> It seems clear that the system is primarily oriented towards preventing
> fraud by election officials and those involved in setting up the
> electronic voting. Historically, this is the greater danger in
> election fraud. Stuffing the ballot box is much easier if you are
> the one in charge of delivering the ballots or counting the ballots.
> If you actually have to get a bunch of people to try to vote under false
> names it is a huge undertaking and unlikely to be kept secret. Fraud by
> corrupting officials is much more cost effective and hence more dangerous.
Indeed, but I don't see how this scheme offers any defense against ballot box
stuffing. The election officials know the VERN and whatever "private" info
the voters are supposed to provide for validation purposes, so it seems to me
that it'd be no trouble at all to whip up a few thousand forged e-mails with
exactly the right voter info, much easier than scribbling fake signatures
into a book.
To make a system like this forgery resistant, you need to collect some sort
of token with each vote that's known to the voter but not known to the
officials, so in case of doubt about authenticity you can go back to the
voter and validate the token. In a world with widely deployed crypto, that
would mean public key signatures, but lacking that, a question like "what
color shirt are you wearing today?" might do.
Having said all this, I realize that there's a tradeoff between security and
usability. Anyone who owns stock in a publicly traded company has probably
gotten a proxy form that refers to ADP's proxyvote.com. To vote there, you
need only enter a 12 digit number found on the proxy form, or punch it into
your phone if voting via their 800 number. That's pretty weak security, but
it seems adequate for the purpose, since most corporate elections are
uncontested or close to it. I have no idea if they use something more secure
when they have an actively contested proxy battle.
Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
