Around 5:30 the psychic link that I share with Kevin woke me up and I reached for my iPad to see what he was tweeting. (You may think I’m mad, but it happens a lot.) What he had for me was the results of the 2015 Worldcon Site Selection. Spokane overcame Helsinki by 645 votes to 610 on the third round of balloting.
Helsinki had a lead after the first ballot, and kept it once the joke votes had been re-distributed. However, when Orlando was eliminated and their votes were redistributed Spokane came out a narrow winner.
I should note that these results are unofficial, pending ratification at today’s WSFS Business Meeting. However, Kevin was at the count, so unless there’s some major complaint that no one has heard about yet I’m pretty confident those numbers are final.
Helsinki did extremely well. My view was that they needed to win the second preferences of the Orlando voters. It seemed likely that Orlando would finish third, and as their location was roughly midway between the other two it would be interesting to see how things panned out. Of course most Orlando voters probably live west of Florida, so Spokane is probably nearer to them. And many Americans are still very wary about traveling outside of their country (lots of them don’t have passports). So it goes.
I’ve heard nothing from Jukka & Eemeli about possible future bids, and I don’t expect to until after they have got home and had a chance to talk things over with other Finnish fans. However, I’ve also seen people online calling for the 2015 Finncon to be something special for all of those people who can’t, or don’t want to, go to Spokane.
As I understand it, there is no set location for 2015 yet. Turku is next in the rotation, and they have run a Eurocon before now, but 2011 was not their finest hour. Tero will doubtless have something to say about plans in good time. Despite the Worldcon plans, I don’t think it is automatic to expect Helsinki to bid, as they hosted Finncon this year and may be thinking of 2017 or 2018 for Worldcon. (They have already ruled out a 2016 bid, due to their close relationship with the Kansas City team.)
The 2015 Eurocon is, of course, due to be held in St. Petersburg, but as the news from Russia continues to get worse and not better I’m very concerned about that.
Anyway, wherever the 2015 Finncon is held, it would be nice to have something good happen there. I’ll be there, and Jeff VanderMeer has already said he plans to go. Anyone else?
The other thing worth noting is that despite the sterling efforts of the Helsinki team to arrange to carry ballots on behalf of people, I continued to run across Helsinki supporters who said they hadn’t voted because they could not do so online. It seems ridiculous to me that WSFS is unable to allow online voting for Site Selection when it does so for the Hugos, and when this year’s Worldcon allowed us to pay and be validated for site selection online, but not submit the ballot. We need to get with the 21st Century.
The bid’s Facebook page states no Finnish bid for 2016 or the foreseeable future.
We decided we were for Finland in 2015 so Finncon it will be 🙂
FINNCON 2015 was always my plan B – so be it. Turku is a beautiful city, Finland’s oldest. If the Turku fan / con f
group allow all the good will that’s been generated to filter into the planning, organising & running, something quite wonderful could be created.
We looked at electronic voting last year, for 2014. WSFS wants votes to be both anonymous and verifiable, and you can’t get both of those from an electronic system. It will be necessary to give up at least one of those desirable attributes.
Hugo voting isn’t anonymous, and no one seems to care. I don’t see why it should be such a big deal for site selection.
Surely it would be better to have more people voting, rather than disenfranchising a large portion of the electorate. Not to mention people who can’t attend a specific WorldCon have to pay for postage and get their ballots in earlier.
There should at least have been the option to receive mailed in ballots up until the same day as ballots that were handed in.
Lots more politicking involved, and possibilities of bad blood if bids get to know who voted or didn’t vote for them, if I’ve understood the discussions.
Exactly.
Is there a clear definition of what those requirements mean? I can think of a system for this but I may be misunderstanding the requirements.
So: each voting member has a membership number. When the voting fee is paid, use a one-way hash function to generate a hash from the membership number plus a salt based on the timestamp of the transaction. Record the hash value, without noting who it belongs to. Send the hash value to the voter. (Possibly in the form of a URL, such as https://worldcon.org/site-selection/?hash=ef9823a3be9482, frex.)
The voter must also generate a login for later use. This is not linked with the hash in any way.
Put the voting booth behind a login screen. When a voter votes, toss the vote unless the hash is on the approved list. Record the vote/hash pair for verification. Don’t record the login along with the vote/hash pair. Flag the account as having voted.
At the end of the process you can safely publish the full list of hashes plus the list of hash/vote pairs, I think. There’s no way to trace the hash back to the owner.
Feel free to shoot holes in this; as noted I don’t have a full understanding of the requirements and I have not done a full threat analysis. For that matter I’m not a security expert. But the problem doesn’t seem intractable.
Poking holes (I make online voting sites for a living):
– To send the hash value to the voter you’d need to have their email address and hash be linked in some way, though? Redirect the voter to a page displaying the hash and ask them to save it?
– “Flag the account as having voted.” If the hash is one way, and the login is unrelated, you’re flagging the hash as having voted, not the account.
This is an issue insofar as voters cannot check on the status of their votes, but it is also an issue with the paper ballots. Basically, you can’t know if your vote made it in, which isn’t great for security, and I’m assuming security is what we are after with an anonymous ballot.
I do not make electronic voting sites for a living, so am very glad for professional input.
For the email, you’d need a temporary link. Something like:
1. Generate hash, store it in a variable
2. Send the hash to the voter’s email address
3. Store the hash in the hash list
4. Erase the variable
This is vulnerable if someone hostile has access to the system during the process. That’s a problem in the general sense, though — if the voting systems are compromised the whole thing falls over. I’m making the possibly inaccurate assumption that it’s ok to have transient traceability as long as the permanent records are not de-anonymizable.
For recording votes:
1. The voter goes to the URL, and the hash used goes into a variable
2. The voter logs in
3. The voter votes — hash/vote pair is recorded
4. The voter account is marked as having voted
5. Once again, the hash variable is erased
I am thinking that the above process happens regardless of whether the hash is valid or not, which prevents brute force guessing attacks. You don’t want to tell someone they’re using an invalid hash — if an attacker guesses an invalid hash, their account still gets marked as used. Only one try.
Some number of people will lose their hash and be unable to vote. No way to avoid that; may not be an acceptable flaw.
I’m thinking a hash function which generates GUIDs to make the practical chance of guessing a hash value 0.
Finncon 2015. I admit the last time I was in-country around Finncon time, I just hung out a bit with people I knew in Finland and Finnish fandom (the two circles do not entirely overlap, due to demosceners) instead and then went to a demoparty in Norway.
If the folks who organize Assembly manage to time it close to Finncon again but not at the same time that will be awesome.
“(They have already ruled out a 2016 bid, due to their close relationship with the Kansas City team.)”
Thank you for that bit of explanation! It’s been driving me nuts ever since the Helsinki bid was announced wondering why they’d try to stack the odds against themselves so badly instead of going for two years after London and the much easier-looking opponent.
Man, I”d LOVE to go to Finland. I would. But ouch, the cost… (Maybe one day, before I’m too old to do it, I’ll still unlock the “famous enough” level of achievement in time to be invited over to Europe (in general) and Finland in particular as some sort of Writer Guest… 🙂 )
Alma, we had many people say they voted with their pocket book. It’s unfortunate, because I honestly believe a Helsinki Worldcon would’ve been far more affordable than people realized.
Flight costs are not something we can do anything about, but Finnair has recently opened up new routes and options, to such an extent that my flight to Helsinki in October (for attending Swecon and visiting my Finnish family) has actually gone down $100 in the month since the Finnair announcement.
In terms of attending Helsinki, not that this info can impact the vote now, but our hotel rates started at 80 euros (currently $107 USD) — and that includes tax AND includes breakfast. That was cheaper than Spokane ($129 plus tax, and not including breakfast) or Orlando ($139 plus tax, and not including breakfast).
The city of Helsinki also supported our bid to an incredible extent, including offering that our members would have free public transit during the convention.
It’s unfortunate that a lot of people voted on site selection without having an informed vote about the options. Apparently, we couldn’t get information out widely enough. The number of people who told me afterward that they had voted for the American bids first because “the Finns don’t speak English” was really, really disappointing.
For most Americans IcelandicAir would have been the best option too. Two relatively short flights, Iceland isn’t a lot further from the West Coast than the East Coast, and they offer free nights.
Alas, it’s not to be for 2015… I worked out it would be easier and slightly cheaper for me to get to Helsinki than Orlando from Seattle.
The language thing boggles my mind. I don’t know a Finn who doesn’t speak flawless English.
“The other thing worth noting is that despite the sterling efforts of the Helsinki team to arrange to carry ballots on behalf of people, I continued to run across Helsinki supporters who said they hadn’t voted because they could not do so online.”
I work for an election provider, and I’m pretty shocked that it’s okay to carry other people’s ballots but not to vote online. That’s ridiculously unsecure given whoever is carrying the ballots could easily change them (obviously I’m not saying they did or would, but they *could*).
I’m sure this is a question for the Meeting and Committee but wouldn’t higher participation be more desirable than anonymity? And anonymity would only be breached if data were mishandled.
I haven’t got to the bottom of all this yet so I’m not 100% sure why anonymity is such a big issue. Mike may want to address that.
However, my suspicion is that it is to do with the counting procedure. Counting of paper ballots is a time-consuming process that requires a lot of people. Typically the responsibility for providing tellers falls to the bids. Given the time and energy (not to mention money) required to run a bid, I’m not surprised that people want to keep their votes secret if they don’t vote for their friends.
There may be ways around this, but it is going to require thinking outside of the box, and I want to bat ideas around with people before making suggestions.
I’d say don’t have the people with most to lose/gain do the counting, but I do work for a third party provider so I’m kind of trained to think like that. 🙂
My job is to set up the sites (another department analyses the results) so this is purely a guess, but I’m pretty sure there is a way to extract one part of the data (votes) and not the other (voters’ details).
But I’m with you, the first thing I thought of was that online voting is good enough for the Hugos after all. Those have big financial repercussions for authors too.
The reason why the bids provide the tellers is that they are the people who have sufficient incentive to donate their time.
The Hugos are a different matter entirely. Voting is almost entirely online and automated, with very few people required to run it. Also no one involved in Administration has a direct interest in the outcome.
I’m glad you brought this up and there’s discussion here. It’s baffled me, too (lack of e-voting for site selection).
The need for people to count would reduce greatly, or go away, if it were done electronically (taking care of one issue). The evoting wouldn’t be handled, I presume, by the bid committees. It seems like a win all around, but surely I’m oversimplifying.
Spot on, Kendall.
There was a limited form of electronic voting this year, but it was not well publicized. WSFS rules require that any e-voting for site selection requires the unanimous consent of all bids listed on the ballot and the administering Worldcon.
The short form of why e-voting is standard for Hugos but not for Site Selection was summed up at a Business Meeting a couple of years ago (if I can find the specific meeting’s video, I’ll point to it someday) by one of the people advocating the more restrictive current conditions: The model for the Hugo Awards is “trusted administrator,” whereas the model for Site Selection is “trust no one.” That is, in the former case, we delegate the Hugo job to an administrator and we have to trust him/her/them. For Site Selection, we don’t trust the administrator; the bids have to watch him/her/them and each other to prevent irregularities. I don’t particularly agree with this formulation, but it’s what we have for now and the best we can do is to work within the structure to get all of the bids and administering committees to work up agreements within the rules to make e-voting work, which they can do so without further intervention from WSFS.
I hope that if we can get a few years of workable e-voting for Site Selection going with no controversy, we’ll be at the point where we all wonder “Why weren’t we doing this all along,” which is the way the current e-voting for the Hugos are now.
Thanks! That’s super-helpful context for a neo to the politics and arguments surrounding this.