Security quotes of the week

Posted Mar 22, 2019 23:16 UTC (Fri) by smitty_one_each (subscriber, #28989)
In reply to: Security quotes of the week by nwrk
Parent article: Security quotes of the week

Technology for its own sake is a bogus god.
While I don't mind augmenting the process with tech to speed up reporting, the two invariants I can't relinquish are:
(1) A secret (air gapped) ballot. No amount of AI should *ever* connect voter A to ballot B. This implies the non-perfection of the outcome, yes.
(2) A hard-copy ballot that can be used to audit any tech used to speed up the process. This implies additional costs, yes. Freedom ain't free. Costs a buck-oh-five.

Security quotes of the week

Posted Mar 26, 2019 0:22 UTC (Tue) by naptastic (guest, #60139) [Link]

The state of Utah does both of these correctly. When you enter the voting station, you verify your identity with someone who tells your precinct number to someone handing out signed cards that only identify which precinct (and thus which ballot questions to present.) The cards authorize one ballot, and have to be re-programmed before being used a second time.

The machines in Utah are made by Diebold, which is unfortunate, but they do provide a paper trail for people to physically see what's going into the tamper-evident canister, and thence to the safe. In the event of a recount, they get to figure out not only what the exact numbers were, but how far off they were from the machine counts.

(Source: I was a poll worker for the 2002, 2004, and 2006 elections in Salt Lake City. Also, there's no point stealing elections in Utah, so there's no incentive to sell them insecure models. Better sell them the more expensive, more secure models.)