| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by salvadors 4090 days ago

The Estonian voting system already allows you to verify your vote from a second device for a short time period.

This certainly doesn't protect against all attacks (and it's only one part of the security system) — but it _does_ help against the threat of a virus that invisibly intercepts your vote to turn it into something different. If people started reporting that their phone showed a different vote to what they thought they'd cast via their laptop, then the election would be in trouble.

The fact that it only shows you this for a short time period also gets around the problem of you being able to show to a third party how you voted (in cases of vote-buying or coercion), because under the Estonian system you can also vote as many times as you like (with only the final vote being counted). So you could use this verification to 'prove' to someone that you voted the way they wanted you to — and then log in again an hour later and vote for someone different.

1 comments

polymatter 4090 days ago

But it also means that a virus that intercepts your PIN and your ID card can log in an hour later and vote for someone different. You then would have no way of knowing.

salvadors 4090 days ago

As I said, this particular approach isn't a solution to every potential problem.

However, I'm much less concerned with this threat than with the much simpler virus that simply changes your vote in real time.

Most people I know don't leave their ID card connected at all time; so the virus would need to wait for the next opportune moment, rather than silently casting this vote whilst you're not at my computer — thus significantly increasing the chances that at least some people would notice it. If it also had to load the voting software again to send the vote (I don't know enough about the protocols around this to know if it would have to or not), then it would be even more likely that some people would notice.

And on top of that, don't forget that the ID-card software shows on launch how many times you've digitally signed things. Most people almost certainly don't pay much attention to that number, but I'm sure some people would notice it rising unexpectedly from the virus, and an investigation could happen.