1 \documentclass{article}

     1 \documentclass{article}

     2 \usepackage{../style}

     2 \usepackage{../style}

     3 \usepackage{../langs}

     3 \usepackage{../langs}

     4 

     4 

     5 \begin{document}

     5 \begin{document}

    18 

     8 

    19 %% second angle of the problem

     9 %% second angle of the problem

    20 %Jonathan Zittrain is interested in algorithmic accountability,

    10 %Jonathan Zittrain is interested in algorithmic accountability,

    21 %from Facebook’s ability to tell that two people are in a

    11 %from Facebook’s ability to tell that two people are in a

    22 %relationship before they announce it, to their ability to

    12 %relationship before they announce it, to their ability to

   101       punch cards, now DREs and optical scan voting machines.

    91       punch cards, now DREs and optical scan voting machines.

   102       But there is a lot of evidence that DREs and optical

    92       But there is a lot of evidence that DREs and optical

   103       scan voting machines are not as secure as they should

    93       scan voting machines are not as secure as they should

   104       be. Some states experimented with Internet voting, but

    94       be. Some states experimented with Internet voting, but

   105       all experiments have been security failures. One

    95       all experiments have been security failures. One

   107       in 2012 when some states allowed emergency electronic

    97       in 2012 when some states allowed emergency electronic

   108       voting. Voters downloaded paper ballots and emailed them

    98       voting. Voters downloaded paper ballots and emailed them

   109       back to election officials.

    99       back to election officials.

   110 

   100 

   111 \item Estonia used since 2007 the Internet for national

   101 \item Estonia used since 2007 the Internet for national

   153 \end{center}

   143 \end{center}

   154 

   144 

   155 \noindent The abstract says:

   145 \noindent The abstract says:

   156 

   146 

   157 \begin{quote}\it 

   147 \begin{quote}\it 

   159 Advanced Voting Solutions (AVS) WinVote voting machine, after

   149 Advanced Voting Solutions (AVS) WinVote voting machine, after

   160 concluding that it was insecure. This talk presents the

   150 concluding that it was insecure. This talk presents the

   161 results of Virginia's analysis of the WinVote, and explores

   151 results of Virginia's analysis of the WinVote, and explores

   162 how we got to the point where a voting machine using an

   152 how we got to the point where a voting machine using an

   163 unpatched version of Windows XP from 2004, using hardwired WEP

   153 unpatched version of Windows XP from 2004, using hardwired WEP

   164 keys and administrator passwords, could be used for over a

   154 keys and administrator passwords, could be used for over a

   166 \end{quote}

   156 \end{quote}

   167 

   157 

   168 The reason that e-voting is such a hard problem is that we

   158 The reason that e-voting is such a hard problem is that we

   169 have requirements about the voting process that conflict with

   159 have requirements about the voting process that conflict with

   170 each other. The five main requirements for voting in general

   160 each other. The five main requirements for voting in general

   370 incompetence and the inferiority of their products by

   360 incompetence and the inferiority of their products by

   371 requiring that election counties must not give the machines up

   361 requiring that election counties must not give the machines up

   372 for independent review. They also kept their source code

   362 for independent review. They also kept their source code

   373 secret. This meant Halderman and his group could not obtain a

   363 secret. This meant Halderman and his group could not obtain a

   374 machine through the official channels, but whoever could hope

   364 machine through the official channels, but whoever could hope

   376 They then had to reverse engineer the source code in order to

   366 They then had to reverse engineer the source code in order to

   377 design an attack. What all this showed is that a shady

   367 design an attack. What all this showed is that a shady

   378 security design is no match for a determined hacker. 

   368 security design is no match for a determined hacker. 

   379 

   369 

   380 Apart from the obvious failings (for example no paper trail),

   370 Apart from the obvious failings (for example no paper trail),

   540 somewhere the money went). Even if there might be more

   530 somewhere the money went). Even if there might be more

   541 gigantic sums at stake in online banking than with voting, it

   531 gigantic sums at stake in online banking than with voting, it

   542 can be made reasonably secure and fraud-safe. That does not

   532 can be made reasonably secure and fraud-safe. That does not

   543 mean there are no problems with online banking. But with

   533 mean there are no problems with online banking. But with

   544 enough thought, they can usually be overcome with technology

   534 enough thought, they can usually be overcome with technology

   546 even the best have not come up with something workable yet.

   536 even the best have not come up with something workable yet.

   547 

   537 

   548 

   538 

   549 This conclusion does not imply that some special cases of

   539 This conclusion does not imply that some special cases of

   550 Internet voting cannot be made to work securely. Just in a

   540 Internet voting cannot be made to work securely. Just in a