Why is that evidence in any direction. “Computer security is hard” is just as much evidence that Biden actually won by 10% in Georgia as it is that Trump won.
It's not evidence in any direction. It's perfectly possible votes were stolen from Biden, from Trump, or neither. We don't know. I wish we did.
In this context, though, security is NOT hard. We've just made the decision not to do it. I see no excuse for why I shouldn't be able to see the source code and design of the voting machines in my state, or audit any part of the manufacturing or voting process. This should all be open and transparent. A not-for-profit should be able to spot audit a hundred random machines around the US:
- Swipe a credit card to cover supervisor time
- In a secure facility, confirm the source code and hardware are as advertised on local voting machines
This just isn't rocket science.
Judging from downvotes and comments on HN, building political consensus around that will be neigh-impossible post-Trump. Click on my post history. Most of my comments are in the +3 to +15 range. Virtually all my comments in this thread are either 1 (not voted on) or between 0 and -4 (having gone to -6). None are swinging Trump conspiracy theories; merely pointing out the obvious: we need robust, auditable, secure voting.
The context here is that one side is advancing frivolous claims of voter fraud, believed by millions of people, some of whom were moved by those claims to violent insurrection.
And in this context, you are choosing to jump into those conversations to express vague generalities and open ended speculation that can't be pinned down to any specific claims about anything in a context where a mob is looking to those exact themes to motivate their violence.
There's a form of dishonesty that comes from making untrue claims about voter fraud, and there's another kind that comes from the themes you choose to emphasize to fan on the flames of false arguments while being coy about whether you personally believe them. This falls in the latter category, and this is the problem people have with your comments.
Well, there's a question about what will calm millions of people down:
1) Lying to them that elections are secure, and telling them to sit down and shut up
2) Taking concerns seriously and addressing them
Your premise is that #1 will prevent a violence. My claim is that #2 will.
You can flipped this around. We had a lot of violence and lawless behavior around BLM protests. What would have calmed people down? Telling them we didn't have racism, to go home, and shut up? Or providing a clear process to address their concerns peacefully?
I think most folks on the right will move on from the Trump election if the left knocks it off with "sit down and shut up," which is coincidentally the exact language right wing commentators use.
As a footnote, which concerns are valid is almost irrelevant. For this, what matters is which concerns people believe.
The specific allegations about voter fraud as believed by millions are indisputably fraudulent.
You are trying to equivocate between those specifically and indisputably false allegations and something completely different: a much more generalized and vaguely expressed set of concerns with election security writ large.
These have nothing to do with each other and yet you are equivocating between them.
That's exactly what the other side says about BLM.
With that attitude -- that there are tens of millions of people who can't be trusted or reasoned with and need to be locked up and silenced -- civil war is inevitable.
"Those people" are human beings too. You might not agree with them and they might be wrong, but they're not very different from you. They're just exposed to different culture and information.
Don’t be so tribal. You’re othering a broad swath of people, most of whom are quite reasonable. Hyperbole and lack of communication and empathy are what got us into this mess in the first place. This shit comes from both sides and it has to stop.
It is. How many papers were been published in Oakland between 2000 and 2010 on election security? Lots. Clearly this is a problem interesting enough to capture the interest of computer security faculty. It isn't a toy problem.
In addition to technical challenges (open sourcing isn't magic), there is a very complex organizational challenge due to the decentralized structure of elections in the US.
But more importantly, making vague claims about hypothetical limitations of the existing systems while tens of millions of americans believe that actual literal fraud stole the election from Trump and are using that as motivation to invade the capitol building and disrupt the process of transitioning power between parties is tone-deaf to say the least.
Proper security may be hard, but election security is at the level of someone running a 5-year-old Android phone which no longer receives security updates.
Seriously.
It's tone deaf to one side, but I'm pretty scared since the other side has, just as wrongheadedly, convinced itself these systems work. I'm not worried about 50,000 votes stolen due to doublevoting somewhere or a mailtruck of votes getting lost. If victory falls on the 50.1% mark versus the 49.9% mark, that's okay. I'm worried because we have a system which IS exploitable and which WILL be exploited, if it hasn't already been.
Rigging US elections has incredible ROI for any foreign state actor, and simply isn't hard.
For the record, I made equally tone deaf comments when 9/11 happened and when COVID19 was in its early days. Now, they're common sense to most people. I don't want to wait for Russia, China, or North Korea to pick our next president before we do something.
Open source, transparency, and auditability won't solve the problem 100%, but they'll prevent most types of gross, blatant rigging. Cryptographic voting algorithms or paper trails will get us much of the rest of the way there. We don't need perfect security, but we need to be in a place where a single point of compromise can't break our democracy.
> Proper security may be hard, but election security is at the level of someone running a 5-year-old Android phone which no longer receives security updates.
I'm serious. Go read the papers. You very obviously don't have a background in academic security. Because Oakland doesn't tend to accept stuff on trivial matters.
