For the HN crowd, if you're looking for highest impact per unit time spent, I'd recommend reaching out to your representatives and public offices (including local city reps), and volunteering to come in for a lunch and learn with the staff. There's an ocean of knowledge between the cybersecurity stuff we discuss here every day and what most staffers (in frankly more powerful positions than yours) have.
Spending an hour over sandwiches with staffers talking about what phishing is and answering their questions about whatever they want is a great way to do your part save the democratic process.
For example, I volunteered to do a lunch and learn with SF Dept for the Environment. I covered really simple stuff like looking at the url and domain before logging in and how to use a password manager.
I also said, "If you have a stupid question you've always wanted to ask, now is your chance." Since you're not their curmudgeonly IT person, some feel more open to asking things they've always wanted to ask but felt would be met with a scoff.
These are the people who eventually will interview Zuckerberg. Help them out.
Okay, i have to say this. USA has a long history of meddling in other countries elections[1]. Now that Russia allegedly interfered with US elections, everyones losing it. No wonder my Non-US friends and many others in other countries are cynical of USA.
The problem it was meant to fix is still disenfranchisement. The electoral representatives "are pledged and expected, but not required, to vote for the candidates they represent." Add in that states with small populations still get at least 3 votes and you get a situation where people say the electoral college "prevents the tyranny of the majority".
It doesn't do any good to secure the voting machines if there is no verification of identity of voters, or effective controls on people voting multiple times. We have so little verification in this regard, and so little transparency, that there's actually a debate as to whether this even occurs or not and is a problem. Not really enough data to know.
It would also help if they made ballots non-ambiguous. There should always be a "none of the above" choice so that a machine could validate correctness. Currently, if a choice is left blank, you don't know if the person meant "none of the above" or forgot to mark it, or tried to mark it but the marking failed.
Adding a "none of the above" choice makes that problem go away, and makes it so that the ballot cannot be submitted until it is correct.
Incidentally, if "none of the above" wins, then the election really should be run again, with new candidates.
What's your favorite analysis illustrating that multiple voting is a real problem?
I also wonder if you think there have been any good comparisons between states with strict id requirements and states without them?
We should change our voter eligibility system though, from one where people have to maintain a registration to one where the government just uses information it already maintains to send everyone a postcard indicating where they can vote.
This seems backwards. We don't wait to see if there is a problem, and then fix it when it comes to financial matters.
We know there will be some fraud, so we design systems to verify who is doing a transaction and ensure someone else does not impersonate them. Peoples money is at stake.
What would we say to a bank that does not require a login to take money from someone's account? Would it be ok for the bank to say, "first, you have to demonstrate there is an actual problem that is widespread". Of course, they control all of the data that would let you make your case. And, how would you prove that it wasn't Joe who took money from Joe's account if there was no authentication method for the transaction? It would be just having to take Joe's word for it. "Honest, I didn't take that money from my account - it was someone else".
That's exactly how voting is today. Its just worse, in that Joe may have died, or stopped voting for some reason, or be in a care facility and unable to form decisions, or not even exist, or live in another state and still be voting in his old state (and his new state), or any number of other things. The person voting for Joe would likely never get caught, and the problem would not ever surface.
There are several examples of fraud in the past. There are also examples of reforms that have been successful in reducing fraud. We have a ways to go, though.
I'm not sure I'm up for the postcard for this same reason. I don't think I'd patronize a bank that sent a postcard to an address it has on file giving the bearer carte blanche with my account.
So check fraud is exactly what you are describing in a financial context and still happens all the time.
As far as voter notification, you don't have to use a literal postcard and there wouldn't be any need or reason for it to be a credential, it'd just provide the voter with information about where to vote. The polling place would do whatever verification was required separately from notifying the voter of where they are eligible to vote.
>We have so little verification in this regard, and so little transparency, that there's actually a debate as to whether this even occurs or not and is a problem. Not really enough data to know.
No there hasn't. The accusations of voter fraud have come from one party and one party only. They are lying out their teeth and the party will support them regardless.
"He later admitted during cross-examination that he had no personal knowledge as to whether or not any of these individuals had in fact falsely asserted U.S. citizenship when they became registered to vote and he did not examine the facts of these individual cases." ->
https://en.wikipedia.org/wiki/Hans_von_Spakovsky#False_claim...
If I go to do pretty much any financial transaction, I need to show ID.
Voting seems a bit more important, with higher stakes, no?
Voter fraud has been going on a long time. Here's an example from 1978 that could be happening today, but thanks to the "see no evil, hear no evil" approach to validating identities, we wouldn't know.
Spending an hour over sandwiches with staffers talking about what phishing is and answering their questions about whatever they want is a great way to do your part save the democratic process.
For example, I volunteered to do a lunch and learn with SF Dept for the Environment. I covered really simple stuff like looking at the url and domain before logging in and how to use a password manager.
I also said, "If you have a stupid question you've always wanted to ask, now is your chance." Since you're not their curmudgeonly IT person, some feel more open to asking things they've always wanted to ask but felt would be met with a scoff.
These are the people who eventually will interview Zuckerberg. Help them out.