E-voting is a terrible idea

Jun 29, 2020

Vote

I’ve been seeing people confused and wondering why e-voting hasn't been implemented yet. Everyone assumes it has to be possible by now. E-voting is possible, but it's incredibly insecure and does not maintain trust, anonymity, and security like paper ballot elections. The big issues with e-voting:

  1. Maintaining anonymity
  2. Maintaining trust
  3. Scaling attacks

While e-voting could offer convenience for citizens and help more people vote it suffers too much from other problems.

Anonymity.

Your vote needs to be completely anonymous and there should be no way for anyone to tell how you voted. This is the most powerful way of preventing bribery and threats. This is why taking selfies with your ballot is becoming a problem. You should have no way of proving how you voted. Please, stop taking selfies of how you voted. If you have a way of proving how someone voted it opens the door for deals or threats when you’ve voted “incorrectly”. Votes have to be anonymous

Trust.

Everything is still run by humans. Humans can be corrupt, incompetent, and threatened. To mitigate humans causing issues we have safeguards in place. These are to prevent votes from being tampered with. Sealed ballot boxes, multiple parties being present at the time of vote counting, and manual vote audits are all techniques to mitigate risk.

Attack scaling.

Paper ballot voting isn’t perfect and it is prone to issues. But attacks against it don’t scale well.

It takes a lot of time, money, and power in order to influence enough people to make a big enough difference to drastically change an election and the more effort you put into something like this, the more likely it is you will get caught. It is incredibly difficult to get away with this on a massive scale.

People have attempted to commit fraud in elections.

"Granny farming" is a great example where operatives go around to retirement homes and convince the elderly to sign away a proxy vote. This stuff can work, but it doesn’t scale to a national level and you’ll likely get caught.

With e-voting all of these key issues are compromised.

Do you really trust the computer that is counting the votes everyone has made? Hopefully that code is all open sourced so it can be audited to make sure it doesn’t have any major issues. This will likely not be the case, but lets pretend it is. How do we know the software hasn’t been compromised at some point before the election? All it takes is a simple swap a USB stick on an unguarded computer.

Maybe we could keep everything open source, tested, and secure but now you have to make sure voters trust these systems. Most voters will have no idea how any of these systems work.

Voting machines have also been constantly compromised.

My trust is lacking.

How do we count votes?

Do we trust a centralized server with counting the votes? We have to make sure that the server can’t be compromised. But now we’ve altered the attack vector from requiring boots on the ground across the country, to just needing to compromise a centralized server. It is much easier to scale an attack on something like this.

What about voting from your phone?

I’m sure the device you’re reading this on is free of any viruses and malware. But what about grandma or everyone else you know? Malware attacks can be massive and you don’t even have to leave your computer in order to execute them. Smart phone voting would give an excessive amount of leverage. This type of attack scales incredibly well.

What about crypto?

Crypto breaks anonymity. You’d have a record of all transactions and that would ensure you couldn’t vote anonymously. Attacks against e-voting are incredibly more powerful than attacks against paper ballots. E-voting doesn’t do well in maintaining anonymity and trust in elections.

E-voting is a terrible idea.

A handsome man.

I'm Wes. I live in Boston and work on Wonderment.