Tuesday, September 29, 2015

E-voting, New Zealand, something something

Jon Worth posted this link on Facebook and asked e-voting advocates to address the points in it, specifically as it concerns the prospects of e-voting in the EU.
So I did.
So Jon asked me to put them in a separate blog post for easy reference.
So I did.

(As always, I encourage you to read that entire post to understand my replies.)

Myth 1: 

"How to verify that an eligible voter cast a vote that arrives at a voting system’s door remains an unsolved problem."
Wrong. Secure digital ID is a reality, and several countries have deployed state-backed PKI systems that identify persons online to a sufficient level of reliability (no lower than comparing the person in front of you to a passport photo). Now, most of the EU doesn't have digital identities deployed yet, but the eIDAS Regulation does stipulate that they ought to eventually. I know where they can buy an e-government-in-a-box, at very reasonable rates.

"They may have sent the correct credentials, but who is to say it was them who was doing the voting, and not some “helpful” malware installed on their computer?"

In the last couple of elections, Estonia has deployed a second-device authentication mechanism. You vote on a computer, and get a time-limited QR code that you scan with a phone app, it then talks to the e-voting servers and shows how your vote has been recorded. Furthermore, while many have tried, nobody has successfully demonstrated a viable in-the-wild attack on the authentication mechanism. As Jon knows, being subjected to such constant tests is how systems become more secure.

"Good luck with that when you have an online voting system, and malware to manipulate votes is discovered on many New Zealanders’ computers a day after the results have been declared."

Fortunately, e-voting allows you to re-do the process after malware has been cleaned out or the software changed to close the attack vector. And, like all critics of e-voting, this author makes the assumption that judges and scrutineers are infallible and incorruptible.

Myth #2: 

Technology moves so fast that computer systems built today need constant maintenance, monitoring and patching just to keep them operational. In the case of an online voting system, defences against the latest threats and constantly upgrading underlying software and operating systems will make the cost even higher than for the average system. It’s likely the budget for these systems will be in the millions of dollars a year.
Only relevant if you set up a separate designated system for online voting. The eIDAS Regulation requires digital identities to be provided anyway, and the system easily pays itself in the savings on bureaucracy eliminated by e-government. Nevermind the general benefit to the economy of digital identities being widely available.

Myth #3:

"“21 percent of non-voters said they did not vote in the 2011 General Election because they ‘didn’t get round to it, forgot or were not interested’ to vote.”. In a word, disengagement."

Yup, and the way it's been done with us - a long period where e-voting is available, in a very convenient way, before a paper voting day - makes it much easier to get around to it. Plus, don't discount the driving factor of being able to share an "I voted" screenshot to Facebook.

Myth #4:

"What is missing from an online vote is a paper trail — actual paper that can be counted again if a result comes into dispute."
Anyone who has paid attention to, oh, let's say the referendum in Crimea, or recent municipal elections in Russia, can tell you interesting things about the inviolability of paper trails in paper elections.

"With an online system, it’s impossible to trust the results of the count, let alone a recount."
It is possible, though, to build tamper-proof databases and systems with end-to-end encryption. (They exist for specific government purposes; but the overhead means they are uncommon and not visible to most people. Here is an example I found with some very quick google-fu, of a tamper-proof solution in an environment where the receiver does not trust the sender at all and expects them to cheat.)

It is possible to build an IT system that is secure as long as you trust one or two core administrators - same as a paper voting system is only secure as long as you trust the returning officers.

Myth 5:

"What our system can’t do, is verify that our voters clicked on what they thought they did (hint: malware can change web pages), or rely upon showing the voters their choices later (not only did we just break the “secret” part of secret ballot, but our malware is back and changing pages again)."

Well, I described above how that's been solved in practice, although it's true that the functioning of the system would be much more transparent and understandable to most voters if you give up the secrecy of the vote. There are philosophical arguments for it as well, but I doubt they would be broadly convincing.

"Scrutineers are told to watch out for husbands hovering over their wives at polling booths. In an abusive household, the victim has no right of secrecy, making coercion by abusive or judgemental people far easier. Outright vote selling also becomes simple. And in families with voting-age children living at home with their parents and disengaged with the election process, maybe a parent will decide that one extra vote for them won’t hurt?"

Again, has actually been addressed in practice. This is why you get to e-vote repeatedly over a long period, and only the last vote counts; you can vote how your boss/spouse/school bully tells you to, show them that you did, then vote the other way a few hours later.

"It’s too hard for one person to manipulate thousands of votes."

But not too hard for a group of people. And I've talked before in these conversations about how e-voting actually makes it possible to set up independent voting watchdogs that are much more efficient than the Carter Center.

Myth #6:

Er, this is just babble. Not sure how I'm supposed to respond to that. "No, YOU're stupid"?

Thursday, June 11, 2015

Jurassic World: Presented by Michael Bay.

The named characters to die off are, in order: a Japanese security commander, an Indian CEO, a snooty British nanny. Oh, sorry, there was also a comically fat security guard who got eaten. Meanwhile, Vincent D'Onofrio's operatically terrible villain is the only white guy in Costa Rica to have actually picked up a strong tan, just to make sure you don't feel as bad for him when he dies horribly (offscreen, in case he needs to come back for the sequel), while his mwahaha-ing Chinese accomplice escapes with the seeds of the next disaster. Over in the control room, the one tech who volunteers to stay behind gets hilariously and humiliatingly rejected by a girl, because he is a NERD and how DARE he try to play the hero, he is nowhere near military-trained enough to be a protagonist we actually care about!

Bryce Dallas Howard plays a female executive who spends the first act being hysterical and inept in the face of crisis, until she goes back to the man she once dumped - Chris Pratt as Bronaeris Stormborn - whose gruff manliness inspires her to get her shit together and modify her outfit for more cleavage, signalling readiness to take on the hazards of the Central American jungle without ever taking off her stilettos. Of course, she only starts being a worthwhile character when she forgets everything she'd learned in her career and is overcome with nice, Christian, motherly concern for her nephews, whom she previously abandoned, the evil witch!

The Bro of Dragons
The nephews in question are a precocious boy genius already coming into his own as the superhero Background Exposition Man, and his big brother, the sullen kid whose main purpose is to give the camera an excuse to pan over to the hot teenage girls he's constantly ogling. Never mind - they will be fine, because at a key moment we will be told that they had just happened to restore their grandfather's old muscle car together, so they know exactly how to quickly repair a Jeep that's been rotting in a Central American jungle for twenty years.

The Big Bad Monster is always exactly as capable and powerful as the plot requires, which is explained away with "well, you didn't know this, but it also has genes from THIS animal!" - including being impervious to tranquilizer darts, bullets, and anti-tank rockets! Of course, he is also conveniently vulnerable to the teeth of another dinosaur once it's time for the money shot. Oh, and a velociraptor gets thrown into a souvenier shop window and EXPLODES IN A BALL OF FLAMES. 

Tuesday, June 02, 2015

Stealing an idea: Estonia's counter-offer to the European Commission is to accept zero refugees in the country, but instead to issue e-residence for free to all refugees admitted into Europe, so that they can start their businesses and pay their taxes here (while still physically living somewhere else).
We'll even throw in a bunch of WiFi routers to set up around the camps on Lampedusa.

Tuesday, April 07, 2015

Couldn't we have just gone on without a government? It worked for Belgium...

If there's one word to describe the state of Estonian domestic politics, it's *sigh*.
After an election that put two new parties into parliament and should have forced a broad multiparty coalition, followed swiftly by the unexpected medium-term exile of the Dark Emperor, we ended up back with basically the same coalition we had after the last elections, with basically all the same old people back in the cabinet.
And there isn't even hope of them being punished by the voters next time around, because at least one of the new parties in parliament turned out to be *literally* made up of neonazis and petty thieves.
Does this intractable political swamp mean that we are well and truly a Western European nation now?

Saturday, February 21, 2015

AsiaTrip: Day One, If I Say It Is

There is a school of thought that says a day does not really end until you have fallen asleep and woken up again after a decent rest. By that standard, in one day I have gone very nearly around
the world.

The necessities of limited vacation time and ambitious planning led to a very dense start for this trip. I got up on Thursday morning, before the 7.45am alarm rang; I was leaving my own bed for more than a month. The next time I laid down properly - it's a quarter to 5pm, Tartu time. I am in Borneo.

My last pre-vacation day at the office was still busy, but I managed to sneak out at lunchtime, go to the sporting goods shop and spend twenty-odd euros on a pair of heavily discounted Mizuno running shoes; I'd suddenly found out that having thrown out a lotof things after moving house in July, I didn't have good plain summer footwear. In my bag was a pair of nice sandals, and a pair of hiking boots for the first and biggest challenge on this adventure trip. But the Timberlands I'd bought to replace my beloved old Merrel Jungle Mocassins - which are ragged but still functional enough for terrace slipper duty - had their soles worn through in a single trip to Italy last summer. And what I was going to do now... would involve a hell of a lot of walking.

Like most of my grand adventures, it was built around cheap tickets

with many intermediate stops. Thanks to a flexible vacation

schedule and a hard-won instinct to snap up an offer as soon as it

came on the market, I'd paid less than six hundred euros for a

succession of plane seats: Helsinki to Moscow to Hong Kong to Kota

Kinabalu, and Seoul to Taipei to Hong Kong to Moscow to Helsinki. I

got a free three-night stopover in Taiwan, which is an intermediate

landing in a Cathay flight from Seoul; but these cheap tickets got

a lot more expensive if they included a proper pause in Hong Kong

itself, despite the fact that Cathay is based there, and I would

need to transit through it regardless. Fortunately, my travel agent

found a solution that landed me at HK early in the morning, and

gave me most of the day until the outbound flight late in the

afternoon. That got shortened when Cathay decided it no longer felt

like flying to Moscow - possibly in the wake of the Malaysian

Boeing's destruction. First one and then the other parts of the

trip got switched from Moscow, connecting with Russia's S7

Airlines, to London with Finnair. I didn't mind much, although it

was a little annoying to see that the shortest air route from

London to its former colony takes it very nearly back over

Helsinki; I dislike backtracking on general principle.

So I was on the five o'clock bus out of Tartu, which, in the spirit

of cheap tickets, I got during a campaign for only 3.20 EUR. A

similarly great deal was to be had for the Helsinki ferry, which

only cost me 8 euros each way (a total discount of some 65 euros

from list price, which would have still been a hell of a lot

cheaper than taking the direct Tartu-Helsinki flight with checked

luggage). But the nine o'clock ferry came into Helsinki at eleven

PM, and my flight was at 8 AM the next morning. Knowing that

Helsinki is terrible value for accommodation - the cheapest

reasonable hostel dorm bed is nearly thirty euros - and armed with

the experience of spending uncomfortable but fiscally prudent

nights on buses and ferries during previous trips, I'd decided to

tough it out. Research suggested that Helsinki Airport had a

sleeping pod area - free capsule accommodation for tired visitors;

and maybe I'd get to use that.

Getting into Tallinn at 19.30, I had enough time to check in at the

port, and then get to the shopping center next door to get some hot

and halfway healthy food - plus a beer, which I'd hoped would knock

me out. These were consumed with very minimal shame in the bar area

of the nice big ferry - designed to entertain cruise passengers,

but de facto filled with either dog-tired Estonians commuting from

their construction jobs to their families for the weekend, or

inappropriately drunk Finns. I can think of no more apropos


The weather was not conducive to my initial plan of hanging out for

a while in downtown Helsinki, and neither were the drink prices, so

I caught one of the last Finnair shuttle buses. Helsinki-Vantaa

Airport is fairly far from the city, and not even that adjacent to its namesake village, and it has done very well out of scheduling red-eye connections between European and Asian capitals - but it still goes into a semi-shutdown overnight. I'd expected things to be livelier on the airside, but found to my dismay that while the automatic checkin machines were working well, and the security staff were ready to pat me down, there was no way drop off my bags - even the automatic drop-off machines were turned off! They only came on a couple of hours before the first scheduled departure, a 5.30am charter to some Iberian possession. Once I got airside, things were not much better - everything was closed, including the passport check station for the non-Schengen zone! Still, to the airport's credit, they had plenty of power sockets available to keep my laptop and phone charged, and most bars' comfier seating stays available while they're closed. I found the former sleeping area eventually, once I got out of Schengen - it was down to a few individual sleep pods, now being charged at 9 euros per hour, making it nearly always a worse value proposition than the airport hotel.

Finnair is not supposed to be a discount airline, and their London flight is one of the longer ones within Europe, so I was a bit disappointed that the in-flight economy class service consisted of a begrudging glass of blueberry juice - even Estonian Air can do better than that! Still, we arrived on time - and I learned that Heathrow airport has taken over the annoying American practice of putting arriving passengers through full security screenings, even if they are just transiting - something that is thankfully a distant memory within Schengen. In that line, I ended behind a burly dude in a Harley Davidson sweatshirt, commenting to his buddy about how people had to take off their belts - "well, I'm not getting through cleanly anyway, because of my metal knee." Thankful for the unintentional notice of upcoming confusion, I quickly switched to the next line, and got through relatively unscathed. Fish, chips, cup of tea, bad food, worse weather, Mary fucking Poppins... London.

I didn't even have time to find a reasonably priced bottle of water before my onward connection; fortunately, Cathay Pacific really is a rather lovely airline. It didn't hand out bottles of water to everyone, as I've seen some do, but the attendants came by with trays of juice and water often enough that dehydration was never a problem - and it was hilarious to see what a partially pressurized cabin does to a packet of complimentary vinegar crisps. The food was good by airline standards - I've only had better on Turkish Airlines, and only when originating from Istanbul - and the in-flight entertainment system was excellent, with a broad selection of movies, including some new ones. Eager to begin my cultural immersion, I watched a Taiwanese magic-realism love story; it is now my favourite film of the year so far, and I shall be subjecting my friends and movie club attendees to it. Still, while I passed out for some of the flight, I did not get any proper sleep; so it doesn't count as turning over to a new day. Besides, I didn't get to have a February 20th.

This was my second time in Hong Kong; every time I am only there for a short while, and I always wish I had the opportunity and purpose for an extended stay. While I enjoy living in a small town, Hong Kong is a metropolis that agrees with me. It has just the right level of dirt and ruin to feel alive (an advantage it maintains over Singapore), but is still a perfectly safe place to live. It is both exotic, as a Chinese city that has filtered every significant Asian civilization through itself, and comprehensible to an English-speaker (an advantage it maintains over anywhere in Japan and Brazil, even through they try).

The plane lands half an hour early; immigration is a breeze, although I am miffed that they have now stopped putting stamps into your passport for touristy visa-free entry: I want exotic stamps, goddammit! I will just have to use the entry permission slip they gave me to start a scrapbook or something. The Airport Express sells a same-day return ticket for the same price as a single, and after withdrawing 500 HKD and spending a hundred of them immediately on the ticket, I am off to the city. I am in Central Hong Kong by half past eight, and spend a ripoffy 11.50 HKD on a plain coffee - but it's still better than drinking the stuff on the plane. It's Saturday and most things are closed, and there's a heavy mist over the city; so I find the minibus station with the help of friendly locals, and spend another ten dollars on a ride up to Victoria Peak. The proper touristy way to do this is the Peak Tram, but I'd done it in my previous visit, it's more expensive, frequently packed with tourists, and, to be honest, not as engaging an experience as Hong Kong's public transport. Once we're into the foothills, progress is interrupted: the roads are only semi-open to accommodate the runners of the Mizuno Fat Choi Run. (I look at my new shoes appreciatively.) I think Fat Choi is the name of the new lunar year, the Year of the Goat (although parts of Hong Kong use it interchangeably with the Year of the Sheep) - it's only a day after the Chinese New Year celebrations, not a coincidence, as I've found on previous occasions that right before or right after a major national holiday is an excellent time to visit. The marathon runners include both semi-professionals and volunteers in it for the laugh - couples with baby strollers, men in chicken hats, and an improbable number of women at least in their 30s wearing Sailor Moon outfits.

I stroll around the Peak's viewing terraces and take a few pictures of towers rising eerily out of the fog, and stop by the 7-Eleven for a customary weird Asian soft drink (this time, a green tea soy latte in a bottle - not bad, but not as intense an experience as Pocari Sweat was). Then I decide to take the Old Peak Road down to the beef brisket neighborhood. My phone still carries a geostar from my last visit, for Mak's Noodles - a busy, dingy, delicious and ridiculously cheap eatery; new googling comes up with Kai Kee as the restaurant that now serves the best beef brisket noodles in town. I hike down, worrying a bit - the steep sloping descent is unusually punishing on my calf muscles, and I have a mountain to climb tomorrow. I am greeted by various ascenders, including dog walkers and a lot of those annoyingly well-preserved Chinese pensioners.

By the time I reach my destination, it's around 10am, but that's still not early enough for either place (or most others in the vicinity) to be open. So I walk down to Central, stumbling across a dragon show in front of a main street department store. The staff are blocking the entrance, and the viewing public has spilled out into traffic; security guards and the police helpfully steer cars around them, as passengers cheer the performers from the upper deck windows of those impossibly charming Central trams.

On my way to Central Piers, I go down the raised walkways interlinking the shopping malls, and encounter the rump of the Occupy movement. In a very Hong Kongese fashion, these protesters have used cardboard boxes to stake out their claims along the walkways, avoiding major disruption to the city's lifelines while not allowing the shopping classes to forget about the struggle. Around the corner, there's a massive line at the Apple Store. What could they be after? The iPhone 6 has been out for ages, and I don't think the Apple Watch is being released yet, even in Hong Kong... or that so many people would want to buy it.

I pay the equivalent of thirty-five eurocents to take the Star Ferry across to Kowloon, where the waterfront still carries decorations from the Year of the Goat celebrations (sorry, mate, that still looks like a sheep). I walk past the Peninsula Hotel, with its pair of dark-green Rolls Royces parked out front and ready to whisk paying guests to the airport or opera, and turn into Nathan Road. I stare at Chungking Mansions, but don't go in this time - I'm not hungry, not in the mood for Indian food anyway, and can't think of any electronics I need to buy right now, as my trusty old Olympus XZ-1 and its Dramatic Filter are still serving me well. Based on Wikitravel advice, I turn into Shanghai and Temple streets - the first a better representative of Old Kowloon as you've seen it in that one Call of Duty map, and the second ostensibly a restaurant haven, although at this time of day I am rather accosted by offers of massages from lady criers who are dressed in a fashion that hints heavily at happy endings. I flee to the nearby Taoist temple and inhale the thick incense fumes. Then I continue up Nathan Road until Mong Kok - somewhat retracing my previous visits, but other landmarks are too far for a short stopover. Besides, while I may not be achieving coverage, I am certainly achieving immersion, and that is more important.

I take the subway back to brisket heaven; Kai Kee is closed for the lunar holidays, but Mak's is still there. The only change is that the clipping under the perspex table cover that featured Bill Clinton praising the joint has been replaced with one of Anthony Bourdain; sic transit. I pay 54 dollars, plus a 5 dollar holiday service surcharge, for limitless tea and a bowl of brisket and wonton noodles; it may be slightly more expensive than the daily soup special at Pirogov, but it is still amazing value for a city as ostensibly expensive as Hong Kong. I do keep wondering about that; the food is cheap and good, the public transport likewise, and a look into a real estate agent's window shows some very nice potential rentals, including one highrise pad with a hell of a view that is being advertised for 5500 HKD. The rest is in Chinese characters, so I assume it must be per week, not per month. Otherwise Hong Kong would just be too awesome.

I walk back to Central and catch the express back to the airport, arriving a healthy hour and a half before my flight is to leave. Inbound security is reasonably smooth, and the passport check is a non-issue. The duty-free shop has half a dozen tasting stations operating at the same time, offering little sips of everything from XO cognac to Glenlivet; even men of the North can get reasonably sloshed on the good stuff here, before getting on the plane. I've spent very little of my cash - I still have 280 HKD left in bills, plus something like eleven in coins that I can't exchange outside the territory, so I look for something to buy, but there's nothing I need immediately on my next stop, and I'll be back here on my return trip to stock up on duty-free booze.

My next flight is on Dragonair, the low-cost subsidiary of Cathay; it leaves from a standalone little concourse, accessible by shuttle bus. Boarding starts later than it's supposed to, but proceeds quickly enough; and once the gate attendant scans my Helsinki-printed boarding card, the machine beeps a warning and says there's a Seating Issue. Ah, but they already have a new boarding pass printed out for me - and because the flight is full, I've been bumped up to Business Class. Perhaps they looked at the list of passengers and decided to put the fat laowai up front, so the normal people have more elbow room in Economy; perhaps they looked at my itinerary and figured I needed it more than the others. Either way, this is the first time in my life I am flying Business; Hong Kong has certainly been very good to me.

For all the nice touches - the comfy reclining seat, the better food, the orange juice that is actually fresh-squeezed and comes in a glass made of, well, glass - I am aware that the MSRP for a Business Class ticket on this one 2,5 hour leg is almost certainly higher than my entire Cathay ticket was, and by that standard, Business Class disappoints. It's great, but it's not worth the surcharge; of course, it's named that exactly because most people in it are not paying for the ticket with their own money.

We land smoothly at Kota Kinabalu; I am the first off the plane, and by the time I clear immigration (a very short wait), the luggage is already on the conveyer belt, and my bag that I last saw in Finland is right there. Considering that on my last trip, Estonian Air failed to put it on board at Brussels despite a two-hour connection window, I am impressed. I walk out into the Malaysian winter, and unlike the comfy gloom of overcast Hong Kong, this is a tropical mini-sauna. My 280 HKD got me 124 ringgit at the airport exchange (a much better rate than the extortionists at Travelex), and I spend 30 of them on a taxi to my hotel - there is no public transport to or from the airport in Kota Kinabalu.

I check into the hotel - decent, if expensive for Asia - and go for a quick walk around the town's touristy core. The night food market is a sensory impact of grilling seafood, but I'll pass for now - tomorrow is a day when I definitely don't want to have an upset stomach. Instead, I investigate the recommended local expat bar (ditto on the hangover), and grab a quick dessert at a place on the main drag that advertises itself as a specialist. To steal a thesis from a friend, Asians are famously horrid at desserts, even more surprisingly in the context of their admirable proficiency with main dishes. I order the Signature dish, and get what, my Facebook commenters quickly point out, looks like a bowl of turds that is covered in a finish that is different from a chef's usual use of the word. In terms of taste and texture, it's a non-trivial experience, and laudably low on sugar, but the Malaysians will not be challenging the French or Italians any time soon.

I walk back, stopping at a 7-Eleven for energy reserves for tomorrow, and walk out with two boxes of Pocky. Then I return to the hotel, pack my bags for tomorrow's adventure, set my alarm for 5.30 AM... then spend the next two hours writing this travelogue. Which is just as well, because - and I am not joking - there is a karaoke bar outside of my hotel window, and as I am finishing this sentence, someone just launched into a rendition of "I'm all about that bass".


| More