Most states rely on paper bureaucracy to ensure that the state can function and provide services. Paper bureaucracy has been part and parcel of how we maintain states and corporations since the Chinese invented the first paper bureaucracy systems of management 3000 years ago. But as you all probably know, bureaucracy kinda sucks. It costs a lot to maintain, and in the worst cases bureaucracy can turn a state into a labyrinthian monstrosity that can be near to impossible to navigate.

Estonia is a Baltic country that in recent years has been embarking on reform programs that are intended to change this. Estonia is a “Paperless state” meaning a state that has effectively removed all paper from it’s bureaucracy and replaced it with a digital state structure. In this short video I would like to introduce you to the digital state and argue for it.

49 points

As long as this digital infrastructure is developed by the administration itself, I find the idea of a digital bureaucracy great. But relying on proprietary products would undermine its purpose, imho.

permalink
report
reply
38 points

Should be open sourced to. Auditing is crucial.

permalink
report
parent
reply
23 points

It scares me, honestly. The level of security for this to be viable is insane. Imagine some flaw or accident or attack that would erase me as a citizen. Scary thought.

permalink
report
reply
6 points

This is one place where blockchain is actually useful. No one entity is responsible for the integrity of the “ledger”. Of course it wouldn’t be publicly writable so not exactly like the blockchains you normally think of.

permalink
report
parent
reply
5 points

I can’t see how the blockchain would be particularly useful here either. The security features of the blockchain come at the cost of extreme energy usage. Storing documents using simple public-private key cryptography is waaaay more than enough imo.

permalink
report
parent
reply
7 points

You don’t have to “mine blocks” to have a blockchain. It’s just a continual list of transactions that can’t be modified after the fact. So a hacker couldn’t wipe out your existence from the chain without controlling the majority of the participants (in a consensus algorithm). Not saying it’s an ideal use-case but highlighting that feature. There are many ways to avoid “data wipe” attacks.

permalink
report
parent
reply
3 points

Crypto fellaz always forget that we actually have this solution in most databases, and it’s called write-ahead-log.

permalink
report
parent
reply
3 points
*

For most people not so scary until the one snafu to rule them all.

Hence it exists.

Can you change that people are stupid and find new and new ways to ruin their own lives? If you can’t, just look and enjoy.

permalink
report
parent
reply
3 points

It’s just that I don’t want my own country to get any wild ideas. I mean, the ideal digital society utopia is an amazing thought experiment. But it feels very fragile for us at this time. We are still in our technological infancy as a species, even if we feel very advanced.

permalink
report
parent
reply
2 points
*

I don’t think any utopia is reachable, but closest to that would look like Star Wars EU computing, where proprietary formats and stuff like what we use today are limited to toys for very rich people, computer systems are produced by a lot of different processes in a lot of different places, even if not very computationally powerful, everything is modular and tunable, and vendor locks are too a thing only for expensive toys.

Formats and environments and interfaces are simple, because of the need for portability of everything in such an environment. It’s not impossible there to successfully integrate systems produced 100 years apart.

EDIT: What I meant is - it definitely won’t happen the way we are trying now with centralized very complex and fragile systems built after what normies imagine to be good. Normies want magic - all-powerful arcanely complex systems, a deus ex machina. This is the direction exactly opposite from what a good engineer wants. It’s scary actually how a lot of things around are attempts to replace the “wrong” humans. “Wrong” romantic partners, “wrong” employees, whole “wrong” professions (like many lawyers seem to hate engineers, and the other way around TBH), politicians try to replace “wrong” social responses with bot farms. Everybody is trying to use computers most of all to kill somebody else indirectly (or sometimes directly). I wonder when will it get to general conscience that this is not different from any other technological advancement.

permalink
report
parent
reply
1 point
*

I find it funny that people who think like that are from countries like the US and UK where you can live without an ID/passport your whole life. Identity theft in such countries is very common, while it’s pretty much impossible in Estonia. You should be afraid of living without a digital state and a passport in your pocket.

permalink
report
parent
reply
2 points
*

I’m from Sweden. Also a developer by trade. 🤷‍♂️

permalink
report
parent
reply
1 point
*

It wouldn’t really affect u even if ur id got deleted. Let me explain. Ur id is nothing but information correct (your name, address, etc.). The same goes with contracts. What makes ur id special is that the government has verified it to be legit.

A very simple way of doing this is by making the government cryptographically sign ur id/contact. I would really recommend getting a functional understanding of how public-private key cryptography works. Basically, the government just has to put up its public key online. If u have ur id, u can verify if the document is issued by the government using their public key.

As long as the public key stays there, and u don’t lose ur id and contracts they won’t technically be lost.

Also, if the public key suddenly changes/disappears without being notice, everyone would know that something’s up. It’s like ur government building’s staff was suddenly replaced.

permalink
report
parent
reply
2 points

I would really recommend getting a functional understanding of how public-private key cryptography works.

I have an intermediate understanding of how it works. 👍

and u don’t lose ur id and contracts

Ah, yeah… Therein might lie an issue. 😅

permalink
report
parent
reply
2 points

Ah, yeah… Therein might lie an issue. 😅

But that’s an issue with papered systems as well, no?

permalink
report
parent
reply
14 points

One thing I commonly hear as an argument against electronic voting is security and ease of vote tampering. Is Estonia solving this issue and, if so, how?

permalink
report
reply
10 points

Idk if you watched the video but the reason it works is mentioned in the video, if not explored in detail.

You have a digital id and a digital signature that is tied to you as a citizen.

Each vote has to be signed with your personal voter signature.

permalink
report
parent
reply
5 points
*

I watched though about half of it, before concluding that this video is only going to be a summary video that won’t answer my questions fully.

Digital ID and Digital signature are absolutely necessary, though depending on how those two are implemented I could still see fraud and vote manipulation being feasible. I was hoping someone with more knowledge about how Estonia is doing its security and verification systems to ensure records aren’t being modified maliciously.

permalink
report
parent
reply
8 points

I’m happy to revisit and explain, but I don’t have much time to type right now - the wikipedia page for estonia has great info; you will need a basic understanding of cryptographic hashing and merkle trees

permalink
report
parent
reply
7 points
*

https://en.m.wikipedia.org/wiki/Estonian_identity_card

It’s actually fascinating. Asymmetric keys with public keys hosted by the government and the private key in your ID.

A 4 digit pin1 code is required to use the authorization key and a 5 digit pin2 is required to use the signing key.

The average Estonian signs 50 documents per year using this method.

permalink
report
parent
reply
4 points

Everyone in Estonia has to have an ID card, which contains the RSA keys and x.509 certs for giving digital signatures.

permalink
report
parent
reply
3 points

Regarding electronic voting, you can either have reliable and secure, or anonymous, but not both. Sounds like Estonia went for option 1.

permalink
report
parent
reply
7 points

Turkey has been doing it for more than a decade. It is very convenient, but now you can find tons of info about every citizen on the web because of leaks.

permalink
report
reply
1 point

Then it’s a badly implemented system. A good system won’t be able to have such leaks.

permalink
report
parent
reply
3 points

Except we won’t. Too many of the religious fanatics think chips are the mark of the beast and 666 and all that bullshit.

And they control half the political power in the country.

permalink
report
reply
2 points

Which country?

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 17K

    Monthly active users

  • 12K

    Posts

  • 543K

    Comments