
Voting by Email in New Jersey - tptacek
http://www.crypto.com/blog/njvoting
======
tptacek
Matt Blaze is a UPenn professor, and one of the most important security
researchers working on electronic voting.

What I don't understand about NJ's plan is, why don't they just delay the NJ
statewide elections? NJ isn't really in contention in the Presidential race;
the only tricky election is Menendez's for Senate --- not because he could
lose, but because the Senate needs the election wrapped up. Christie isn't up
for election, nor (obviously) is Lautenberg.

So they could limit the potential damage/controversy here; let people
provisionally vote for President (Romney won't challenge the results; NJ is
going for Obama the way Utah is going for Romney), and wait a couple weeks for
the rest of it.

~~~
eli
The US Constitution specifically says that election day (for President and
Vice President) must be the same date for every state.

~~~
tptacek
Yes, for President. Which is my point. The Constitution does not compel New
Jersey to hold statewide elections on any particular day.

In fact, if they go ahead with the email plan, they may have to vote on some
random other day anyways, when the controversy over challenges forces a re-
vote.

~~~
eli
Ah, I see what you're saying. Well, as a practical matter, I'm pretty sure NJ
would have to amend its state constitution to change election day for local
office. I'd be very surprised if that's even legally possible to accomplish
before Tuesday.

------
tinco
I am curious: Does the US have any webbased citizen identification system? In
the netherlands we have something called 'digid.nl' which might not be up to
e-voting standards, but it is at least a lot more secure and reliable way to
identify and authenticate citizens.

Digid.nl is sort of like a firewalled openid. Government websites like the
dutch tax office will redirect you to there to authenticate, you get
redirected back with a token, and the government website can verify that token
with the digid servers. Effectively moving most security/privacy problems to 1
single service that is done right, instead of leaving it to every ministry to
get it right.

What perhaps is a bigger problem than if it is secure enough, is does it have
enough penetration? I'm sure the US constitution has something to say about
the election booths needing to be accessible to the majority (if not all) of
the people. If this many people are displaced, is it reasonable to expect that
if not a house they have access to internet?

~~~
tptacek
No, we do not.

Fun fact: DIGID.NL was secured by Diginotar, the SSL CA that got hacked, tried
to cover it up, and later had to admit that fraudulent certs for many of the
most popular sites on the Internet had been issued by their hacker.

The US Constitution does not have much specific to say about how voting is
accomplished. Each state is allocated a certain number of electors. It's left
up to the states to determine how they're apportioned to candidates. The
candidate who receives a majority of electoral votes wins.

In practice, it's 2 centuries of precedent set by the courts and laws set out
by the legislatures, stemming from the principles in the Constitution (rather
than any specific mandate from the Constitution), that determine the specifics
of what is and isn't OK in an election.

We have a relatively old Constitution (as liberal Constitutional governments
go), and it changes very, very rarely.

~~~
tinco
Did you bring up the Diginotar hack/scandal because you think having a citizen
authentication system is a terrible idea? I think the diginotar incident
showed more of how bad the SSL CA situation really is than of the lacking
security of digid.

I personally think digid is a great idea, and actually that it should be
opened up and extended to allow more (non-government) organisations to make
use of it for true "real name" authentication.

~~~
tptacek
I brought up the Diginotar hack because the security of the Digid system
depended on an organization that was so thoroughly owned up that it was forced
out of business, and I felt like that was relevant to a discussion about
centralizing the authentication of citizens to a single organization that
could be trusted to get things right.

------
qeorge
Does it matter? I don't mean that flippantly.

\- The number of total votes by email may not be greater than the margin
anyway

\- In-person voting also has basically no authentication, and there's been
little to no voter fraud incidents

\- To commit large scale fraud you'd need to identify a large list of people
who definitely are registered and didn't vote in person. You'd then need to
request ballots and respond for each person individually. Shouldn't it be very
easy to spot a pattern, were someone to attempt this?

My biggest concern would be that it unfairly favors some demographic more than
another (which the OP brings up). But that's still better than
disenfranchising everyone.

To be honest, I'm fairly impressed with the reaction time and the lack of
technophobia on the part of the NJ govt. Its a simple solution that does a lot
of good.

~~~
tptacek
No, it probably doesn't matter. Voters are only allowed to cast ballots via
email if they've been displaced by the storm (or are a first responder on-site
mitigating storm damage), and must request a ballot from their precinct to
vote via email. The number of people who will cast these ballots will probably
be way below the margin, and all of them will be traceable in the event of a
close election or recount.

------
henrikschroder
Sidecomment, but worth noting is that whenever there's debate in Sweden about
electronic voting, the biggest _opponents_ are always the Pirate Party.
They're the ones who would arguably have the most to gain if their supporters
could just do it over the internet, but _because_ they're computer-savvy, they
know what an incredibly difficult problem it is.

We'll stick to papers and envelopes and ballot boxes, thank you very much.

------
irateplatypus
To put this in context, I live in New Jersey. I understand the concerns about
security with email voting. Though I think the bigger issue will be the lack
of power and access to polling stations. Even though power has been restored
to the majority of households there are still ~500,000 households without
power. Who knows how many polling stations have been affected. In addition
many areas have curfews and limited access either because of downed lines,
blocked roads, and or flooding. Even with all this I have a feeling few people
will be voting via email. I think NJ is just trying to give people as many
options as possible because of how large of an impact this storm has had.

------
mtgx
Why aren't they using something like this?

<http://www.wombat-voting.com>

~~~
tptacek
Because the problem isn't tallying the votes; it's that a sizable chunk of the
electorate is displaced due to the storm and can't get to their polling
places.

------
espitia
Government will one day be online, adding much needed transparency to it. This
is just the first steps.

