← Back to context

Comment by Fordec

3 years ago

One person, one vote. [0] https://en.wikipedia.org/wiki/One_man,_one_vote

A core of Democracy is indeed preventing ballot stuffing when people go to upload the vote results they see. We're just not talking about electronic means than paper ones. You say "me", why is your script different from a Russian-style nation state trying to put weight on the scales? Or trying to DDOS the site? And if you are indeed different, to make the distinction in any way, some form of meta information must be monitored and acted upon. You may be innocent, I can not know that in the technological future you propose. Without information, as per security best practices, the wire defaults to closed, not open. The cost is the loss of ease of use and access, but the data integrity is more important than your scripting convenience. The data can at least represent the historical record. Without that historical record, scripting of false data is worse than useless and actively dangerous and not worth putting into the world.

6 comments

Fordec

Reply
matheusmoreira  3 years ago

> A core of Democracy is indeed preventing ballot stuffing when people go to upload the vote results they see

> You say "me", why is your script different from a Russian-style nation state trying to put weight on the scales?

Don't accept votes from unknown, untrusted randoms. Even in my country where the election is fully digital, they check my ID before letting me vote. There are ways it could go wrong but that isn't one of them.

> Or trying to DDOS the site?

They can't DDoS you if you have them pay for the resources required to serve them.

> The cost is the loss of ease of use and access

That's fine.

  • Fordec  3 years ago

    > Don't accept votes from unknown, untrusted randoms.

    Trust can be built from metadata. You stop it from being unknown, by shock, building up knowledge through recording it.

    > They can't DDoS you if you have them pay for the resources required to serve them.

    Not a payment processor. Not a business. Nobody is going to pay for membership. This is not on the table.

    > That's fine.

    I deeply disagree and you're not changing my position on that nor am I likely to change yours. But I'm the implementer, so guess which way it's going. See: Not accepting your money.

    What I have though gotten out of this conversation is that I'm now aware of how much more complex feature set I need to put into the first party tracking to get it right in a shifting tech environment. So food for thought.

    • matheusmoreira  3 years ago

      > But I'm the implementer, so guess which way it's going.

      You're an implementer operating in a deeply adversarial environment where everyone is your enemy. Everything you do can and will be circumvented, especially by the Russia-style attackers you mentioned. See the copyright industry's fruitless attempts to curb copyright infringement. If it actually looks like you succeeded, it's only because people didn't care enough.

      Unless the free computing we enjoy today is completely destroyed to the point we can only run government signed software, there's little you can do to defend against these things. To stop this, you will need tyranny the likes of which will destroy everything the word "hacker" stands for. I presumed you cared at least a little about that since you're posting on Hacker News.

      3 replies →