29 July 2004
No, this is not a message about Diebold! I’m meeting with some staff next week who have an interest in automating the library elections we hold periodically. Since these are pretty friendly contests, I don’t think we need quite the audit trail of a government election, but we do need to maintain anonymity and make participation easy. If you have any suggestions of systems that might facilitate our internal governance elections, let me know. If you want to suggest issues that I should keep in mind when approaching this topic, let me know those as well.
One idea I’ve had is to verify identity with X.500 and keep voting records in a back-end database so that voters could change their minds by recalling their own ballot until the election is closed. The problem is that I would not want the database to easily identify the voter or the record of a single voter over multiple elections. But what about this… Have the software hash the userid of the voter and the title of the given election into a value by which you key their vote in the database. If they return, the same hash should be generated resulting in the same vote being modified. But if a sysadmin looks at the database, they just see a bunch of hashes, unique to that election, with no simple way to attribute a particular vote to a particular staff member. Sure, anyone with sufficient tech knowhow and time could crack this system without much trouble, but the motivation for doing so would be very slight, so this is probably not a great threat. Thoughts?