Slashdot Mirror
Hardware Hacking a Voting Machine in 4 Minutes
goombah99 writes "Bev Harris of BlackBoxVoting.org has acquired an actual Diebold Acu-vote ballot scanner. Rummaging through King County's trash, she managed to get her hands on some of their tags and seals. She has since demonstrated a successful penetration of the seals without breaking them ... all in under 4 minutes with no training or technical skills required. There's a nice how-to with photos over at Verified Voting New Mexico." More from goombah99 below.
"The demo is particularly relevant in light of the recent experience in Ohio in which there were large discrepancies between the electronic record and the paper trail, and also since many counties still permit the machines to be taken home by individuals before voting day (as a means of distributing them to precincts). These 'sleepover' machines were involved in the contentious narrow-margin San Diego Election, and are in continued practice in many states. Moreover, it's common practice for counties to contract out deliveries to third parties, such as in New Mexico where in one election, unlicensed delivery drivers took the machines on an unauthorized field trip and only got caught when they crashed the delivery truck after a stop at Hooters. The good news here is that the penetrated Diebold system in the photo essay is an optical scan system. It's not a touchscreen electronic voting system, so there is a paper trail. What hack really shows is that without mandatory random spot checks on the paper ballots, these may be as potentially vulnerable as the touchscreen direct recording electronic voting systems. It's perhaps worth noting that the open source voting system being developed by the Open Voting Consortium features a 100% reconciliation of every single paper ballot with an independent electronic record."
My initial concerns about these voting machines was someone obtaining one through other means than stealing one from the government and then creating trojan software for it. I mean, if other people can buy these ... then they can study them and learn how to hack them. On the converse, if we can't study them, how do we know the government isn't rigging them?
... but instead my opinion is now that we may be trying to use something that shouldn't be used at all.
So there was this interesting catch-22 where you couldn't let them into the general population for fear of a trojan being created and inserted into a group of normal ones on election day. But you also can't trust your government. Especially not the current one in the United States and considering the voluntary resignation of the Diebold CEO, I think we should at least ask for third party verification of these machines. In fact, I for one consider Black Box Voting to be a champion protector of my right to vote for publishing this information. You might not feel as strongly about them but had I not read two articles from them, I would still be ready to use a voting machine in the next presidential election.
Black Box Voting had me convinced these machines were at least a liability and at best a luddite's fear. After reading this quick "how-to" about these machines, my perception is no longer that we need to define how these machines are bought, sold & handled
Product created with shoddy security features. Get rid of Diebold and hope the market brings a new contestant into the ring for the much sought after prize of the American public's voting machine contract!
The Diebold Acu-vote has failed as a product that requires the utmost security. I am a dissatisfied consumer and I sincerely hope every citizen of the United States agrees with me.
My work here is dung.
I hate Diebold and electronic voting as much as anyone else, but has there been any attempts to figure out exactly how easy it is to rig fake paper votes? There's a lot of effort put into showing the weaknesses of electronic voting, but what are the weaknesses of paper voting and how do they compare against e-voting?
It is not needed.
We geeks love to bitch about solutions in search of a problem; is there a clearer example?
Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?
So it's easy to compromise the security of a Diebold voting machine -- news? This has been going on for a while in one form or another ever since Diebold got into the business. I'd have been more shocked if they would have found that you couldn't force it without breaking the seal.
If states/counties are smart, they'll avoid Diebold like the plague and stick to the old voting systems until a virtually fool-proof system can be designed and built. In the meantime, this won't have much effect on voting, since fewer and fewer people vote all the time.
BTW, that website with the detail is a trociously put together.
GetOuttaMySpace - The Anti-Social Network
Seriously, it seems like the voting system is just shoddy, not specifically corrupt. But the shoddyness sure does help the corruption.
If only people thought their vote mattered, they might be concerned about this.
I don't have an anger problem, I have an idiot problem
Their idea of a security update probably will amount to a flashy new star-shaped sticker over the rim of the case that says "Now with new tougher security action! 25% more secure than our previous model!"
How did you know they were illegal?
If Democrats win in the fall elections, and these machines are still being used, will there still be an uproar?
I'm doubtful.
What I wonder is: why is it secured in the first place?
No really, why should a memory card containing results need to be secured with a coverplate? It's the contents of the card that matters. Can't the authenticity of the card's content be ascertained without needing it NOT to fall in wrong hands? Is there no encryption used, no message authentication? Is there no protocol whereby officials at least sign off on a print-out containing the count, and some checksums? Wouldn't there need to be no need to secure the card itself? I mean, the machine (and it's RAM), obviously, but the card should only contain a copy of the results - a copy that will be in tomorrows papers anyway.
The fact that someone (at Diebold even!) saw the need to put a coverplate in front of the memory card speaks volumes as to the system's design assumptions. That the machines are left with people overnight only makes things much, much worse.
And that website's "web 2.0" ajaxy slidey photo thingy makes me dizzy and kinda nauseuous..
SCO employee? Check out the bounty
Here's a ridiculous idea.
Have the voters fill out a scantron-type ballot. And then have the voter/user feed that ballot through two different voting machines made by two different manufacturers.
This way there would be a paper record and two, seperate databases to compare to each other.
This would double the effort (or perhaps square it at best) for hacking and would allow manual recounts from random sample districts to test the accuracy of the two machines.
My Computer Music Tutorial Videos
Even worse. Let's say that you're in a district where your candidate is in the minority, but that's not the case overall. You can reasonably expect most of the votes on whatever machine you're given to vote on are for her opponent. Well, simply rip the tag! Worst case, nothing happens. Best case (for you, although not for the rest of us) all of the votes on that machine get tossed out.
You're special forces then? That's great! I just love your olympics!
in England it would be, here it blongs to the person who originally owned it until it is collected by the bin men, then it is owned by the council. I've seen on CSI them saying that the cops can take it... something about being discraded - it might work the same way for any citizen. Although CSI is about the depth of my knowledge on your laws (perfect for /.)
*''I can't believe it's not a hyperlink.''
This just goes to show that there are a great number of things that should not be computerized/network connected etc. /.ers (particularly those of us in the states). Do you ever feel like you're strapped to a chair with a wet towel over your head surrounded by people who can't tie their own shoes without managing to injure themselves?
Just as one should not have an internet accessible refrigerator "mom! someone hacked the fridge again and turned the cooling off! Oh god the smell!!"
One should not have electronic voting machines. Seriously, why the hell do we need electronic voting other than that a great deal of people were, excuse my honesty, too goddamn stupid to understand how to use a paper ballot.
Another case of the ignorant masses rising up, bitching about how things are "too hard" and overcoming those of us who can follow simply printed instructions with their sheer moronic numbers.
Fellow
Happiness does not come from having much, but from being attached to little.
If fixing an election was the objective, why bother with removing a memory card? Wouldn't it be easier to get a few people together and go to precincts known to vote one way or another and just break the plastic "security" tags? When the count comes up you can raise a fuss about the tags being broken and having the votes discounted.
$sys$droids
The site referenced is so crapped up with "Web 2.0" junk that it doesn't work. The picture links result in a neat animated effect in which a translucent rectangle grows. Then it disappears without displaying the picture, at least in Firefox 1.5.
If you have something important to say, use standard HTML. Especially if it's something important enough that it should be archived. Using "TiddlyWiki" with images on Flickr means your site will not be archived properly, and many search engines won't even index it with all that Javascript.
In Soviet Russia machine cast your vote for you... wait shit that happens here too
Reality must take precedence over public relations, for nature cannot be fooled.
It's not people at the polling place that they're concerned with. Its the corrupt officials who get to take the machine home with them, who could replace valid vote data with a trumped up memory card showing a clear majority win for whoever is paying them the most. The "tag" on the metal cover is supposed to prove that the machine has not been tampered with. This article proves that you can tamper with the data all you like without breaking that tag.
In a sense, this is even worse than a hacker attacking the machine right at the polling place. In this scenario, you feel like you've excercised your right to vote and contributed to the process of making things better, but in reality your vote never got counted at all. It was replaced by a dummy vote.
Impressive. They hacked a Diebold voting machine in less time than it took me to work out how to navigate their photo-story!
Try viewing it without JavaScript (e.g. like those of us with NoScript). Look at the source -- OMG.
That now qualifies as the most atrocious use of JavaScript I've ever seen - Jesus, render this garbage on the server. Feeding some oddball marked up nonsense to the browser, yielding a circa-1997 page, seems a little...unnecessary.
You really shouldn't stalk people like that. It's illegal.
The seals! They do nothing!
Not necessarily.
There's a pretty funny story in Portland, Oregon where local law enforcement was caught going through various peoples' trash, and they claimed that once the trash had been put out on the curb (never mind that in some cases the trash was still on the peoples' properties), that it was available to the public.
Whereupon one of the local papers took it upon themselves to look through the Mayor's & the Chief of Police's trash, and reported what they found. Fortunately for the two officials, they didn't have anything condemning in their trash, but apparently the Mayor was absolutely furious (and of course was making suing noises), whereas the Police Chief seemed to be a bit more stoic.
I think I hunted down the link here. It was quite awhile ago, so they might've passed a law by now that protects officials (but not ordinary citizens of course) from such shenanigans.
Not always.
In India, the introduction of EVMs reduced the election expences by a magnitude of 10.
Also, since there is a huge potential number of votes (upto 500 Million), it can reduce the time taken for the counting by a huge amount.
Another point to be taken to consideration is that there was a lot of invalid votes (when people unknowingly pressed the marker between two candidates in the ballot) esp in places where illetracy is abound. In some places, the invalid votes was more than the difference of votes beween the winning and second candidates. The EVMs meant that invalid votes are no longer an issue.
Also, there was an issue wherein a group of people will barge in a polling booth, and stuff some hundreds or thousands of ballots to the ballot box and run out. This invariably caused either
(a) wrong counts or
(b) re-voting in that booth.
Now this is no longer an issue since there is a time limit between votes and if too many votes come in, it goes in to lock mode(i dont know whether the second option is used now, but the first one is still there - time limit is around 20 seconds or so).
So I guess, it is needed, in many enviornments.
rajmohan_h@yahoo.com
I've seen plenty of mistakes trocier than that.
Indeed.
Us Canadians use plain old paper ballots, and are able to count them all within a few hours, even after a federal election. The votes are the paper trail.
I'm reminded of the election in The Moon is a Harsh Mistress.
...laura
It's kind of like television. You are not the networks' customer. The ad companies are the customer; you are the product that is sold to them. Everything else is just flim-flam designed to keep you in front of the tube.
Laws do not persuade just because they threaten. --Seneca
OK, so here's the theory.
Electronic voting machines can be designed to be easier to use and more accessible to people with disabilities than traditional voting machines. Blind people can connect a pair of headphones and have their choices read to them. People who don't speak English well can choose a different language such as Spanish or Korean or whatever. Touchscreens may be easier to operate for people with physical disabilities. The order of the candidates can be randomized for each voter, so alphabetical sorting doesn't affect the results (I believe Oregon chooses a random sorting order for the entire election, while California prints several different versions of the ballot with the candidates sorted differently in each version).
Using a computerized system to obtain each person's vote is NOT a bad thing, and can be very beneficial.
Also, using a computerized system to count the votes is also not a bad thing, since it can yield results much faster than manual counting. Indeed, I'm sure votes on paper balllots are machine-counted almost everywhere already.
The problem is this: we cannot and should not rely on a computerized system exclusively. We must have a way to verify what people really voted for. The solution is quite simple, though. We could have computerized voting machines with an instant count, with a paper trail. It works like this:
You have two machines. The first has a touch screen with a user-friendly interface. It presents your options in whatever language you prefer, and receives your votes. It prohibits you from entering invalid selections, such as selecting two candidates instead of one. Your votes are presented to you on the screen for review, with an option to go back and correct any mistakes. Finally if you are finished, the machine prints your votes on a paper ballot, in a format that is both human-readable and machine-readable. You take this paper ballot, and review it for accuracy. The machine you just used erases any record of your vote in preparation for the next voter. Your vote is not counted at this point.
You then take this paper ballot, and feed it into a second machine, which counts your vote and securely stores your ballot. These ballots can be counted by hand later, and compared to the computerized count. If the counting machine isn't counting votes accurately, the problem can be easily detected, and the ballots counted by hand.
If the first machine isn't printing the ballots correctly, the problem can be detected by the voter, who reviews the paper ballots before submitting them to the counting machine. If the voter sees an error, he/she can report the mistake to an election official, who can shred the ballot and let the voter vote again.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
So... if you have physical access to the machine, you can take it apart and alter it to hack into it(yes, that is what they did. RTFA).
How is this news? The same can be said of any computer system.
You have to at least operate under the assumption that these machines are audited before and after the electoral process, just like the ballot boxes were... if not, then *there* is the flaw in the system. The flaw isn't "hey, I can open this computer and alter it to change how it functions", it is "I can open this computer without anyone else knowing".
I really wonder why the states can put together lottery systems that is secure, fast, flexiable, and can not make a voting system? The lottery system has terminal all over place. It uses secure paper to print your selections on, and instance feedback that your entry has be received.
I'm not a lawyer, but I think these instructions should immediately be posted to sites hosted outside the U.S., so that Diebold can't get an injunction to shut the site down under the DMCA, and so they'll have less reason to take legal action against the poster, since doing so won't erase the evidence.
Step into a huge movement. Don't Tread In Me.
If the SSN, home address, home phone, etc. of all the legislators who voted for the machines were placed on the memory card (and the officers of the companies that made them), then you can be damn sure the machines would be tamper proof and there would be a well documented chain of custody of each machine as well.
Better, yet put all their pension money in an Swiss bank escrow account and place the number in the memory card. Then things get serious.
Good security is possible. My guess is that the Diebold machines, rather than being some diabolical plot, are just a sloppy product designed for the government feeding trough. The whole e-voting thing is a windfall for these companies. It is mandated business.
HPC for Primates. Read Cluster Monkey
That is the question. And, considering the declining number of people voting every election, the rising number of complaints about the elctronic systems being used to tally the votes, the complaints about the butterfly ballots, the delays in counting the votes, the political maniuplations OF the votes when a dispute happens, the public seems to be getting ready to say, "To hell with the whole system!"
.01% of that too much to ask to put into place a secure election system? How about siphoning off some of that pay hike the Congress just voted itself for this instead?
And that's bad.
Very few people trust the election system as it now stands on a national basis. There is NO national standard, NO overwatch that is politically independent and NO way to VERIFY the states that are using the electronic-only voting methods.
The gaps are obvious: we need a national standard for the voting process; one that allows verification of EVERY vote on a papertrail basis; we need an independent overwatch OF the voting process; and we need an electronic voting system that is far more secure than the one that is currently being used.
And the probability of that happening amounts to one Big FAT CHANCE.
The excuses? It costs too much, it will take too much time to put into place, it violates State's Rights, there is no way to keep the politics out of the system and no system is completely secure.
How much are we willing to spend to defend our shores from attack? Is
With regards to State's Rights, this is for a national election. Sorry kiddies, doesn't apply as far as standards of the systems themselves go. You still have control of WHO votes and that's where the REAL power resides, so STFU. Keeping the politics out of the system? Well, there's no easy fix for that, but making the election review board similar to the Supremes, but with a requirement of 4 and 4 from each party and only 1 being appointed by the LAST sitting Prez might work... subject to Congressional approval and all that, of course. And secure? Well, nothing is ever totally secure, but we should be able to do better than a four-minute, no-break-the-seal-non-techie-hack!
Lee Darrow,
Chicago, IL
It's wrong to compare the security of a computer voting machine to other computers. It's better to compare the voting machine's security to the paper ballots they replace.
If any granny can hack the box while supposedly voting, using $12 worth of tools bought at a grocery store, then it's not as secure as paper.
Yes, any computer that you have physical access to you can hack, but can you hack a payphone to cough up its coins in 4 minutes??
Security of a voting machine must be at least as solid as security of a vending machine. Modern vending machines prove it can be done; fitting the same security into and onto a voting machine is just a matter of engineering.
Pavlov wouldn't be so famous if he'd used a can opener instead of a bell.
easy way to check, pull up in a large black van marked 'INS' the ones who scatter are the illegals
Snowden and Manning are heroes.
There's lots of good posts. I'm glad we geeks are talking about this important issue.
I spoke briefly with Bev Harris recently. See below.
I'm at work, so I need to make this brief. Just four points.
First, the two pillars of our democracy (United States of America) are private voting and public counting. We adopted the Australian Ballot (aka secret ballot) a while back. Things like electronic voting and forced mail voting (e.g. 100% vote by mail) take away the secret ballot. Here in Washington State, our constitution says we need a secret ballot. Disagree if you want. There's lots of ideas. Like voting receipts and no more secret ballots. But please start by changing our laws. Meanwhile, any attempt to take away the secret ballot (private voting) is unconstitutional.
Second, there is no technical way to have an electronic voting system which both preserves the secret ballot and the public vote count. If the ballots are secret, then there's no verifiability, meaning no public count. If the system is verifiable, then there's no secret ballot. You can have one or the other, but not both. Electronic counting, as with the precinct-based optical scanners, can be done constitutionally.
Third, currently the most reliable way to vote in the USA is to use a voter-correctable precinct-based optical scanner (PBOS). Sorry, I don't have the cites handy (my bad), but dig a little and you can find the research on this. Brennan Center, GAO reports, MIT Voter Project, etc. The basic idea is that you mark a ballot and feed it into a machine. If there's a problem, the machine spits the ballot back out, giving the voter a chance to correct the problem. Yes, these machines need to be better designed, open source, yadda, yadda. But before anyone proposes a better system, please work to understand the best system currently available. (Thank you for your patience.)
Many juridictions have wisely moved away from touchscreens and other DREs and adopted PBOS systems with a low-cost, verifiable solution for disabled voting. TrueVoteCT.org just had a huge win. And Voter Action sued and got the touchscreens in New Mexico replaced with PBOS systems. (Please visit both orgs and give them cash. Activism is not cheap!)
Fourth, and lastly, Bev Harris made an incredibly important point: Our elections have to be understandable for all the voters. Blackbox Voting has spents years digging and researching. I've personally spent 2 years learning all that I can about elections, voting, and these systems. I'm a computer geek and I readily admit that I had to work pretty hard to understand stuff. Bev has a lot of contact with experts, computer scientists, security dudes, etc. Her point is that we cannot rely on those sage gurus to weigh in on our election systems. We all need to understand how our democracy works. Not just the wonks. That means our election and voting systems must be simple and straightforward.
(PS- I saw Bev during King County Washington's "logic and accuracy testing" of our new Diebold AccuVote TSx touchscreens last Tuesday. You can read "Report: Testing of Diebold AccuVote TSx" on my blog, on WashBlog, or on dailyKos. Please holler if anyone has questions. I'll do my best to reply in a timely fashion.)
pfftt ... every one of them is vulnerable from the main screen ... up up down down left right left right A B select start - whamo ! you're in !
No, I'm saying that the suggested device for combating insitutional corruption -- public voting records -- has huge problems of its own. Those problems outweight the benefits, especially where there are other oversight mechanisms that may be equally effective in addressing the problem of vote-rigging on a large scale. There are reasons for having secret ballots that shouldn't be whimsically dismissed just because public ballots might seem useful in one particular context.
And for the record as a dyed-in-the-wool geek, I just find the idea of electronic voting questionable for the same reasons: it solves one problem while ignoring the larger problems it creates. Large Western countries have adequate resource to fund counting votes. And everyone who can understand the concept of voting can grasp the notion of marking a piece of paper to indicate preference, followed by the tallying of those pieces of paper. The same can't be said for non-volatile storage, networks, SQL, SSL, hashing functions, revocability and authentication etc. etc.
It saves money!? Great!
Democracy isn't worth the price of paper ballots anyway.
Spoon not. Fork, or fork not. There is no spoon.
Yeah, right. We all know that one of them simply walks up to the INS agents, waves his hand and says "these are not the aliens you're looking for" and the INS agents simply walk away.
Well, the "solution" to everything from this administration has been to "privatize" it...that is, to contract it out for fraudulent overbilling, embezzling, and plain not getting the job done -- but receiving the taxpayer's funds in payment anyway. The clear solution is to quit "privatizing" everything
Strongly agree. Paper voting is easily understood, and the voting, security arrangements and counting can be observed in plain sight by representatives of the candidates. Fraud is very difficult indeed. I'm not sure how, even in principle, you could obtain equivalent security and transparency with an electronic system.
As far as practicality goes, with sufficient manpower, counting tens of thousands of ballots in a voting district can be accomplished surprisingly speedily, and to a very high degree of accuracy. Most countries do this without a problem. It perhaps gets more difficult if you have Californian-style ballots which include dozens of separate items (e.g. citizens' referenda). Not sure how practicable it is to count all this by hand, but perhaps the Presidential ballot could be treated differently?
You can make the process of voting, the counting of the vote, secure, you can introduce all the technical and physical security you want.
But the vote is *already* subverted by a social engineering attack which is practically unstoppable; media coverage of politics.
This subverts democracy at the earliest stage; right where the voter forms the desire to vote one way or another.
If you think this is bullshit consider advertising.
Billions of dollars, shekels, yen and pounds are spent on the advertising of products. Does it work? Well I think that it would be foolish to assume that its money wasted.
If advertising works for things like consumer products, foodstuffs, whiteware etc, shaping the way that people spend their money, why wouldn't it work for shaping the way that people spend their vote?
A vote is just an item of currency that everyone has just one of and gets to spend it every so many years. Shaping voting patterns is exactly the same as shaping spending patterns.
Problem is, without a crack-down on media presentation of politics its impossible to stop this kind of subversion. And if that were to happen, what would be the point in having a democracy in the first place?
I don't think that democracy can exist in the modern world. A better term for what we *call* 'democracy' would be 'mediacracy'.
In the free world the media isn't government run; the government is media run.
Has anyone found any independently verified evidence of any of these digital voting devices used in an election won by a Democrat?
--
make install -not war
Which means you have 10x the amount of people available to count them. So it makes no real difference.
Until someone does this in an actual election, and then announces that they've skewed the results (and they'd better do it anonymously, or jail awaits them), no on in power is going to pay any attention. Reform only happens after actual problems get the public upset.
I keep reading about how these machines are insanely easy to hack. Surely the next election will be determined by the patriotic hackers of america? Apply yourself people.
"Physics is to math as sex is to masturbation." -R. Feynman
Not so.
Is so so! You just have to redefine what people think when they think electronic voting. Instead of a monolithic device that displays the ballot, accepts the input, records the vote, and tallies the votes, by establishing a standard for the paper ballot, you enable companies to compete to sell a device that displays the ballot and accepts the input, that then prints out the standardized ballot. Then companies can compete to sell a device that sorts a stack of ballots based on their vote in a particular race. Finally companies can compete to sell the device that counts all the ballots in a stack.
If the first company is corrupt, the user will hopefully observe that they voted for the company's CEO for every position and the machine will get tossed out. If the second company is corrupt, the overseers just need to thumb through the stacks of sorted ballots like a flipbook and watch the line for that particular race to make sure they're all the same. As for the ballot counting machine, that company can be as corrupt as it wants to be, since unless it has some kind of +100000 button, it has no idea whose ballot it's currently counting, and the worst it can do is be inaccurate. And if mechanical bill counters are good enough for banks, they're good enough for my vote.
If I have been able to see further than others, it is because I bought a pair of binoculars.
This is getting close, but its still too difficult to deal with a modchip. Someone stick "007 Agent Under Fire" in there and get a softmod working.
Here is San Diego, the people counting the votes try and make the system
not only count correctly but appear to count correctly.
They use an optical system to read ballots marked by the voter.
Random batches (about 5% the last time I checked) are selected
for hand verification. In other words, the hand count the votes
and then check what the machine came up with.
Also for a small number of randomly selected precents, they hand
count every vote. (All batches for all machines.)
All ballots are kept for a certain amount of time. If you want to
question the count, there is a procedure where you can get a
recount of just about anything you want to.
The ballot is the piece of paper. The machine helps count the ballots,
but it's the paper that counts.
Now it is possible to tamper with a machine. If you don't change the vote
too much you have a small chance of getting caught. Tamper with many machines
and the chance of discovery increases.
So the counting process is fairly secure. Maybe not the best, but there are enough
checks in the system to convince me that it's working.
The real problem is that there are no validation process perfomed on the voter.
You can signup to vote in 50 different voting locations if you want. You could
even sign up to vote usign 50 different names in the same location and the poll workers
could not question your ablity to vote.
I could even get my three year old daughter a voter registeration and take her down
to the polls. As long as I say that she's eighteen the poll workers can't question it.
And if she votes absentee, they won't even get to see her, so she can learn to vote early.
A real problem here has been with people signing up large groups of people who cannot legally
vote (illegal aliens for example) and getting them to turn out on election day.
Also there is the problem with corrupt election's officials "finding" enough absentee ballots
to throw the election to their party. (See Washington State's governers race for example.)
Technology is not the problem. Checks and balances can be build into the system to detect
any tampering with the machines. There are much bigger problems with other parts of the system.
So yeah, you're right - electronic voting really isn't buying us anything, and in fact is probably selling out quite a bit more than we bargained for.
Sigh.. this is how democracies end. When confidence in the voting process dies, that is the beginning of the end of a nation's freedom.
We are the fire that lights our world.. and we are the fire that consumes it.
Bush must have shares in Diebold or something.
Diebold have been the butt-end of so many serious security failures its not funny any more. Its obvious they don't have a clue about security and aren't likely to get a clue anytime soon judging from their ongoing record.
Why are we still using this company's products? How many more times are the government going to allow Diebold to screw up?? Is there no-one else that makes a better system?
Where convicted felons can't vote but they can be involved in the development and production of voting machines! If you wan't a kleptocracy just keep on going down that path.
Which is better? You may NOT pick a third option:
(1) Computer "voting" systems that can produce a total vote in five minutes but be rigged by one party to produce a false result.
(2) Paper ballots marked with an "X" and counted by hand, which take days or weeks to count but are recountable verifiable.
Why is it Americans would willingly accept and incorrect and fraudulent vote count than an accurate paper count simply because it's faster?
*Two* months will pass before the "elected" president takes office after voting day. Why, then, is it such a rush to reach a final and incorrect total? Paper ballots may take days or even weeks, but they can be recounted and checked for fraud.
Once the person is sworn in, you have to live with that decision for four years. Do you really want to give up your entire democracy just because you're too lazy to spend a few hours counting paper ballots?
And how would he/she prove that claim was true? Just asking, not saying it's impossible. Oh wait, here is the method:
One week before election day, the person posts a message to any publicly acessible place (such as a newsgroup, but surely there are better alternatives which give more trust for being more verifiable) containing one or more hash of the following sentence (MD5, SHA-1, whatever):
"In state X, county Y, candidate A will have exactly 1144 votes and candidate B will have exactly 905 votes because I will have rigged the election. A week after the counting, I shall reveal this message to prove this claim. Cryptographical hashes of this message have been posted one week before election day at alt.foobar.org"
One week after the election, the person unleashes this message and then everyone can verify the hashes and conclude that at least one of the following is true:
(1) The person is very lucky at doing predictions
(2) The person can predict the future and should play the lottery
(3) The person has cracked all of those hashing algorithms
(4) The person has in fact rigged the election
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F