"you cannot discover my vote in a ballot box among thousands of other votes."

The existing system is even worse than you credit. Those voting slips no doubt contain DNA.

And neither is the proposed system as bad as you fear. I would imagine that after complaints and investigations, the people suffering with "voter remorse" would be known. Or the actual problem would have been found and the error would have been fixed. Like solutions exist for all your posited issues.

I am against the so called "right to privacy". Where is it written and in whose constitution or Bill Of Rights?

When the Greeks invented democracy, there was no privacy. Sure, in small town USA there might have been a problem. But in a nation where gun ownership is a right, I would not offer good insurance rates to an enforcer.

You raise valid issues. "buyers remorse". "storing identifying information". There are other issues. But wtf, what we have is far less perfect. And there are precautions, and mitigating procedures that could be developed.

Anything which diminishes our representatives' power (and graft) is good for us, and resisted like the plague by pollies. Direct polling appears to be an important step in that direction.

We are at cross purposes. I am not talking about voting machines. "voting day" does not exist. What does exist in this scheme is a publicly available, at all times,
1). A file of eligible (named) voters.
2). A file of votes with names encrypted.
3) open source software that will count the votes, and allow anybody to verify that their votes were properly reported on the vote file at any point in time.

I do not envisage voting for representatives, but on the decisions that representatives make. When you vote for a representative, you must compromise. No single representative would always vote the way I wanted. And even that requires them sticking to their promises. (haha).

If the outcome is so close (depending on say 0.1% of the votes cast) then perhaps the vote is never finalized. Perhaps consensus should be sought on a different question?

There is no machinery, just your own computer, compiler, password, and a mainframe somewhere that holds the master vote and voter files, and open source files.

Theoretically that master computer could be interfered with, but any change to the votes file would risk discovery the next time the owner of that account looked over his past votes record. (and remember, he could have downloaded the record at any time in the intervening period, so any fiddle would be immediately obvious.)

Any miscount would be immediately spotted, because every voter could (and quite a few probably would) run the votes file through his/her votes counter program.

Do you do online banking? Envisage a similar system.

The way I envisaged it was:

There is identifying information on the votes file, (your encrypted username) and the votes file is what is used to count the votes. Only you can verify that it is your vote, and you can see it is not changed when final count was taken. In fact, you could even see if it was changed before and changed back after the vote. Because the votes file contains a historical record of all your voting.

The open source program suite does the vote counting and encryption and decryption. They also control the generation of the votes file.

I am on a slow connection, and submit is under the preview button (please fix that, Slashdot) so did not edit out ambiguities in the last response. (below) so read that response before and in conjunction with this response.

If a percentage of voters (around 5% say) check their vote account for an authorized transactions, and if (say) 1% of votes had been changed by evil people, then there would be a calculated (maybe 50%) chance that the fiddle would be discovered.

Remember:
1) the voter file (with encrypted voters) is being downloaded and saved by multiple voters and could be checked for authenticity and vote counting by anybody at any time now and in the future.
2). The only way a voter gets an account is the one time in his life when he shows up to register. At that time an extra voters name goes on the roll of registered voters, and an extra encrypted account entry goes onto the votes file. The weak point here is that someone watching could note that the two events happened simultaneously.
3) Any voter could look at any downloaded votes file and confirm that his vote was not tampered with.

So really, the problem for the bad people is;
How to change a vote on the public vote file when (1) everybody can see the change, (2) everybody can count the votes.(3) if there was a change, everybody can be made aware and the matter rectified.

BTW I would make it a capital offence to knowingly corrupt the vote file.

I think you might have missed one wrinkle that I had assumed. I assumed that an individual could (a) confirm that his own vote had not been tampered with & (b) that he could confirm that there were (say) 100,000 entitled to vote and that there were only 100,000 who were counted (as yes, no,indifferent).

Now a purist might complain that he could not check every vote for authenticity, however (I can't be bothered with the math, but) if a percentage of voters do check their own votes, they would notice that they had been changed, and raise the alarm.

I apologize for failing to clarify, and hope this answers your concerns.

Not sure of your point. If its not the same source then it would show a different result when i compiled and ran it on my computer, wouldn't it? (Then I would know that I had a different source, and look for the reason).

I am not setting up a policing system, just a way of verifiably voting ananymously.

Even if I can't be bothered to go through the program line by line to confirm no nasties, I expect someone would. Like the rsa encryption scandal where the CIA (or other persons unknown) planted a bomb in PGP.

Btw I am not talking voting machines with buttons, but online voting accounts, a bit like a bank account.

The present system has lots of faults, like multiple votes on the same name at different booths. Or dead people voting.

As for family coercion. Sadly it likely would happen. The cure for that is education. (as a matter of fact I get bullied all the time by my 11 yo grandson).

speak for yourself. I will compile and run an open source program on the downloaded data, and know if somebody has done a fiddle.

We use computers for banking. So why does that work?

I guess you do not do your banking online

for:
1) "Voters need unrestricted access". Good point. We need publicly available computers. Here in Oz most municipal libraries have them.
2) & 3) & 4) & 5) see response above to "6) Checks if a voter can be mapped to at most one vote."

but to reiterate and expand:

In Oz, use the existing roll of voters to issue usernames/passwords. (I don't know what equivalent you have in US/UK etc, but if it's not secure, then why have you got it/not fixed it?) Voters then use that ac/pw to "log into" the vote computer, which keeps secure "vote accounts" much like an online banking account. The "vote accounts computer" database with encrypted names is available read only to anybody who wants to count & verify votes.

If a voter decides to change a vote prior to the "count", then that would be possible.

I think that answers 2,3,4,5.

The greatest weakness I see is the possibility of someone correlating a username with a voter by external (real world) factors. That could be combatted by changing usernames on a regular or time encrypted basis.

In Oz, we have an electoral roll. Every citizen is supposed to be registered. Once. Use that roll as a source for handing out encrypted identity numbers with passwords.

Encrypting identity hides the identity, but allows votes to be counted by a publicly available voters/voted file.

Is there a good package that
1) protects privacy
2) is online
3) allows voter to confirm or change their vote
4) allows anybody to count the votes
5) have I missed anything?

I do not know how he could get to Ecuador. Can he be carried in a political bag? I doubt the UK would accept him as political personnel. Whether ensconced in the Ecuador Embassy or in jail in the US he is an object lesson to those who would follow in his footsteps.