Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
I think this comic was made because West Virginia is going to use "Blockchain Voting Software" for the upcoming midterm elections.
More information at https://money.cnn.com/2018/08/....
You can see why this is a terrible idea in this Twitter thread https://twitter.com/GossiTheDog/...
Kaji23882yI don't even like mail-in ballots because there's no way to tell that the person submitting the ballot is the person whose name is attached to it.
Or to prevent someone who doesn't like your vote from shredding it before it gets counted, for that matter...
@Kaji I agree, vote selling is a thing. And the anonymitym is lower to, as a signature is usually required, too (usually the actual vote is covered in an additional envelope so the signature + vote can't be seen together), but any postal worker could simply open both envelopes. On the other hand, it allows people to vote who cannot leave their homes or have to travel.
I guess it is impossible to create a better (in points of anonymity and verifiability) scheme than plain paper-ballots.
Btw.: Congrats for 1000 upvotes!
the more you know, the less you trust.
i am always most afraid to click buttons in my own software because all i can think about is all the ways it went wrong while developing, and all the bugs i may have missed.
ignorance is bliss...
Hmm, the implementation by this company is crap, but wouldn't a blockchain per se be a good idea for voting? I mean, besides hype there are only a few suitable use cases for a blockchain, but voting could be one of it.
Imagine for an election the state generated a public and private key pair for every citizen, signed them with it's own private key, send them via paper post to the citizens and published the signed public keys as first entry in the blockchain. The private keys are deleted instantly.
Now every citizen can add an entry containing it's vote to the blockchain signed with it's own private key.
Everyone could see and control the blockchain.
The only problem with this primitive idea is that the state could identify every vote, but there is surely a solution in terms of key generation for this.
At least the process should be safe and not compromisable, or am I wrong?
endor64502y@Benedikt cryptographically signing a message and encrypting it is the easy part. There are a few big issues with electronic voting though, even if you use a blockchain:
1) who mines the chain? You need to ensure that all users can mine the chain and support it, but also prevent 51% attacks. The mining algorithm has to be chosen carefully.
2) who controls the nodes? Every user must have a copy of the chain, otherwise it's just a private database anyway. Also, you must prevent isolation/sybil attacks.
3) most importantly: authentication. How do you *really* know who signed the message? How do you know someone hasn't hacked my device and signed the vote in my place, or hasn't taken over my input and redirected it? How do you know that a specific public/private key *really* belongs to me in the first place?
The first two are solvable - you just need to set up your network the right way, it has been done before. The real big issue is authentication.
Kaji23882y@endor Agreed. The perception of security is not security itself. And if we can’t tell whether a vote is legitimate or not, it potentially debases the value of all votes. This is why paper ballots cast in person after validating the voter’s identity is and will indefinitely remain the gold standard.