2016 American Presidential Campaign

[elstongunn39]

Lol trump is gonna disappoint his alt-right base sooo much

 

[SKL]

There would be a digital paper trail.

for all practical intents and purposes even as metaphor this is an oxymoron. Punching literal holes in an 1950s era paper tape would be an ideal paper trail though, especially if it were pre-marked so the voter could see that their paper vote corresponds to what buttons they've punched.

notice I keep going back to low tech stuff. it's simpler and easier to concern.

And we don't have to secure every last aspect of it. From the side of the server we just need to ensure that it doesn't respond to anything except what it's supposed to, and in a secured physical environment. That is human manageable.

(1) has to be done by trusted and secure humans; this is very hard;

(2) locking down the server completely except for a series of basic unidirectional commands "increment total x by 1" (shielded behind cryptography), ideally; the server being physically incapable of responding to anything even on a hardware level except for acknowledgment (which could be segregated from the actual database so as to minimize the amount of leakage but more importantly the possibility of tampering) -- if this is to be feasible, it's all about the KISS principle.

but what exactly are we talking about at this stage? voting machines keeping their own tallies? a set of voting machines at a precinct that tallies at a server like we mention here? or remote network voting, which I would absolutely never consider to OK.

If you take away all the possible ways for arbitrary input to be processed in any unknown way, you take away that entire vector as a risk. And as I said, we don't have to make it impossible for one vote to be tampered with, just for it to be impossible to tamper with lots of them.

this needless to say is the essential. in this sort of unique system I actually think a small, bespoke system would be better than modern highly secured operating systems, because the task is very, very simple (there's only one "operation" the computer is asked by a client to do, essentially), and the larger the attack surface, the riskier a situation we are in.

thinking of a setup like the second one mentioned, imagine a wheel-and-hub system, voting machines: very stripped-down systems, running bespoke software running basically on bare metal, with no task other than to make vote selection. as needed you can put in a touch screen, audio output for the b/vi, etc. the only thing that this system is capable of doing is (a) taking the vote; (b) transmitting through a phyically unidirectional cable the vote; (c) printing on running paper tape the same vote; perhaps (d) offering some kind of other paper receipt for the user, cryptographically signed. authentication of voters and preventing of double-voters would still rely on physical security, because none of the public-key systems are really scalable unless you are willing to sacrifice anonymity in which case it becomes fairly trivial but you have also created a de facto national ID card via the medium of the national voting PKI. So that's really it for the stripped-down machine. It also gets some kind of "ACK" from the hub, if it doesn't, raises the appropriate red flag for technical assistance.

the hub would also be a bespoke system: takes in unidirectional input, only valid instruction being 'increment column N by 1,' this is done, and through a different, hardware-separated system that does not have physical level access to the database, sends the "ACK."

at the end, the paper tape is saved and sealed (which in and of itself is a big problem, there is a great chapter on this in Anderson's Security Engineering, which has a lot to say on all these subjects), the computer is sealed, it burns the database to a CD, cryptographically signed, maybe with some kind of mechanism to reliably allow the private key in question to be used only once (practically impossible, but possible to make it difficult to use twice); the public key being kept by the authority tabulating the votes

some sample of the paper tests are statistically tested against the computer results, if the index of suspicion of a discrepancy is low, then the precinct can report by digitally signed burned CD, and as long as all seems well, go ahead; if there's any problem, fall back on the physical recount and comparison to the computer; if all's well, for some length of time official takes office, everything keeps under lock and seal and then all destroyed when that interval expires, we don't want to keep it around forever because it's keeping it secure on and ongoing basis difficult and someone could attack it by altering the results post facto and then making enough noise and examples of allegations of election fraud, and then fuck him over.

this is a back of a napkin idea of what I would do if I had to design electronic voting. with an extreme emphasis on absolute simplicity; the biggest problem in computer security these days IMO is that things are so complex that no individual really can understand all of them, and there is no possible reason why half of the things running in your computer needs to be. anyway I found this an interesting back of napkin exercise, it might even be fun to bring out some old hardware and create a toy implementation (yes I am that much of a geek that I will do stuff like this just for shits and giggles, see the extended and customized phonetic name-sorting and comparison script I wrote in sed(1), I enjoy using time-tested tools about two weeks ago just because I was working on yet another project that involved dealing with census data (this is a tiny, although using a much smaller database (2²⁰ possible combinations, my current application has something more like 2⁶⁴ and can be extended arbitrarily and has some additional features for one-time authentication using a shared secret over a possibly unsecure channel, like starting an OTR conversation) and more trivial implementation, piece of it, it makes up a name, but i'm actually looking to apply it to certain computer security applications, basically as a way to encode bits in a way that is very easy for the human brain to remember, basically I'm working on a way to memorize use random 128/256-bit keys without having to deal with passphrases, which are problematic but I digress; if you like this stuff PM you I'd love to chat about it) and didn't want to deal with the 30 ways people spell "Caitlin," but I still think it's a bad idea, but I think that something along the lines of this would approach the margin of safety.

 

[Escher's Waterfall]

How sure are we that its not the inner Luddite opposing digital voting? We accept that paper votes aren't 100% tamper proof, why do we consider digital voting as needing to be 100% tamper proof? Do you think electronic voting is even worse than paper ballots?

Electronic voting is more vulnerable to the widespread manipulations by a small group.

I don't see electronic voting's benefits outweighing the risks.

That's why we make the voting live system open source and checksum verified. Then we know it hasn't been tempered with. Simply saying "it can't be done, it won't scale" without explaining why is not a legit counterpoint.

See, for example, "Reflections on Trusting Trust" by Ken Thompson. That paper is over 30 years old, and gives a quite simplistic example of a compiler that inserts a bug into a login program and can also recognize when it's compiling its own source code and insert the same behavior in the compiled version.

Ken Thompson goes on to point out that one would have to trust the entire chain - from the microcode on up.

Now look at the Underhanded C contest for some devious ways of introducing unexpected behavior in source code. Think about all the places such code could be hiding.

But it gets worse - imagine how many bugs currently exist in our implementations of the entire chain.

 

[spacejunk]

What happens if voting is online and people have service outages?
Or their computer breaks down?
Or they don't own a computer?

Seems like too many things could go wrong and prevent people from voting.
Who can guarantee that power failures won't conveniently happen in marginal (or predictable) electorates? Stranger things have happened...

I think the way elections are carried out now - where everything is set up ready for people to arrive and cast their ballot - doesn't really need to be improved upon.
I would need to see some really compelling evidence that digital was necessary/better/worthwhile impementing, for me to be convinced it is worth the increased risk of manipulation.

 

[elstongunn39]

spacejunk are you an anarcho-communist? just curious

 

[spacejunk]

I don't really like lumping myself with political definitions because my thoughts and opinions don't really match up perfectly with any school of thought, and i change my mind all the time.
But yeah, i definitely have anarcho-syndicalist leanings - sure

 

[elstongunn39]

we should have a leftist discussion thread on bluelight

 

[spacejunk]

By all means start one!

 

[elstongunn39]

i think acidheads would love reading "Society of the Spectacle"

 

[SKL]

… (formulating mentally a Fascist/anti-bourgeois right/national-syndicalist/radical traditionalist thread) it's a shame, sj, we share so much of how we interpret the world and such, but draw such radically different ultimate conclusions, although many if not most of our enemies are the same, apart from each other that is, of course. horseshoe-theory stuff, I guess. I'd like to see a Red-Green-Brown-Black alliance thread.

 

[elstongunn39]

I have had discussions with new right/alt right people in which i was almost shocked at how much we agree on--maybe there is a point to horseshoe theory or maybe liberals are just unlovable and that's what brings us together lol

 

[elstongunn39]

skl have you checked out mark dyal?

 

[SKL]

let me say I dislike the term 'alt-right' because it has been ruined by a lot of weird, creepy, spergy Internet stuff, although I definitely embraced the term 'alternative right' before it got all meme'd up; I mean Pepe the Frog is a hate symbol. not only does that make me lmao @ the ADL reacting to Pepe-memes but the fact that people were, evidently, in earnest, trying to make a political point with Pepe-memes is offputting to say the least.

re: mark dyal -not really but I am aware of him,probably a bit too Neitzschean for my tastes, but counter-currents publishing is a good sign

 

[elstongunn39]

i've been emailing with him for awhile. the gist of it is that i'm a leftist but he loves what i'm writing. we both oppose bourgeois modernity and neoliberal capitalism. Past that we differ a lot as to what we would want in place. the guy is like a deleuzean fascist which is pretty funny. he's one of the only new right or "alt-right" people i can stand because he seems like a decent guy, not slimey the way richard spencer and jared taylor are

 

[SKL]

we all could do good work together if we got over the boutique side issues and just focused on the real enemy (bourgeois liberal democracy and neoliberal economics)

 

[spacejunk]

The thing about rejecting neo-liberalism or neo-conservativism is that we can agree that the current system is fucked - but i don't think alliances between otherwise disparate groups are likely to ever succeed - hell; it seems that most right wing and left wing (as opposed to the neo-lib "centrist" status quo) come undone due to infighting and ideological splits - even within the same narrow political perspective.

I think alliances can be formed to share power in the case of things like hung parliaments (such as the situation with the election in Iceland late last year) - and in these instances, compromise and cooperation are all important.

But i think that opposing the same things isn't quite enough to draw people from opposite ends of the spectrum together, in any practical sense.
I mean, i was opposed to the TPP, but for entirely different reasons to a lot of people (such as Trump, for instance).

I mean, my comrades on the left have been opposing globalism - (and "fake news") for 20-odd years (or more).
Politics is weird.

 

[elstongunn39]

but how do i know that i won't be sent to some camps or something by the fashy types?

 

[SKL]

I did said "could …" somewhat unfortunately, though. What we do share is a very similar political hermeneutic or way of interpreting history and world events, we just diverge in conclusion; infighting happens in groups that are heavily doctrinal (how many Marxist-Leninst or Trotskyite groups are there?) … my ideal would be something that's in some sense really non-political, just a rejection of politics and political systems in general … although concretely my only hope for the US is the quite distant one of a coup d'état performed somewhere in middle officer ranks with military retirees (often very disillusioned) joining in and arming themselves rapidly, but our military is very bureaucratically complex and geographically dispersed probably in part for the purposes of preventing this from happening … but as conditions inevitably worsen, perhaps we will one day wake up to tanks rolling onto the streets.

 

[elstongunn39]

speaking of rejecting politics,, have you read fred moten? his idea of the undercommons is sort of a rejection of academia as well as politics and the commons

 

[SKL]

I'm watching the Norwegian TV drama Occupied, on NETFLIX, which deals with a hypothetical future in which Norway shuts off oil and gas production in favor of nuclear, and is bloodlessly occupied, with increasing obviousness and developing internal tensions, by Russia with a cooperative EU, after the US has withdrawn from NATO and become energy independent and isolationist. It deals with a lot of this sort of stuff in sometimes less or more oblique fashion, it's really quite interesting and not, as yet (I haven't finished) very moralizing or biased, it's quite free in pointing out some of the problems in Scandinavian liberal democracies, although the tone of that criticism is more muted, but deals a lot with problems of liberal democracy, globalization and nationalism, etc. in a very interesting fashion. As I've said I've not finished it, but it is interesting and comes to a lot of points related to this kind of thing.