Listening to news about the election, it's like no one can figure out how to use machines to count votes in a secure way. The most insane thing I've heard so far is votes being transported on memory cards. Why? There's so many ways that can go wrong. ...and it apparently did in the form of some of the cards simply being misplaced and no one realizing that any were missing.

I always imagined that people at local polling places simply call someone up and report the counts for the ballots at their location, and then those local people (of whom there is presumably at least one to represent each candidate) can check the results reported to the public and verify that the counts reported for their local polling place are correct. That way there's no need for memory cards or official paperwork or locked ballot boxes or anything that can be tampered with. However, apparently I was assuming too much about people's ability to figure out a secure process.

It's not that hard to figure out how to use machines in a transparent way. Here's what I would do:

First, build one machine that sorts ballots into multiple piles depending on who was selected for a particular race. Make it entirely electro-mechanical so that there's no software that can be tampered with, and make it out of transparent plastic so everyone can see the actual mechanics and that no one tampered with the machine by inserting something electronic. Then for each race, configure it for that race and run the ballots through it.

At this point, allow everyone interested to flip through the ballots in each pile until they're convinced that the machine was configured correctly and each pile only contains ballots that vote for the candidate that pile represents. This will check that the machine wasn't misconfigured by whomever operated it. Also, in the case of elections that aren't even close, the size of each pile at this point will tell us who the winner is.

For the races that are close, we just need a second machine. This one won't look at the ballots at all, and in fact won't be capable of looking at the ballots, but instead it will simply count them. Counters can be entirely mechanical so again there is no need for any software. Again, it needs a clear plastic case, not only so that everyone can see that there's nothing unusual inside but also to prevent anyone from touching any part of it other than the button that resets the counter before each stack of ballots is inserted. Then everyone can watch as each stack of ballots is run through the machine for a count. We can run each stack of ballots through several times just to make sure the machine works and that its ability to count doesn't change (accidentally or purposefully) over time as the stacks are counted.

We can have many such machines at each local polling place, or even transport the ballots to a central place as long as people from all candidates are able to ride along and verify that the ballot box isn't tampered with along the way. The key is just that the whole process is observable, because if there aren't people there who can observe cheating and call it out, then it really doesn't matter what the process is, because it will be cheated. That's the whole problem with electronic voting: It obscures part of the process into electronics where no one can observe what is happening.

Also, we need cameras. When it comes to money, we put cameras everywhere, because we care if money is counted correctly. I've heard news that the poll watchers aren't allowed to use cameras, but instead have to show up with only audio recorders. I'm sure there's some excuse, such as that they don't want them recording who votes for what since votes are supposed to be anonymous, but again, it's not like we can't design a process that keeps who votes for what hidden from cameras. Like, that's the whole point of the "secrecy envelope" in mail-in ballots: They verify that you're a legit voter with the outer envelope, then they can pull out your ballot inside it's secrecy envelope and add it to the pile of accepted ballots without opening it and therefore not see who you voted for. Then when the envelope is eventually opened, no one knows who mailed it in. Interestingly, this shows that people are able to think this stuff through, yet there's also many aspects of our election process which it doesn't seem like anyone has put any thought into.

I guess it's just that there's a mix of people who know what they're doing and are improving things, and people who don't know what they're doing or don't care or just want to make the process insecure who are also making changes to the process.