@HcInfosec @jeroen Yes, and every technical expert who has seriously studied online voting as come to the same conclusion about the risks, because there are fundamental problems and requirements that preclude building an Internet voting system sufficient for civil elections.

It's not that scientists don't think Internet voting would be nice. Just as physicists don't think perpetual motion machines wouldn't be terrific. It's just that they understand fundamental reasons we can't make them.

@HcInfosec @jeroen You want an Internet voting system? You have two choices. One is to relax some of the basic requirements and civil rights associated with voting (at least in the US), such as the secret ballot. The other option is to have elections where we can never be sure who actually won, and that are vulnerable to disruption by anyone connected to the Internet.

Neither option seems great.

@mattblaze @jeroen I think one could minimize chances of votes becoming public and accept that a chance of your vote becoming public exists but is very small.
One could built several separate ledger counting systems and a non-public in between decentralised open-source system. The third system could be counting in max 5 votes per unit and then encrypt it.
You still keep the problem that some decentralized system holds the keys, but that is also true for voting now: you can simply add a few cans with voting papers too.
For me the biggest issue is: how do you reliably and in mass prove id's or authentication

With eidas that problem is tackled

@HcInfosec @jeroen Well, I guess you're the expert.

I give up.