bounding brokenness

Paper voting is broken

An interesting link popped up on Hacker News today: the Wombat voting system. It’s part of a long line of electronic voting systems (including Helios, created by Ben Adida, now at Mozilla) that aim to use cryptography to ensure the privacy and integrity of votes.

Of course, Hacker News, being the contrarian, negative community that it is, immediately shot it down by claiming that ”we don’t need computers in voting”, that such systems attempt to ”fix a problem which don’t exist”, and that such systems alienate ”common people without IT education”.

It’s sad to see people – on Hacker News of all places – being Luddites.

Paper voting is fundamentally broken, and will continue to be as the world’s population increases. The reason’s simple: it doesn’t scale. The last Indian general election had over 417 million people casting votes. 417 million. Imagine the sheer amount of time and resources it would take to count 417 million votes, and the possibility of error that might happen with improperly marked ballots, etc.

Fortunately, Indian elections haven’t had paper voting for a while. They’ve instead had standalone voting machines that keep a tally of votes for each candidate and reveal them on counting day. However, the election commission of India expects citizens to trust these machines on their word, and it’s been shown that these machines are actually quite vulnerable to fraud.

So, yes, the problem exists, and yes, we need computers to solve it. I’m glad to see brilliant minds hard at work on solutions. Democracy’s far too important to let voting systems not be end-to-end auditable by anyone with the requisite knowledge.

One last note: do people feel alienated when they check their email, type in their credit card number on a shopping site, or operate their bank accounts over the Internet without knowing all the mathematics and engineering making sure no one else is reading their data? The way crypto, and scientific knowledge in general, has always worked is that you either (a) have domain knowledge that lets you verify what is being said, or (b) trust others who do.