this post was submitted on 31 May 2024
117 points (94.0% liked)

Technology

59187 readers
2182 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Most states rely on paper bureaucracy to ensure that the state can function and provide services. Paper bureaucracy has been part and parcel of how we maintain states and corporations since the Chinese invented the first paper bureaucracy systems of management 3000 years ago. But as you all probably know, bureaucracy kinda sucks. It costs a lot to maintain, and in the worst cases bureaucracy can turn a state into a labyrinthian monstrosity that can be near to impossible to navigate.

Estonia is a Baltic country that in recent years has been embarking on reform programs that are intended to change this. Estonia is a “Paperless state” meaning a state that has effectively removed all paper from it’s bureaucracy and replaced it with a digital state structure. In this short video I would like to introduce you to the digital state and argue for it.

top 36 comments
sorted by: hot top controversial new old
[–] [email protected] 49 points 5 months ago (1 children)

As long as this digital infrastructure is developed by the administration itself, I find the idea of a digital bureaucracy great. But relying on proprietary products would undermine its purpose, imho.

[–] [email protected] 38 points 5 months ago

Should be open sourced to. Auditing is crucial.

[–] [email protected] 23 points 5 months ago (4 children)

It scares me, honestly. The level of security for this to be viable is insane. Imagine some flaw or accident or attack that would erase me as a citizen. Scary thought.

[–] [email protected] 6 points 5 months ago (2 children)

This is one place where blockchain is actually useful. No one entity is responsible for the integrity of the "ledger". Of course it wouldn't be publicly writable so not exactly like the blockchains you normally think of.

[–] [email protected] 5 points 5 months ago (1 children)

I can't see how the blockchain would be particularly useful here either. The security features of the blockchain come at the cost of extreme energy usage. Storing documents using simple public-private key cryptography is waaaay more than enough imo.

[–] [email protected] 7 points 5 months ago (1 children)

You don't have to "mine blocks" to have a blockchain. It's just a continual list of transactions that can't be modified after the fact. So a hacker couldn't wipe out your existence from the chain without controlling the majority of the participants (in a consensus algorithm). Not saying it's an ideal use-case but highlighting that feature. There are many ways to avoid "data wipe" attacks.

[–] [email protected] 1 points 5 months ago

So they are immutable basically.

[–] [email protected] 3 points 5 months ago

Crypto fellaz always forget that we actually have this solution in most databases, and it's called write-ahead-log.

[–] [email protected] 3 points 5 months ago* (last edited 5 months ago) (1 children)

For most people not so scary until the one snafu to rule them all.

Hence it exists.

Can you change that people are stupid and find new and new ways to ruin their own lives? If you can't, just look and enjoy.

[–] [email protected] 3 points 5 months ago (1 children)

It's just that I don't want my own country to get any wild ideas. I mean, the ideal digital society utopia is an amazing thought experiment. But it feels very fragile for us at this time. We are still in our technological infancy as a species, even if we feel very advanced.

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago)

I don't think any utopia is reachable, but closest to that would look like Star Wars EU computing, where proprietary formats and stuff like what we use today are limited to toys for very rich people, computer systems are produced by a lot of different processes in a lot of different places, even if not very computationally powerful, everything is modular and tunable, and vendor locks are too a thing only for expensive toys.

Formats and environments and interfaces are simple, because of the need for portability of everything in such an environment. It's not impossible there to successfully integrate systems produced 100 years apart.

EDIT: What I meant is - it definitely won't happen the way we are trying now with centralized very complex and fragile systems built after what normies imagine to be good. Normies want magic - all-powerful arcanely complex systems, a deus ex machina. This is the direction exactly opposite from what a good engineer wants. It's scary actually how a lot of things around are attempts to replace the "wrong" humans. "Wrong" romantic partners, "wrong" employees, whole "wrong" professions (like many lawyers seem to hate engineers, and the other way around TBH), politicians try to replace "wrong" social responses with bot farms. Everybody is trying to use computers most of all to kill somebody else indirectly (or sometimes directly). I wonder when will it get to general conscience that this is not different from any other technological advancement.

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago) (1 children)

It wouldn't really affect u even if ur id got deleted. Let me explain. Ur id is nothing but information correct (your name, address, etc.). The same goes with contracts. What makes ur id special is that the government has verified it to be legit.

A very simple way of doing this is by making the government cryptographically sign ur id/contact. I would really recommend getting a functional understanding of how public-private key cryptography works. Basically, the government just has to put up its public key online. If u have ur id, u can verify if the document is issued by the government using their public key.

As long as the public key stays there, and u don't lose ur id and contracts they won't technically be lost.

Also, if the public key suddenly changes/disappears without being notice, everyone would know that something's up. It's like ur government building's staff was suddenly replaced.

[–] [email protected] 2 points 5 months ago (1 children)

I would really recommend getting a functional understanding of how public-private key cryptography works.

I have an intermediate understanding of how it works. 👍

and u don't lose ur id and contracts

Ah, yeah... Therein might lie an issue. 😅

[–] [email protected] 2 points 5 months ago (1 children)

Ah, yeah... Therein might lie an issue. 😅

But that's an issue with papered systems as well, no?

[–] [email protected] 2 points 5 months ago (1 children)

I guess it is, but I'm assuming the government has a better system of keeping track of my papers than I would have of keeping track of my digital keys/identities. What if there's a fire and I lose my key pair without a backup? I'm screwed.

[–] [email protected] 1 points 5 months ago (1 children)

The government would have a copy as well! It's just that it's very hard for an entire government's data and your data to get wiped at the same time.

[–] [email protected] 1 points 5 months ago (1 children)

The government would have a copy of my public and private key?

Hmm, alright, I guess. It goes against my gut regarding key pairs but in this instance I guess it would be necessary. 😅

[–] [email protected] 2 points 5 months ago (1 children)

Nooo ur documents. Not ur private key lol (it wouldn't exactly be private now, would it). Let's say u lose ur private key. U would have to manually do shit like u do when u lose ur passport.

What I'm saying is, ur identity being deleted only if the government AND u lose all ur data on all devices at the same time. Which is incredibly unlikely.

It's like saying, "I don't trust a papered system because the state buildings and my house could burn at the same time with my documents in them"

[–] [email protected] 1 points 5 months ago

Oh I see. So they have my data encrypted with their private keys. And I have my data encrypted with my own key? Or did I get lost again? 🫣

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago) (1 children)

I find it funny that people who think like that are from countries like the US and UK where you can live without an ID/passport your whole life. Identity theft in such countries is very common, while it's pretty much impossible in Estonia. You should be afraid of living without a digital state and a passport in your pocket.

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago)

I'm from Sweden. Also a developer by trade. 🤷‍♂️

[–] [email protected] 14 points 5 months ago (2 children)

One thing I commonly hear as an argument against electronic voting is security and ease of vote tampering. Is Estonia solving this issue and, if so, how?

[–] [email protected] 10 points 5 months ago (1 children)

Idk if you watched the video but the reason it works is mentioned in the video, if not explored in detail.

You have a digital id and a digital signature that is tied to you as a citizen.

Each vote has to be signed with your personal voter signature.

[–] [email protected] 5 points 5 months ago* (last edited 5 months ago) (3 children)

I watched though about half of it, before concluding that this video is only going to be a summary video that won't answer my questions fully.

Digital ID and Digital signature are absolutely necessary, though depending on how those two are implemented I could still see fraud and vote manipulation being feasible. I was hoping someone with more knowledge about how Estonia is doing its security and verification systems to ensure records aren't being modified maliciously.

[–] [email protected] 8 points 5 months ago (1 children)

I’m happy to revisit and explain, but I don’t have much time to type right now - the wikipedia page for estonia has great info; you will need a basic understanding of cryptographic hashing and merkle trees

[–] [email protected] 2 points 5 months ago

There should also be a 30sth page doc about how the e-voting machines are set up, configured and secured somewhere. But it is in Estonian and I can't be arsed to find it now

[–] [email protected] 7 points 5 months ago* (last edited 5 months ago)

https://en.m.wikipedia.org/wiki/Estonian_identity_card

It's actually fascinating. Asymmetric keys with public keys hosted by the government and the private key in your ID.

A 4 digit pin1 code is required to use the authorization key and a 5 digit pin2 is required to use the signing key.

The average Estonian signs 50 documents per year using this method.

[–] [email protected] 4 points 5 months ago (1 children)

Everyone in Estonia has to have an ID card, which contains the RSA keys and x.509 certs for giving digital signatures.

[–] [email protected] 1 points 5 months ago

And all the software is open source :)

[–] [email protected] 3 points 5 months ago

Regarding electronic voting, you can either have reliable and secure, or anonymous, but not both. Sounds like Estonia went for option 1.

[–] [email protected] 7 points 5 months ago (1 children)

Turkey has been doing it for more than a decade. It is very convenient, but now you can find tons of info about every citizen on the web because of leaks.

[–] [email protected] 1 points 5 months ago

Then it's a badly implemented system. A good system won't be able to have such leaks.

[–] [email protected] 3 points 5 months ago (1 children)

Except we won't. Too many of the religious fanatics think chips are the mark of the beast and 666 and all that bullshit.

And they control half the political power in the country.

[–] [email protected] 2 points 5 months ago

Which country?

[–] [email protected] 2 points 5 months ago

Here is an alternative Piped link(s):

https://piped.video/I5krZBe0Dck?si=3vkoWZ2cRfXOjosd

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] [email protected] 2 points 5 months ago

FUCK YOU ML WE'RE BETTRR THAN YOU. 🥳🥳🥳🥳🥳🥳