Why can't they use iris scanning for electronic voting?

[SickBeast]

I'm just thinking it would be faster and cheaper for the US government to use iris recognition to allow people to vote electronically. It would eliminate lineups and cut the government staff by a massive amount.

 

[episodic]

The problem is nothing is better than a simple paper ballot.

 

[episodic]

Originally posted by: episodic
The problem is nothing is better than a simple paper ballot.

The right tool for the right job.


http://iht.com/bin/print_ipub....1/02/news/observe.html

 

[daveshel]

We don't happen to have iris scans of every American.

 

[SickBeast]

Originally posted by: daveshel
We don't happen to have iris scans of every American.

This needs to happen. It would assist the police in tracking down murderers and such. The potential good it can create for society is overwhelming. Just think of how secure the country could potentially be with iris scanning in all major airports.

 

[CQuinn]

Originally posted by: SickBeast
It would eliminate lineups and cut the government staff by a massive amount.

And how exactly would it do that?

 

[episodic]

Originally posted by: CQuinn

Originally posted by: SickBeast
It would eliminate lineups and cut the government staff by a massive amount.

And how exactly would it do that?

Yea, then we would have 6 iris scan employees for every iris scanner.

It would go like this:
Iris Scan Network Technician (the only one doing any work of course).
Iris Scan Auditor
Iris Scan Manager
Iris Scan Public Relations Manager
Iris Scan Administrative Assistant I
Iris Scan Administrative Assistant II

 

[SickBeast]

Originally posted by: CQuinn

Originally posted by: SickBeast
It would eliminate lineups and cut the government staff by a massive amount.

And how exactly would it do that?

All registered voters would have an iris scan on record. No ID check would be required. You would walk up to the computer, wait a few seconds for it to recognize your iris, then touch the screen w/ your vote. The computer would count all the votes and declare a winner.

 

[Vic]

Maybe because it's supposed to be a secret ballot?

 

[SickBeast]

Originally posted by: episodic

Originally posted by: CQuinn

Originally posted by: SickBeast
It would eliminate lineups and cut the government staff by a massive amount.

And how exactly would it do that?

Yea, then we would have 6 iris scan employees for every iris scanner.

It would go like this:
Iris Scan Network Technician (the only one doing any work of course).
Iris Scan Auditor
Iris Scan Manager
Iris Scan Public Relations Manager
Iris Scan Administrative Assistant I
Iris Scan Administrative Assistant II

You forgot about the 10 guys paid to stand around and spectate.

 

[SickBeast]

Originally posted by: Vic
Maybe because it's supposed to be a secret ballot?

Who's the computer gonna tell? It'll be like Lt. Cmdr. Data and will have an ethics processor. :beer:

 

[Vic]

Originally posted by: SickBeast

Originally posted by: Vic
Maybe because it's supposed to be a secret ballot?

Who's the computer gonna tell? It'll be like Lt. Cmdr. Data and will have an ethics processor. :beer:

Right....

 

[AntaresVI]

The problem is that its extremely difficult to have a secret ballot with election security. Maybe there's a compromise here.

 

[Spencer278]

Originally posted by: AntaresVI
The problem is that its extremely difficult to have a secret ballot with election security. Maybe there's a compromise here.

Only when idiots try and use a computer to record the data. If you just used good old paper there is no way to associate a ballot with the person casting it.

 

[SickBeast]

Originally posted by: Vic

Originally posted by: SickBeast

Originally posted by: Vic
Maybe because it's supposed to be a secret ballot?

Who's the computer gonna tell? It'll be like Lt. Cmdr. Data and will have an ethics processor. :beer:

Right....

What would you rather: a "secret" ballot, or a system where the vote count is accurate, efficient, and devoid of fraud and bad ballots? I would choose the latter, personally. Besides, the computers could be programmed to be backed up immediately after the results are calculated. They could then be formatted, and the backed up data could be taken to a secure location.

I really think that this is the future and we need to move towards this type of system. They use something similar in India.

 

[Vic]

Originally posted by: SickBeast

Originally posted by: Vic

Originally posted by: SickBeast

Originally posted by: Vic
Maybe because it's supposed to be a secret ballot?

Who's the computer gonna tell? It'll be like Lt. Cmdr. Data and will have an ethics processor. :beer:

Right....

What would you rather: a "secret" ballot, or a system where the vote count is accurate, efficient, and devoid of fraud and bad ballots? I would choose the latter, personally. Besides, the computers could be programmed to be backed up immediately after the results are calculated. They could then be formatted, and the backed up data could be taken to a secure location.

I really think that this is the future and we need to move towards this type of system. They use something similar in India.

I would rather have a secret ballot. Otherwise (for example) my boss could fire me or deny my next promotion because of how I voted. That's just the tip of the iceberg of the abuses that could take place. Democracy requires secret balloting. Or else it won't work. I'll take a couple of inaccuracies along the way.

 

[cquark]

Originally posted by: SickBeast
This needs to happen. It would assist the police in tracking down murderers and such. The potential good it can create for society is overwhelming. Just think of how secure the country could potentially be with iris scanning in all major airports.

No, it doesn't need to happen, and the potential good isn't so overwhelming. Biometric identification is imperfect, and the idea that is perfect in the minds of its users may actually make us less secure than we were before. It's quite possible to get real IDs, biometric or not, under false names if you can bribe or deceive the ID issuers. Some of the 9/11 hijackers had valid US IDs under false names. Most importantly, there's much more to security than identification, so that even a perfect identification system is not a panacea for solving security problems

As usual, security expert Bruce Schneier explains it best:

A National ID Card Wouldn't Make Us Safer

Bruce Schneier
Minneapolis Star Tribune, April 1, 2004

As a security technologist, I regularly encounter people who say the United States should adopt a national ID card. How could such a program not make us more secure, they ask?

The suggestion, when it's made by a thoughtful civic-minded person like Nicholas Kristof (Star-Tribune, March 18), often takes on a tone that is regretful and ambivalent: Yes, indeed, the card would be a minor invasion of our privacy, and undoubtedly it would add to the growing list of interruptions and delays we encounter every day; but we live in dangerous times, we live in a new world ... .

It all sounds so reasonable, but there's a lot to disagree with in such an attitude.

The potential privacy encroachments of an ID card system are far from minor. And the interruptions and delays caused by incessant ID checks could easily proliferate into a persistent traffic jam in office lobbies and airports and hospital waiting rooms and shopping malls.

But my primary objection isn't the totalitarian potential of national IDs, nor the likelihood that they'll create a whole immense new class of social and economic dislocations. Nor is it the opportunities they will create for colossal boondoggles by government contractors. My objection to the national ID card, at least for the purposes of this essay, is much simpler:

It won't work. It won't make us more secure.

In fact, everything I've learned about security over the last 20 years tells me that once it is put in place, a national ID card program will actually make us less secure.

My argument may not be obvious, but it's not hard to follow, either. It centers around the notion that security must be evaluated not based on how it works, but on how it fails.

It doesn't really matter how well an ID card works when used by the hundreds of millions of honest people that would carry it. What matters is how the system might fail when used by someone intent on subverting that system: how it fails naturally, how it can be made to fail, and how failures might be exploited.

The first problem is the card itself. No matter how unforgeable we make it, it will be forged. And even worse, people will get legitimate cards in fraudulent names.

Two of the 9/11 terrorists had valid Virginia driver's licenses in fake names. And even if we could guarantee that everyone who issued national ID cards couldn't be bribed, initial cardholder identity would be determined by other identity documents ... all of which would be easier to forge.

Not that there would ever be such thing as a single ID card. Currently about 20 percent of all identity documents are lost per year. An entirely separate security system would have to be developed for people who lost their card, a system that itself is capable of abuse.

Additionally, any ID system involves people... people who regularly make mistakes. We all have stories of bartenders falling for obviously fake IDs, or sloppy ID checks at airports and government buildings. It's not simply a matter of training; checking IDs is a mind-numbingly boring task, one that is guaranteed to have failures. Biometrics such as thumbprints show some promise here, but bring with them their own set of exploitable failure modes.

But the main problem with any ID system is that it requires the existence of a database. In this case it would have to be an immense database of private and sensitive information on every American -- one widely and instantaneously accessible from airline check-in stations, police cars, schools, and so on.

The security risks are enormous. Such a database would be a kludge of existing databases; databases that are incompatible, full of erroneous data, and unreliable. As computer scientists, we do not know how to keep a database of this magnitude secure, whether from outside hackers or the thousands of insiders authorized to access it.

And when the inevitable worms, viruses, or random failures happen and the database goes down, what then? Is America supposed to shut down until it's restored?

Proponents of national ID cards want us to assume all these problems, and the tens of billions of dollars such a system would cost -- for what? For the promise of being able to identify someone?

What good would it have been to know the names of Timothy McVeigh, the Unabomber, or the DC snipers before they were arrested? Palestinian suicide bombers generally have no history of terrorism. The goal is here is to know someone's intentions, and their identity has very little to do with that.

And there are security benefits in having a variety of different ID documents. A single national ID is an exceedingly valuable document, and accordingly there's greater incentive to forge it. There is more security in alert guards paying attention to subtle social cues than bored minimum-wage guards blindly checking IDs.

That's why, when someone asks me to rate the security of a national ID card on a scale of one to 10, I can't give an answer. It doesn't even belong on a scale.

 

[SickBeast]

Originally posted by: Vic
I would rather have a secret ballot. Otherwise (for example) my boss could fire me or deny my next promotion because of how I voted. That's just the tip of the iceberg of the abuses that could take place. Democracy requires secret balloting. Or else it won't work. I'll take a couple of inaccuracies along the way.

Well, it worked with 1 billion+ people in India...

 

[cquark]

Originally posted by: SickBeast
I'm just thinking it would be faster and cheaper for the US government to use iris recognition to allow people to vote electronically. It would eliminate lineups and cut the government staff by a massive amount.

It's also important to note that the real security and reliability issues with electronic voting have little to do with identification. See http://www.evoting-experts.com/ for details on this election and check out Avi Rubin's analysis of the security flaws in Diebold's electronic voting system at http://avirubin.com/vote/analysis/index.html

 

[SickBeast]

Originally posted by: cquark

Originally posted by: SickBeast
This needs to happen. It would assist the police in tracking down murderers and such. The potential good it can create for society is overwhelming. Just think of how secure the country could potentially be with iris scanning in all major airports.

As usual, security expert Bruce Schneier explains it best

Actually, he's talking about an ID card system, not iris recognition. Some of his proposal's limitations are adressed by my idea (it's actually not my idea; I've heard mention of this in the past). There's got to be a simple and logical solution to the database problems. He's making the problem seem much worse than it really is.

 

[cquark]

Originally posted by: SickBeast

Originally posted by: cquark

Originally posted by: SickBeast
This needs to happen. It would assist the police in tracking down murderers and such. The potential good it can create for society is overwhelming. Just think of how secure the country could potentially be with iris scanning in all major airports.

As usual, security expert Bruce Schneier explains it best

Actually, he's talking about an ID card system, not iris recognition. Some of his proposal's limitations are adressed by my idea (it's actually not my idea; I've heard mention of this in the past). There's got to be a simple and logical solution to the database problems. He's making the problem seem much worse than it really is.

His argument applies to any national ID system, and no, he's not making the problem seem worse than it is. It doesn't matter whether you use fingerprints, iris scans, or pictures to do the actual identification. Biometrics have their own problems and don't resolve any of the issues he brings up.

 

[SickBeast]

Originally posted by: cquark
His argument applies to any national ID system, and no, he's not making the problem seem worse than it is. It doesn't matter whether you use fingerprints, iris scans, or pictures to do the actual identification. Biometrics have their own problems and don't resolve any of the issues he brings up.

This reminds me of the movie "Gattaca", a sci-fi film where DNA profiling is widespread. In the movie, it was possible to get around the system, so yes, I can see your point. The database was not mentionned.

Excellent movie BTW.

 

[Spencer278]

I could see an iris scan being used just to compare to a national database to see if that iris has been used before but I don't know how reliable such a system would be. I think the problem is how much such a system would cost and how often false positives and false negitives would occur.

 

[cquark]

Originally posted by: Spencer278
I could see an iris scan being used just to compare to a national database to see if that iris has been used before but I don't know how reliable such a system would be. I think the problem is how much such a system would cost and how often false positives and false negitives would occur.

That's the problem. Any biometric system has four possible outcomes:

[*]Correct person accepted
[*]Imposter rejected
[*]Correct person rejected (False Rejection)
[*]Imposter accepted (False Acceptance)

Unfortunately, decreasing false rejections increases false acceptances and vice versa.

And yes, Gattaca was a great movie.