librelist archives

« back to archive

Anonymous Secure Internet Voting System - Help requested

Anonymous Secure Internet Voting System - Help requested

From:
Cons Walo
Date:
2012-01-18 @ 02:32
---------- Forwarded message ----------
From: Cons Walo <waylee123@gmail.com>
Date: Wed, Jan 18, 2012 at 10:21 AM
Subject: Anonymous Secure Internet Voting System - Help requested
To: remailer@librelist.com


Hi

First of all thank you for your passion for internet freedom.

I have had the following idea, but am not skilled enough to be able to tell
if it is feasible or just plain stupid. Not sure if you guys are the right
place to seek advice.... but hey, it is worth a try.

The idea is based on my distrust of political systems these days, with
democracy having been thoroughly perverted. The fact that vote counting and
asking questions is not done democratically, in my opinion makes current
voting systems a farce. This is very much evidenced in the proposed SOPA
act in the US, which is a clear example of how democracy has been destroyed
in our age.

Here is the idea in non-technical terms:

Take computers out of it. Imagine you are in a room with 11 people in it.
Everyone is sitting around a in a grid formation. Everyone answers a
question, which is written up on a blackboard. Everyone has 11 bits of
paper, and votes either yes or no on them, marking each bit of paper the
same way. The bits of paper are then randomly passed around, until every
person has one of every other persons vote. Everyone then counts the 11
bits of paper they have, and all call out at the same time what the result
of the vote is, and everyone calls out the same result at the same time.

When you put computers into it again, the room is the world, the 11 people
is whatever number you desire (from 1 to infinity) and the bits of paper
are simple computer code. The grid formation the 11 people in room sat in
and the action of passing the notes without knowing who's not is from whom,
is performed by the internet. The counting and the shouting of the result
at the same time happens via calculations.

Or thinking technically(ish):

v0t3r

*"An internet communication protocol which allows free, anonymous, secure
and verifiable polling to be conducted by anyone via a network of computers"
*

*Step 1:*


   - Person downloads a free open source v0t3r client program variant from
   a software download site.
   - Person installs v0t3r client variant on PC
   - Person is then forced to complete tasks to activate client. (Tasks not
   able to be performed by script or bot and require obvious sustained human
   interaction)
   - v0t3r client is then active and v0t3r "registration" complete. (The
   Client is assigned a dummy ID of code based on a random algorithm to
   identify it as a unique voter)
   - v0t3r client enables person to add code to existing internet
   communication channel to pose question to be polled.
   - v0t3r client enables person to vote on questions posed by other v0t3r
   network participants whilst browsing.
   - v0t3r client enables person to participate in vote count and share +
   verify + report results of local vote counting with other v0t3r network
   participants.

*Step 2:*


   - v0t3r network participant posts question (VPN-Q) on web forum post:
   "Should we allow the unlimited printing of money?" - Yes/No
   - VNP-Q highlights text in post, and enbeds a v0t3r question code:
   Q2233287666782837736.v0t link (which opens the "question torrent" in the
   v0t3r client for people who click the question in the website post)
   - The question code is automatically submitted to the v0t3r client of
   the person asking the question as a "question torrent".
   - A Question Torrent is a container for votes and results. (QT)

*Step 3:*


   - A person with a v0t3r client installed comes across the question in
   the post by VNP-Q and clicks on the hyperlink (Q2233287666782837736.v0t).
   - The link then saves the QT on in the v0t3r client of the person
   answering the question (VPN-V) and the voter clicks "no" as the desired
   option generating a unique vote code: Q2233287666782837736.V0.v0t
   - The v0t3r client then generates a unique code based on a random
   algorithm using the question number and the unique registration id of the
   v0t3r client installed by VPN-V:
   Q2233287666782837736.V0.4a4d5fsad4sd5sdDd4s4WEDFS5.v0t
   - v0t3r client then sends vote via masked IP via v0t3r network
   participants who relay it until it reaches others who have "seeded" the
   Q2233287666782837736.v0t question torrent.
   - It is not possible to tell if the vote was generated by the VNP which
   sent the vote via the v0t3r network, or if it is merely being passed on by
   that VNP.

*Step 4:*


   - When Q2233287666782837736.V0.4a4d5fsad4sd5sdDd4s4WEDFS5.v0t is
   received by another v0t3r client which has seeded the QT, it is added to
   the Q2233287666782837736.v0t container and saved as an official vote.
   - This repeats as more VNP's vote on the question, building the
   Q2233287666782837736.v0t container:

Q2233287666782837736.v0t
Q2233287666782837736.V0.

4a4d5fsad4sdfbdfsbdDd4s4WEDFS5.v0t
Q2233287666782837736.V0.4a4d5fsacvxcvdsf5sdDd4s4WEDFS5.v0t
Q2233287666782837736.V1.4a4d5fsad4sdvsvsDd4s4WEcsfDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4sds5sdDdsgsbvdxWEDFS5.v0t
Q2233287666782837736.V1.4a4d5fsad4ssdbdefbdfgbs4WEDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4sd5sdDdds4s4WEDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4ssd5sdsDd4s4WEDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4ssd5sdDd4s4WEDFS5.v0t
Q2233287666782837736.V1.4a4d5fsad4ssd5sddDd4sdfsDFS5.v0t
Q2233287666782837736.V1.4a4d5fsad4sssd5sdsDddfvbbWEDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4sd5sdDsddsdfbxcdDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4dssd5ssdDd4s4WEsdDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4sfdds5sssdDd4s4WddsFS5.v0t
Q2233287666782837736.V0.4a4d5fsadfd4sd5ssdDd4s4WEDFS5.v0t
Q2233287666782837736.V0.4a4d5fsad4sd5sdDd4s4WEDFS5.v0t


   - ie: 11 people voted "no" and 4 people voted "yes"
   - All 14 people who voted should have the same contents in their
   Q2233287666782837736.v0t file when voting concludes.

*Step 5:*


   - v0t3r client which receives a vote who is also seeding the
   Q2233287666782837736.v0t QT also sends out answer verification (A%) file at
   regular intervals:
   Q2233287666782837736.A%1.4.0.11.DFDD4546DBBBBBTF654FD.vot (Where random
   code is added based on algorithm including question number, unique v0t3r
   client ID of person and answer statistics)
   - This is then relayed like a vote by the v0t3r network, until it
   reaches another client seeding/hosting the QT.
   - There the received A% File is compared with the local A% file, and if
   it matches, the v0t3r client records it in displayed statistics of the QT.

*Step 6:*


   - The answer file is able to be displayed live on the internet
   communication channel it was first posted on (or any other), or viewed via
   the client locally.


If anyone can respond to me with their opinion I would greatly appreciate
it! Oh, and if anyone wants to try and build it, I consider the idea to be
completely open source and to be owned by nobody and everybody at the same
time :)


Again, sorry if this is too silly and a waste of time, however I really
need to get the opinion of people who have a clue. If its not you guys,
maybe you know of others that are working on similar projects?


Kindest Regards


Cons in Perth Western Australia

Re: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Michael Rogers
Date:
2012-01-18 @ 10:35
Hi Cons,

Your proposal's interesting but I have a few concerns.

1. I can't see a way to limit voting to eligible voters (eg the people
who live in a certain town).

2. "Tasks not able to be performed by script or bot" is a moving target.
How can you be sure, on any given day, that bots can't vote?

3. Any task that can be completed by humans but not bots can be
completed by humans working in a sweatshop. Someone might set up a voter
registration sweatshop.

4. What happens to the protocol if someone sends different votes to
different peers, rather than the same vote to everyone?

5. Why should people who can't understand source code trust the voting
software to report their real votes?

6. Why should people who can understand source code trust that the
binary matches the source code?

7. Without private polling booths, how do the participants know that
nobody was coerced?

Best regards,
Michael

On 18/01/12 02:32, Cons Walo wrote:
> 
> 
> ---------- Forwarded message ----------
> From: *Cons Walo* <waylee123@gmail.com <mailto:waylee123@gmail.com>>
> Date: Wed, Jan 18, 2012 at 10:21 AM
> Subject: Anonymous Secure Internet Voting System - Help requested
> To: remailer@librelist.com <mailto:remailer@librelist.com>
> 
> 
> Hi
> 
> First of all thank you for your passion for internet freedom.
> 
> I have had the following idea, but am not skilled enough to be able to
> tell if it is feasible or just plain stupid. Not sure if you guys are
> the right place to seek advice.... but hey, it is worth a try.
> 
> The idea is based on my distrust of political systems these days, with
> democracy having been thoroughly perverted. The fact that vote counting
> and asking questions is not done democratically, in my opinion makes
> current voting systems a farce. This is very much evidenced in the
> proposed SOPA act in the US, which is a clear example of how democracy
> has been destroyed in our age.
> 
> Here is the idea in non-technical terms:
> 
> Take computers out of it. Imagine you are in a room with 11 people in
> it. Everyone is sitting around a in a grid formation. Everyone answers a
> question, which is written up on a blackboard. Everyone has 11 bits of
> paper, and votes either yes or no on them, marking each bit of paper the
> same way. The bits of paper are then randomly passed around, until every
> person has one of every other persons vote. Everyone then counts the 11
> bits of paper they have, and all call out at the same time what the
> result of the vote is, and everyone calls out the same result at the
> same time.
> 
> When you put computers into it again, the room is the world, the 11
> people is whatever number you desire (from 1 to infinity) and the bits
> of paper are simple computer code. The grid formation the 11 people in
> room sat in and the action of passing the notes without knowing who's
> not is from whom, is performed by the internet. The counting and the
> shouting of the result at the same time happens via calculations.
> 
> Or thinking technically(ish):
> 
> v0t3r
> 
> *"An internet communication protocol which allows free, anonymous,
> secure and verifiable polling to be conducted by anyone via a network of
> computers"*
> 
> *Step 1:*
> 
>     * Person downloads a free open source v0t3r client program variant
>       from a software download site.
>     * Person installs v0t3r client variant on PC
>     * Person is then forced to complete tasks to activate client. (Tasks
>       not able to be performed by script or bot and require obvious
>       sustained human interaction)
>     * v0t3r client is then active and v0t3r "registration" complete.
>       (The Client is assigned a dummy ID of code based on a random
>       algorithm to identify it as a unique voter)
>     * v0t3r client enables person to add code to existing internet
>       communication channel to pose question to be polled.
>     * v0t3r client enables person to vote on questions posed by other
>       v0t3r network participants whilst browsing.
>     * v0t3r client enables person to participate in vote count and share
>       + verify + report results of local vote counting with other v0t3r
>       network participants.
> 
> *Step 2:*
> 
>     * v0t3r network participant posts question (VPN-Q) on web forum
>       post: "Should we allow the unlimited printing of money?" - Yes/No
>     * VNP-Q highlights text in post, and enbeds a v0t3r question code:
>       Q2233287666782837736.v0t link (which opens the "question torrent"
>       in the v0t3r client for people who click the question in the
>       website post)
>     * The question code is automatically submitted to the v0t3r client
>       of the person asking the question as a "question torrent".
>     * A Question Torrent is a container for votes and results. (QT)
> 
> *Step 3:*
> 
>     * A person with a v0t3r client installed comes across the question
>       in the post by VNP-Q and clicks on the hyperlink
>       (Q2233287666782837736.v0t).
>     * The link then saves the QT on in the v0t3r client of the person
>       answering the question (VPN-V) and the voter clicks "no" as the
>       desired option generating a unique vote code:
>       Q2233287666782837736.V0.v0t
>     * The v0t3r client then generates a unique code based on a random
>       algorithm using the question number and the unique registration id
>       of the v0t3r client installed by VPN-V:
>       Q2233287666782837736.V0.4a4d5fsad4sd5sdDd4s4WEDFS5.v0t
>     * v0t3r client then sends vote via masked IP via v0t3r network
>       participants who relay it until it reaches others who have
>       "seeded" the Q2233287666782837736.v0t question torrent.
>     * It is not possible to tell if the vote was generated by the VNP
>       which sent the vote via the v0t3r network, or if it is merely
>       being passed on by that VNP.
> 
> *Step 4:*
> 
>     * When Q2233287666782837736.V0.4a4d5fsad4sd5sdDd4s4WEDFS5.v0t is
>       received by another v0t3r client which has seeded the QT, it is
>       added to the Q2233287666782837736.v0t container and saved as an
>       official vote.
>     * This repeats as more VNP's vote on the question, building the
>       Q2233287666782837736.v0t container:
> 
> Q2233287666782837736.v0t
> Q2233287666782837736.V0.
> 
>     4a4d5fsad4sdfbdfsbdDd4s4WEDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsacvxcvdsf5sdDd4s4WEDFS5.v0t
>     Q2233287666782837736.V1.4a4d5fsad4sdvsvsDd4s4WEcsfDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4sds5sdDdsgsbvdxWEDFS5.v0t
>     Q2233287666782837736.V1.4a4d5fsad4ssdbdefbdfgbs4WEDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4sd5sdDdds4s4WEDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4ssd5sdsDd4s4WEDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4ssd5sdDd4s4WEDFS5.v0t
>     Q2233287666782837736.V1.4a4d5fsad4ssd5sddDd4sdfsDFS5.v0t
>     Q2233287666782837736.V1.4a4d5fsad4sssd5sdsDddfvbbWEDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4sd5sdDsddsdfbxcdDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4dssd5ssdDd4s4WEsdDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4sfdds5sssdDd4s4WddsFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsadfd4sd5ssdDd4s4WEDFS5.v0t
>     Q2233287666782837736.V0.4a4d5fsad4sd5sdDd4s4WEDFS5.v0t
> 
>         * ie: 11 people voted "no" and 4 people voted "yes"
>         * All 14 people who voted should have the same contents in their
>           Q2233287666782837736.v0t file when voting concludes.
> 
>     *Step 5:*
> 
>         * v0t3r client which receives a vote who is also seeding the
>           Q2233287666782837736.v0t QT also sends out answer verification
>           (A%) file at regular intervals:
>           Q2233287666782837736.A%1.4.0.11.DFDD4546DBBBBBTF654FD.vot
>           (Where random code is added based on algorithm including
>           question number, unique v0t3r client ID of person and answer
>           statistics)
>         * This is then relayed like a vote by the v0t3r network, until
>           it reaches another client seeding/hosting the QT.
>         * There the received A% File is compared with the local A% file,
>           and if it matches, the v0t3r client records it in displayed
>           statistics of the QT.
> 
>     *Step 6:*
> 
>         * The answer file is able to be displayed live on the internet
>           communication channel it was first posted on (or any other),
>           or viewed via the client locally.
> 
> 
>     If anyone can respond to me with their opinion I would greatly
>     appreciate it! Oh, and if anyone wants to try and build it, I
>     consider the idea to be completely open source and to be owned by
>     nobody and everybody at the same time :)
> 
> 
>     Again, sorry if this is too silly and a waste of time, however I
>     really need to get the opinion of people who have a clue. If its not
>     you guys, maybe you know of others that are working on similar projects?
> 
> 
>     Kindest Regards
> 
> 
>     Cons in Perth Western Australia
> 
> 

Fwd: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Cons Walo
Date:
2012-01-19 @ 08:29
Hi Michael (Reposting so all can see reply)

Thank you very much for your reply and your questions. Some I can answer,
some not.

An important point to make about this idea is that I do not believe it to
be a perfect system, quite frankly, I doubt such a thing exists. What I am
trying to describe is a tool which is able to be used by anyone wanting to
conduct a poll via the internet, rather than a replacement to current
government selection or decision making processes. Think of posting in a
web forum, and being able to post your own question in a thread, and being
able to trust the result as the polling is conducted away from the website.
I guess another way of putting it would be to describe it as a tool which
popularises democracy on the internet.

In summary: Think of this like a social tool like twitter, only that
instead of the functionality being to post, share, follow trends, search
for topics and personal thoughts or information, the functionality of this
tool would be: To post, share, follow trends, search for topics in terms of
polls.

The key is not to take this too seriously at first, but to launch it as
something that is fun/interesting. Then, like twitter, when enough people
become involved, it can evolve into something more. But it needs to be
simple, platform cross-compatible and transparent.

Let me try and answer your questions as best I can:

*1. I can't see a way to limit voting to eligible voters (eg the people
who live in a certain town).*

The idea is this would work like a plugin to a browser, or a feature in a
forum engine or content management system. Much like one can post/embed
code in a post/email/website/tweet, the idea of this system is to provide a
tool which enables anyone to post the "code" of the question on the
internet through various channels. Access to view the question can be
restricted by password, or only be made known to those intended to vote.
This tool could be used for anything from asking "what is your favourite
colour?" to "Do you support SOPA?". On local issues, the tool could be used
to ask residents on a certain street if they want to have a particular tree
cut down, by emailing the question only to those affected. Maybe the
software could allow a feature to "limit" a question to some people, which
is easily recognisable? And then make it optional.


*2. "Tasks not able to be performed by script or bot" is a moving target.
How can you be sure, on any given day, that bots can't vote?*

In short, I would rely on knowing that committing fraud is possible,
whoever very time consuming and annoying to do, thus unlikely. The client
activation process I have in mind would require the person installing a
"v0t3r" client on their PC to go through several steps. The objectives are
to ensure anonymity, whilst reducing the opportunity for fraud. Thus the
registration I have in mind would be twofold: First there would need to be
some function which ensures only one client per PC is able to be installed.
Secondly, the registration process to activate a client would then involve
a series of questions/interactions. For instance, think of the number/word
combo pictures you have to complete when getting a hotmail address. Then
also have some other questions in there, which require logic or parallel
thinking to complete. The registration process would also be designed to
take about 5(?) minutes of sustained interaction to complete, so people are
discouraged from installing and uninstalling constantly to influence votes.
Possibly also require bio-feedback? This system would not make voting twice
impossible, but it would make it very time consuming and annoying/not worth
it. Maybe an added layer to protect against botnets is to require each vote
to be verified by a human interaction?


*3. Any task that can be completed by humans but not bots can be
completed by humans working in a sweatshop. Someone might set up a voter
registration sweatshop.*

I doubt that is possible, it will always be possible to defraud a vote if
enough resources are expended. To set up a sweatshop would require
significant resources, and I guess that would only happen in extreme
situations. This is where just like on facebook you can buy yourself
100,000 friends, you do not really achieve much. Another internet concept
to leverage is that of trending votes. For instance, people involved in a
revolution could post a vote of "the government must leave" which would
trend strongly as "yes". When then a lot of suspicious number of "no" votes
flood in, another question can be posted by another participant in the
revolution. It would turn into a game of cat and mouse.


*4. What happens to the protocol if someone sends different votes to
different peers, rather than the same vote to everyone?*

This is where I will require technical guidance. I do not have the coding
or networking skills to be able to answer this. My guess is it will depend
on how many participants there are in a particular vote, how long the vote
is "open" for, if it is indeed time restricted, and how large the vote
"packet" would be. Then over time, a vote would verify itself with the
latest vote from a person who changed their mind.
*
5. Why should people who can't understand source code trust the voting
software to report their real votes?*

Hopefully because they are the ones counting the vote, and they are
reassured they counted the same result as others. They could also do test
votes in control environments with friends to reassure themselves the
software does what it promises and that the result was not manipulated.

*
6. Why should people who can understand source code trust that the
binary matches the source code?*

This is very much beyond me. Is this where encryption comes into it?
Verification algorithms that change day by day?

*
7. Without private polling booths, how do the participants know that
nobody was coerced?*

Again, much the same answer as the sweatshop question.....


Anyway, thank you so much for your feedback, I would very much appreciate
advice on if this is at all feasible, and if so, if you have any idea about
how to make something like this a reality.

Thanks again

Cons






On Wed, Jan 18, 2012 at 6:35 PM, Michael Rogers <m--@gmx.com> wrote:

> Hi Cons,
>
> Your proposal's interesting but I have a few concerns.
>
> 1. I can't see a way to limit voting to eligible voters (eg the people
> who live in a certain town).
>
> 2. "Tasks not able to be performed by script or bot" is a moving target.
> How can you be sure, on any given day, that bots can't vote?
>
> 3. Any task that can be completed by humans but not bots can be
> completed by humans working in a sweatshop. Someone might set up a voter
> registration sweatshop.
>
> 4. What happens to the protocol if someone sends different votes to
> different peers, rather than the same vote to everyone?
>
> 5. Why should people who can't understand source code trust the voting
> software to report their real votes?
>
> 6. Why should people who can understand source code trust that the
> binary matches the source code?
>
> 7. Without private polling booths, how do the participants know that
> nobody was coerced?
>
> Best regards,
> Michael
>

Re: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Elmar mc.fly Lecher
Date:
2012-01-18 @ 13:27
Am 18.01.2012 03:32, schrieb Cons Walo:
> The idea is based on my distrust of political systems these days, with
> democracy having been thoroughly perverted. The fact that vote counting
> and asking questions is not done democratically, in my opinion makes
> current voting systems a farce. This is very much evidenced in the
> proposed SOPA act in the US, which is a clear example of how democracy
> has been destroyed in our age.

Trust in eletions is critical. The current pen and paper voting system
can be understand by my grandma completely. Every voting system that can
not be understood by everyone being allowed to vote is useless.

(btw more or less the legal situation after a decision of the german
surpreme constitutional court in germany)

Electronic voting is dead and that is really good. get over it.



mc.fly ...

Re: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Riptawr
Date:
2012-01-18 @ 15:12
@mc.fly and paper systems: user understanding of tech involved is not
necessary for a good system to function, and it shouldn't be build with
this as main factor. I live in Russia and although everybody understands
how the paper system here works, there is nothing you can do about
measures of circumvention beeing invented (much like internet security
in means of antivirus software)

I thought about a different vector of attack to get the people's
political will to the gov. and currently there are two ideas:

1. Introduce a two-step voting system with primary vote and secondary vote
2. Get some way of counter per person who voted, introduce a mechanism
of distrust measures in case of large deviations from exit poll, etc.

1.) I think this one is obvious, there are a lot of ppl who would vote
for party A if they would be sure that they get over the minimum vote
requirement, and these ppl end up voting for party A2 (which is somewhat
similar to A in its program, but just not what they really want), just
because it is bigger and has better chances to get into
Duma/HoR/yourlegislative etc. With two step voting they would vote A
primary, and secondary A2, so the vote goes A, but in case of it not
meeting the minimum, the vote goes to A2. The result is a leaner
average, and a more realistic peoples oppinion.

2.) is somewhat harder to introduce, but a total vote count could be
compared with statistics of population, exit polls, or even some kind of
simulated internet vote (or if you will, some other tech mechanism) etc.
and large deviations would look strange to everybody, independend of
there tech-skills (like mc.fly's grandma). This is all good and stuff,
but would be useless without some kind of impeachment mechanism to force
new votes or at least a serious investigation, the need of which cannot
be downtalked or otherwise, because it would be law.


On 01/18/2012 05:27 PM, Elmar mc.fly Lecher wrote:
> Am 18.01.2012 03:32, schrieb Cons Walo:
>> The idea is based on my distrust of political systems these days, with
>> democracy having been thoroughly perverted. The fact that vote counting
>> and asking questions is not done democratically, in my opinion makes
>> current voting systems a farce. This is very much evidenced in the
>> proposed SOPA act in the US, which is a clear example of how democracy
>> has been destroyed in our age.
> Trust in eletions is critical. The current pen and paper voting system
> can be understand by my grandma completely. Every voting system that can
> not be understood by everyone being allowed to vote is useless.
>
> (btw more or less the legal situation after a decision of the german
> surpreme constitutional court in germany)
>
> Electronic voting is dead and that is really good. get over it.
>
>
>
> mc.fly ...

Re: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Eric S Johnson
Date:
2012-01-19 @ 03:00
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dear Aleksandr,

It's great to have Russians on LibTech! (I lived in Moscow for many years
and владею русским).

You might've seen (from Yosem and Robert) the (unauthorized) posts about the
cybersec mentors I'm hiring for my project, the Information Security
Coalition. We're starting to work, and one element about which I've thought
is helping the Russian sites which have found themselves DDOSsed beginning
around the time of the Duma elections in December. Do you know any of the
folks working at any of those media or NGOs, with whom I could get in touch?

More generally, the last I heard, there's no cybercensorship in Russia
(yet). Is that still true?

Best wishes,
Eric

> -----Original Message-----
> From: remailer@librelist.com [mailto:remailer@librelist.com] On Behalf Of
> Riptawr
> Sent: Wednesday, 18 January 2012 23:12
> To: remailer@librelist.com
> Subject: Re: [remailer] Anonymous Secure Internet Voting System - Help
> requested
> 
> @mc.fly and paper systems: user understanding of tech involved is not
> necessary for a good system to function, and it shouldn't be build with
> this as main factor. I live in Russia and although everybody understands
> how the paper system here works, there is nothing you can do about
> measures of circumvention beeing invented (much like internet security
> in means of antivirus software)
> 
> I thought about a different vector of attack to get the people's
> political will to the gov. and currently there are two ideas:
> 
> 1. Introduce a two-step voting system with primary vote and secondary vote
> 2. Get some way of counter per person who voted, introduce a mechanism
> of distrust measures in case of large deviations from exit poll, etc.
> 
> 1.) I think this one is obvious, there are a lot of ppl who would vote
> for party A if they would be sure that they get over the minimum vote
> requirement, and these ppl end up voting for party A2 (which is somewhat
> similar to A in its program, but just not what they really want), just
> because it is bigger and has better chances to get into
> Duma/HoR/yourlegislative etc. With two step voting they would vote A
> primary, and secondary A2, so the vote goes A, but in case of it not
> meeting the minimum, the vote goes to A2. The result is a leaner
> average, and a more realistic peoples oppinion.
> 
> 2.) is somewhat harder to introduce, but a total vote count could be
> compared with statistics of population, exit polls, or even some kind of
> simulated internet vote (or if you will, some other tech mechanism) etc.
> and large deviations would look strange to everybody, independend of
> there tech-skills (like mc.fly's grandma). This is all good and stuff,
> but would be useless without some kind of impeachment mechanism to force
> new votes or at least a serious investigation, the need of which cannot
> be downtalked or otherwise, because it would be law.
> 
> 
> On 01/18/2012 05:27 PM, Elmar mc.fly Lecher wrote:
> > Am 18.01.2012 03:32, schrieb Cons Walo:
> >> The idea is based on my distrust of political systems these days, with
> >> democracy having been thoroughly perverted. The fact that vote counting
> >> and asking questions is not done democratically, in my opinion makes
> >> current voting systems a farce. This is very much evidenced in the
> >> proposed SOPA act in the US, which is a clear example of how democracy
> >> has been destroyed in our age.
> > Trust in eletions is critical. The current pen and paper voting system
> > can be understand by my grandma completely. Every voting system that can
> > not be understood by everyone being allowed to vote is useless.
> >
> > (btw more or less the legal situation after a decision of the german
> > surpreme constitutional court in germany)
> >
> > Electronic voting is dead and that is really good. get over it.
> >
> >
> >
> > mc.fly ...



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.2.0 (Build 1672)
Charset: koi8-r

wsBVAwUBTxeHduD1jg8a9+byAQha6QgAjdZNDPz1ZETSf4thNvcl01rKyhXhEF+6
FhaC7Y0D7zCuY+n2NNjGeYDPW7FH6kEUbNm7EsSQ6KQNix7lBKXGOjHrM585hvuR
RJj0yw4U73KmI0kFpTvE9oOwnp18ZUd6hV+1LUaAnv3ax65Ul/P9zhF3neoEEFwl
rdpzKzSVzjbxWIuVsKA38Q+nnRdH46WzQAuezF0VthTHeMk9sTRXssJ31jh38K9a
thlfhzfi6/qu82Wi4Sb8e0F4XU6ABok3y5hpClKeZeuZLyen/EyawYYZse5Kgfo2
kQCNEyGcmKkqRUuxUk2054vxYIu2oY0Z6IH/hcqmi9I8xliYWRkvQw==
=0F2+
-----END PGP SIGNATURE-----

Re: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Elmar mc.fly Lecher
Date:
2012-01-19 @ 16:46
Am 18.01.2012 16:12, schrieb Riptawr:
> @mc.fly and paper systems: user understanding of tech involved is not
> necessary for a good system to function, and it shouldn't be build with
> this as main factor. 

I strongly disagree. Very strongly for a lot of reasons and we as the
CCC have had hard fights to prevent ANY kind of electronic voting and
counting.

The biggest point there is:
With electronic voting the attacks scale better and are easier to hide.

Electronic voting system really can harm a existing democracy.

We are very proud on the result that electronic voting is now disallowed
in germany and we will fight that it will stay illegal.

The limitation above is btw the legal minimum requirement now in at
least Germany. If my grandmother will not understand it its out of the
question.

> I live in Russia and although everybody understands
> how the paper system here works, there is nothing you can do about
> measures of circumvention beeing invented (much like internet security
> in means of antivirus software)

In russia the democracy is broken, not the voting system.

Fix your root cause, not symtoms.


mc.fly

Re: [remailer] Anonymous Secure Internet Voting System - Help requested

From:
Riptawr
Date:
2012-01-24 @ 16:31
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/19/2012 08:46 PM, Elmar mc.fly Lecher wrote:
> Am 18.01.2012 16:12, schrieb Riptawr:
>> @mc.fly and paper systems: user understanding of tech involved is not
>> necessary for a good system to function, and it shouldn't be build with
>> this as main factor.
>
> I strongly disagree. Very strongly for a lot of reasons and we as the
> CCC have had hard fights to prevent ANY kind of electronic voting and
> counting.
I read the Datenschleuder on that.. with the legacy hardware which was
proposed for your voting systems you did clearly the right thing.
>
>
> The biggest point there is:
> With electronic voting the attacks scale better and are easier to hide.
I agree, and while there are more attack vectors, paper systems still
have enough to make votes a joke. That is exactly why i propose an
alternative that deals with the easier to hide part and does NOT depend
on special knowledge.
>
>
> Electronic voting system really can harm a existing democracy.
>
> We are very proud on the result that electronic voting is now disallowed
> in germany and we will fight that it will stay illegal.
>
> The limitation above is btw the legal minimum requirement now in at
> least Germany. If my grandmother will not understand it its out of the
> question.
you mean user understanding is the legal minimum? If yes, read above.
>
>> I live in Russia and although everybody understands
>> how the paper system here works, there is nothing you can do about
>> measures of circumvention beeing invented (much like internet security
>> in means of antivirus software)
>
> In russia the democracy is broken, not the voting system.
>
> Fix your root cause, not symtoms.
>
>
> mc.fly
blablabla.
I do respect the CCC and it makes me very sad to see that telling ppl in
other countries what to solve and how they should do it is now your
official policy. Please enlighten me how the voting system is irrelevant
for democracy and give a link to the root cause of its brokeness in our
country. Or just stick to the topic and read before you write.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPHtzZAAoJEKk34c1KeOPyNc0QAKXXhW5obOaHPSxxeE0aNIy2
r7JISlw1sPlBzrH+lWATs+NVFHLASVJ3hAN0tT4hGvtBAbCbA7BCIeM7y/2X6/bI
kHAtlJJgpb6/4TQFmnuYorDkF7C9mmB0UrDjoPoC5B4XbErhK7w42zytDSE3YhxP
h21dHjhtPOK65oY6GeKrLIqRfuzdS6g6He2CCeVKAnbgdYY72MmKTm8lrLIXQ+3H
vzZ0D7tYP2SfBpYm/t7h6ndLTljuw2ZAukUk1S8a6nSvxdhAB3jGDDK9S6SzfNtB
21B/Gr9iC/yM9MlUqQm+3iJfBqrgsk0TEAdc1WO3LZn7++SOxWy5A91jfHhXH7zh
Tjz7zLz577Bt+YHSp6D6lK7zrWwsJW2UW75TQity9yynJsJHcAaDEm4tJMv5iu23
ELQ440W3l+uqSjLODS6uM3me8l8e0WaUvcIY1WkmMCgRFSSs6V6aoWIWm74OTiDN
MIO2nwKDefiYyYnbqMyYGrpsH2JnhM/qIrceRs7z0NXW/QRlpZ/2HtboUQjxRpDg
+f+Pi064TmpOH+agc8ns3943C/CXHy3B4lpB7+QvWJZaSuYkFVwoA/s8foAYcEMw
FvQFQskrRfZUL/wG6QFen4hHWiFmAO7A2cu4VWPRYK5N++jKkBAgt1i/cp14Xi/w
9p4OZyST/TGuAGArCelH
=+Xmj
-----END PGP SIGNATURE-----