git://git.nikiroo.be / gofetch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add title in index pages, add reference in story
[gofetch.git] / test / expected / SLASHDOT / 0102640864
CommitLineData
299a08f3
NR		 1 BLOCKCHAINS ARE NOT SAFE FOR VOTING, CONCLUDES NAP REPORT \r
2 (NYTIMES.COM) \r
3\r
4 Thursday September 06, 2018 @11:30PM (BeauHD)\r
5 from the ensuring-the-integrity-of-elections dept.\r
6\r
c715ea02 7 o Reference: 0102640864\r
299a08f3
NR		 8 o News link: https://politics.slashdot.org/story/18/09/06/2137245/blockchains-are-not-safe-for-voting-concludes-nap-report\r
9 o Source link: https://www.nytimes.com/aponline/2018/09/06/technology/ap-us-tec-election-security-reform-report.html\r
10\r
11\r
12 The National Academies Press has released a 156-page report,\r
13 called "Securing the Vote: Protecting American Democracy,"\r
14 concluding that blockchains are not safe for the U.S. election\r
15 system. "While the notion of using a blockchain as an\r
16 immutable ballot box may seem promising, blockchain technology\r
17 does little to solve the fundamental security issues of\r
18 elections, and indeed, blockchains introduce additional\r
19 security vulnerabilities," the report states. "In particular,\r
20 if malware on a voter's device alters a vote before it ever\r
21 reaches a blockchain, the immutability of the blockchain fails\r
22 to provide the desired integrity, and the voter may never know\r
23 of the alteration." The report goes on to say that\r
24 "Blockchains do not provide the anonymity often ascribed to\r
25 them." It continues: "In the particular context of elections,\r
26 voters need to be authorized as eligible to vote and as not\r
27 having cast more than one ballot in the particular election.\r
28 Blockchains do not offer means for providing the necessary\r
29 authorization. [...] If a blockchain is used, then cast\r
30 ballots must be encrypted or otherwise anonymized to prevent\r
31 coercion and vote-selling." The New York Times summarizes the\r
32 findings: The cautiously worded report calls for conducting\r
33 all federal, state and local elections on paper ballots by\r
34 2020. Its other top recommendation would require nationwide\r
35 use of a specific form of routine postelection audit to ensure\r
36 votes have been accurately counted. The panel did not offer a\r
37 price tag for its recommended overhaul. New York University's\r
38 Brennan Center has estimated that replacing aging voting\r
39 machines over the next few years could cost well over $1\r
40 billion. The 156-page report [...] bemoans a rickety system\r
41 compromised by insecure voting equipment and software whose\r
42 vulnerabilities were exposed more than a decade ago and which\r
43 are too often managed by officials with little training in\r
44 cybersecurity. Among its specific recommendations was a\r
45 mainstay of election reformers: All elections should use\r
46 human-readable paper ballots by 2020. Such systems are\r
47 intended to assure voters that their vote was recorded\r
48 accurately. They also create a lasting record of "voter\r
49 intent" that can be used for reliable recounts, which may not\r
50 be possible in systems that record votes electronically. [...]\r
51 The panel also calls for all states to adopt a type of\r
52 post-election audit that employs statistical analysis of\r
53 ballots prior to results certification. Such "risk-limiting"\r
54 audits are designed to uncover miscounts and vote tampering.\r
55 Currently only three states mandate them.\r
56\r
57\r
58 ** \r
59\r
60 ** Re:All security = an implementation. (Score:5, Insightful)\r
61 (by PopeRatzo ( 965947 ))\r
62\r
63 \r
64 > To say blockchain is inherently unsafe is like saying\r
65 > software is inherently unsafe\r
66 Oh, you are so close to a breakthrough.\r
67 When it comes to voting, blockchain, like software, IS\r
68 inherently unsafe. If the main goal for voting security is\r
69 maintaining the people's confidence in an election, the only\r
70 system that will meet that standard is a system where people\r
71 are actually keeping an eye on one another. And I mean\r
72 physically watching one another. And that's the system we had\r
73 in place before the advent of voting machines and election\r
74 software. You had a room full of election judges from both\r
75 sides, and they sat side-by-side checking in voters as they\r
76 approached the voting booth and physically watched them put\r
77 the ballot in the box. When the votes were counted, there was\r
78 a whole bunch of people from both parties standing around\r
79 keeping a close eye. When the ballots were sent for storage,\r
80 one person from each party rode in the truck to drop them off\r
81 after sealing the container - together - and signing off.\r
82 It was trust, but verify. Was it possible to jigger with an\r
83 election like that? Of course. But you had a list of names of\r
84 people you could hold accountable at every step in the\r
85 process. Electronic voting will never, ever be trusted. That\r
86 is the effect of transparency.\r
87\r
88 ** \r
89\r
90 ** Re: (Score:1, Insightful)\r
91 (by Anonymous Coward)\r
92\r
93 \r
94 > " If the main goal for voting security is maintaining\r
95 > the people's confidence in an election " - Well I don't\r
96 > agree with that starting point definition. I think\r
97 > security = security, not theater of.\r
98 Then you're bad at security. Security is theater.\r
99 There is no impregnable system. Security can only\r
100 increase the difficulty of entering a system, it cannot\r
101 stop a determined opponent. Is a CCTV system going to\r
102 stop someone from breaking into your store? No, but it\r
103 will make the person think twice about it, because they\r
104 are likely to be recorded, found, and caught. Is the\r
105 TSA likely to stop all bad guys from getting on planes?\r
106 No, but it alters how much they must prepare to get on\r
107 board the plane so hop\r
108\r
109 ** Re: (Score:2)\r
110 (by Ocker3 ( 1232550 ))\r
111\r
112 \r
113 Sadly, the TSA haven't shown themselves to be any\r
114 good at their job, repeatedly. It's hard to get good\r
115 help when the work is shite, the 'customers' range\r
116 from sullen to hating you, and the pay is peanuts.\r
117\r
118\r
119\r
120\r
121 ** Transparency is the key (Score:1)\r
122 (by victor_alarcon ( 5520418 ))\r
123\r
124 \r
125 I thought that was the main selling point. Yes, I'm sure\r
126 someone can come up with some anonymity scheme but\r
127 transparency should be top priority. Apologies if the\r
128 point is too naive.\r
129\r
130\r
131 ** Re: (Score:1)\r
132 (by Anonymous Coward)\r
133\r
134 \r
135 Paper votes aren't any better, just look at Russia's vote\r
136 stuffing. Literately. Someone comes up to the booth and\r
137 stuffs fake/coerced votes into the box.\r
138 Now the way most US, Canadian, and UK elections are run,\r
139 the paper vote is a two-step process.\r
140 A) You go to a scrutineer to check your name off a PAPER\r
141 list, they hand you a ballot with no identifying\r
142 information on it\r
143 B) You mark an X on the ballot, fold it in half or stick\r
144 it in a privacy envelope and then stick it in a cardboard\r
145 box with a hole on top.\r
146 Now\r
147\r
148 ** Re: (Score:2)\r
149 (by PopeRatzo ( 965947 ))\r
150\r
151 \r
152 > Paper votes aren't any better, just look at Russia's\r
153 > vote stuffing. Literately. Someone comes up to the\r
154 > booth and stuffs fake/coerced votes into the box.\r
155 That's right, because Russia doesn't have the same\r
156 safeguards built into their elections that we have. You\r
157 don't have election judges from both sides watching\r
158 every vote from the time it's cast to the time it's\r
159 counted to the time it's sent for storage. In the US,\r
160 there have to be two election judges on hand when\r
161 absentee ballots are opened.\r
162 People can sti\r
163\r
164\r
165\r
166 ** Re: (Score:2)\r
167 (by Ocker3 ( 1232550 ))\r
168\r
169 \r
170 I'd invite you to visit us in Australia, where we have the\r
171 Australian Electoral Commission (AEC), a non-partisan (not\r
172 bi-partisan) body of people who are collectively\r
173 considered the Platinum Standard of running elections\r
174 around the world. We actually send people to the USA to\r
175 train election staff. We don't have party reps in the\r
176 voting area until the polls close, then the parties can\r
177 send in scrutineers who check that the paper ballots are\r
178 being counted as per the regulations (when I did this I\r
179 actually not\r
180\r
181 ** Re: (Score:2)\r
182 (by PopeRatzo ( 965947 ))\r
183\r
184 \r
185 > I'd invite you to visit us in Australia,\r
186 I've spent a fair amount of time in Australia. Yes,\r
187 I've heard you guys do a good job with elections, but\r
188 I'm not coming back until you get rid of those spiders\r
189 that jump up and bite you on the eye. Oh, and drop\r
190 bears and yowgwai. I don't need that kind of stress,\r
191 thanks.\r
192\r
193\r
194\r
195\r
196 ** Re: (Score:2)\r
197 (by shellster_dude ( 1261444 ))\r
198\r
199 \r
200 Blockchains are obviously a terrible solution to election\r
201 fraud. The only thing that prevents blockchain tampering is a\r
202 ton of neutral third party machines checking the transactions\r
203 (typically miners). We've already seen that this is a\r
204 non-trivial problem when there is plenty of incentive for\r
205 random people to fulfill that role (mining of crypto\r
206 currency). National elections have very little incentive for\r
207 people to invest thousands in hardware and electricity, and a\r
208 ton of incentive for nation states like\r
209\r
210\r
211 ** Oh the irony (Score:4, Insightful)\r
212 (by the_skywise ( 189793 ))\r
213\r
214 \r
215 > All elections should use human-readable paper ballots by 2020.\r
216 > Such systems are intended to assure voters that their vote was\r
217 > recorded accurately. They also create a lasting record of "voter\r
218 > intent" that can be used for reliable recounts,\r
219 Now I agree with this and am happy to move back to paper ballots\r
220 - But the entire reason we moved away from paper ballots was\r
221 because of the 2000 elections where Florida used punch cards and\r
222 political officers kept trying to argue over "partial punches",\r
223 "dimpled chads" and "dangling chads" where they tried to\r
224 reassess what the voter's INTENT was.\r
225 And, of course, let's not forget magical disappearing and\r
226 appearing boxes of ballots.\r
227 Any system can be hacked but the electronic one is harder to\r
228 track hacking than the good ol' traditional methods with paper\r
229 ballots.\r
230\r
231 ** Re: (Score:3)\r
232 (by Dare nMc ( 468959 ))\r
233\r
234 \r
235 Their have been academic papers proposing electronic system\r
236 that would be safe, where you could verify that your vote was\r
237 counted (IE received at the server.)\r
238 In theory with open software, hardware, and multiple servers\r
239 (again all open source) we could have a very robust\r
240 electronic voting system. This would require a large project\r
241 likely done with universities, and it may even be similar to\r
242 some bitcoin concepts.\r
243 The technology side is very solvable, getting the project\r
244 started, past the politics, and accept\r
245\r
246\r
247 ** Key statement (Score:2, Insightful)\r
248 (by Anonymous Coward)\r
249\r
250 \r
251 They key statement in the finding that most technology solutions\r
252 fail to solve is this:\r
253 "Such systems are intended to *assure* voters that their vote\r
254 was recorded accurately."\r
255 In the end, paper ballots may seem inefficient from a processing\r
256 perspective, but that inefficiency becomes inherently difficult\r
257 to tamper with and builds in systems for checks and recounts.\r
258 The argument here is that blockchain is vulnerable before the\r
259 data is stored in the blockchain, at the UI and the machine\r
260 level, and blockchain th\r
261\r
262 ** Re: (Score:2)\r
263 (by presidenteloco ( 659168 ))\r
264\r
265 \r
266 Blanket arguments against computer algorithms for secure\r
267 voting (or secure anything) are illogical, emotional, and\r
268 flawed.\r
269 People argue to the effect: Because many programs have been\r
270 found to have a security flaw in either A) the algorithm\r
271 mathematics and logical assumptions, or in B) the\r
272 implementation, therefore ALL programs must have some flaw in\r
273 A) or B) therefore there is no such thing is a secure\r
274 computer program. That is just bullshit. It's incorrect,\r
275 unsupported generalization from specific examples.\r
276\r
277 ** Re: (Score:2)\r
278 (by presidenteloco ( 659168 ))\r
279\r
280 \r
281 Ok, there's a stupid bug in slashdot apparently, not\r
282 including my less-than sign.\r
283 There. One bug.\r
284 What's up with that. Let me try again. Hmm. There was a\r
285 less-than in there just to the left of this sentence.\r
286 That's lame on slashdot software's part.\r
287 So you proved that ALL programs have bugs?\r
288 Didn't think so.\r
289\r
290\r
291\r
292 ** Paper ballots are by far the most secure solution (Score:4,\r
293 Insightful)\r
294 (by Seven Spirals ( 4924941 ))\r
295\r
296 \r
297 Gimme a break. Use paper. Computers will be better tools for\r
298 tabulating and processing the votes after they are cast, but\r
299 it's tough to beat paper for a recount. Even paper has it's\r
300 flaws, but the hand waving crypto-bullshit is pathetic "Oh but\r
301 this counter signature will detect if the previous\r
302 initialization vector was properly zeroed inside of the S-Box"\r
303 *rolls eyes*. KISS baby. Things don't get more secure by making\r
304 them more complex and I can't think of any way to make something\r
305 more complex than to introduce computers. Computers are great at\r
306 some things, ideal for some tasks: not for voting. They suck at\r
307 that.\r
308\r
309 ** paper ballots (Score:1)\r
310 (by Anonymous Coward)\r
311\r
312 \r
313 The only way you can have some measure of accountability while\r
314 keeping votes anonymous.\r
315\r
316 ** Or, for heaven's sake, you can just use paper (Score:3)\r
317 (by mark-t ( 151149 ))\r
318\r
319 \r
320 Make a simple mark on a paper ballot indicating your vote, fold\r
321 it, put it in a box.\r
322 done\r
323 Now theoretically you could bribe people who do the counting,\r
324 but you'd have to bribe a *LOT* of people to make any kind of\r
325 difference because each individual ballot box with the folded\r
326 ballots contains but a tiny fraction of the number of votes, and\r
327 nobody ever counts the ballots from more than one or sometimes\r
328 two different boxes.\r
329\r
330 ** the real story (Score:2)\r
331 (by slashmydots ( 2189826 ))\r
332\r
333 \r
334 Blockchains are perfect, right? WRONG. And also right. They are\r
335 mathmatically flawless BUT if you outprocess the rest of the\r
336 network, you can finalize a block with whatever the hell you\r
337 want in it. You can form a block that says you own all bitcoins,\r
338 all transactions put them in your wallet, and you're also the\r
339 queen of England. The reason this "51% attack" doesn't happen it\r
340 because that amount of processing power doesn't exist. That many\r
341 ASICs don't exist on Earth. But let's set up a separate\r
342 blockchain an\r
343\r
344 ** Re: (Score:2)\r
345 (by Kaenneth ( 82978 ))\r
346\r
347 \r
348 Even with a 51% attack, the Bitcoin blockchain is filled with\r
349 digital signatures; noone but your own nodes would accept the\r
350 blocks, and you would only be 'fooling' yourself.\r
351 Electronic voting could only work if every citizen had their\r
352 own private, secure, digital signature key. Which can't\r
353 happen in the US because poor people can't afford them, and a\r
354 certain party would never give anything for free, while the\r
355 other would protect the poor.\r
356\r
357\r
358 ** \r
359\r
360 ** Re: (Score:2)\r
361 (by jwymanm ( 627857 ))\r
362\r
363 \r
364 This was the dumbest comment in the article. Obviously\r
365 software methods exist to verify after the fact that what you\r
366 saved is what you expected.\r
367\r
368\r
369 ** It's not how the vote was recorded... (Score:2)\r
370 (by LynnwoodRooster ( 966895 ))\r
371\r
372 \r
373 > The report goes on to say that "Blockchains do not provide the\r
374 > anonymity often ascribed to them." It continues: "In the\r
375 > particular context of elections, voters need to be authorized as\r
376 > eligible to vote and as not having cast more than one ballot in\r
377 > the particular election.\r
378 It's who casts the vote. Before we even worry about Blockchain,\r
379 we need to ensure people casting the ballots are legally\r
380 eligible to vote. Guaranteeing a vote was cast is no more\r
381 important than guaranteeing who cast the vote was eligible to\r
382 actually cast that vote.\r
383\r
384 ** Paper ballots (Score:2)\r
385 (by burtosis ( 1124179 ))\r
386\r
387 \r
388 Let me start out saying 100% electronic voting is going to be a\r
389 disaster, triply so when done remotely and not at a secure\r
390 voting machine. But what most people don't realize is we\r
391 currently use unencrypted images of paper ballots in many states\r
392 as backups. These are very insecure. Why not use paper ballots\r
393 for the primary method, blockchain for the electronic backups?\r
394 This ultimately seems far more secure than what we are doing\r
395 now. We also could use open source machines and have audits at\r
396 each polling\r
397\r
398\r
Gopher news scrapper