[LINK] [UK] Call for e-voting to be scrapped amid security fears

Craig Sanders cas at taz.net.au
Wed Jun 27 12:35:47 AEST 2007 

On Wed, Jun 27, 2007 at 11:51:25AM +1000, Stewart Fist wrote:
> Craig writes:
> > it's not only the hardware - software that behaves well under light
> > to moderate loads can do really strange things when put under a
> > heavy load - and in voting situations, you often get insanely heavy
> > loads in a short period of time
>
> I don't understand how software, which is only being called upon to
> record a simple YES/NO vote every ten seconds or so (the time it takes
> the voter to read the question and make a choice) can possibly be
> suffering a heavy load with any modern computer or networked computing
> system.
>
> I would have thought any processor later than the old 4004 would be
> capable of handling such throughput.
>
>
> This is a question, not a criticism.
>
> What create the load?

1. (minor) it's not yes/no. in australia, the system would have to
record the voter's ranking of each candidate and, for the senate, either
a simple above-the-line party vote or a below-the-line ranking of 100 or
more candidates.

2. (major) that's PER voter. one voter is no problem.  10 simultaneous
voters is also no problem. try scaling it up to thousands or tens of
thousands of simultaneous voters and you get serious problems.

systems like this don't scale linearly.

the more simultaneous users, the longer it takes for each transaction to
complete which means that there is a larger backlog - which means that
there are more simultaneous users (because each one is staying online
for a lot longer). not good.

3. it's not one vote every 10 seconds or so. it's many hundreds of votes
every second (with centralised recording, that is), with significant
back-and-forth "conversation" (protocol negotiation, data transfer,
encryption, authentication, etc) for each vote.


> Does the above only apply to the aggregation end of a county-wide
> network, or are we talking about individual machines overloading at
> the point where the selection is being made?

there are many different ways of doing it. each with their own
particular advantages and disadvantages.

with centralised recording, you don't have to trust each individual
"voter console" because the majority of the application runs on the
central servers, requiring only a relatively dumb terminal at the
polling booth. the downside is that it means centralising the load.

with distributed recording, the voter consoles have to be much more
sophisticated/complicated. the advantage is that the records for that
particular console can be uploaded to the central servers in a bulk
batch. the downside is that it might be possible for that batch to be
tampered with, or for that console to break or be deliberately destroyed
(thus disenfranchising the voters who used it).


craig

-- 
craig sanders <cas at taz.net.au>

More information about the Link mailing list