Our in-house Know-It-Alls answer questions about your interactions with technology.
Q: Wouldn’t it be great if people could vote on the blockchain?
A: From Moscow to Denver, election officials and startups have embraced the idea of voting on the blockchain as a way to make mobile voting safer. Perhaps soon the whole US will jump on board! 2020 candidate Andrew Yang has added blockchain voting to his official campaign platform. “It is 100 percent technically possible to have fraud-proof voting on our mobile phones today using the blockchain,” he writes, a proposal sure to excite his technophilic followers.
Sounds appealing—even downright populist. Mobile voting could indeed increase voter participation, but it’s plagued by security issues in search of a solution.
The solution isn’t blockchain.
Let’s start with Yang’s grammar. Rude, I know—it’s never a good look to rag on linguistic tics—but it’s time to ban the “the” in “the blockchain.” The article suggests a platonic ideal, an infallible technology that exists in an air-gapped void. It’s language that leads to words like “unhackable” and to the marketing of blockchain as solution to everything from supply chains to fake news. But hold up, we’re not discussing love or abstract geometry here; we’re talking about a technology that, like any technology, hinges on the gritty details of implementation. Blockchain is a type of database, secured by a group of computers, known as nodes. But it depends on people, with all their flaws, and on connections to older, not totally secure technologies, like the internet. That’s why you shouldn’t cast your ballot for blockchain for secure elections.
For an especially egregious example, take September’s local elections in Moscow, where blockchain-based mobile voting will be open to all. The system there uses a “smart contract”—a fancy word for a computer program—hosted on the Ethereum blockchain. First off, better hope the programmers wrote that program right: Flaws in smart contracts have been the target of massive hacks in the past. But a French security researcher looking at the system found a more straightforward problem: He could crack the keys that encrypt the ballots in just 20 minutes using a home computer. Why such a silly error, security researchers wondered, gawking in disbelief around the world? Blame careless human coders.
It wasn’t enough to scuttle the blockchain plans; officials say they replaced the keys with a more robust set. Hope they got it right the second time, Moscovites.
Still, at least the Moscow election officials put out their code in advance, allowing it to be tested by outsiders (voting machine vendors in the US could certainly learn from that example).
In the US, companies are starting to test blockchain in real situations. The leader is a company called Voatz, which has conducted pilots in West Virginia and Denver for military voters abroad. Unlike Moscow, which used the public Ethereum blockchain, with its many thousands of nodes, to secure votes, Voatz relies on a “permissioned” blockchain with up to 32 servers. That’s troubling, because when few entities control the nodes on a blockchain, they become security targets. There’s no evidence (so far) that the Voatz system was breached, or was even targeted, and the company has said its security protocols were rigorously audited. But you might ask, and indeed many cryptography experts have, what’s the point of using the blockchain in the first place, if you’re going to centralize it after all?
There’s another, inescapable problem here: the internet. Say you implement your blockchain perfectly (you didn’t). It’s still intertwined with all the same flawed systems that plague online voting. Verifying voter identity from afar is always a challenge; vendors have tried “biometric” solutions, like facial comparison, but that can be subject to bias and easily gamed. (Blockchains are plagued by the question of how to tether them to real world people and things. Take supply chains: It’s near impossible to know if that crate of lettuce you recorded so securely on a blockchain is the one that’s actually on the truck, and not some other, tainted batch.)
Next you’ll have to hope the vote gets to your infallible network of blockchain nodes in the first place, without compromises to the voter’s device, or to the vendor’s app, or to the piping of the internet. Experts are skeptical that any company touting blockchain voting solutions could get all those components right, and have the right safeguards in place.
Point is, “the blockchain” is a figment of technocratic imagination. Is it “technically possible,” as Yang puts it, to use the technology correctly? Perhaps so, in a universe that’s more platonic, and less human. And in that universe, older, more proven forms of security to keep electronic voting systems safe would just as well suffice.
Here’s a suggestion: Embrace techno-regression. Let’s use less technology to vote, not more. Return to paper ballots and ensure the vote-vetters are properly funded. Worried about accessibility? Give people the day off to vote. Give citizens abroad more time to request and receive their ballots. Or better yet, send them straight away to military personnel. Make early voting easier. Just please stop trying to put voting on the blockchain.
What can we tell you? No, really, what do you want one of our in-house experts to tell you? Email the Know-It-Alls.
WIRED Theme Week: How We Learn
-
This galactic primer is the future of AR education
-
Become a musician using apps and a light-up piano
-
Free coding school! (But you’ll pay for it later)
-
Computer scientists really need to take ethics classes
-
Ask the Know-It-Alls: How do machines learn
- 👁 Facial recognition is suddenly everywhere. Should you worry? Plus, read the latest news on artificial intelligence
- 💻 Upgrade your work game with our Gear team’s favorite laptops, keyboards, typing alternatives, and noise-canceling headphones