It's interesting thinking about the threat models of the way the U.S. is designed.
For example, when I voted in MA I didn't have to show ID or anything, just said my name and confirmed my address; I think the idea here is we're protecting from disenfranchising citizens who don't have IDs?
And there's no national ID because I think the founders didn't want there to be a single record of all citizens at the federal level? Or was it just a logistical reason? I know that was part of the reason the SSN system is so brittle and crappy - there was great pushback against a national database, but it still ended up as one, kind of, but it's a shitty one because it wasn't designed for it.
Another example is you don't really have a way to verify your vote was counted / tallied. Imagine if when you voted you got a UUID, and all votes were made public and searchable at the end of the election: UUID, Voting District, Vote.
This system would let everyone verify that their vote was counted and correct, and statistics could be done per voting district to try to make sure no extra votes were included. However, it's susceptible to vote-buying, which is a major part of the current election system's threat model.
But is that really still a concern? I feel like catching and prosecuting vote buying in my scenario is a lot easier than identifying large-scale vote fraud, hacking, or errors, in the current scenario. Or maybe there's a solution that fixes both?
There are known methods of vote verification and auditing that prevent the actual vote from being disclosed, voluntarily or otherwise. See Punchscan or Scantegrity for examples.
Pretty interesting stuff from a comp sci point of view.
>However, it's susceptible to vote-buying, which is a major part of the current election system's threat model.
Hmm, there is extensive evidence of suppression of thousands of votes, but no evidence of large-scale vote buying in recent years. I think the impracticality of pulling it off at a scale that can influence results without getting caught is prohibitive. Manipulation of who is allowed into the ballot box, when, and where is the main threat model you should be worried about.
>However, it's susceptible to vote-buying, which is a major part of the current election system's threat model.
This isn't the only issue with making votes public. There's an issue of political discrimination as well. For instance, a Hilary supporter could be found and attached, or an employer could fire all of his employees for voting for Trump.
For example, when I voted in MA I didn't have to show ID or anything, just said my name and confirmed my address; I think the idea here is we're protecting from disenfranchising citizens who don't have IDs?
And there's no national ID because I think the founders didn't want there to be a single record of all citizens at the federal level? Or was it just a logistical reason? I know that was part of the reason the SSN system is so brittle and crappy - there was great pushback against a national database, but it still ended up as one, kind of, but it's a shitty one because it wasn't designed for it.
Another example is you don't really have a way to verify your vote was counted / tallied. Imagine if when you voted you got a UUID, and all votes were made public and searchable at the end of the election: UUID, Voting District, Vote.
This system would let everyone verify that their vote was counted and correct, and statistics could be done per voting district to try to make sure no extra votes were included. However, it's susceptible to vote-buying, which is a major part of the current election system's threat model.
But is that really still a concern? I feel like catching and prosecuting vote buying in my scenario is a lot easier than identifying large-scale vote fraud, hacking, or errors, in the current scenario. Or maybe there's a solution that fixes both?