Why blockchains don’t solve the voting problem. Part 1/833837
Large-scale voting requires a number of complicated properties. People need to be assured that their vote will be accurately recorded and counted. But votes also have to remain secret.
On top of that you need to deal with the problem of coercion. Someone could threaten (or pay) you to vote a certain way, and—while no voting system can absolutely prevent this—it should at least be the case that they can’t prove you didn’t do what they wanted.
To make everything worse, you have to do this all in an environment where the majority of voters are highly non-technical and still don’t know how to set the clock in their VCR (which they still use), and many election judges are similar if not less tech-fluent.
Given all these facts it should be obvious why elections have historically used pre-printed paper ballots, and don’t let you take home a receipt (other than “I voted”) or let you bring your friend into the booth with you.
So you’re going to tackle this with “blockchain”. Which means you had one problem, now you’re going to have several problems.
Let’s forget about blockchains altogether, because they solve only one small part (storage) of a much more complicated problem.
The first problem you have is that you’ve introduced computers. They are very bad.
That is to say, computers mean that you now have the possibility that the actual vote recorded will not be the vote you intended. With physical paper ballots you can check this. But blockchains mean no paper. So you need an audit procedure.
Well that’s ok. You’ve got a blockchain, right? Post the vote to the blockchain and tell the user where it is. Leaving aside the issues with trusting that software, or the fact that 90% of Americans are now clamoring for your head on a platter, now you’ve got a coercion problem.
If I can verify that my vote was correctly recorded, then your local mob boss can also use my receipt to verify the same thing.
But research cryptographers are brilliant, you say. Surely David Chaum or someone has figured out a clever way to make voting receipts that allow me to verify my vote without allowing the mob boss to do so.
And you’d be right! We have entire conferences worth of papers like this. Just google “coercion-free electronic elections”. Here’s a bit of literally the first one I found on Google.
Your new protocol involves issuing smartcards to voters, who must now submit Elgamal ciphertexts and engage in an anti-coercion protocol. You are now living in a bunker, surrounded by angry mobs.
But you’ve achieved anti-coercion. You see, when the mob boss tries to get you to prove how you voted all you need to do is take the following actions...
Ok, I don’t mean to pick on this one paper. They are all similarly complicated. The problem is that crypto voting is hard when you don’t need secrecy or coercion-resistance. It gets positively nightmarish when you try to add that stuff.
Anyway, notice that the one thing I haven’t addressed in this is the blockchain itself! Because it turns out that all the hard parts don’t involve auditable storage. And you have to solve all those other parts specifically because you decided to go down this road.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Periodic reminder that Apple has not officially abandoned its photo scanning plans, and could still flip the switch on a billion users at any moment.
Apple has been collecting feedback from the community. (I know this because I talked to them.) I don’t know that they appreciated my feedback that much but I sure felt better afterwards.
My biggest question for the company was: why do you think this is ok? They didn’t really say much. But without characterizing this as a specific response by Apple or anyone at Apple, I think I can try to get at the argument.
Oops… forgot to upload my COVID booster record to the appropriate website and have now been warned that if I don’t get my act together I’m fired. (NB: I got the booster in September.)
“Fired” seems a little harsh, frankly. Banned from campus might be a bit more proportionate? (I’m on a leave of absence from teaching.) Have never really sympathized with the antivax side before.
In fairness they won’t fire me until March 7, and they’ll send me two whole written emails before they terminate my tenured position ;)
“Decentralization” means very different things to different people.
I guess this is mostly a subtweet of David Rosenthal’s talk. I’m not sure if I even disagree with it, exactly. blog.dshr.org/2022/02/ee380-…
It’s pretty hard to disagree with critiques of proof-of-work mining, which is an environmental catastrophe. But then what’s the objection to proof-of-stake? It “isn’t effective at decentralization”.
I read the new location tracking complaint against Google filed by three state AGs and DC. It shouldn’t be surprising to anyone who is familiar with Google, but it’s pretty detailed. Thread. 1/
The basic allegation is that Google (mainly via Android) made it extremely difficult to turn off location data collection, and when people *did* try to turn this off, Google still collected and used location data for advertising.
As described in the complaint, there are basically three ways Google can get your location. (1) via GPS, (2) by monitoring nearby WiFi networks, (3) through IP address. Even if you turn GPS off, Google uses some of these. 2/
I don’t know what’s going on at Twitter. When CISOs leave social media companies unexpectedly it can mean all sorts of unpleasant things. nytimes.com/2022/01/21/tec…
On the other hand if @LeaKissner is interim CISO then there can’t be anything too weird going on.
(For those who don’t know the history here, it’s Alex Stamos vs Yahoo (2015) & Alex Stamos vs. Facebook (2018) arstechnica.com/tech-policy/20…
This is not an experiment I’m super excited to do on my own hardware (plus I don’t have a Chinese payment method.) Has anyone tried changing their Apple account to “mainland China” on the iCloud website to see what happens to data flows on their devices?
My question is: what warnings do you get on-device before it starts uploading your data to Guizhou? I hope someone is/has moved to China recently and is willing to try this for me.
What can I offer people to do this experiment for me? Happy to offer all the RTs in the world and I’ll even scrape up a tiny bounty if someone is willing.