CDR: Re: [ca-firearms] voting
petro
petro at bounty.org
Wed Nov 15 22:41:01 PST 2000
>> From: petro <petro at bounty.org>
>>
>> It would be fairly simple to eliminate *most* of the current
>> voter fraud schemes, and fairly inexpensive.
>
>Please provide details of this simple technique for
>eliminating voter fraud. I've always found utopian
>fantasies intriguing.
"Reading Comprehension Counts".
Please re-read the sentence you quoted.
I do not claim that it would be fairly simple to eliminate
*all* voter fraud, simply to eliminate *most* of the current schemes,
and at only a fairly small increase over what is now spent.
Heck, in the long run it might even save money.
>
>(In formulating your prospectus, please keep in mind
>and provide detailed specifications for dealing with the
>old bugaboo identified by our old pal Juvenal: "Sed
>quis custodiet ipsos Custodes? [Who will guard the
>guards themselves?]"
Statistics.
Keep in mind that I haven't spent days or weeks working on
this, and I am sure that this will open up *new* methods of fraud,
but I don't claim to be able to prevent that.
As in many security protocols, the goal is simply to make it
more "expensive" to cheat the system than it is to go along with it,
so the first step is to make registration require a little more
effort.
All rolls are purged after every general election. This way
you need to re-register after every election.
All registrations *must* be done in person, with the
exception of those not *physically* present in the state for more
than 5 consecutive business days during the registration period. For
those people, they may request an "absentee registration request
card", which they fill out, have notarized (the notary is simply
notarizing that the card is filled out, not that the person filling
out the card did so accurately).
If constitutional (and I assume this is questionable) and
feasible (this part I haven't worked out yet) one must show "proof of
citizenship". It's tough, because we don't yet have "papers", and I
don't really advocate mandating "papers". In fact I strongly disagree
with papers.
One suggestion I've heard is to require the presentation of
some sort of proof of paying income tax, or at least filing for
income tax, on the theory that anyone who pays into the system ought
to have a say in it. I don't necessarily disagree with that.
At the time of registration a "registration card" is handed
to the individual. They are informed (in writing) that in order to
vote they *must* present this card. This card contains a mag strip
with a unique number (that is not linked to the individual), and a
bar code that is the encrypted version of that number done with a the
public half of a key (to prevent forgery). That key changes from
election to election.
The registrant must also sign for the card, and print their
name. This is not to be tied to the number on the card, but just to
account for every card.
Each polling place has a swipe card reader and a bar-code
scanner. These are used to check that each card is "proper" by
checking that the number on the back is encrypted with the proper
key. (this way the private key isn't released until *very* shortly
before the election).
At the polling place, the "voting machines" are changed so
that when you punch a whole, it records vote electronically, as well
as providing a swipe card reader. When you are finished voting, it
prints the ballot with your choices for each office in an OCR font,
and a bar code with a hash of votes at the bottom (using a different
large random number). The machine then wipes everything *but* the
hash, and this new number. (this completely disconnects the voter
from the ballot).
The voter then visually examines the ballot to make sure it is correct.
If they are happy with it (well, that it's correct anyway)
and then presses a "I'm done" button. This checks in the voter number
and the hash, and the new random number, (stores it either on board,
or on a machine on a "lan" (wire the polling place) the machine on
the lan can be made fairly fault tolerant) (the voter number is to
check for "double spending", the hash is a checksum for validation,
the random number is for later verification). The "I'm done" also
prints out a second card identical to the first. One is for the
individual, should they wish to keep it, to later validate that their
vote was counted properly. The other (since they are identical) goes
into a sleeve (to prevent prying eyes) and into the ballot box.
If they are not happy with it, they push the "do over"
button, and start back from the top. Repeat as necessary until
satisfied.
After the polls have closed, the ballots and the vote counter
(the machine storing the hashes and numbers) are taken to the
collection point, where the hashes & random numbers are uploaded (at
this point I think the voter number will no longer be needed), and
the as each ballot is counted, it is marked off against the hash it
matches. Then this list is made public (the list of hashes and random
numbers). Each voter can then (if they care to) check their random
number (either on line, or in a trip down to the local polling place).
There would also be a reduced number of "ruined" ballots,
since each ballot is human readable, and printed twice if one side
gets screwed up, the other should still be useful. If that fails,
then a human *should* be able to read as much of it as possible.
Failing that, it simply gets listed as "unreadable", and if they
voter checks, they can come down with their original ballot and
present it for the count.
Absentee ballots would be slightly problematic in this, but
much of this could be done using a simple PC/Macintosh program, so
Military bases could easily accommodate their soldiers & sailors.
(Well, the marines and the flyboys as well).
I would also provide a 96 hour period for counts to take
place, as well as for people to be able to challenge the vote--if
they can show that their vote wasn't properly counted (provable by
presentation of a ballot) then things are rechecked.
Since the ballots are now printed with an OCR font AND a bar
code, they can still be machine read *AS WELL AS* easily verified by
hand. The voting process remains (absent the registration process)
almost identical to the current one. There is no use of cryptographic
protocols to *protect* the voting, only to check for fraud and
provide strong accounting.
I believe that this would make fraud *much* harder to get
away with, and eliminate much of what I have seen and heard about in
the way of fraud--the "stiff wire" used to create invalid ballots,
the dumping of large numbers of ballots in the trash, the "lost"
ballot boxes, etc.
It also makes things like voting the dead harder--since each
card has to be signed for each election.
Maybe there are things I've missed, and maybe this wouldn't
be as cheap as I believe it to be, but I belive it would be a damn
sight more secure than we have today.
--
"To be governed is to be watched, inspected, spied upon, directed
law-driven, numbered, regulated, enrolled, indoctrinated, preached
at, controlled, checked, estimated, valued, censured, commanded, by
creatures who have neither the right nor the wisdom nor the virtue to
do so. To be governed is to be at every operation, at every
transaction, noted, registered, counted, taxed, stamped, measured,
numbered, assessed, licensed, authorized, admonished, prevented,
forbidden, reformed, corrected, punished."--Pierre Proudhon
More information about the Testlist
mailing list