[ale] OT: Free Showing of "Invisible Ballots", Thursday, 3/16, 7:00pm, UUCA

James P. Kinney III jkinney at localnetsolutions.com
Thu Mar 16 23:08:09 EST 2006 

On Thu, 2006-03-16 at 13:26 -0500, Jeff Hubbs wrote:
> "And hey, the great thing about paper ballots is that YOU HAVE THE 
> BALLOTS. So you can do things like re-count them and examine them for 
> evidence of tampering."
> 
> Yep - so learned Gaius Baltar!

That was a totally creepy episode. Battlestar, SG-Atlantis and SG-1 have
written themselves into a mess.
> 
> Jeff

As far as balloting goes, here's what I think is a step in the right
direction:

I like the touch screen. It does make it easier for everyone to mark a
ballot. It's the next few steps that are awkward in the current scheme.

I want the touchscreen to generate a printed paper tape that lists in
human readable form the office followed by the chosen candidates name.
Each office is on a single line and the chosen candidate is on the next
line. A blank line separates entries. At the bottom is a random number
and the polling location.

Now the voter take that paper slip and feeds it into another computer
that reads it back out and displays the contents of the paper slip on
the screen. At this point, the paper slip is visible to the voter but
not touchable. The voter is asked to confirm the screen contents. If
they confirm, the vote is recorded and the paper slip is whisked into
the manual count ballot box. A stub is printed that has the random
number and the polling station ID. The voter takes the stub to the final
official who records the number for the records.

 If there is a problem and the voter does not confirm that the screen
matches the paper slip, the slip is returned and the ballot machine will
not accept any more ballots until it has been checked by ballot
officials. (more on this in a bit).

The ballot machine records the votes onto an append-only media along
with the random number and the polling station ID. When the vote is
over, the official for the polling station inserts their special key
card and types the password and the system does a crypto signature of
the file on the ballot media and changes it to read-only. A pair of
digital hashes are printed, one for the entire file contents and a
second for just the ballot numbers, and it is secured with the paper
slip ballot box. The media devices is removed from the ballot system and
is shipped by a different courier to the counting area than the paper
ballots. The paper ballots should go to a different location for
counting.

The paper ballots have their ballot numbers entered by polling place
into a system that generates a hash of the numbers. This must match the
hash on the receipt an it must match the hash on the media from the
polling station.

If during the voting process a voter decides the ballot system did not
read the paper slip correctly, the following process is used: an alarm
sounds to call the ballot official, they insert their special key and
and proceed as if the vote was over (crypto sign, hashing as above), the
invalid paper ballot is rejected and rubber stamped "INVALID", the paper
ballot box is replaced with a new one, the media card is replaced with a
new on, the ballot machine is restarted, startup tests are performed to
validate the scanning optics, the system is returned to normal use if
the validation tests are OK.

During final counting, all ballot boxes are treated and handled
individually. The software is, of course, all open to any public
scrutiny from the OS to the actual ballot counting code.

The paper slips are a bit of a handling issue and could tear in use. The
initial touchscreen machine could instead generate a properly punched
card (since lil' ol' ladies can't poke out the chads well) using a
simple punch and die from the days of card punch computing. The voter
can also get instant feedback by placing the punched card over a screen
image of what their card should look like (index the card picture to the
corner of the screen) and make sure dots line up. 

-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part

More information about the Ale mailing list