By all means come up with a system that is as secure as paper ballots, and let us try to pick holes in it. Blockchain only solves half the security problem, how do you propose to secure the other half?
We may be close to that already.
We "may" be close to that? You keep shouting "blockchain" as some sort of magic talisman that will magically allow electronic voting to be secure, but give no thought of how it could actually be implemented and used.
I don't have enough knowledge of the originating end of the voting process to make extravagant claims about it (but that doesn't stop others making extravagant claims against it).
Perhaps the reason we make "extravagant" claims against electronic voting is because we have some knowledge and experience with designing and developing computer systems, and know that in order to talk about the security of a system you have to deal with
all elements of a system (not just data storage/records keeping.)
I'm a programmer/database administrator/analyst. While system security is not my primary job and I wouldn't say I'm an expert in the field, I have had exposure to security issues. (I've spent many an hour digging out junk PHP code out of a hacked web server, cleaning viruses off windows systems, searching Linux logs for hacker intrusions, and applying various security patches to systems.) When I talk of the potential risks of an electronic voting system, its not some idle "extravagant" claim, its an analysis employing both direct knowledge/experience of the computer field and a healthy degree of skepticism.
I know that you can create voting messages that are unalterable...
Which, as has been pointed out, is only one of the many issues surrounding a potential voting issue.
Creating voting messages that are unalterable is completely worthless if the messages themselves are fraudulent in origin!
...but I don't know how that process can be affected by a malware infested computer.
I know how it can be. In fact, I've already talked about it.
On the client computer you can have:
- Malware that redirects any web traffic to a bogus site (either a fake site that simply discards the vote, or a dead site that prevents someone from voting). Post a link to the maleware on a facebook page or twitter account that favors one candidate over another (The Nazis for Trump site for example), and hundreds of their supporters could become unable to vote when their computer gets infected.
These type of viruses already exist. It is not some hypothetical situation. I've dealt with them before. I have real life experience in dealing with them..
- Malware that affects the web browser (or whatever software is used to capture the votes), inserts a key logger and changes the responses in memory before they are transmitted to the server and recorded.
In addition, you also have the risk of:
- Interception of whatever identifiers are used to show who has already cast their ballot, to use in "stuffing" the electronic ballot box. (Maybe you have to enter your social security number to vote, maybe every registered voter is sent an identifier. But, these identifiers will always have security vulnerabilities. Someone steals a list of these identifiers and they can vote multiple times, one for each stolen identifier). We've seen tons of similar data thefts before from banks and government computers.
- Hacking into the server that actually captures the vote before using blockchain for storage. (The problem is, since you haven't given any information about how the voting system is supposed to work, I am making an assumption that there will be a central server the vote is sent to before its recorded.) A hacked site could alter votes sent by the user but before they are written to storage.
Again, I've dealt with system that have been infected this way.
