sen-material: comparison handouts/ho02.tex

equal deleted inserted replaced

-:b7d055cf16e8
+:3c69029f4a1c
 \begin{itemize}
 \item The Netherlands between 1997--2006 had electronic voting
 machines, but ``hacktivists'' had found they can be
 hacked to change votes and also emitted radio signals
-revealing how you voted.
+revealing how you voted. Now e-voting has been abandoned
+in the Netherlands.
 \item Germany conducted pilot studies with e-voting, but in
 2007 a law suit has reached the highest court and it
 rejected e-voting on the grounds of not being
 understandable by the general public.
 secure as paper ballots, the parliamentary committee
 in charge concluded.
 \item India uses e-voting devices since at least 2003. They
 use ``keep-it-simple'' machines produced by a
-government owned company.
+government owned company. There was some trouble for
+an Indian researcher after he and an international
+team of hackers showed that the devices are not
+as secure as the government claimed.
 \item South Africa used software for its tallying in the 1993
 elections (when Nelson Mandela was elected) and found
 that the tallying software was rigged, but they were
 able to tally manually.
 evolved. Because also good-old-fashioned paper ballot voting
 is not entirely trivial and immune from being hacked. We know
 for sure that elections were held in Athens as early as 600
 BC, but might even date to the time of Mesopotamia and also in
 India some kind of republics might have existed before the
-Alexander the Great invaded it. Have a look at Wikipedia about
+Alexander the Great invaded them. Have a look at Wikipedia about
 the history of democracy for more information. These elections
 were mainly based on voting by show of hands. While this
 method of voting satisfies many of the requirements stipulated
 above, the main problem with hand voting is that it does not
 guaranty ballot secrecy. As far as I know the old Greeks and
 paper ballots are given out to each voter at the polling
 station. Then an attacker can give the prefilled ballot to a
 voter. The voter uses this prefilled ballot to cast the vote,
 and then returns the empty ballot paper back to the attacker who now
 compensates the voter. The blank ballot can be reused for the
-next voter.
+next voter. I let you ponder why it is important for this
+attack that the voter returns the empty ballot to the
+attacker.
 To sum up, the point is that paper ballots have evolved over some time
 and no single best method has emerged for preventing fraud.
 But the involved technology is well understood in order to
 provide good enough security with paper ballots.
 shown that seals can easily be circumvented. The moral of this
 story is that election officials were incentivised with money
 by the central government to obtain new voting equipment and
 in the process fell prey to pariahs which sold them a
 substandard product. Diebold was not the only pariah in this
-area, but one of the more notorious ones.
+area, but one of the more notorious ones.\footnote{An e-voting
+researcher recently made a connection between the VW-exhaust
+scandal and e-voting: His argument is that it is very hard
+to test whether a program works correctly in a hostile
+environment. The program can often recognise when it is
+tested and behave correctly, but in the ``real test'' can
+behave maliciously, just like the VW diesel engines.}
 Optical scan machines are slightly better from a security
 point of view but by no means good enough. Their main idea
 is that the voter fills out a paper ballot, which is then
 scanned by a machine. At the very least the paper ballot can
 which of course is an important problem if you are allowed to
 vote via Internet.
 However, the weak spots in any Internet voting system are the
 voters' computers and the central server. Unfortunately, their
-system is designed such that they needs to trust the integrity
+system is designed such that they need to trust the integrity
 of voters’ computers, central server components and also the
 election staff. In 2014, a group of independent observers around
 Alex Halderman were able to scrutinise the election process in
 Estonia. They found many weaknesses, for example careless
 handling of software updates on the servers. They also
 the Internet cannot be made secure with current technology.
 Voting has just too high demands on integrity and ballot
 secrecy. This is different from online banking where the whole
 process is designed around authentication. If fraud occurs,
 you try to identify who did what (somebody’s account got zero;
 somewhere the money went). Even if there might be more
-gigantic sums at stake in online banking than with voting,
+gigantic sums at stake in online banking than with voting, it
-it can be solved. That does not mean there are no problems
+can be made reasonably secure and fraud-safe. That does not
-with online banking. But with enough thought, they can
+mean there are no problems with online banking. But with
-usually be overcome with technology we have currently. This
+enough thought, they can usually be overcome with technology
-is different with e-voting: even the best have not come
+we have currently. This is different with e-voting: even the
-up with something workable yet.
+best have not come up with something workable yet.
-This conclusion does not imply that in some special cases
+This conclusion does not imply that some special cases of
-of Internet voting cannot be made to work securely. Just in a
+Internet voting cannot be made to work securely. Just in a
 general election where stakes are very high, it does not work.
 For example a good-enough and workable in-lecture online
 voting system where students' votes are anonymous and students
-cannot tamper with the outcome, I am sure, can be implemented.
+cannot tamper with the outcome, I am sure, can be implemented
+(see some of my MSc projects).
 \subsubsection*{Further Reading}
 If you want to know more about e-voting, I recommend

changeset 386	3c69029f4a1c
parent 369	6c7996b6b471
child 404	4e3bc09748f7