[Fsfe-ie] perspective on e-voting
s_fsfeurope2 at nedprod.com
Wed Mar 3 04:28:52 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
On 2 Mar 2004 at 9:54, Fergal Daly wrote:
> > Why? You can get a military hardened CPU from Atmel or even Intel
> > for less than a x86 CPU. It just won't run Windows.
> Fair enough. I assumed they'd be more expensive. Still doesn't change
> the fact that when you look at the circuit board all you can see is a
> plastic package and that there's no non-destructive way of finding out
> if you've really, really got an genuine xyz military hardened
> processor or just something pretending to be one.
x86 processors are /vastly/ more complex than they need to be because
of the legacy requirements. Really they're a RISC CPU nowadays with a
translation front-end converting the x86 into RISC ops. However that
said, there is a huge scale of economy in x86 chips only ARM could
probably come close to - hence me suggesting the Atmel.
I think you're thinking too much in how it could be compromised on a
technical level whilst ignoring the feedback effects of a compromise.
Voting is not like a bank vault where if you break it you win
outright - at best, you get four years or so of power. In reality,
many factors can play to make your term much shorter and certainly if
it emerged that an election was tampered with, any sitting government
would have to call another election. The media simply wouldn't permit
If you look at the US 2000 presidential elections which were almost
certainly rigged, nevertheless Congress allocated quite a lot of
money to replace the voting equipment despite the major spending
cutbacks of the Bush administration. Unfortunately that's gone on
Diebold voting machines which make the Irish voting machines look
fantastic, but it's a good example of the feedback system working.
> You've gone way outside the requirements for a voting machine here. I
> agree with you that a practically tamper proof machine is possible,
> however we are talking about machines which will spend 364 days a year
> switched off in a warehouse in the back of beyond and then they'll
> spend a full day in an unfriendly environment being used in private by
What's important is not that the machines are tamper proof - it's
that there's *fairly* tamper proof, enough that people trust them and
the process. If they emerge to not be so (and there's plenty of
journalists sniffing around here never mind whistleblowers), there
will be substantial feedback from the public to improve the system.
Which means politicians get to give more wads of cash to their
friends and thus everyone is happy.
Nevertheless, I'm still opposed to them. For what is gained per euro
spent, they are a waste of money better spent on (say) health.
> One problem is that it greatly complicates vote storage and
> anonymnity. I can't see it ever being accepted because most people
> want to know that when they cast their vote it's done and nothing can
> undo it.
I did say peer to peer and distributed - therefore there is no
central server apart from the trust delegator (which says which
phones can vote and which can't). Anonymity is easy to implement in a
massively distributed system. And what I really like about such a
system is that anyone can ask their mobile what votes were cast for
the country and get precisely the same figures as the TV or anyone
else gets - obviously if they don't, one can kick up a fuss. My
mobile is equal to Bertie's mobile in every way in such a
-----BEGIN PGP SIGNATURE-----
Version: idw's PGP-Frontend 18.104.22.168 / 9-2003 + PGP 8.0.2
-----END PGP SIGNATURE-----
More information about the FSFE-IE