
or computer to vote from home. Now, I’m sure the device that you, personally, are watching this on is malware-free and up-to-date.
Of course it is. But can you trust that for everyone
in your family? For everyone on your street? The exact numbers differ depending on
which security firm’s figures you go with, but it’s safe to say that a huge number of computers are infected
with some sort of malware. Huge numbers of phones are on old, vulnerable
versions of their operating systems. And that’s just scammers setting up botnets
and minor extortions. Imagine the sort of attack that
could be put together by a small, well-funded team backed
by a national government. That sort of attack would scale
very, very well. Find the one hole in the system, and suddenly it costs roughly the same to change one vote
as it does to alter millions: and your conspiracy stays
very, very small indeed. Maybe you don’t even have to set foot in
the country whose elections you’re hacking. Now, there are a couple of regular objections
I get to this. First of all: what about Estonia? Yes, in 2005 Estonia became the first country
in the world to offer internet voting, first in local elections,
then in national, then in European. In 2019, more than 40% of votes
were cast online there, which is just short of a quarter of a million people. On the surface, the system seems robust. Voters can ID via their government-provided
smart card, or the SIM card in their phone. But there are problems. An independent report found gaps in the procedural
and operational security. The architecture of the system is a decade
old and it’s now dangerously out-of-date, and it’s open to cyberattacks
by foreign powers either by exploiting individual phones or by breaking the trust in the
server that counts the votes. The other common objection is: what about
new technologies? What about blockchain? Look, leaving aside trying to
explain blockchain to people and asking them to trust this
weird technology is worth using, it’s basically just a write-only database. It doesn’t solve the problem of trusting
the software or hardware: it doesn’t change how
the voting machine works, the interface between the voter’s intention and what’s actually written to
the database still has to work. If it prints a receipt of the vote you can
check later, it breaks anonymity. If it prints a receipt of seemingly-random
numbers you can check later, it breaks trust, because hardly anyone will understand what’s
actually going on there. I’m not saying there aren’t advantages
to electronic voting. Yeah, there are. Accessibility is the main one, and that’s
really important. In low-stakes elections, for small groups,
for the little things, sure, go for it. But when the future of nations
rests on the result: electronic voting is still a bad idea, and you should still vote against it. While you can. I’m endorsing Dashlane for two reasons:
one, they’ve given me money. Obviously. But two, because I genuinely believe that
if you’re techie enough to watch to the end of this video, you should absolutely be using
a password manager. If you go to dashlane.com/tomscott, you can
get a free 30-day trial of Dashlane Premium. Password storage, generation and autofill
that works across devices, browsers, operating systems,
everything, it syncs all your data in the cloud without sending
any of those actual passwords to Dashlane themselves. If you want to know how that works, see previous
sponsored sections. Using long, complicated, symbol-filled passwords that are completely different for
every web site and every app is ideal for security: but remembering them is nigh-on impossible
and typing them in is a pain. Being able to use a single master password, or the biometrics on your phone, is great: you’ve got one thing to remember. Dashlane will also store and autofill
credit card information, so you don’t have to retype it every time
you buy something online. You also get a VPN and a
gigabyte of secure storage. So: dashlane.com/tomscott for a
30-day free trial of Dashlane Premium, which includes unlimited
password storage and sync. And if you like it, you can use the code “tomscott”
for 10% off.

100 thoughts on “Why Electronic Voting Is Still A Bad Idea

  1. Paul Berry Post author

    That is also my expression when asked about grits teeth Blockchain.

    Reply
  2. Xale Retro-Gaming Post author

    Electronic vote is stupid. Everyone should understand how the counting count.

    Reply
  3. Edenfall Post author

    What about Quantum Encryption and local physically enclosed voting systems?

    Reply
  4. French Fry Post author

    Just give Donald a second and third therm, problem solved. 😂

    Reply
  5. superjarri Post author

    I'm sure there are a lot of systems to avoid all those problems. Yes, It won't be as easy as giving a thumbs up in a web. Maybe you have to buy some kind of official hardware with biometrical authentication. Maybe you should receive a message in your phone with a key, which you have to associate to your number some weeks before. Maybe the system should assign you an annonimous ID and the next day after the elections, they have to publish a list with the relation of votes, your ID and the party you voted. This will keep your vote in anonimity while give you a way to check if your vote was counted correctly. I would trust that system even more than the physical one, imo.

    Reply
  6. The WTF Factor Post author

    Dude. I know its kinda blowing up recently but you have been by far the most smartest techie genius on YouTube I have seen. So make a vid on if Google actually listens to us from our microphone and advertises us the products we talk about in our daily lives via Google ads.

    Reply
  7. misiotronik Post author

    Tom, why don't we use Delphi method instead of anonymous elections?

    Reply
  8. censorship bites Post author

    Open-source software is great for research and innovation but terrible for security. If you can see the source code, you can see where possible faults – or exploitable flaws – are. Moreover, open source is another way of saying Try at Your Own Risk. If Microsoft software causes a loss of data, etc., even the most iron-clad of EULAs can't stop a customer from bringing suit (even if doomed to fail). "Proprietary" is another way of saying There's someone I can complain to/yell at.

    Reply
  9. Rytis Liaučys Post author

    Tell that to Estonia, who vote from their home computers 😀

    Reply
  10. Izdislav Ya Post author

    Blockchain technology – no special machines, no special software, every vote can be securely registered, confirmed and verified with full anonymity … problem solved.

    Reply
  11. Like Bot Post author

    The internet isn't the only means of telecommunications between computers. These potentially compromised tallying machines can communicate with a potentially compromised central server via an intranet, keeping the potenitally stolen election away from the prying eyes of White-hats as well as those with a pony in the race.

    Reply
  12. Aimiee Post author

    You have to be naive to think that paper ballots arent rigged either – ofcourse electronic votes would be hacked or changed or whatever, but so are paper ones. Dont trust ANYONE.

    Reply
  13. NaeMuckle Post author

    Any voting where the English are involved is a bad idea. Bunch of idiots.

    Reply
  14. calculon000 Post author

    I really appreciate you taking the time to make an update to one of your own videos addressing potential changes in the topic, even if the answer at the end hasn't changed.

    Reply
  15. Nick Steele Post author

    You just glossed over blockchain saying it's not anonymous and if it is people can't understand what's happening. That's really poor for an argument. People said others can't understand every single technology that has ever come before us. That argument doesn't work.

    And we've proven anonymous blockchain transactions are indeed possible, and users can verify their own links at any time

    Blockxhain is not essentially a write only db, it's event soured. That means you can rewrite the DB, but you have to write that you rewrite it, so anyone can see exactly what happened and when. That is a VERY important difference

    Reply
  16. Brin Haerycammel Post author

    Why electronically vote at a voting station? you can vote from your PC and respond to a verification email sent to your own email.. how could that be tampered with?
    For those who don't have their own email, they must use the paper system..

    Reply
  17. Sreeram S Nair Post author

    In India, electronic voting machines are dedicated devices just for this purpose! It is a device that can do nothing else.

    Reply
  18. Jan Petter Egeland Post author

    Tom, I know that you take cyber security seriously, and i still don trust you to have all your apps, software and OS's up to date at all times, you are still human and you still make mistakes. FFS i dont even trust my self to do that.

    Reply
  19. Kiril Lazarov Post author

    Sure, paper voting is harder to manipulate, electronic is easy. Deal.
    Then why are we using mobile banking (a multi billions), why are we using internet for buissiness (billions) and finally why should i trust my passwords to your sponsor, when electronic activity is soo unsecure. And you are stepping on the statement that "compromising the trust of paper voting is harder". Nope. Manipulations is art and there is god like proffessionals in it. Another statement "manipulating paper vote require more people and resources, increasing the chance to be catch". Another big nope. My country, Bulgaria, is part if EU for 15 years. In elections, the vote withnesses (98% of them +2% "idealists") only target is to collect money from the partis, and then manipulate the counting, respecting who gave more. We all know that, EU representitives know that, the press know that. But the press, the EU and the law are looking in different direction. And everyting with the taxpayers money. In EU country. I'm sure your country also got "talented" politicians.
    I still remember the comunists winning with 99.9% in anonimous paper vote, 30+ years ago. Dare or go work in uranium mines.

    Reply
  20. Auracle Post author

    Actual election fraud seems kind of irrelevant when the media is so much easier to just buy and corrupt, and that's not even illegal.

    Reply
  21. Clara Castilho Oliveira Post author

    In Brazil they transport all the electronic ballots to where the counting takes place.

    Reply
  22. Looduse Film Post author

    In UK is may be difficult to change paper voting results, but in Russia it's very easy. The put extra votes into box, they just change results in voting station and they change voting results in central voting comission. It's very very easy to change voting results, so there is on point to fetish paper voting over electronic voting.

    Reply
  23. Gamingdragon Post author

    EVM is better because it supports easy counting for a large population while being safer . Paper Ballots are subject to fraudulent counting , very difficult in large populations , more expensive as well as being very difficult to manage .

    Reply
  24. PinkMonkeyBird Post author

    I love that you used the VW analogy. So many people have forgotten about it and it's literally the biggest environmental farce in history. The company should be barred from doing business in every country on earth and instead they got a slap on the wrist and the average consumer doesn't even know what happened.

    Reply
  25. Dustin M Post author

    Inb4 somebody tries to make a cryptocurrency/blockchain based voting system

    Reply
  26. Nathan Miller Post author

    I'm ok with electronic counting. It can be done on a non-internet connected machine and it's feasible to do quality control manually.

    Split the ballots into stacks of 100-1000. Then run the count on each stack. After the machine has counted the ballots, roll dice to determine some stacks to count manually and let candidates/parties request to manually count a few stacks that seem suspicious (ex. 85% yellow votes in a blue region). It would still be less work than counting everything by hand.

    Reply
  27. maixck Post author

    I dont understand why Tom places so much emphasis on the need to understand for the average voter. The average voter does not understand nor cares about how to fisical ballots are handled, they just trust the people who do.

    Reply
  28. cmilkau Post author

    I think electronic voting is going to happen anyway. I agree with the message of the video on all terms, but it is a political decision, and politics has a really bad track record on making smart and well informed decisions.

    Reply
  29. philophos Post author

    The main argument sounds like people can trust pencil and paper, whereas it’s too hard to convince people to trust electronics. But that just isn’t true. Is it, Alexa?

    Reply
  30. Mr. Slate Post author

    @Tom Scott what about Blockchain technology? Wouldn't it be perfect for this? I know that it gets thrown around as a buzzword, but really a decentralized database is one of the most secure ways to verify data and it's incredibly hard to change it

    Reply
  31. Junaid Farooqui Post author

    Meanwhile in India, the Election commission claims no one was able to break into the EVM!

    Maybe ECI has a foolproof method of electronic voting or…

    Reply
  32. c0mpu73rguy Post author

    "Up to date"… Uuuuuh. Is a 2007 PC running Windows 7 considered "up to date"?

    Reply
  33. dafnesway Post author

    I read the title as "Why Electronic Violin Is Still A Bad Idea."

    Reply
  34. AlwaysInAtari Post author

    Blockchain is trustless i.e. you don't need to trust it. you can see the address to which the vote is being sent to on the blockchain itself to verify that it is there. What the F are you talking about?

    Reply
  35. drnrqsldch Post author

    you forgot, that you can run a blockchain system made by the government that can only be verified with certain keys made by the programmers of the software so only the machines authorised can run the system. It's nearly impossible to hack blockchain algorithms unless you have the access keys. All hacks reported on blockchain exchanges happened due to fails on those exchanges no the core blockchain itself, so its the most secure thing yet.

    Reply
  36. Ron Brideau Post author

    There is no way to prove who you voted for if you write down your own receipt to verify in the public vote matrix. Or even if just on typical cash register recipe really.

    Reply
  37. Subhodeep Pal Post author

    While your points against EVMs are true, many of those issues also apply to traditional methods of voting. Your point on manipulation also plague the pen and paper way. So, i think its better to compare both of them and if EVMs are better in even the slightest way, then they already make a case for themselves.
    Also, EVMs have been successfully deployed here in India and while their methodology isn't perfect, i believe it's far better than what we had. And that's all that matters.

    Reply
  38. Abraham Samma Post author

    Perhaps we should just do what the ancient greeks did well: sortition.

    Reply
  39. SUBHARTHI SARKAR Post author

    Modi ji pitega tereko……what ever good video as always..

    Reply
  40. TheAedenEternal Post author

    imagine not trusting eletronic voting but recomending dashlane to your tech users while being totally aware of its flaws

    Reply
  41. Transolve Post author

    I know how to make a voting machines safe and also have people trust it, while staying anonymous.

    Reply
  42. Wilson Samuels Post author

    I want an app where the whole country can vote or not vote on every issue or bill. The only reason we have politicians is because it was impractical to have a national referendum, or squeeze every citizen into parliament for every vote. We have the internet now and if we can do our banking safely online we can vote online. Having paper ballot control sample votes can negate most of the fears in this video. No one should be afraid or ashamed if people find out their vote, It's illegal to bribe or threaten voters for starters.

    Reply
  43. James Barca Post author

    Thankfully, we have paper ballots and a voter ID law here in Indiana.

    Reply
  44. kajacx Post author

    Tom's reason: "electronic voting will never work, because people are too stupid to understand how it works"

    Reply
  45. kajacx Post author

    You have no idea how electronic voting works. Its not "trust me that your vote is counted", the user can verify their vote is being counter corectly completely independently while remaining anonymous.
    Look up cryptographic hashing.

    Reply
  46. MechanoRealist Post author

    In the end, to the average guy, it is all the same. People trust things they don't and probably never can understand, all the time.
    Personally I would love to vote from home, provided the login was authenticated by a trusted thirdparty like my country's NemID (EasyID). It uses a key-answer card with single use keys. If it is good enough for online banking (and key-answer single use is indeed even good enough for nuclear submarine launch codes) it is in my opinion good enough for voting.
    For the end user there is no difference between logging in like this on a secure website and checking out a ballot with your social security number. In both cases there still is a need to identify that you have voted so you can't vote more that once.

    Reply
  47. it's me Dio Brando Post author

    in brazil since i was a kid we used eletronic votes, and in every single election we face some problems

    Reply
  48. Gert van den Berg Post author

    One of the really important things is that elections are the type of thing that lots of very capable adversaries (three letter agencies) might want to affect… Then you need to be safe against potential undiscovered vulnerabilities as well… (Think Stuxnet type attacks)

    Reply
  49. William WATKINS Post author

    I can't believe you felt the need to make this video again.

    Reply
  50. 1996chrissi Post author

    You say I can't trust a government operated, internet connected, proprietary voting system because internet connected hard and software can be attacked
    So far I agree, even encryption can be broken and checksums aren't the magical remedy to all things internet

    But then you go on and promote Dashlane, which is internet connected and proprietary (or at least I can't find their sources online) software with the clients (Apps etc) running on statistically not unlikely to be compromised hardware to manage passwords…
    There is no way for me to prove that they do what they claim and encrypt my passwords decently
    There is no way for me to prove that their database hasn't been breached and someone is happily bruteforcing away at the presumably encrypted data
    There is no way for me to ensure that their servers don't hold the cryptographic key somewhere
    There is no way for me to ensure that no one managed to attack my connection to their servers
    And I'm not saying they would necessarily do any of that out of malice, but I can't prove that they aren't corrupt, threatened or incompetent or any combination of these

    I'm not saying you shouldn't be making money, you make a lot of great content, but at least point out the drawbacks of the services you promote, especially when they're as obvious as in this situation

    Reply
  51. gyroninja Post author

    What an ignorant video. Your last video on this topic fooled many people into thinking that electronic voting is always worse than paper voting. With voting, the ability to check that your vote was actually counted in the election is a good thing. With paper voting you have no clue if your vote was even counted. Additionally, it's unrealistic for a random person to recount the votes. With paper voting doing a recent take a ton of time and a ton of manual labor. With electronic voting you can just run a program and it will spit back the correct totals.
    >Getting the votes to a central server
    The votes should be published online for the public to download so that they can both see if their vote is in their and that they themselves can count the votes.
    >Compromised devices
    If you were using a hacked voting machine you could check on your phone to make sure your vote was recorded. You could have designated computers for checking this too. As long as one of these devices isn't compromised you will see that your vote was not counted, so you should go vote again.
    >The general public will not understand the cryptography needed to pull this off
    This is a fair point. Maybe we need to teach some basic cryptography during high school, so that the general public at least understands what public key crypto is and how you should keep your private keys private. Trying to go over homomorphic encryption and the math behind everyone might be too much, but they can probably just trust that the protocol has been peer reviewed by top cryptographers.

    Again I want to stress how great it is for anyone being able to count the votes themselves. Their can be major publications verifying the results of an election. Being able to prove that your vote was counted makes you trust the system as opposed to questioning if your vote was thrown out or destroyed. Moving the trust from the people running the election to the general public is a step that needs to happen for elections to become more fair.

    Reply
  52. Thiago Marcondes Post author

    "I don't endorse eletronic vote even if I don't know how it works but I totally trust a company my passwords" TS

    Reply
  53. André da Silva Vidal Post author

    Brazil has electronic voting for two decades, no problems whatsoever. Can't say the same thing about paper votes in the U.S. considering the very same period.

    Reply
  54. Pedro Gusmão Post author

    ah yes
    using your phone to trade stocks and make bank operations is fine, but voting is a nono
    even though we've already established that paper voting has the same problems

    Reply
  55. Faffy Waffle Post author

    The vote should be regarded as the single most sacred process of a western republic. All care and safeguard should be attempted, and any hint of corruption should be heavily investigated and procsecuted. Sadly, I doubt this is the case today.

    Reply
  56. Pedro Gusmão Post author

    can't help but notice that a lot of these problems apply to paper as well….
    uhm…

    Reply
  57. Douglas Wikström Post author

    The server that counts the votes in Estonia proves that it does it correctly mathematically. I invented and implemented some of the cryptography that is used. Behind an airwall I might add.

    Please correct the errors in the clip.

    Reply
  58. Jakob Lindskog Post author

    Ok, so the trust thing is due to people not knowing how to read source code and checksums. We should invent some super-basic computer that you can basically create at home, so that everyone understands the tech behind it

    Reply
  59. Irony Pea Post author

    dashlane is closed-source, so it requires you to trust it.

    Symbol-filled passwords – if by symbol you mean non-alphanumeric characters, they increase entropy but so would increasing the length of an alphanumeric password.

    Biometric of phone – biometric and phone is "what you have". Password is "what you know". If an attacker has one's phone, it's easier to steal/spoof one's biometric data since it cannot be changed, than one's password.

    These said, for the average user, using a password manager and incorporating the suggestions you provided would be a major improvement in security. Using a closed-source solution such as dashlane is preferable to poor password practices such as simple passwords and password reuse, though from a theoretical pov it's merely reducing two weak links in a chain to one weak link, it hopefully gets one thinking about learning more about security.

    Reply
  60. Jean-Francois Mezei Post author

    In Canada:
    Each riding has multiple polling station.
    Each polling station (such as a school hall) has multiple ballot boxes.
    Ballots from each ballot box are counted and a tally for that ballot box reported to the riding who then reports it to Elections Canada via computer. National results available as each ballot box has been counted.

    It would be possible to make each ballot box electronic, with the people in polling station extracting results instead of counting ballots and reporting results from that ballot "bax" in the same way as now.
    AND, if upon voting, the ballot box issued a printed vote as well, that vote could be placed in an analogue box. It would then be possible to audit the electronic results for a ballot box against the paper votes if necessary (or to do spot check to ensure resuylts are accurate).

    Reply
  61. Jaunty Angle Post author

    All UK ballot box votes are cross referenced with your name and address: They are not anonymous.

    Reply
  62. Robert Capron Post author

    It's a shame how many good ideas aren't used due to fear.

    Reply
  63. Juan Pablo Ortiz Post author

    "What about Blockchain??" 9:40 Haha I fell that you have been in too many debates with this crypto guys. I'm ba blockchain guy but I also recognize electrónico voting (even with Blockchain) is not perfect for voting. It will be very difficult to explain blochain to people in my country Guatemala.

    Reply
  64. Tahvohck Post author

    It honestly seems to me like most of the issues in electronic voting really are the same as the issues in generalized encryption and computer security, and so most of the same solutions can be applied. Changing votes at the voting tally machine is hard? Make it so every vote has to have proof of work, and make that proof of work take at least a second (or other reasonable time scale) to do. Large scale changes would require incredible amounts of time to do if they could be done at all (a variant on forward perfect secrecy might even make it impossible), this is literally what things like bcrypt are meant to solve. Force voting machine code to be open. Not every user of the software needs to understand the software if it's open, as long as enough people that DO understand it look at it. Transport the data by pulling out the hard drives. Lock those hard drives into a transport unit that blocks access to the data ports prior to transport, this is just as effective if not more than sealed paper boxes. You could even have the voting machines themselves print out the vote to be inserted into a master machine at the polling place, this way it mirrors current systems and allows the voter to be sure that their vote isn't compromised by the voting machine itself.
    There are other things, of course, but I probably shouldn't try to give an entire lecture on computer security in a youtube comment (especially since I don't claim to be an expert on it)

    Reply
  65. Tobechukwu Iloenyosi Post author

    What about in a country where thugs are hired to seize ballot boxes by the candidates during voting?

    Reply
  66. Siranat usawasutsakorn Post author

    What about blockchain-based voting? Everyone gets one account. Every election, give the coin to everyone and let em give transfer coin to any account they want. The person with account with the highest coin wins.

    Reply
  67. ailaG Post author

    If we assume that the plain old system works well enough, an electronic system can back it up. Have a computer print out your ballot, and back it up anonymously.

    Over here we have booths with preprinted notes, and one blank notes in case your party's notes are all out. People go and slightly stain notes or swap notes. A system that prints them could solve that.

    Our votes are counted locally, in the voting centre. There have been cases where votes were written for the wrong party. If a group of votes doesn't tally up with the computer, they can be meticulously counted again.

    And if the computer is tempered with, you can see that on your printed note. And you'd still have a pile of blank notes just in case.

    It's not that there's no solution and computers are rubbish for elections. We just haven't found a good enough solution yet.

    As for voting on our phones, that allows people to manipulate others and watch over their shoulders when they vote. A solution for disabled people should be found, but it won't be simple.

    Reply
  68. WHAT THE!!!! Post author

    *INDIA* ! the largest democracy in the world, is using electronic voting system. and it has be using it for years.

    Reply
  69. Justin Macklin Post author

    Idea: Hunger games style voting system with nerf guns.

    Think about it…. i'll wait

    Reply
  70. Indie Guvenc Post author

    I don't think it's true regarding repercussions 1:02. there can be laws saying tamper with elections and you will get in big trouble. people will be afraid. people who tamper will probably leave a lot of electronic evidence that can be traced. I don't think this could be done with paper

    Reply
  71. Anggi Dwitama Post author

    Pointing the flaws of e-voting system, and then stating that it's harder on the on-paper vote is not a fair standpoint. There're dozens of ways too to rig a vote using a paper that harder or totally impossible to do it with e-voting.

    Reply
  72. InfiniteAce Gaming Post author

    “What’s Black and White and Red all over”
    “A Raccoon in a Blender”
    Tom proceeds to drop Two Drums and A Cymbal off a Cliff… this is how I found this channel lmfao 😂😂👌

    Reply
  73. Iresh Dissanayaka Post author

    Objection: How can we trust Dashlane? If it doesn't send passwords to the server (which is possible using public key encryption), how do we trust the client software running that it doesn't send out our private key? In other words, even if we trusted the central server how can we trust the interface between us and the server? Even if we trust the client application, how can ensure that it is not vulnerable to attacks?

    Doesn't having one master password reduce the complexity of having multiple passwords (reducing the number of possible combinations)?

    Reply
  74. Derrick Post author

    I think the anonymity is worth sacrificing a bit in order to obtain electronic voting. If you were to vote on the internet, and given a confirmation number that you could go to the website and verify your vote is still the correct choice, it would be difficult for any attacks to change votes large scale without being caught. Making more stringent laws to combat bribery and coercion would combat the small loss in in anonymity.

    Reply
  75. 中原マリ Post author

    Paper voting is fundamentally bad for democracy. The immense costs and effort involved means that there can only realistically be a few votes per year. How can a nation claim to be democracy when the public's opinion is only consulted for only one decision over thousands?

    Reply
  76. Tristen Roddenberry Post author

    I kinda wanna program a totally anonymous thing like that

    Reply
  77. Markusi Post author

    Should I wear gloves when I vote ?; my FBI agent probably has plenty examples of my fingerprints through unlocking my phone.

    Reply
  78. Syed Zohaib Ahmed Post author

    I think block chain is the solution to this problem. It has public awareness, it can be open source, and it is decentralized.

    Reply
  79. Sharp Shark Post author

    Blockchain and Open-source could help combat errors in the whole process. Not that's it's impossible but those are 2 medium difficulty (as I'd call it) changes that would significantly help.

    Reply
  80. Free Thinker Post author

    What about block chain using identity codes similar to national insurance numbers? So anyone can check their own voter code to make sure their vote was correctly cast, but no one can tell who is who?

    Reply
  81. TheSuitMan Post author

    Summary: We need to include compuer science as an integral part of our education systems for these things to be remotely feasible.

    Reply
  82. Shreyansh Singh Post author

    In India which is worlds biggest democracy we use Electronic Voting Machine.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *