[tedmiston]

And yet we trust software to do things like run our credit card transactions and withdraw money from our bank accounts.

The resistance [from several in the industry not just your comment] to making voting happen via software really concerns me.

[nothrabannosir]

That's significantly less important than voting. And the incentives are properly aligned: the bank is responsible for making its systems secure, and if they lose your money they have to refund it. Voting? Not so much. Lost ballots? "Woops :) sorry."

If the voting machine vendor executives faced actual personal serious jail time for botched counts, I might be more inclined to trust it. Then again, I bet you a tenner they'd suddenly have a lot more fail safes in place.

Aligned incentives is absolutely, 100% required for anything to work in our society. It's what we're built on. Otherwise you will always be swimming upstream.

[csallen]

> Aligned incentives is absolutely, 100% required for anything to work in our society. It's what we're built on.

I wish more people understood this simple fact of human psychology. It's astonishing how often people will support some system that incentivizes bad behavior, and then act surprised when people behave badly.

What's more, when faced with this situation, these same people will resort to shaming the bad actors rather than fixing the broken system.

[Ntrails]

Aligning incentives properly is hard. I think a good example is about how to best incentivise General Practice medical care centres (UK NHS system). Patients seen? Patients in catchment area? Mortality/Morbidity rates? Patient outcomes (how you measure these is a rabbit hole of perverse incentives)...

Each and every idea has a logical optimum strategy for the trust to maximise income, and all of them aren't quite what you're trying to achieve. So you really want to blend some of these (and others) together in just the right mix, but without creating hundreds of hours of admin just to support the metrics.

[colejohnson66]

> If the voting machine vendor executives faced actual personal serious jail time for botched counts, I might be more inclined to trust it.

Even with a threat like that, they'd probably still walk free by just using the DMCA to silence the security researcher

[Animats]

Which Diebold tried. They lost.[1]

[1] https://en.wikipedia.org/wiki/Online_Policy_Group_v._Diebold....

[audeyisaacs]

Banking systems are publicly verifiable. If your balance suddenly changes, you're going to know about it.

With electronic voting, any method of verifying your vote is incompatible with the principle of a secret ballot.

(edit: additionally, with paper ballots and adversarial scrutineers, every vote will certainly be counted properly as the people who stand to benefit(the politicians) can raise an issue if a ballot is being counted the wrong way. It's much less likely that every individual would verify their own vote).

The resistance for voting via software may really concern you, but the push for it really really concerns me...

[dpark]

Part of the problem is that the incentives are skewed. Visa has incentives to have a strong auditing trail and to perform constant audits because they bear part of the cost for fraud. Merchants are also heavily incented to carefully manage credit card data, because they are responsible for bearing much of the cost of fraud.

What are the incentives for voting machine manufacturers to do a good job? Engineering a trustworthy system is tough, and it's expensive. If the machines cost twice as much, no one will buy them and it won't matter if they're more secure. And the market itself is unhealthy. If you spend 10 million on voting machines, you won't replace them the next year even if a bunch of security issues surface. You'll "demand" the company fix them, they'll issue some half assed patch, and you'll go on using the junk you bought.

[colanderman]

That's not the same at all. Credit card transactions are auditable; just compare with the receipt. The same is not true of electronic voting machines with no paper trail.

[colejohnson66]

What if the voting machines printed out a paper copy listing who you voted for that you could compare with a copy online listing who you voted for? It doesn't solve the problem of hacking electronic voting; that can only be solved by using paper votes. Sadly, until there's a mass voter fraud scandal, the majority of the public won't know or care about how vulnerable electronic voting is.

[Animats]

The machines San Mateo County uses do that. After you've made all of your selections, your votes are printed on a paper roll which appear behind a window, with a big bar code at the bottom. If you approve, the paper is wound out of view so the next voter can't see it. You can reject the printed version and go back, in which case the paper is marked with CANCELLED or something similar.

At the bottom of each voter's paper roll entry is a big bar code. This allows quick recounts by running the paper roll through a machine that reads the bar codes. A full manual check is also possible, but slow. The system goes through miles of thermal paper for each election, but works OK.

[belovedeagle]

Voters should not be able to prove whom they voted for; enabling them to do so opens up the door to several kinds of fraud (vote buying, coercion, etc.).

[bajsejohannes]

There are some pretty neat solutions to this. One of them involves a double layer ballot+receipt. When viewed on top of each other, they spell out the vote, but alone the receipt will just give you enough information to see if your vote is counted or not:

https://people.csail.mit.edu/rivest/voting/papers/Chaum-Secr...

Not sure it beats paper ballots and hand counting in terms of practicality, though :)

[VLM]

Another scheme is giving away fake receipts in addition to or instead of "I voted" stickers.

OK VLM your boss needs a Trump receipt, your communist college professor needs a Clinton receipt, you need another Clinton receipt for facebook and github or they will delete your accounts, that'll be one R, three D, would you like any complimentary green party receipts? OK here's all your receipts thanks for voting see ya in 4 years!

Heck hand them out with the bake sale goods. Have a free set of pre-printed fake receipts for ALL the candidates with some delicious chocolate chip cookies that fund this schools PTA. "Could I interest you in this cageless chicken egg gluten free organic soy oil brownie with a complimentary fake green party receipt?"

[dpc59]

People steal identities to withdraw money from bank accounts and credit cards every day though, the consequences of fraud really aren't the same. It's easy to go back and fix the numbers in a bank account, and it's also pretty easy to notice there are transactions you didn't make and money is missing from your bank account, it's much harder to notice fraud when it just results in extra votes.

[colejohnson66]

If a national ID (like your SSN) were implemented correctly with multiple verification steps, identity theft wouldn't be a problem. I know that's a fantasy that will never happen, but identity theft shouldn't have to be something people have to worry about. I shouldn't have to think about identity theft protection. Heck, it shouldn't even be a thing. If someone steals my identity, all they did was convince a clerk they were me. That's the business' fault, not mine.

[paulsutter]

We can see the transaction history and balance in financial accounts, and when there's a mistake we can and do get it corrected.

Don't forget that Wells Fargo was able to open millions of accounts without consumer authorization. So maybe financial accounts are less secure than you think.

I'm also surprised by blanket assertions that electronic voting is inherently bad. But I'm equally surprised by assertions that electronic voting is inherently good.

[vilhelm_s]

Bank accounts are verifiable: you can look at the list of withdrawals and check if there are any unexpected transaction, and whether the computed account balance corresponds to the sum of transactions. The concern with electronic voting machines is how to provide a way to check their work.

[NikolaeVarius]

Those systems are made by massive companies with a hugely vested interest in NOT screwing up because screwing up would massively screw up their revenue.

Voting systems do not have that.

[tomohawk]

In credit card transactions a certain percentage of theft is expected and accounted for. It's built in to the price of using credit cards and buying goods.

There's no way voting for candidates can account for vote theft in the same way.

[DamienSF]

The resistance isn't about the use of electronic systems for our elections but about the poor reliability and lack of transparency of the current systems. The vote count should be reliable and transparent. Is it to much to ask?