Only the deployed hardware matters. Or only the person reading the result of the machine matters. Or only the USB key which is transferring the results matters. Or…
Once you start with non-transparent mechanisms, there is no end to it.
20 years ago I attended an international conference on electronic voting. There were various papers on the form of elections (not on specific products.)
The huge takeaway for me was not the technology (or lack thereof). Ultimately all existing (and proposed) systems have flaws. The key was public trust in the result.
The first step to sidestepping democracy is to attack the legitimacy of elections. One can attack the process, software, hardware, ballot security, eligibility, and so on. It doesn't really matter what you attack - it doesn't matter if your gripe is legit or not. It only matters that you erode trust in the result.
If you can make people think the elections are rigged, then you can bypass them and move straight to authoritarianism.
Quibbling over open-source or not is irrelevant. We can cast doubt on the software either way. Quibbling over electronic or paper voting is equally irrelevant (there are plenty of paper-only elections worldwide that are very suspect.)
Naturally the Open Source company promotes Open Source voting machines. But in truth being Open Source has no (real) benefit. Software is easy to tweak, Open or not.
> But in truth being Open Source has no (real) benefit. Software is easy to tweak, Open or not.
But that's not the truth though. Open source software is not easy to tweak when it's deterministically compiled using reproducible builds and there are provisions for on-demand inspection of executables and hardware.
We looked hard at this question, but ultimately determined it was as prone to distrust as any other.
Firstly, inspection of code is a very technical skill, so there's a certain amount of reliance on a tiny group here. That tiny group then simply declares whatever they like. Understanding a complex C program, looking for obfuscated behavior is a very specific skill.
Secondly, given the tens of thousands of machines in play it becomes impossible to guarantee the code inspected is the code that runs. The GCC compiler itself, used to build the software could be altered. The kernel of the machine could be altered, and so on.
Yes, ultimately given enough time, it would be possible to detect problems. But getting a report years after the election is fruitless. Also, no doubt, with time, security issues in the OS and code will be retroactively discovered. There will be no way to determine if those flaws were used or not.
In short, you cannot determine veracity or correctness of the machine, in reasonable time. Making the code Open Source does not change this.
And again, it doesn't matter if the code is honest or not. It only matters what people believe. If anything having the code Open just means more opportunity for malicious actors to claim they've "found issues" without being specific.
The issue is not the software. And its not the software license. It's the environment of mistrust coupled with the willingness of people to accept obvious and blatant misinformation. (See vaccines etc).
Electronic gambling machines are highly regulated because they deal with real money and random number generation. There are a lot of safeguards in that industry across various jurisdictions that seem like they should apply to electronic voting machines too.
Independent testing laboratories exist that do specialize in the specific skills you're talking about. Pretty much all of the software involved is certified and saved, source is saved, compiled binaries are saved, hashes are logged of the compiled binaries. Binaries run from EPROMS or write-protected partitions making it very difficult to change them once installed. Cabinets have tamper-apparent sealing.
The machines are designed so that an auditor can inspect a machine on a casino floor in under 5 minutes, verifying that the software that's installed is the one that's supposed to be and that the physical seals haven't been broken.
I'd imagine there are a lot of similar processes for ATMs.
Problem of distrust cannot be solved completely, but probability of cheating can be reduced significantly by using multiple independent vendors of voting machines, better if they are from different countries, AND using paper ballots, so voters will have choice.
World went down on a completely different path. New wave authoritarians want to pretend that there is democracy, and they want to keep up the trust, even when elections are not free or fair at all.
I would argue the opposite. Authoritarians promote mistrust in elections (regardless of whether they win or lose.)
In the US for example, distrust is very high. Promoted by accusations of mail-ballot fraud, of illegals voting, by anything at all. This continues despite winning the 2024 elections.
I agree insofar as ensuring all e-voting implementation attempts are open source will enable us to more comprehensively prove that it is a fundamentally bad idea.
Candidates drop out, die, or become ineligible in all kinds of ways. Paper is not strictly better and can create costs and complications on the day of the election itself.
Electronic voting is fine. Why can't we just have a printer in the polling booth? I run my ballot, then hit print, then I can manually verify it, and then drop the printed ballot in a box.
Can you please edit out swipes from your HN comments, and generally stop posting aggressively? You haven't been doing it extremely (which is good) but you have been doing it repeatedly (which is bad).
Your comment here, for example, would be fine without the last bit ("you've missed the point entirely").
You still have to securely distribute those machines. All of the things still apply. Actually you need even more security!
Printing paper is cheap. Shipping it is cheap. Checking it is cheap and obvious. Reprinting is cheap. You don't even need to ship them. Most of the cities are close to industrial areas which has big printers and paper mills.
Making stamps or buying pens is cheap. You validate ballots at the polling stations which is scalable and cheap. It is the members of public who validate it. You don't need to pay most of them. They are just local constituents! It is their vote!
You are not aware how far away you are from the point!
IIRC, last presidential election that was what we did in our county, voted on a machine, got a prinout, verified it, stuck it in the scanner and was done. I think I'm remembering it right?
What you have just described is an ExpressVote voting system, manufactured by ES&S (https://www.essvote.com/products/expressvote-3/). Here is an example how-to on using it from Micigan (https://www.youtube.com/watch?v=ebqktli8bRk). The only salient difference between what you describe and the actual system is that the paper run through the machine is also audited (to guard against someone ballot-stuffing by creating additional ballots when nobody is looking).
If you want this, the next step would be to get involved at your county or state level (depending on how your state makes voting technology decisions).
You didn't define how paper ballots are better. Given that many electronic systems print paper ballots, I'm not sure how they could be said to be universally better.
Electronic ballots can be much better than paper in two ways. Firstly, they are faster to count. I'm not sure why that matters, but it's true and seem people seem to think knowing the outcome quickly is important.
Far more importantly to me: they are easier to use. In Australia we have compulsory voting. A lot of attention is paid to how many votes are invalid. It currently runs at 5%, but ranges up to 10% in areas with lower education levels or non-English speaking. Voting machines can tell you verify if the vote is valid, help you if they aren't, provide information from the candidates if you want to know more.
One the downside, a poorly designed voting machine can be far less secure than out current paper system. Sadly, I don't think I've seen proprietary voting voting machine that didn't have significant design flaws. Making the situation worse is the voting machine companies like to keep their flaws well hidden (flaws aren't good for sales). In Australia, we've had examples of the Australian Electoral Commission perusing academic researchers in the courts for revealing flaws. [0] Mandating open source mandate is a solution to that.
Pharaos had to run a footrace to prove they were still fit to rule, meanwhile we sacrifice the security of our voting system so that the most feeble and feeble-minded among us can vote. In some countries even the most disinterested and uninformed in politics are legally compelled to vote. Then we complain how foolishly the public votes, and how easily they are swayed.
Hardly: History shows the repeated failure of the alternative, where only the "qualified" may vote.
Terrible people just corrupt the qualification-mechanism instead. That evil tactic tends to be more-effective and longer-lasting than trying to appeal to the lazy-stupid vote.
> In some countries even the most disinterested and uninformed in politics are legally compelled to vote.
It depends on what you are after I guess, but it's almost certain that if the USA has compulsory voting Trump would not have won the last election. The people who don't usually vote; the feeble-minded as you call them, pull the vote toward the centre. Whatever Trump may be, he doesn't represent the centre of politics.
If the current USA polls are any indication, most USA voters are now wistfully thinking what might have been, had a system that forced those feeble-minded voters to get off their arses and vote been in place back in November.
One of the few things I was happy with Texas legislation this year was moving all to paper ballots. They still use the "bubble counter" machinery though and not human eyeballs. But it's not like it still relies on honest people and a government that is neutral when it comes to counting votes. That's starting to look like it is less and less possible with the current regime's banana republic chaos.
I agree but worry about what this implies for accounting and other financial systems. If we can't trust the voting machines to tell us what the vote totals are, how can we trust the bank computers to tell us who owns what?
I would be very worried about banking security if there was only one bank and it was run by the government. Obviously, that's not the case, banks are private companies and there are thousands of them constantly competing for each other. They have a strong interest in tight security to remain trustworthy. They're also heavily regulated, probably even more than the voting system, and they're subject to financial auditing. I'm not an expert but would estimate that for these reasons banking is overall more secure than electronic voting.
I could be wrong, though. As far as I know, hardware companies nowadays cannot even be reasonably sure that the chips they use don't contain backdoors.
For clarification, my position is that electronic voting is not secure and cannot be made sufficiently secure to safeguard against catastrophic failure and abuse. That's orthogonal to the issue whether voters trust in the voting mechanism, which is also important.
Haven't watched it, but to summarize what I imagine someone aligned with me would say: A ballot's entire lifecycle can be watched as it goes from the stack to the booth to the dropbox to the counting pile. Poll watchers are vestigial as soon as voting machines are involved; it becomes the honor system, which is not trustworthy enough in a system where the parties do not trust each other. The best you have is 'we have found no evidence of widespread voter fraud', a carefully couched statement from media organs you don't necessarily trust either. You, a (Democrat/Republican), can trust a system with paper ballots, because people from your party will observe all relevant details of the process everywhere the process occurs.
The lifecycle do get interrupted with early voting and postal voting, and as past elections where I live have shown (Sweden), some number of boxes of votes will generally be discovered after elections. The postal system are not designed to be 100% reliable and some portion of mail do get lost, fail in the sorting process, or get sent to the wrong location and put into the "fix it later" process which will miss the election deadline.
Software and hardware is still magnitude more vulnerable to intentional misbehavior, and even accidental mishaps has a higher risk of massive negative consequences, and its harder to discover failure compared to boxes of votes that has a physical presence.
In practice by the way the actual role of your appointed watchers is to figure out early whether you've won.
They can see whether another candidate's ballots are piling up faster than yours, they can estimate whether a table counting ballots for a district you're expected to dominate is being given way fewer ballots to count than you'd expected...
Yes, they would obviously spot if some election worker is like adding a pile of pre-marked mass produced ballots to a pile or something, or if they were just putting half of your ballots in the wrong pile - but stuff like that basically never happens, whereas somebody will win and it'd be nice to know before it's announced if that's achievable.
Sounds like externally verifiable logic systems is an upcoming need.
E.g. You as a Citizen walk around with your own System Verification toolkit and can at any time Verify that the voting system tabulates your vote. Something fantastical like that.
Trust is hard to maintain with human. Digital trust is not a human concept, the way I think at least. So this area is tricky.
The thing is, a software based voting system with a sufficient number of checks and balances preventing tampering seems to be a lot more trustworthy to me than human poll watchers and workers. It wouldn't surprise me at this point that there may be moles in parties that are secretly from the other party.
And the other related issue is that in 2025, it simply should be possible to vote from your phone in a way that verifies your identity, if you'd like, using the faceId/fingerprint biometrics that most smartphones from recent years have.
An election needs to be trusted by everyone, and explainable to all voters. It does not help that you believe it is safe. You have to trust the compiler, and the chips, and everything, and convince all voters it works.
Paper ballots are fine. It is not complicated at all and an election is the one thing you just cannot get wrong in a representative democracy. It can cost a bit and you only do it once every few years.
The obvious problem with smartphone voting is that it's hard to combine with voter secrecy. An abusive spouse or someone bribing the voter could demand to see what vote was cast.
And if anyone can make up a reason to doubt the outcome of the election, it will fail it's objective: Peaceful transfer of power.
The usual way to try to solve this is the ability to override previously cast votes, in secret. But the combination of that and the ability for all interested parties to independently verify the count is not trivial. But not impossible either, much has been written on the subject since e-voting was all the rage in the 90s. One would do good to study this work before designing yet another voting system.
Arguments against electronic voting: 1) one person can change millions of votes 2) vulnerable even outside the country 3) even if you audit the software, it's hard to verify that the audited software is what is actually loaded on the machines 4) even if you check hashes of the software, how do you check the software that checks the software (this is a restatement of the Ken Thompson Hack) 5) proprietary software 6) USB sticks are insecure 7) final computer tallying everything is owned and located in a single place 8) XSS attacks on e-voting pages.
Arguments for physical voting: 1) centuries old, many attacks have already been tried and failed 2) no identifying marks on ballot = no opportunity to pressure voters to change their vote 3) multiple people involved in each stage of the process
I realized after typing that out that YouTube has a "Show Transcript" function, so try that for the second video.
+5 internet points for extraordinary effort nostrademons. Smart and well summarized, thank you.
These are fair criticisms.
And I personally feel that electronic voting can be made secure and trustworthy, in the human sense of trust and the digital sense. Looking at this from a 'voting accuracy advocate' position, one could add verifiability at all stages, allowing external validation by the invested party .. the citizens could count their own votes and vet the State's tabulation.
In addition, and I think the punch line, if you take measures to decentralize and audit every single part of the digital process, you have just made the most expensive pencil and it'll not perform that much better against manual voting to begin with.
This isn't a technology problem, really. It's a problem of corruptible humans. In US elections, there are billions and even trillions of dollars at stake. Observe the grifting being done by the current administration. Thus, humans are extremely incentivized to corrupt the process. Technology just makes the corruption easier. Technology enables the grifter.
It does! Tech creates an abstraction layer which commonly is referred to, in my experience, as the dynamic term, "disruption".
This complicates a formerly intuitive subject, introducing radical change hidden within an often literal black box .. and nowadays that box is in 'the cloud' .. making it difficult for humans to retain a mental model, which can then reduce the sense of trustworthiness of that subject!
Corruptible humans are here to stay, forever. We are alive until we are not, and we are a successful species, so we "get it done, whatever it takes" in order to survive. That includes grifting.
People are motivated to resource-hog (power, money, votes in favor of their own interest) by brain chemistry / structures. "Feels good to win."
So - in my view - regulation is key to ensure that shared values win, over personal values.
Technology doesn't care, and can be crafted to add "guardrails" that prevent corruption.
The trick, again in my view, is maintaining those guardrails as anti-guardrail technology is developed by self-interested grifters!!!
What a world! (ncr100 sprays chrome spraypaint on mouth an drives off into the desert ...)
An optical hollerith machine would be useful. It would sort paper ballots into buckets based on selection. It's relatively easy to flip through a stack of ballots and ensure that every one has the same selection. Saves the effort of hand sorting which is not error free.
Are they using only the electronic version or the mixed version? We used the mixed version in some elections here in Argentina. The paper trail is harder to fake, and the electronic part close a few problems of theonly paper version.
Things have always been iffy. No one knows for sure.
Edit: That link is the most recent example. Googling for voting machines themselves would bring more examples. Every election cycle we go through reports of malfunctioning, no audit, audit not matching, extra machines appearing, machines being taken around by politically connected, even things like pressing any button on the machine voting for the same party…etc., but ECI has been pushing it aside and refusing to open up. This recent one became an issue because the manipulation (allegedly) went a layer deeper into the voter rolls themselves and they are public data.
Haha no. Voting machines caused absurd amounts of political instability here in Brazil. It's essentially become wrongthink to question the system.
Our elected representatives have tried to add a paper trail to the machines twice now and it was ruled unconstitutional for total bullshit reasons. Our former president was banned from future presidential races because he questioned the machines. We have a judge loudly proclaiming that the machines are UNQUESTIONABLE with such unwavering pride you'd think he'd have the balls to start a billion dollar bug bounty and post it here on HN. He only allows you to "audit" the system by appointment behind closed doors and the only tools you're allowed to bring with you is a pen and a piece of paper. People found issues even with these restrictions. There are people protesting to this day, laymen asking for source code, completely unaware of the existence of supply chain attacks and the fact the source code would prove nothing and serve only to humiliate them. We have former US president Biden's top CIA guy telling our former president to stop questioning the machines, wouldn't be surprised if they had access to this shit.
Germany did it right: voting machines are unconstitutional because citizens do not understand it. Elections must be fully auditable by the average person. This is the correct stance.
>Our former president was banned from future presidential races because he questioned the machines.
Bolsonaro didn't question the electoral process, in fact, I doubt he even understand it himself. He questioned only the results, because in his mind he should have won by a lot.
Not dissimilar than Trump's "stop the count!" on US paper ballots.
He did. For years, and during his mandate. I was there. Out of every stupid thing he said and did, they cited his perfectly valid criticism of the voting machines as the reason for his banishment from politics until 2030. I submitted news of that event to HN.
> Not dissimilar than Trump's "stop the count!" on US paper ballots.
Completely different matter. I'm very skeptical of claims of election fraud in the USA because it uses paper ballots. I have no trouble at all believing that our Magnitsky sanctioned judge literally named Lula president. They broke the guy out of prison to run against Bolsonaro for a reason.
In the end it's irrelevant. Bolsonaro's ordeal has revealed the deep truth of Brazil to the masses: the real power is in the supreme court. Discussing elections is utterly pointless since these judges are not elected. Elections are just a game they play to give this shithole a veneer of democracy.
A solid starting point, but it's easy to lose sight of the other critical part of the puzzle--integrity of the voting rolls. High quality vote tabulation needs to start from voters, where _only_ legitimate voters vote, and each only votes (at most) once, after which yes, their vote is accurately tabulated.
Voter rolls are public information in the US; there are several watchdog groups that perform verification services and have done so for decades; and to date, none have uncovered the kind of large-scale voter fraud that would necessitate doing anything differently from what we do now.
In fact, I'd argue that having 50 different voting systems with 50 different ways to prove eligibility makes our elections more resilient to large-scale voter fraud, even if it makes it more difficult to verify voter rolls wholesale.
Cryptocurrencies don't need to do things like make sure that no human gets more than one vote, only humans (no bots) from a specific part of the world get a vote, and keep votes secret. Blockchain is not the solution.
> Cryptocurrencies don't need to do things like make sure that no human gets more than one vote
That's pretty much the problem they were designed to solve no? It's called the double spend problem, and it's crypto's big comp-sci innovation. The whole paper was about it.
The secret ballot requirement foils this. Transaction identities are well-known and public; voter identities are secret and unverifiable. Any attempt to link ballots with identities to prevent double-voting also reveals how someone voted.
They are until you need to verify them and ensure nobody owns multiple identities. The following must be true:
- We should know whether you may vote (you are a citizen, over the legal voting age, and haven't been taken away that right because of a crime, etc.)
- We should know whether you did or didn't cast a vote (to prevent you from voting twice)
- We should NOT know who you voted for
- You should be able to know the votes are counted towards the party intended
You can't solve that with crypto, since you need a way of proving your identity, while at the same time making the payload anonymous and not traceable back to you.
Crypto identities are identities, as much as human names or Social Security numbers. If you know who the identity represents, then you know that human's transaction history for all time on that blockchain.
Ballots do not have any identifying information, intentionally. There is no tracking number or possible mechanism to de-anonymize a ballot back to the human who cast it. Notably, there is not even a unique identifier for a single ballot that could potentially be used to identify a person.
Most importantly, there is no value that is unique to the ballot that I can use to verify that I am indeed the person who filled it out, so some nefarious organization could threaten me or my family to produce proof of how I voted. Or pay me, or influence me based on the outcome.
So there is no "identity" that you can record in a blockchain to prevent that identity from casting two ballots in the same election.
At some point, one needs determine whether voting transaction 123 by votecoin address 3456 was made by a valid voter and that the voter has only voted once.
So how do you do that? If a central authority does it by say, issuing votecoin addresses to voters or asks voters for their self-generated addresses, then your ballot is no longer secret since they can see exactly who voted for what.
If a voter shares their votecoin address with anyone, then anyone can see how they voted inviting vote buying and pressure schemes.
I think you're restricting your thinking to Bitcoin. The question is, can cryptography methods solve the problem, not can Bitcoin solve it.
I'm not a super expert, but from the little I know, I think it's possible to issue a one time use key that lets you sign a private/public key pair.
So when that public key enter the network with 1 vote and cast it on the distributed ledger, the network can validate the key is signed by the authority.
You know that the authority allowed the key to exist, but not who the key ties back too.
And the user could only sign one key, so they can't create more.
Haven't crypto an opposite bias, with no guarantee that any given transaction's ledger will stay relevant ?
Dropping votes is as problematic as allowing too many.
In general, money transactions have failure modes that don't match what we want for other use cases. That's the same trap as using credit card payments for ID verification, it only works if you don't actually care about the ID.
Yes and no. Confirmation takes time. But it heavily depends on the crypto. Some can be pretty fast. Once confirmed it's guaranteed, it won't drop off.
Assuming you can vote from the comfort of your phone or home, that's kind of the whole point, it doesn't matter much if you have to wait even 30 min to get confirmation.
Correct, there are several aspects to voting that blockchains don't address:
- The Human Identification Problem (not sure if there is a more official name): uniquely identifying a human being. If you solve this, you solve many forms of fraud (anything rooted in identity fraud) and eliminate entire industries dedicated to reducing fraud losses. Best attempt so far has been the Estonian ID system [0]; Sam Altman tried with Worldcoin but that ended up being yet another crypto grift. Incidentally, Estonia uses its identity system for electronic voting.
- Proof of citizenship; citizenship in the US for most people is a birth certificate issued by a hospital or other authority several decades ago, or a proxy to this document such as a passport. Naturalized citizens have it easier here because they have a state-issued document declaring their citizenship.
- Proof of residence: This is also something not verifiable via a blockchain or smart contract, because it depends on the state and relies in part on your physical location and your intent. Legally you can only vote from one voting address, but there are countless people registered with multiple addresses across states as they move residences.
- Secret ballots: You cannot tie votes back to voters in a free election. Blockchains are open and publicly-verifiable, which is good; but cast ballots cannot be verified _even by the voter_. Blockchain doesn't bring anything to the table here over, say, a database; because the recorded ballots must not be tied back to human identities, you cannot use any of the work done to verify the three previous points to verify the election outcome. Blockchain would boil down to replacing or augmenting paper ballots with a provably immutable record, where you still need to place trust in the system recording votes on the chain.
Well it would still be the government that gives you a "voter id". That part wouldn't change. It would still be a manual verification of your IDs and what not. But once you have a "voter ID" you actually vote online.
I believe you can do this with crypto. It's still anonymous. The government verify you, then give you a signed key that you use to generate your voter ID locally yourself. The network accepts your voter ID because it's signed. I think there's even ways to allow single use signatures and so on.
Now everyone gets one and only one voter ID (which is like their wallet) but for voting.
Aren't most paper ballots processed by machine anyway? Every ballot I've ever cast has gone through something akin to a Scantron machine.
The cost of human labor to count all ballots by hand will be enormous. Probably worth it I suppose, but this really is something that should be primarily automated. But again, trust in software. Sigh, why can't we just have nice things?
A single polling station usually only has a few thousand voters. During the day, polling officers at the station processed (signed/stamped/tore/etc) every single ballot that went into the boxes. They also verified every person's ID. When polling closes, why is it enormous human labor to count the votes, but all the processing during the day is not?
Chile has a very good election system and there's basically no machine input in the process.
What's important is being able to segment the population in enough voting places so that each voting place is maneaganle just by a small number of people. The Chilean system is scalable because you can always just add more voting places as the population grows.
Usually these voting places are civic centres, stadiums, schools.
It's a good system and generally for a presidential election we get the results in about 4 hours after voting ends.
> The cost of human labor to count all ballots by hand will be enormous
In Taiwan, this is how it's done. Every ballot is counted by human. It's completely public: you can just walk in any polling station during the counting process and watch they count.
Australia hand-counts. In a federal election, a voter will typically cast a preferential vote for the lower house, and a more complicated proportional vote for 3 senate seats. Rarely, they'll vote on 1 or 2 propositions ("referenda"). This seems comparable to a federal US ballot (first-past-the-post votes for house/senate/president).
The US casts 10 times as many votes - so it seems reasonable for the US to hire 10 times as many poll workers? Hand-counting is O(n) i.e. constant per-capita, and it scales horizontally.
Local and state ballots in the US can feature tens of elected positions and propositions, I could imagine hand-counting them to be quite expensive.
I'm much less concerned about automated vote counters, as long as they are not connected to the Internet, enough ballots are hand-reviewed to make sure that the values from the machine don't seem way off, and the specific type of counting machine isn't uniform across the whole election.
The cost of human labor? Maybe US-exceptionalism is peeking through?
In actually democratic countries the elections are done on holidays(Sunday) and the polling stations are in where you live.
It is your vote you silly. It is your democratic duty, right and responsibility to guard it if you don't trust the observers by becoming one. Everybody should be able to watch the process and the count!
Losing one day of revenue would not hurt. Especially on a holiday.
If your paper ballot are counted by simple, airgapped machines - that's both a vastly reduced attack surface, and is easy (if laborious) to physically audit.
I'm watching him talk about the two key ingredients of an election (anonymity and trust, for those not watching the video) and thinking "We don't have those in U.S. elections".
I live in California, where the voting method is vote-by-mail and you sign your ballot. That breaks anonymity right there, plus there's a barcode that matches address and ballot for traceability, so in theory anyone involved in the election process could look at my ballot, cross-reference against address, and figure out how I voted. In practice I've never heard of anyone being pressured or confronted based on how they voted, so my default assumption is this doesn't happen much or at all.
But even broader, in the U.S. your party registration is public information. That's why whenever there's a political shooting, the media always says "He was a registered Republican" or "registered Democrat" or "was not registered to vote". And this mechanism is actively and publicly being exploited to alter elections. Since the U.S. is a two-party system and party membership is public, you have a fairly good idea how each precinct is going to vote before they vote, and can gerrymander maps to get the outcomes you want.
Plenty of trust issues in physical ballot transfer as well. California is vote-by-mail, but that assumes the postal service is a reliable carrier, while there was just a recent news story [1] about ballots being stolen. Before I lived in California, I was in Massachusetts, where we voted on 1930s-era lever voting machines where you hit a lever down and it marks a paper ballot without you ever seeing the real ballot. Between elections, these were stored backstage at the local middle school, so a mechanically-inclined middle schooler with knowledge of how an upcoming election's ballots would be formatted (and we did mock elections in middle school) could have rigged the machines to deliver the local precinct to their preferred candidate.
The useful points in the video were basically that decentralization and redundancy are what make physical elections hard to rig: you have to hack multiple locations to influence the overall election, and at each point you have multiple eyes watching you. He sets up the contrast with software voting, where you have the same software running on each machine, and even if the software is open-source, you can't be sure that the rest of the stack it's running on is secure (an oblique reference to the Ken Thompson Hack [2]).
But decentralization and redundancy are properties that you can introduce into software systems just as easily as real-wold systems. The KTH can be countered through Diverse Double-Compiling, for example [3]. zkStarks and digital signatures give you ability to prove that you authored something without revealing what that something is or who you are. The importance of client diversity for the security of the network as a whole has been well-known in the filesharing and crypto worlds. And anyone who has worked in Big Tech, aviation, or telecom could tell you that having multiple paths to success that are developed by independent teams is important for any computer system that is in a safety- or reliability-critical area.
> I live in California, where the voting method is vote-by-mail and you sign your ballot. That breaks anonymity right there, plus there's a barcode that matches address and ballot for traceability, so in theory anyone involved in the election process could look at my ballot, cross-reference against address, and figure out how I vote
They actually go through quite a bit of effort to prevent breaking anonymity.
The incoming ballots are scanned and sorted by machine to record that they arrived. Later, signatures on the envelope are checked. The signature verified sealed ballots are then moved and fed into a high speed extractor separating the ballot from the envelope so the envelope label isn't visible, breaking any linkage between the ballot and the voter's identity. Ballots are stacked with other ballots, still folded and moved elsewhere to be counted. The empty envelopes are kept and scanned again.
All of this happens with multiple people and on camera.
The ballot barcodes don't record any unique information that can identify voters - they're just things like precinct, ballot language and page number.
Because of the extreme diversity in voting methods in the US (it varies not only by state, but by county within the state) it's impossible to accurately make any generalization about voting in the US. For example, in my parents' county in Wisconsin, you show up at the polling place, they check you off the list of registered voters, and they hand you a ballot with no individual markings at all. Once you finish filling it out, you put it in a box with the other identical ballots, to be counted later. It's as anonymous as you could possibly ask for, except that they know that someone claiming to be you showed up and voted.
As far as party registration goes, is that required where you are? Because if so that's insane and the government there needs to change that. Everywhere I've lived you don't need to register any kind of party affiliation (and indeed some places you couldn't), you just register as a voter and you're good. Maybe it's different where you are, but if so just be aware that it is (thankfully) not universally done wrong in the way you describe.
Party registration isn't required (I'm unaffiliated, for example) but enough people do it that you can make a reasonable prediction of how a precinct is going to vote before they actually vote. This is the input data for gerrymandering: you don't need to know every single voter, as soon as you get a statistical sample you know how the area is likely to vote, and then you can construct districts out of precincts such that there's a safe margin of victory for each one.
Unfortunately, in that case there isn't much to be done. I think those people shouldn't do that, but if they insist I don't see how they could be stopped.
Many states require party registration to vote in primary elections, and in states like California the primary is the only election that realistically matters.
(1) California does not require party preference to vote in primaries generally;
(2) California primaries are not (except for the Presidential primary) party nominating elections, they are essentially the open first-round of a two-round general election. (Basically, it is majority/runoff except that there is always a runoff even with a first-round majority.)
(3) For the Presidential primary, California does not require party registration to vote, but does prohibit party-registered voters from voting in cross-party primaries; it is the party (not the state) the decides whether their primaries are open to “no party preference" voters (of the six parties with permanent ballot access in California, the Republican, Green, and Peace & Freedom parties do not allow NPP voters in their presidential primaries, while the Democratic, Libertarian, and American Independent parties do allow them.)
Belgium has been doing it for 25 years, though not without some issues. I'm happy to let other countries lead the way on this since we have a perfectly viable alternative.
Humans are actually quite bad at hand-tallying hundreds of millions of datapoints. Our eyes go glassy but we press on anyway.
Machines are very good at doing that kind of tedious labor accurately.
Whether human beings will put more trust in a system that we know will be wrong, but it's wrong for comfortable meat reasons, over a system that might be compromised but will be more accurate its more of a psychology question than a technical question though.
Human tallying is a source of errors, but it typically doesn't affect the outcome in major ways. This is more of an argument against large scale winner-takes-it-all election systems, as they have the least resilience against this kind of error.
The main benefit of manual tallying is that election tampering at scale becomes a rather labor-intensive and physical process that is more likely to leave detectable traces. Compare that to the the last US presidential election that has statistical oddities in machine-tallied voting results of kinds that have historically been shown to correlate with election fraud. If this was indeed caused by fraudulent voting software, it happened without leaving any other obvious traces of tampering.
> Compare that to the the last US presidential election that has statistical oddities in machine-tallied voting results of kinds that have historically been shown to correlate with election fraud.
It's being litigated, but in general the answer is there is not yet evidence that machine voting systems were compromised.
- in New York there is statistical anomaly correlated with a couple small-town polling stations. Those towns are small enough that they have a huge population of one religion, and one explanation is that the Democrat party's perceived "soft on Israel" stance tilted 100% of voters in those locations away from supporting the Democrat presidential candidate.
- in Pennsylvania a standard statistical analysis tool used to detect vote disruption suggested disruption occurred. The form of the disruption could be fraud, but it can also be things like voter intimidation (which was observed and reported in Philadelphia) and sudden discontinuity in voter behavior (the aforementioned "soft on Palestine" issue).
Correlation does not imply causation, and the lack of evidence of tampering of the machines in the audit logs is lack of evidence of tampering of the machines, not indication that the audit logs were compromised.
I've counted paper ballots for multiple presidential elections in my country.
People who think it's not safe should really spend some time learning how it works. It's impossible to cheat at scale. Each ballot is verified to be correct my multiple eyes. A person is reading, one is writing down the name, one is verifying and some other things I don't remember.
To cheat you need to have everyone in on it. A whole town involved to cheat and to at best win one polling station. It's safe because anyone can attend the counting, so each party can send someone to check no shenanigans is going on.
So the more votes you want to be winning by cheating the more people must be brought in the conspiracy. That's impossible to be unnoticed at the scale of a city, much less at the scale of a country.
It is not the paper ballots that's taken advantage of. They have no general public participation and opposition. The public simply do not give a damn about polling stations in places where Carousel voting is possible. There is no opposition observers or they cannot be because the examples in the Wikipedia page are dictatorships, not democracies. You cannot turn a dictatorship into democracy by voting.
Every single vote must be checked against publicly available lists of voters. Every ballot can only be given somebody whose identification is checked against this publicly available list and marked. The lists must have multiple copies some in the hands of opposition observers. They need to be published.
> Every single vote must be checked against publicly available lists of voters
Yeah, do that by hand please, without relying on electronic means.
Paper ballots with "honour" based out of circumscription participation is not secure. My country also suffered from this issue and it's not an authoritarian regime. They fixed it by adding and checking IDs on a ballot participation list. Nobody explained how that works to the average voter.
What I was trying to underscore is that even for something that's presented as simple and fool proof as paper ballots one can find vulnerabilities, especially when you're dealing with nation level threats. So in my opinion we shouldn't ask electronic ballots to be more security than what is already in wide use.
And in fairness, electronic ballots don't need to be more (or as) secure as paper ballots, but 'mail in' ballots. If we can come up with a method that's as secure as mail ballots I'd call it a success, despite what Tom Scott says.
The more comments I read on this specific HN topic, the fewer people I see actually involved in the polling process.
I really recommend people volunteer for it, if you're American and you're concerned. All you have to do is call your county elections office; they always want more people. You get paid near-minimum wage and it takes two days a year, but that's it.
What you will discover is that most of what people are asking for in this thread is stuff the states of the United States already do.
If a person is deeply concerned how the election is run? Go get involved. It's your country and your election system.
>Humans are actually quite bad at hand-tallying hundreds of millions of datapoints.
Humans just need to be able to separate a few hundreds of ballots into a couple of piles. When introducing double checking this makes an incredibly rigorous process, which can be open to the public. This is the case here in Germany.
Everything after that can be done by computers as all the data after that is published.
These system used for voting means that humans don't hand tally hundred of millions of votes. They tally those in a voting district only. Those them get aggregated with other districts and so on until the whole states and then the country is counted.
The problem with the accuracy assumption of electronic voting is that a) its all coded without errors and b) someone hasn't deliberately but code into manipulate the vote numbers.
That pretty much undermines the entire concept of unit and integration testing.
If you're saying we should be writing voting machine code in ML and keeping the firmware in Fort Knox, I'm going to make the argument that it's a lot cheaper to do sampled hand-counts to check against machine error or tampering... Which we already do.
> That pretty much undermines the entire concept of unit and integration testing.
It doesn't because even with unit and integration testing, software still fails and get hacked/exploited on a regular basis. What's worse with software voting is that a single good exploit could affect all the votes.
It really can't. What is the mechanism by which it could? Different states use different machines and each individual machine is airgapped. A general supply chain attack would show up in statistical sampling audits (i e. hand recounts of small numbers of ballots, which we already do).
I mean, you left yourself open to that glib, low-effort criticism when you wrote this:
> no software or programmable hardware
That's obviously too stringent. Consider:
1. Precinct hand-counts every single paper ballot bubble sheet.
2. Precinct hand-counts every single paper ballot bubble sheet, then confirms the hand count by feeding all the ballots into an electronic bubble-sheet reader.
Your claim is that #1 is more trustworthy than #2. That's an extraordinary claim that requires more evidence than two youtube links!
Edit: to be clear, I want the requirement that all voting must be paper ballots like the human-readable bubble sheets mentioned above. But saying that no software or programmable hardware can be used "in the election process" is so extreme that it sounds like a parody of my own position.
If your proposed process is implemented, it will take about 5 seconds before the precinct realizes that they can just feed it all to the machine and sign whatever number which comes out as the “hand-counted” one. Especially as they will be dinged whenever their count differs from the machine, which will be assumed by their superiors to be more trustworthy.
More seriously, even though some cars are programmable, I did not mean that nobody could use cars to transport ballot boxes. I obviously meant that the official results should be the manually-counted one; machines could conceivably be used to get interim results faster, and/or to double-check a count to see if it needs to be counted again. But I was serious about requiring absolutely no machines involved in the counting of the official results.
Most states (I don't have all fifty states' laws in my head) have a sample recount process; they generally trust the machine numbers but they will randomly sample some percent of precincts for a detailed hand-audit count. Any attempt to generally infect electronic systems falls afoul of this back-stop.
In addition, most states have a mechanism by which a candidate can formally challenge the results in a precinct, forcing a hand-recount. This usually has some kind of onus on the requester (I believe in PA for example you have to put up a bounty and if the hand recount results come out to the same result as the previous tabulation the state keeps the bounty as payment for the added cost of the forced audit). However, it is an option (and, most notably, not an option that anyone who claimed shenanigans in 2016 or 2024 exercised).
The problem of election integrity doesn't exist in a vacuum and didn't pop up overnight in 2016; states have been working the issue for a couple centuries and have a pretty good system. But it's a system that requires some detailed statistics and process control theory to understand, so I'm not surprised the median voter doesn't get it. There is, perhaps, a case to be made that for that reason alone we should go to manual, but someone's gonna have to spend the money on that if we're going to do it; it's going to be drastically more expensive than electronically-facilitated counting. And, indeed, people will have to accept that human counters will be less accurate than machine counters (because they're human; we don't train "computers" anymore as a discipline).
Indeed. That is what I was responding to; if I over-assumed the GP's position, my apologies.
We've been using mechanical, semi-mechanical, and electronic systems for decades at this point. The new concern for accuracy is pretty unfounded (and, it is worth noting, was heavily drum-beat into existence by a Presidential candidate who then went on to win an election).
If we want to talk problems with electronic systems, I'm a lot more concerned about how people don't actually know how to use touch screens (and I am myself in favor of pencil-and-paper ballots for that reason alone) than I am about people being able to sneak a super-double-secret modification to an electronic tabulator in against all the ways that attack could fail (including "The county can just decide to hand-count the pencil and paper ballots anyway, which would discover the deception").
Fully electronic, no-paper-output systems are past my personal trust threshold.
Posting those links without any insight from your side is just quoting dogma and, to me, it shows that you haven't really spent any time to consider the arguments. In my opinion shows that you lack imagination.
Every problem Tom mentions can be worked on and overcome. Maybe not today, maybe not by the next big election, but we should still start now, rather than later. We need to do everything possible to increase participation in the democratic process, especially for the demographics that are currently not very involved, which are also the demographics that are more likely to adopt electronic methods of voting.
>We need to do everything possible to increase participation in the democratic process
Do we? Participation should be made easy for those eligible and inclined to do so, but I don't see the benefit of encouraging participation from people who can't be bothered to put some effort into it, or are ignorant of the issues and candidates and are easily swayed by trashy campaign ads. I've seen the statistic thrown around that less than half of americans can even name the 3 branches of government, and if that's true I think those people have a civic duty not to vote.
I'm not advocating that people not be allowed to vote, I'm just pushing back on the dogma of more voter participation = better, IE. just because you can vote doesn't mean you should if you dont understand what you're voting for and don't really care enough to learn.
Seeing the constant barrage of campaign ads every couple years made me think about it- Why does campaign financing matter, how do they turn money into votes anyways? The answer apparently is ads, but I see these bottom-of-the-barrel slop political advertisements and wonder how that trash could possibly have a measurable effect on the outcome of an election. But it must work, otherwise they wouldn't spend so much money on it. And the fact that elections can be meaningfully influenced by the amount of ads a campaign can run is a signal to me that the democratic process is broken in some fundamental way. The votes of well-informed constituents are drowned out by the more numerous cohorts of partisans, reactionaries, and the apathetic just going through the motions to fulfill their 'civic duty', so it seems to me that increasing voter participation without changing anything else is only going to exacerbate the problem
> And the fact that elections can be meaningfully influenced by the amount of ads a campaign can run is a signal to me that the democratic process is broken in some fundamental way.
That's probably rational ignorance. It's hard to get people to investigate the details of policy and their consequences when theirs is just one vote out of millions. It's too much work. But that leaves the voters susceptible the kind of ads you mention.
Or stated more simply: getting informed doesn't scale, but mass advertising does.
Athenian-style democracy might handle this problem better. Randomly select, in some unbiased manner, a smaller number of people who then decide. But I suspect sortition is a little too unusual and feels a little too chancy for people to accept as a serious proposal.
Wouldn't banning political ads, and large sum political spending, and PACs and lobbying (I assume you're from the US based on the comments) be a better solution than whatever the f*ck "don't vote if you don't understand" is?
Democracy means that everyone gets a vote, uneducated, bigoted, communist, fascist, everyone. If you don't accept that, you don't accept democracy.
Given that was in 2008, I would update his remark from Netbeans, to any of JetBrains products, Eclipse or whatever.
In any case, you can get those features using Windows Resource Toolkit on the old days, a mix of findstr and other similar improvements on Windows NT linage, nowadays Powershell will be enough.
Calling Gosling "the father of Emacs" is pretty inaccurate. What Gosling did was create the first UNIX version of Emacs, and while that predates RMS' GNU Emacs, Emacs was originally a series of macros created by RMS for the TECO editor running on ITS (Emacs originally meant "editor macros"), so RMS is clearly the father of Emacs.
The criticism makes sense when you consider that yeah, while posix tools are okay, needing them everywhere means you have something wrong in your programming ecosystem, and Elisp has many things wrong.
Emacs can easily work with non-posix tools. Many people use ag, ripgrep, or ack in lieu of grep. You change the command string Emacs uses for finding and grepping to your tool of choice.
I deplore this weakening and dilution of the term “self-hosting”. In my opinion, if your services had downtime today, you are not “self-hosting”. If you depend on anything which has “cloud” in its name, you are not “self-hosting”. If you cannot reasonably quickly access your hardware physically, like inserting or replacing an add-on card, you are not “self-hosting”.
EDIT: It’s like saying “I don’t take the bus! I ‘self-drive’ my own car! (By which I mean that I employ an agency to provide a driver to drive a car for me, which I rent!)” or “I self-grow and self-harvest all my own food! By which I mean that I pay a farmer to grow food and harvest it for me.”
If you haven't picked together the hardware for your home server at home, can you really say that you're self-hosting? Or if you haven't really built the components yourself, are you actually self-hosting? If you cannot reasonably quickly debug your hardware faults physically, you're not "self-hosting".
It seems everyone draws the line of "self-hosting" differently. For some, "self-hosting" could be running Wordpress at DigitalOcean. For others, self-hosting means using your residential internet connection and having the hardware at home. I'm not sure one is more "correct" than the other, just different perspectives.
That seems ripe for an alternative version of the popular “loops to goat farming” quote:
> I thought using loops was cheating, so I programmed my own using samples. I then thought using samples was cheating, so I recorded real drums. I then thought that programming it was cheating, so I learned to play drums for real. I then thought using bought drums was cheating, so I learned to make my own. I then thought using premade skins was cheating, so I killed a goat and skinned it. I then thought that that was cheating too, so I grew my own goat from a baby goat. I also think that is cheating, but I’m not sure where to go from here. I haven’t made any music lately, what with the goat farming and all.
Meanwhile, that person learned the valuable skills of programming loops, recording, playing, and making drums, and goat farming; I suspect they may be happier doing some of those things than making music from other people's loops, which is where they started.
I bet they met a bunch of interesting people along the way.
Very possible but if they go an tell someone using loops that they aren't really making music they'd still be an asshole.
Managing your own hardware can be fun and rewarding but it isn't actually required for the original goal of regaining control over your digital life. And it's not like if you start with a VPS you can never move to your own hardware in case you find building on someone else's service too limiting.
Words change meaning frequently throughout history, depending on how they are (mis)used. Or they can change meaning depending on context or part of the country/world.
Good example of words losing their meaning. “Enshittification” is barely an infant as a word and it has a very specific meaning, but people are already using to mean “something I dislike”.
Read the link and follow the definition. The “figurative”, “for emphasis” usage of literally was officially added to dictionaries, meaning it is official it means that, whether we like it or not. Whenever you tell people they are wrong for that usage of “literally”, you are now the wrong one.
You are advocating for prescriptivism, but descriptivism is a perfectly valid approach to language.
How is tributes to lords from vassals related to communication? Oh wait, you didn't mean that meaning of the word "aid"? But words only have one meaning...
I think I actually agree with you but the modern definition of the term is more akin to "I own my data" than "I own my own hardware." It's a big tent and it's nice to see people taking an interest in ownership!
The meaning is I install my own software and set up as I want. Some of it on my 2 mini servers in my living room, some (prosody and seafile) on a VPS. Calling the latter not self hosted seems weird to me.
> The meaning is I install my own software and set up as I want.
That seems a bit vague. If you tell that to someone who never heard of self-hosting, they’d be excused for wondering if that means downloading from an App Store and opening the settings.
If I self-host at home and my internet connection goes down so I can't access anything remotely, then I'm still SOL until I can get home. And millions of people are stuck with crappy upload speeds that make plenty of services that they may want to self-host nonviable if they care about being able to access it from anywhere.
Yes, words have meaning, but most of us will happily disagree with your definition of self-hosting.
Reminds me of self sufficiency farming. If you grow your own food you will be impacted by the yield of that farm, rather than going to the supermarket and buy the food there. If the soil is bad then it might be difficult to impossible to do self sufficiency farming.
What you describe is an unfortunate result of the terrible bandwith situation at your (and others’) location. It is not, however, a compelling argument to redefine a term to suit your liking.
(Also, with 4G, 5G, and satellite-based Internet, an alternate (albeit low-bandwith) route for emergency access is fairly straightforward to set up.)
Sorry, but nobody chose you as the arbiter of terminology. You can call your option home-hosting if you'd like, but we'll keep considering our scenarios to be self-hosting.
I rent a couple of bare-metal servers from Hetzner, and I have physical servers at home.
On my home hardware I keep things like multiple copies of my photos and documents, as well as experimenting a bit with open LLMs etc.
On the rented servers, I host websites, PeerTube, Forgejo, and keep copies of some data I downloaded from elsewhere.
I’ve also previously hosted email on rented servers. Both on rented hardware and on rented VPSes. For the past few years I haven’t bothered with hosting email myself. I use iCloud provided email instead.
Sometimes I upload videos to my PeerTube instance. Sometimes I upload videos to TikTok.
I don’t have some grand vision of self-hosting everything at home. It is impractical, and comes with its own set of drawbacks. Things that only serve myself and my family go on my hardware at home. Things that I want others to be able to reach go on the rented servers. And other times like with email and TikTok I use services where I have no control whatsoever over what the service provider does with my data.
If someone decides that a particular service is neat to host on rented servers I won’t fault them for it. And I consider things that you manage on your own to be self-hosted even if you don’t own the hardware it’s running on.
You decided to rent a $5 VPS for your email? You’ll still learn things from that even if the server is not in your home. And I will perfectly agree that it fits the name self-hosted email. Same goes for anything else you set up and manage, regardless of whether it’s running on bare metal or in a VPS, and regardless of whether the computer it runs on is in your home or rented from someone else.
> If someone decides that a particular service is neat to host on rented servers I won’t fault them for it.
Neither will I. It is an endeavor worthy of praise.
> And I consider things that you manage on your own to be self-hosted even if you don’t own the hardware it’s running on.
This is where I will disagree and stand fast. If you do not “host” it yourself, you are not “self-hosting”. You might be maintaining it. You might be administrating it. But you are not hosting it.
> You decided to rent a $5 VPS for your email? You’ll still learn things from that even if the server is not in your home.
I agree, and it is certainly something I wish that more people would attempt.
> And I will perfectly agree that it fits the name self-hosted email.
It may be said to be “self-administrated” or “self-maintained”. But it is not “self-hosted”.
You're welcome to do that but you're wrong as far as the majority of selfhosters are concerned. Spend time on https://www.reddit.com/r/selfhosted/ for more information about how widely people define it.
The word "host" is ambigious. Hosts can be virtual or physical.
Self-host to me is a verb, which mean you're running the service, regardless of what hardware it's on. On-prem is better descriptive word for physical hardware.
But are you really self hosting if you don't build your server silicon from first principles :)
I think in your analogy a VPS is more like renting a (normal) car rather than buying one - you're still in control over where it goes and its up to you to obey the traffic laws but if there are any major issues that are not your fault it's up to the rental company to make sure you get a replacement.
I'm curious what your goal is with your language crusade? Being precise with your language can be important when the distinction matters, but does it really matter here?
> If you depend on anything which has “cloud” in its name, you are not “self-hosting”.
What if it didn't have cloud in its name when I signed up but some marketing bozo adjusted the description since then? Did it stop being self hosting even though nothing technical about the setup changed.
Self hosting does not, and never did, mean solely running a physical server yourself. It means that you are running the services from a server you control. That can be a physical server, but a VPS fits the bill just fine. You're correct that terms have meanings, but this term has never meant what you're trying to constrain it to.
The meaning has only “wandered” due to the marketing of dishonest hosting companies, and their partially self-deluded customers who want to believe the marketing in order to avoid doing the hard work of actually self-hosting.
I'm not so sure. Software people have a tendency towards abstraction, and often the bottom layer in their opinion of their own role is where you have OS control, without knowing much about the network and physical.
Whether that's reasonable, well, I kinda liked the underlayer and thought it was part of a good education. But not everyone agrees.
I rent VPS's in a data center and run services on them. I feel like I'm self-hosting. The days of me running a server in my own home are long gone. I don't want to deal with the power requirements, the noise, or the hardware.
I'm responsible for all the software that runs on them so I consider it self hosting.
I think this application of the term still makes sense. There are several services I use that I can "self host" for free or pay for the service's "cloud" option. Whether I "self host" on my own hardware or not isn't relevant to the term in that use case.
A host is someone who lets people stay in their house. "Self-hosting" and "bare-metal" have gotten debased in such a strange, commercial-marketing aligned way.
The new definition of "self-hosting" is that you play any part in a piece of software that you use (if I click the "install wordpress button in cPANEL, am I self-hosting?), and the new definition of "bare-metal" is "computer." It's just weird. How can you employ a webhost in order to self-host? How can it be bare-metal if it's hosted within an OS that completely abstracts the hardware?
I suspect non-technical people just wanted to fluff their qualifications, and the companies who host for them wanted to help.
If you throw a party in your rental apartment you are not a host? I guess you could even claim that renting means you do not actually have a home if you want to be really pedantic.
Perhaps you care about qualifications, but others just care about being in control of the servers they depend on and having options when the providers helping to run those servers become unreliable and choosing the most cost-effective option to achieve that. Unless you have an actual argument why the distinction matters besides "it allows the plebes to play" then few will care about what you think the term "self-hosted" should mean - even more so when you yourself still depend on your ISP and power company.
As someone who self hosts in a VPN, I agree with you. :-)
I did self host on my own hardware for a long, long time. But convenience won.
I had built myself a massive beast. A Xeon board I had purchased cheaply for $200 bucks from a friend.
I put a water cooler(OEM from Intel) and clocked that sob from 2.6GHz to 4GHz. I quickly clocked it down back to 2.6GHz. It never hit temperatures above 30 again.
I installed 24GB RAM, which was the maximum. I installed it in a 3U chassi with the max possible 3.5” hot swap slots. I think 16?
I used FreeBSD with ZFS to run a bhyve virtualisation platform.
It was a lot of fun.
How do you define it? If your ISP has a problem, you can't access that hardware physically, so it would seem this definition rules out anyone that doesn't control an ISP.
This is a common, but disingenuous, objection. People also don’t make their own electricity. Is therefore “self-host” an unreachable goal, which nobody can fulfill in practice? No, this would be a useless definition.
I agree that that's a bad definition, that's my point. The question is how _you_ are defining it since your definition seems to have this problem; if you're going to complain about others' use of the term you should indicate what you think the term should mean!
It's not disingenuous. Being autistic about language use is honorable when the distinction you are trying to preserve is actually valuable. It's less so when the differences aren't that big in practice because in both cases you have a lot control over the services you run but in the end are still somewhat dependent on third parties.
There is a middle ground there. I self-host, was not at all affected today nor would I be if Google, MS, Cloudfare or any of the big ones go down. But I cannot easily access my server because it is locked in a datacenter 1000 km away.
But it is a bare metal server from Hetzner auction that I got for cheap and it now hosts an entire family&friends cloud for 10-ish people.
Some may lament that 'writing' now includes typing, despite having been limited to pen and paper. Frankly it's doubtful that point is taken seriously.
Similarly the core of your 'self-farming' analogy is the direct management of the crops.
The involvement of others in demolishing existing structures, erecting fences, or managing water resources on the land is of little consequence.
Of course, some might argue that unless the farm is directly managed, it does not constitute self-farming.
self-hosting: running open source code that you could run on any computer.
if it's convenient to run mastodon on hetzner, that's STILL self hosting; because you /can/ move your app IN ITS ENTIRETY from any computer to any other.
HomeLab elites really are the most insufferable people out there.
It would be good if there was a nice, simple, positive word for it; people might not feel the need to appropriate “self-host” otherwise. Unfortunately, I don’t know of any.
I asked because I used the term self-host for both my services that I run on a VPS I rent from Dreamhost, as well as services that I host on my homelab and expose over tailscale. I don't have a good set of terminology to differentiate between the two, so I call both of them self-hosting. I was a bit surprised you felt so strongly about it.
The same thing that somebody who clicked "install wordpress" in cPANEL did. They're installing software on a rented server hosted by a company that they rent from.
It would also include the situation where there was a bare metal server you installed your own operating system on it and then wrote your own software and then deployed it to that server. The argument being made is that's not self-hosting. That makes me wonder what it should be called.
Not sure if it's the best source, but Wikipedia says:
> Self-hosting is the practice of running and maintaining a website or service using a private web server, instead of using a service outside of the administrator's own control.
> The practice of self-hosting web services became more feasible with the development of cloud computing and virtualization technologies, which enabled users to run their own servers on remote hardware or virtual machines.
reply