[Off-topic; sorry. It's important to remind people of this issue, but I
won't follow up any further.]
This sort of security, no matter how well done, doesn't address one of
the very important but often forgotten features of voting in person at a
polling place: it makes it very difficult to buy or extort votes, since
there's no way to reliably confirm how someone actually voted. With
online (or by mail, etc) voting there's nothing to prevent someone from
watching while a vote is cast.
Dave
On Mon, 14 Nov 2016, Alan Corey wrote:
This sounds like heel-dragging to me, or they're trying to do it under
Windows or something:
https://www.washingtonpost.com/news/post-nation/wp/2016/05/17/more-than-30-states-offer-online-voting-but-experts-warn-it-isnt-secure/
It seems simple to me, you use firewalls and only make the results
writeable by the process that should be writing to it, probably
nothing needs to have read access in the short term. As far as
security after the election, mount the servers in a Brinks truck or
something, it just sounds like a ludicrous excuse.
Something like: for each election the town government mails you a
random number that's your key to vote that election. You go to a
website and put in your town, name, SSN, and the key. If somebody
steals the mail they won't have your SSN. If Russian hackers or
whoever tries to impersonate you online they won't have the key. It's
bringing those 2 pieces of information plus your name and town
together that makes it secure. Just guessing. Did I overlook anything?
--
Dave Anderson
<d...@daveanderson.com>
