Comment by matheusmoreira

3 years ago

An open, democratic web doesn't discriminate against me just because I want to use a Python script instead of a browser.

7 comments

matheusmoreira

Reply
Fordec  3 years ago

One person, one vote. [0] https://en.wikipedia.org/wiki/One_man,_one_vote

A core of Democracy is indeed preventing ballot stuffing when people go to upload the vote results they see. We're just not talking about electronic means than paper ones. You say "me", why is your script different from a Russian-style nation state trying to put weight on the scales? Or trying to DDOS the site? And if you are indeed different, to make the distinction in any way, some form of meta information must be monitored and acted upon. You may be innocent, I can not know that in the technological future you propose. Without information, as per security best practices, the wire defaults to closed, not open. The cost is the loss of ease of use and access, but the data integrity is more important than your scripting convenience. The data can at least represent the historical record. Without that historical record, scripting of false data is worse than useless and actively dangerous and not worth putting into the world.

  • matheusmoreira  3 years ago

    > A core of Democracy is indeed preventing ballot stuffing when people go to upload the vote results they see

    > You say "me", why is your script different from a Russian-style nation state trying to put weight on the scales?

    Don't accept votes from unknown, untrusted randoms. Even in my country where the election is fully digital, they check my ID before letting me vote. There are ways it could go wrong but that isn't one of them.

    > Or trying to DDOS the site?

    They can't DDoS you if you have them pay for the resources required to serve them.

    > The cost is the loss of ease of use and access

    That's fine.

    • Fordec  3 years ago

      > Don't accept votes from unknown, untrusted randoms.

      Trust can be built from metadata. You stop it from being unknown, by shock, building up knowledge through recording it.

      > They can't DDoS you if you have them pay for the resources required to serve them.

      Not a payment processor. Not a business. Nobody is going to pay for membership. This is not on the table.

      > That's fine.

      I deeply disagree and you're not changing my position on that nor am I likely to change yours. But I'm the implementer, so guess which way it's going. See: Not accepting your money.

      What I have though gotten out of this conversation is that I'm now aware of how much more complex feature set I need to put into the first party tracking to get it right in a shifting tech environment. So food for thought.

      4 replies →