When it comes to voting & voting systems, Nicholas Weaver on Lawfare has an important point:
At the same time, it is critical to ensure that the voting process is explainable. It is almost a sport among academics to develop computer-only voting schemes where, thanks to cryptographic magic, a voter can verify that her vote was correctly counted. Yet such schemes invariably fail the “parent test.” I can’t understand them myself without considerable effort, so there is no hope for me to explain them to my mom and dad. Such systems may work for a board election of the International Association for Cryptologic Research, but they can’t work for a regular election.
As a consequence, this perhaps surprising conclusion is effectively universal amongst computer security practitioners: the voter must either directly mark a paper ballot or the voting machine must clearly print out a record of the vote, which the voter then puts in the ballot box. Unless a DRE machine has such a Voter Verifiable Paper Audit Trail, we must assume it can be compromised. Worse, as Dan Wallach explains, a DRE without VVPAT system can be compromised without actually being compromised: if someone, including a simply unhinged candidate, gives the losers a credible reason to believe the result is fraudulent, the voting system has failed whether it has failed in a technical sense or not.
Good to see the experts agreeing with me – computer voting systems are a fad which need to be discarded.
