Re: What the voting experts think of barcodes

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Wed Jun 02 2004 - 16:55:29 CDT

> My experience with OCR scanning has always reminded me that it is error
> prone. It lacks redundancy - a blotch on the paper (the candy bar
> smudge
> frop a voter's fingers) can make the interfere with the reading of a
> character or word.

This is far too pessimistic about the reliability of OCR. Banks read
billions of checks every day, where the account and routing information
is encoded in a human readable font (but one specialized for good
character orthogonality to OCR machines). Y'know OCR-A and OCR-B type
things.

But for ballots, we are in even better waters. Account numbers on
checks are relatively entropic, most numbers are valid ones. For a
ballot, each contest will have a limited number of non-write-in
options. As someone (Laird?) pointed out, the length alone does an
awfully good job of distinguishing the Moose Catcher candidates:

   Lu Win
   Tomas Singleton
   Krishnamurthi Ramavissipan

Even assuming a little chocolate on the ballot, our problem isn't
reading in general, but just distinguishing *which* of a half-dozen
names is printed in a given position. Who do you think is:

   Krish***urthi Ram**issipan

Of the candidates (adding some ASCII chocolate :-))?

We could probably do fine with Times Roman even, given the fixed
positional constraints; but OCR fonts are even better, and perfectly
human readable.

> 2D [barcodes do] come with a significant increase in available space
> that could be used for good or ill.
> Given that there is lots of room on the page for stegonagraphic hiding

For an expert like Karl, or me, or most any list member, it is kinda
obvious that you can hide all the malicious information I wrote of by
moving a few dots in the watermark around. From a real
security/anonymity perspective, making sure the barcodes don't contain
mischief isn't any different from making sure other ballot elements
don't contain mischief.

But there an awful lot to Laird's point. Ordinary voters see a barcode
and start worrying about the transparency issue. It's the only thing
that "requires an significant level of justification." That's
troublesome to me also. I'd MUCH rather every part seemed obvious, and
obviously necessary, to regular voters. There's not only what *could*
be snuck in maliciously, there's also the voter confidence a system
inspires. Someone who knows enough to worry about stegonagraphy is
atypical, and is probably the sort of person who can understand the
source code, data formats, signing procedures, etc. that will be
publicly disclosed.
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Jun 30 23:17:03 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:29 CDT