Slashdot Mirror
Inside Electronic Voting Machines
Alien54 and several other people wrote in about a couple of stories published in a New Zealand webzine: an examination of an electronic voting system, and some less interesting political speculation about it. Diebold voting systems are in fairly wide use, and apparently provide zero security to keep election officials from writing in whatever election totals they want.
We should have a slashdot poll about this. :)
And then rig the results.
[tinfoil_hat]In the near future we will be given ballots containing RFIDs which will tie the voter to the vote. mwahahahaha![/tinfoil_hat]
Trolling is a art,
It's not a bug, it's a feature!
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
http://www.blackboxvoting.com i suggest you check it out.
--CRN
It should be required that machines use open-source code, and some mechanism be provided for public inspection of the machines to verify the code hasn't been altered, some sort of checksum mechanism.
This should be of no surprise to anyone familiar with Diebold. You may have noticed that these guys are the makers of bank ATMs, among other banking and security equipment. Most of these ATMs, especially the older ones, use only 56bit encryption. 128bit is available in the form of a ridiculously expensive chip which also costs a few hundred dollars labor to have a tech come out and stick it in. Most banks, being the biggest cheap-skates in business, are unwilling to spend the money for these upgrades so, many of the ATMs that you regularly use likely have 56bit encryption at best.
The short story is that they were all very flashy and glitzy, but all had severe problems with security and/or usability. We eventually decided to run a pilot program in last year's off-year election and try out 5 of the most promising machines in a real-world election. The final winner will be used across the state in 2004.
No more hanging chad, but I think we are going to have a whole new set of problems to deal with.
... to tabulate the votes of the supreme court? Those are the votes used to selec..., er elect the pres...
"Faith: Belief without evidence in what is told by one who speaks without knowledge, of things without parallel." - A.B.
I don't know if I am supposed to do this but I am sure I will find out soon enough... ;)
Text:
Bigger Than Watergate!
How To Rig An Election In The United States
Column: C.D. Sludge
07/08/03: (Scoop) The story you are about to read is in this writer's view the biggest political scandal in American history, if not global history. And it is being broken today here in New Zealand.
This story cuts to the bone the machinery of democracy in America today. Democracy is the only protection we have against despotic and arbitrary government, and this story is deeply disturbing.
Imagine if you will that you are a political interest group that wishes to control forevermore the levers of power. Imagine further that you know you are likely to implement a highly unpopular political agenda, and you do not wish to be removed by a ballot driven backlash.
One way to accomplish this outcome would be to adopt the Mugabe (Zimbabwe) or Hun Sen (Cambodia) approach. You agree to hold elections, but simultaneously arrest, imprison and beat your opponents and their supporters. You stuff ballot boxes, disenfranchise voters who are unlikely to vote for you, distort electoral boundaries and provide insufficient polling stations in areas full of opposition supporters.
However as so many despots have discovered, eventually such techniques always fail - often violently. Hence, if you are a truly ambitious political dynasty you have to be a bit more subtle about your methods.
Imagine then if it were possible to somehow subvert the voting process itself in such a way that you could steal elections without anybody knowing.
Imagine for example if you could:
- secure control of the companies that make the voting machines and vote counting software;
- centralise vote counting systems, and politicise their supervision;
- legislate for the adoption of such systems throughout your domain, and provide large amounts of money for the purchase of these systems;
- establish systems of vote counting that effectively prevent anybody on the ground in the election - at a booth or precinct level - from seeing what is happening at a micro-level;
- get all the major media to sign up to a single exit-polling system that you also control - removing the risk of exit-polling showing up your shenanigans.
And imagine further that you;
- install a backdoor, or numerous backdoors, in the vote counting systems you have built that enable you to manipulate the tabulation of results in real time as they are coming in.
Such a system would enable you to intervene in precisely the minimum number of races necessary to ensure that you won a majority on election night. On the basis of polling you could pick your marginal seats and thus keep your tweaking to a bare minimum.
Such a system would enable you to minimise the risks of discovery of your activities.
Such a system would enable you to target and remove individual political opponents who were too successful, too popular or too inquisitive.
And most importantly of all, such a system would enable you to accomplish all the above without the public being in the least aware of what you were doing. When confronted with the awfulness of your programme they would be forced to concede that at least it is the result of a democratic process.
How To Rig An Election In The United States
So how would such a system actually work?
Well one way to run such a corrupt electoral system might look like this.
- Each voting precinct (or booth) could be fitted with electronic voting systems, optical scanning systems, punch card voting systems or the more modern touchscreen electronic voting machines;
- At the close of play each day the booth/precinct supervisor could be under instructions to compile an electronic record of the votes cast in their booth;
- They might print out a report that contains only the details of the total votes count fo
The Brazilian government converted to fully electronic voting in 2000, deploying over 400,000 kiosk-style machines. Although our elections are often compared to those in the US, they are actually quite different because the voters cast ballots by using numbers assigned to each candidate (this is necessary because of a high degree of illiteracy here).
o n/2000/nov/13/194.htm). There is also an informative website: Brazilian Electronic Voting Forum by Amilcar Brunazo Filho.
Concerns regarding accuracy of the self-auditing systems caused the legislature to mandate a retrofit of 3% (some 12,000 machines) to produce a paper ballot that the voter could peruse and deposit in a box for recount (the first large-scale use of the "Mercuri Method" -- described more fully here "A Better Ballot Box?").
These paper-trail machines were successfully used during the October 6, 2002 election, and it is hoped that their other machines will eventually be retrofitted as well. Further discussion on this subject can be found in the article: "The importance of recounting votes" by Michael Stanton (originally published in Portuguese as "A importância da recontagem de votos", on the website of the Agência O Estado de São Paulo, November 13, 2000, http://www.estadao.com.br/tecnologia/coluna/stant
Any computer data can be quickly and easily changed. The best solution I can think of is to print out two paper receipts for each vote, one to go to the election commission (for manual recounts) and one to go to the voter. Each receipt would contain a random code which the voter could then type in on a web site to verify their choices have not been changed. Of course, most people wouldn't bother to verify, but it only takes one person to catch vote fraud.
"Freedom means freedom for everybody" -- Dick Cheney
The only solution I can suggest for an all-electronic voting system would require extensive use of cryptography. Every voter would have to register a public key and every vote would be cryptographically signed. This would require a database of public keys outside of any political influence and it would also require that voters keep their private keys secure, both of which are enormous problems.
Given these drawbacks, an antequated punchcard system doesn't seem quite so bad...
The US military wants to make sure that US servicemen/women overseas can vote. That's not a bad thing and there is a US law that requires this.
But there is a bad thing - the system they are promoting runs on MS Windows - including Win 95/98 - using Internet Explorer (5.5 and up) and Netscape.
Somehow they have in their minds that if they run HTTPS and require anti-virus software that the machines will be secure enough so that votes made through those machines won't be buggered.
Oh, and did I mention that the voter registration occurs through the same machines and same web-browser/https mechanisms?
Seems to me that this is a recipie for disaster - I don't consider any operating system safe from tampering, particularly none of the MS products. And these machines will likely be shared by many people, configured by DHCP (itself a security risk), perhaps with programs being loaded over insecure nets from insecure file servers, and crossing the internet via web proxies, "transparent" web caches, WCCP, and who knows what else.
This could make Florida 2000 look like a picnic.
I hope you are kidding but, the 1965 VRA prevents literacy exams, and the USSC has upheld it as Constitutional
09f911029d74e35bd84156c5635688c0
Make a public domain design&software for a voting machine. Get five companies to build them. No one company can rig the election.
My only big design point is Dual Receipt, like a credit card transaction. Fast electronic count, paper count for them, paper count for me.
Start Running Better Polls
Their article is interesting, but a bit misguided IMNSHO. First they harp on the three sets of ledgers. Well what's the big diff. They say that this somehow allows more leeway to fudge, well actually it doesn't. The fact is that you have to know that there are three sets and exactly which sets of reports get their data from which sets (a very lame attempt at security thru obscurity?). Having a single ledger means that you only have to go to a single place to mess with things.
But the biggest problem with there report is that they spend a lot of time talking about essentiallly one issue, that the tables are available for anyone with the password to edit and manipulate. There doesn't seem to be any type of tiered access and because they use access, a TRUE audit trail can not be created.
I would think that a voting system would be important enough to warrant the extra time to create a custom DB that audits absolutely everything to a file/table that can't be touched by anyone but the app (e.g. only the app can add rows and rows can never be deleted). I assume that Diebold was able to use Access because it made their bid lower and the company that actually had a decently secure system was underbid.
I smell a voter's lawsuit, oh to be a lawyer.
Three years later, and it seems that equipment manufacturers have managed to blithely ignore every bit of it. And apparently, so have the people purchasing the stuff.
Try this cool Slashdot method I've developed:
1) THINK
2) THINK AGAIN
3) POST!
4)
Vote tallies have been different from exit polling in recent elections (that's one of the reasons people were looking at Palm Beach County), and what has it gotten us? Besides, in 2002 we had almost no exit polling because of the convenient demise of the Voter News Service. Exit polling is hardly a solution to flawed electronic voting systems.
United States citizens don't have a right to responsibly vote, they have a right to vote. If you open a door for literacy, why not require that people have certain moral standards? Why not require that they not be communists? Why not require that they be conservative or liberal or white or black?
Fortunately, as someone who has served as an election judge (working the polls) in Minnesota, I can tell you that these concerns are a little overblown. We use the optical scan machines here, and we submit the precinct detail report (list 1 for those who read the article) to the county electronically and in paper format (3 copies). Additionally, we have all the paper ballots that were filled out by the voters carefully stored in the machines during the voting period, and then mailed to the county in sealed envelopes and signed by all the election judges.
Not only is the written process pretty fail-safe, but I worked an election where there was a discrepancy between our ballot count (kept as people vote) and the machine count at the end of the day. We hand-counted all the ballots (they were bubble test style, so no hanging chads or dimples) to make sure the count was accurate. Even if someone had hacked the voting machine, there was little chance for them to bust into the voting machine to steal or alter the ballots.
Additionally, although some nefarious person could hack the machine, I have no idea when they would. Most polling places have a team of election judges present from the time the machine is unlocked until after the results have been transmitted. Judges are not supposed to linger near the voting machine for any length of time. Certainly it's important to implement appropriate safeguards in the software (such as the automatic numbering system that was disabled for the log file), but chances of election fraud due to machine tampering are pretty darn low.
Under capitalism man exploits man. Under communism it's the other way around.
There's plenty of security preventing people from changing the results. Its called exit polling.
You're forgetting that the exit polls declared Gore the winner in Florida, by a pretty good margin. However, the *official* ballots told a different story, mostly because of all the accidental Buchannan votes. So without an audit trail, vote riggers could just say "Gosh, I guess those people reporting their votes to the exit pollers were mistaken or lying."
And a lot easier to forge.
To stuff a ballot box, you need the right paper, ink, and print format BEFORE the election. This creates a paper trail and gives us time to stop you before you do it.
It also requires multiple criminals, which may very well turn state's evidence.
To change purely electronic data, it can be done on the fly, during the election, by one angry man, leaving apparently NO traces, according to the analysis of the machines currently used. And their would be no way to recover the original data.
The original paper ballots can and DO get checked by hand. To really fix any election that has paper ballots, it is MUCH harder than a pure electron one.
excitingthingstodo.blogspot.com
Then again, it would only take one fraudster to falsly claim their vote had been miscounted.
Also, any system that lets the voter check their vote also lets someone forcing them to vote one way or another to verify that they've done as commanded.
Politicians here have to spend lots to get the dead to vote... but they manage to turn out year after year. How failful to their citizenry after they're gone...
It doesn't have to be the Republicans themselves. Just people who would benefit from them being in power.
It may interest you to check campaign contributions from executives at Diebold. They seem to like to give quite a bit of money to the Republicans. Just a quick taste:
Walden W. O'Dell
Chairman of the Board, President and Chief Executive Officer, Diebold
2/14/01 $2,015.00
RNC REPUBLICAN NATIONAL STATE ELECTIONS COMMITTEE
12/17/97 $1,000.00
VOINOVICH FOR SENATE COMMITTEE
1/30/01 $3,950.00
RNC REPUBLICAN NATIONAL STATE ELECTIONS COMMITTEE
8/16/01 $500.00
VOINOVICH FOR SENATE COMMITTEE
12/17/97 $1,000.00
VOINOVICH FOR SENATE COMMITTEE
6/30/00 $1,000.00
DEWINE FOR US SENATE
Yes, Diebold and ES&S are both closely tied to the Republican party, and have been for a long time. If you look at their campaign contributions for the last election, you will see that everyone that gave, gave only to the GOP.
Chuck Hagel still owns stock in ES&S's parent company. He has won every election that used ES&S machines to count the votes.
photosMy Photostream
Um ... believe it or not, when a certain group of people does something evil, saying "that group of people is doing something evil" does not constitute "bias" against that group of people. It constitutes telling the truth.
Ahhh, fuck it, why am I even bothering? Just go and watch Fox News and be happy.
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
I'll respond to points 2 & 3.
The reason I've been told that one isn't allowed to ask for an ID to vote is that it would be a violation of the Constitution - specifically, the 24th Amendment.
Now, you're asking yourself, "why would asking for an ID violate the prohibition of poll taxes?" Think about the time you got (or last renewed) your driver's licence. It wasn't free, was it? Ta-dah! A poll tax.
So, if you've got to show a photo ID to vote, the state's got to provide a free photo ID. And most states right now are too broke to even think about something like this.
And as far as point 3 - Purging of the voting roles led to big problems in the 2000 election in Florida. Basically, some voters that shouldn't have been purged were purged. When they showed up to vote, they were told they couldn't. Big disaster. I suspect most places would rather have voting roles with ineligible voters (99.99% of whom won't show up to vote, because they've moved or are dead - and if "they" do show up, it's unlikely anyone will find out about it, thus causing problems for the officials running the election) than voting roles missing eligible voters (who will make a huge stink if they show up and are told they can't vote, which will cause a problem for the officials running the election).
You can read about the Florida voting list purge here if you wish, and check the mention in the U.S. Commission on Civil Rights' report here.
During the 2000 election mess, Canada just happened to have an election. We found out our results about 15 hours after ballots were closed.
This isn't a troll about Florida, etc. but rather a comparison. America uses punch cards and fancy voting machines and all that stuff.
Canada, OTOH has a piece of paper. With some names on it, and circles next to the names. you put a mark (check, X, your initials, whatever) next to the person you want to vote for. If there's a mark in more than one (and not just a small pencil mark like a dot. Something that actually looks like you meant to vote for more than one person) or no marks at all, the vote is thrown out. Everything is counted by humans.
So, why is it that they're looking for new fancy ways to (screw up) voting, when countries like Canada managed to use circa 1868 technology and have a more efficient (based on 2k elections) system?
http://holt.house.gov/issues2.cfm?id=5996
and contact your congresscritters...
skkkoooonnnggggkkk ptui
Ever wonder how in 2000 there were an unusual amount of "Florida military ballots" that went through the postal system LATE and WITHOUT POSTMARK?
. html
r y
Next election will be even more corrupt for military ballots. Military personnel will vote online in 2004
http://seattlepi.nwsource.com/local/126504_vote14
The company that has been contracted to provide this service was just bought by a group of Saudi investors.
http://www.newsday.com/business/ny-bzelec0227.sto
"Election.com, a struggling Garden City start-up scheduled to provide online absentee ballots for U.S. military personnel in the 2004 federal election, has quietly sold controlling power to an investment group with ties to unnamed Saudi nationals, according to company correspondence."
You wanna see how computerized voting really works?
Go here:
http://www.cntrybob.com/Fun/Voter/voter.html
Why bother to vote at all. Just resign yourself to fighting a revolution. If you value freedom and democracy.