>> Transparency is certainly improved. You can check and change your vote
>> after casting it. Estonian government even provides an iOS and Android
>> mobile application for this.
>
> Oh ho, within your own world it looks like you gave your vote. That does
> not prove a single thing. Even just pointing to that as something that
> convinces you shows how dangerous technology is.
A mathematical proof is not possible for any voting system except that which
exists only on paper. Ballots can be compromised, votes bought, software hacked
and hardware tampered with. The question is how costly and hard it is to do so.
Could Intel and AMD team up and hide a backdoor on the vote counting server's
CPU? It certainly is in the realm of possibilities. However, it's extremely
cost prohibitive, risky and as a result unlikely. Could a handful of people
manning a polling station stuff in extra ballots or take some out? A tad bit
more likely.
In most countries digital ballot counting machines are used anyway and that
opens up the same attack vectors as outlined above.
Making votes verifiable and mutable from any platform is the best possible
approach to such conspirational scenarios.
> Also, the situation in Estonia is quite different than in most other
> countries, and most of these differences can be attributed to their
> size. Just as a reminder, there are ~500 cities with a population larger
> than Estonia.
Sure, Estonia is relatively small, but scaling the infrastructure is, and never
has been, an issue. Open to any arguments suggesting the contrary.
> The bigger the system, the larger the influence, especially in countries
> that do have an existing and well-oiled lobbying apparatus. I cannot see
> any larger country introducing any system that has similar security
> properties, and the ability to reliably set aside the maintenance costs.
> Anyone can see too well how broken maintenance of public infrastructure is.
The latter is a fallacy.
> So, on many levels, maybe nobody bothered to mess with the Estonian
> platform because it just doesn't matter from a global perspective.
Given Russia's past cyberattacks on Estonia
(https://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia
<https://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia>) and Estonia's
political stance it would be safe to say that Russia would certainly be
motivated to investigate the matter. By anecdotal evidence, the ruling
coalition has not seen a pro-Russia party for the last 11 years so I think it's
safe to assume Russia is unable to put their foot on the scale.
Andres
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
