Flawless Vote Counts

Comments

• flaw in flawless scheme? wds on 09/05/2008 at 10:50 PM

  Posts: 3 Avg Rating:

  Ok... suppose the evil government fraudsters make the invisible code for Barack Obama on your ballot be "KQ" but then, after you vote KQ, the ballot posted on the web site is scored for John McCain, but with the correct code KQ. What happens now? 1. You check the web site to look up your ballot #12345 and you see it says "KQ." "Therefore" no fraud could have occurred. Wrong. 2. Or, when you check, it says "KQ=John McCain." Then you know fraud occurred! - but nobody else does, because your receipt says on it only "KQ" and not "Obama" and not "McCain" so when you scream fraud, the official response is "well, you just voted for McCain, using the McCain code KQ, you &#$%&*, and you are lying when you say you voted Obama."   Result: your attempt to scream fraud fails for lack of evidence (even though there WAS fraud and the system spotted it exactly as it was supposed to) 3. Or, the web lookup says "KQ = Barack Obama" (which is correct) but this permits you to sell your Obama vote to an onlooker.   Sale is only prevented by it NOT saying "Obama" and not saying "McCain" and only revealing "KQ", but then we are vulnerable to cases 1 or 2 above. --- So in conclusion, I do not understand how this "flawless" system works.  It might work, but only if additional ingredients never discussed in the article, are incorporated.  As is, I don't see how it works. Can you explain? Incidentally, three simple antifraud voting protocols  invented by MIT professor Ron Rivest and me are discussed here:    http://rangevoting.org/RivSmiPRshort.html and pages linked to it. These protocols genuinely work.  The Chaum scheme may be better than our schemes, which would be great, but as I said, I do not see how it works at present. Warren D. Smith http://rangevoting.org Rate this comment: (Reply)

  • 	Re: flaw in flawless scheme? wds on 09/06/2008 at 1:33 PM
    Posts: 3 Avg Rating:	I found out more answers and questions, which you can find here: http://groups.yahoo.com/group/RangeVoting/message/8885 I hope the authors of this voting scheme will create an "answers to reader questions" web page.  Rate this comment: (Reply)

    • 	FAQ rcarback on 09/06/2008 at 1:58 PM
      Posts: 6 Avg Rating:	This piece wasn't authored by the Scantegrity project, but we are working on a FAQ. Some of your questions might be answered by the Punchscan FAQ. Rate this comment: (Reply)

  • sorry, still flawless rcarback on 09/06/2008 at 1:40 PM

    Posts: 6 Avg Rating:

    Unfortunately, A summarized description of the system (like what is in this article) is never going to capture every detail. This is Scantegrity, a descendant of Punchscan which you already know about. To answer your question: What if, in optical scan, the scanner thinks the position for Obama is the position for McCain? This is the same problem, and it has (essentially) the same answer. The simple answer is that third parties and voters can all audit the printed ballots. If you produce a ballot and the printing is wrong, you're busted, and you have no control over what ballots get audited. There are also post-election auditing procedures that will catch this (remember that code is still on the printed copy of the ballot next to Obama!). What is posted online does not reveal the connection between code and candidate. Count verification works like you describe in your page I linked to above, which is technically pretty simple, but not simple enough to fit in these comment boxes. See Scantegrity.org for technical details. The Talk from USENIX is also posted online. If you think you've found any flaws, we'd be happy to hear about it. Ron Rivest is also working on this project. Rate this comment: (Reply)

• What about willing vote sellers et al? John Sellers on 09/08/2008 at 3:44 AM

  Posts: 2 Avg Rating:

  Here is California, I recently did a little research and found that in Santa Clara County (home of Google headquarters), the largest precinct in the county had about a 15 point spread between the walk-in and mail-in votes on some issues.  One has to wonder why mail-in voting tallies are obscured and partly mixed with walk-in votes.  The state doesn't break out mail-in totals on the Web based official statement of vote. Also the percentage of votes thrown out on several issues was as much as 5 or 6 times the yes/no spread. The reason that mail in voting here in California lends itself to vote buying is that vote buyers want to be able to confirm that the votes are delivered.  This is simple on a mail-in ballad because the voter signs the ballad without filling it in and then sells it to the buyer, who fills it in and then mails it.  I know of no way to determine that votes like these are bought outside of suggestive statistics. Rate this comment: (Reply)

  • 	Re: What about willing vote sellers et al? rcarback on 09/08/2008 at 7:22 PM
    Posts: 6 Avg Rating:	It doesn't really affect the underlying system in any way in this regard. It is a do no harm approach to coercion schemes like what you've described. It's not any worse, but nor is it any better. Re: thrown out votes, voters would be able to detect that their vote had been thrown out. Rate this comment: (Reply)

    • Re: What about willing vote sellers et al? John Sellers on 09/12/2008 at 7:40 PM

      Posts: 2 Avg Rating:

      I think you are heading in the right direction, but that is in the nature of the notorious Berkley Subjective toward a solution that somehow never gets achieved.  I am sorry to say, such is the nature of many bleeding edge technological applications.  If you are going to reach the goal of preventing vote fraud, you can not ignore aspects such as the vote buying as I previously described. Your system is OK as far as it goes, but integrating with existing voting systems or ignoring any critical problems is not enough.  For example, if we were to integrate your ideas in the existing system in California, we would still have a mess in California. The fact is, any ad hoc or open ended system is always going to have a multitude unintended consequences, most of which will never be known.  The only solutions that any hope of getting fraud under control will have to be completely systematic in regard to ALL of the critical parameters of the system.  For California, this would mean a completely systematic system from the top to the bottom rather than each California county doing its own thing as is the case now. Since I wrote my previous response I carried my inquires a bit further, and found that not only does the State of California not consolidate and publish mail-in results, but I am told they doesn’t even have those results.  I am told that I will have to go around to all 50 some counties in the state if I want this information.  At the state level, votes that are consolidated are printed and archived in a library as per law.  I am told the state does not even keep the results in a database, although I find this hard to believe. Rate this comment: (Reply)

      • Re: What about willing vote sellers et al? rcarback on 09/19/2008 at 11:00 PM

        Posts: 6 Avg Rating:

        The problem solved is "did the vote actually get counted, and was it counted correctly?" The neat thing is that it doesn't negatively impact the underlying system. There are a number of other problems which you could sink your teeth into: poll-book problems (because if you can't vote that's just as bad as it not being counted), remote voting coercion schemes (like those you are talking about), overseas voter issues, etc. To more directly respond to your comment: Vote buying is tricky, particularly for a willing voter. Draw a circle and call it a voter. Now, draw a circle around the voter—that is the buyer/coercer. In the polling place scenario, we can get the voter out of that bubble because no one is supposed to be sitting there with the voter, and they aren't allowed to bring their own personal surveillance devices with them. In a remote voting scenario it's much more difficult to do that, particularly in cases where the voter just signs over the ballot to the buyer. The only way I'm aware of getting around it are to construct fake voting sessions, where the voter supplies a credential and everything looks and acts legitimate, and then the voter submits a real vote at another time. There are several examples of such systems in the literature, but I don't think any completely solve the problem. You also have to be really careful how you present the data. You can't have a paper ballot with more than one race on it, because you could instruct the voter to use unimportant races to create a pattern that would identify her ballot. In fact, if this is a concern and your ballots are public, you couldn't have a paper record at all, because the voter could leave undetectable patterns or other identifying material on it. Scantegrity actually does fix this problem to some degree, because it's posted results data is split up into individual races. The actual paper, however, is still just as prone to problems as it would originally have been. Even if you could succeed in getting rid of all these possibilities, the future might thwart you. Consider the possibility of eye implants that record everything you do! Rate this comment: (Reply)

• Vote Counts vs. Voting Systems mg1234 on 09/27/2008 at 9:09 AM

  Posts: 1

  The count has to do with tabulation. The system is the whole system - starting with registration, the various methods of voting, the various types of ballots, and their tabulation.  There is no flawless voting system.  Vote selling of mail-in ballots is part of the system, not the counting.  Any serious vote selling scheme leaves lots of people who know about it and it won't change 1000's of votes without  someone squealing and lots of felony charges.  The Brennan center did an assessment of the various types of vote fraud and those that involve a lot of people are not the major concern. It's the programs that allow someone to changes 10,000 votes in a few seconds. Rate this comment: (Reply)