Comment by mariusor

Comment by mariusor 5 days ago

8 replies

View on Hacker News

Personally for me this is interesting because there needs to be a way where a hardware token providing an identity should interact with a device and software combination which would ensure no tampering between the user who owns the identity and the end result of computing is.

A concrete example of that is electronic ballots, which is a topic I often bump heads with the rest of HN about, where a hardware identity token (an electronic ID provided by the state) can be used to participate in official ballots, while both the citizen and the state can have some assurance that there was nothing interceding between them in a malicious way.

Does that make sense?

c0l0 5 days ago

No.

Reply View 7 replies
  • mariusor 5 days ago

    Why not? Being terse does not make one right...

    Reply View 6 replies
    • mzajc 3 days ago

      Off the top of my head, because

      - You're just moving your trust elsewhere, this time to a private corporation (whoever makes the CPU / TPM / other "trusted" component).

      - This doesn't guarantee voter anonymity the way paper ballots do. Considering the analog hole and the complexity of computers, I can think of a billion ways a motivated and resourceful Mallory could to connect someone to their ballot.

      Reply View 1 reply
      • mariusor 3 days ago

        > This doesn't guarantee voter anonymity the way paper ballots do.

        You're saying that with a lot of assurance, but in my opinion that's still to be debated. We can build something that will keep at least a degree of separation between the identity that points to a specific individual and the identity that casts the ballot.

        Reply View 0 replies