Blockchain Voting: Solves None Of The Actual Problems Of Online Voting; Leverages None Of The Benefits Of Blockchain

Furnished content.


Just recently we wrote about why blockchain-based DRM was a terrible idea, and it could be summed up by the simple fact that a blockchain solves none of the "problems" of DRM today, and leverages none of the actual benefits of a blockchain. And... now I feel like writing basically the same exact post around blockchain voting. Like blockchain DRM, blockchain voting is one of those ideas that gets tossed around a lot. For decades, lots of people who actually understand computer security have explained why online voting is a horrifically bad idea in that it involves effectively unsolvable problems. It's not that it's a "hard" problem, it means that online voting is effectively impossible without massive changes to almost everything we do in ways that we can't really comprehend right now. There are some serious researchers who are thinking about this, but to date, there is nothing even remotely close to to being acceptable, and there may never be.And yet, the "simplest" way that some people understand the risks of online voting is basically "it would be bad if someone could change your vote and no one would know." That's an easy to understand point to make, but the problems with online voting go way, way beyond that. Do a simple Google search on why online voting is a terrible idea and you'll get dozens of on-point results, but if you want a nice, simple explanation of just the first pass of potential risks with online voting, check out this video from a couple years ago by Princeton professor Andrew Appel, who has been studying voting security for many, many years:

The key weakness of early online voting systems was the inability to solve what cryptographers called the double spend problem. When we send a file on the internet, we're actually sending a copy of that file; the original remains in our possession. This is acceptable for sharing information but unacceptable for recording votes in elections. The possibility that individuals could cast their ballots multiple times for a candidate made these systems useless just as vulnerable as paper ballot systems. Points of failure included susceptibility to hackers, coding bugs, and human error. With enough resources, any rogue could stuff a digital ballot box with illegitimate votes.

In a typical election setting with secret ballots, we need:

1. enforced secrecy: a way for each voter to cast a ballot secretly and no way to prove how they voted (lest they be unduly influenced)
2. individual verifiability: a way for each voter to gain confidence that their own vote was correctly recorded and counted.
3. global verifiability: a way for everyone to gain confidence that all votes were correctly counted and that only eligible voters cast a ballot.

Let's say we have a Blockchain-style distributed database. How far does that get us to meeting these needs?A distributed database of all cast votes, where everyone sees the same state of the world, would certainly be useful for (3) global verifiability and to some degree for (2) personal verifiability. That said, it won't get us all the way there on those, and it won't get us anywhere on (1) enforced secrecy.Specifically, to combine personal verifiability with enforced secrecy, we need some mechanism that gives each voter enough confidence that their vote made it all the way to the tally, but not so much that they can sell their vote to a buyer/coercer. A public ledger of plain votes is a terrible idea, since that makes vote selling trivial. A public ledger of vote tracking numbers of sorts is better for privacy, though it doesn't really provide actual verifiability that the contents of the ballot weren't tampered with. Clearly, we need something more, and that something simply isn't provided by a distributed ledger.In a typical election setting with secret ballots, we need:

1. enforced secrecy: a way for each voter to cast a ballot secretly and no way to prove how they voted (lest they be unduly influenced)
2. individual verifiability: a way for each voter to gain confidence that their own vote was correctly recorded and counted.
3. global verifiability: a way for everyone to gain confidence that all votes were correctly counted and that only eligible voters cast a ballot.

Let's say we have a Blockchain-style distributed database. How far does that get us to meeting these needs?A distributed database of all cast votes, where everyone sees the same state of the world, would certainly be useful for (3) global verifiability and to some degree for (2) personal verifiability. That said, it won't get us all the way there on those, and it won't get us anywhere on (1) enforced secrecy.Specifically, to combine personal verifiability with enforced secrecy, we need some mechanism that gives each voter enough confidence that their vote made it all the way to the tally, but not so much that they can sell their vote to a buyer/coercer. A public ledger of plain votes is a terrible idea, since that makes vote selling trivial. A public ledger of vote tracking numbers of sorts is better for privacy, though it doesn't really provide actual verifiability that the contents of the ballot weren't tampered with. Clearly, we need something more, and that something simply isn't provided by a distributed ledger.

Tapscott focuses on the idea that blockchain technology would allow people to vote anonymously while still being able to verify that their vote was included in the final total. Even assuming this is mathematically possibleand I think it probably isthis idea ignores the many, many ways that foreign governments could compromise an online vote without breaking the core cryptographic algorithms.For example, foreign governments could hack into the computer systems that governments use to generate and distribute cryptographic credentials to voters. They could bribe election officials to supply them with copies of voters' credentials. They could hack into the PCs or smartphones voters use to cast their votes. They could send voters phishing emails to trick them into revealing their voting credentialsor simply trick them into thinking they've cast a vote when they haven't.[...]But let's think about how this would play out in practice. Suppose it's mid-November 2020 and Donald Trump has narrowly won reelection. A few thousand voters in key swing states come forward to say that they intended to vote for Trump's opponent but their vote was recorded for Trump instead. Thousands of others say they tried to vote for Trumpor against himbut their votes weren't counted.Was that due to hackers meddling with the vote, technical snafus, or user error? Were some of them just misremembering how they had cast their ballots? There would be no way to know for sure.An important property for an election is finality: you want a well-understood process that makes people confident in the result. The paper-based process used in most states today isn't perfect, but it's pretty good on this score. Each vote is recorded on a paper ballot that's available for anyone to look at. Everyone understands how paper ballots work. People can observe the vote-counting process to verify that no ballots were altered. So not only does the process usually lead to an accurate count of peoples' votes, it also builds public confidence in the integrity of the result.Blockchain voting would be much, much worse. Hardly anyone understands how a blockchain works, and even experts don't have a good way to observe the online voting process for irregularities the way an election observer does in a traditional paper election. A voter might be able to use her private key to verify how her vote was recorded after the fact. But if her vote wasn't counted the way she expected (or wasn't counted at all) she'd have no good way to prove that she tried to vote a different way.

0 comments, click here to add the first

Not Funny: The Conan O'Brien Joke-Stealing Lawsuit Is Still Going On

Furnished content.


We've obviously talked about the great deal of harm that a protectionist view of copyright can cause, both in terms of its ability to deny the public useful innovations and its use by the powerful to bully the weak. But one of the harms in protectionism and the ever-expanding culture of ownership that pervades modern life that is less talked about, possibly because it's somewhat obvious, is its sheer ability to bog down individuals in an absurdly lengthy legal process that seems to move at a pace purposefully calibrated to be as frustrating as possible.A great example of this is the copyright case Conan O'Brien is embroiled in still, all over accusations that he and his writing staff "stole" a handful of jokes from a freelance comedian, who has claimed copyright over them. We first wrote about this case in the first half of 2017, where a judge had greenlit all of this for a jury trial, but the lawsuit itself was actually filed back in 2015. And, incredibly, it's still going on. The clock is still running at three years, with the most recent news being that the court has refused to allow O'Brien's team two affirmative defenses based on the actions of the plaintiff.

The court on Thursday dismissed two of O'Brien's affirmative defenses, one arguing that Kaseberg had committed fraud on the copyright office and the other that he isn't entitled to relief because he withheld relevant documents during discovery and has "unclean hands." "Even if omission of the Court’s ultimate conclusion that the jokes were entitled only to thin copyright protection were misleading, however, the Court would have to conclude that there was no intent to defraud here," writes Sammartino. "It is undisputed that Plaintiff’s counsel attached a copy of the Court’s full Order to the letter to the Office. Had Plaintiff been attempting to pull a fast one on the Office by misrepresenting the Court’s Order, he would not have provided the Office with a means of verifying that deception."

0 comments, click here to add the first