Slashdot Mirror

← Back to Stories (view on slashdot.org)

How to Hack the Vote and Steal the Election

Posted by ryuzaki0 on from the vote-early-vote-often dept.

divisionbyzero writes "Many people have asked for it so that the government will have to deal with it. So here it is: a guide to stealing an election that uses electronic voting machines written by Jon Stokes over at Arstechnica. From the article: "In all this time, I've yet to find a good way to convey to the non-technical public how well and truly screwed up we presently are, six years after the Florida recount. So now it's time to hit the panic button: In this article, I'm going to show you how to steal an election.""

17 of 587 comments (clear)

  1. Been done already by MECC · · Score: 4, Informative

    Its already been done.

    From the referenced url: '"Electronic voting machines also caused widespread problems in Florida, where Bush bested Kerry by 381,000 votes. When statistical experts from the University of California examined the state's official tally, they discovered a disturbing pattern: "The data show with 99.0 percent certainty that a county's use of electronic voting is associated with a disproportionate increase in votes for President Bush. Compared to counties with paper ballots, counties with electronic voting machines were significantly more likely to show increases in support for President Bush between 2000 and 2004."'

    'Charles Stewart III, an MIT professor who specializes in voter behavior and methodology, was initially skeptical of the study - but was unable to find any flaw in the results. "You can't break it - I've tried," he told The Washington Post. "There's something funky in the results from the electronic-machine Democratic counties."'

    --
    "We are all geniuses when we dream"
    - E.M. Cioran
    1. Re:Been done already by MECC · · Score: 2, Informative

      The e-voting machines were predominantly placed in heavily democrat-leaning districts, by DEMOCRAT elections supervisors.

      Actually, if you read the accounts of the Ohio election, republicans placed the majority of the e-voting machines, led by the republican secretary Blackwell who pushed hard to get Diebold machines put in voting places. That in combination to the fact republicans where the ones making the decisions to place e-voting machinge in Ohio make the 'purchased by democrats to strengthen rigging claims' tenuous there. But, even if Democrats did make the decision to use e-voting machines, linking that to a hidden agenda of wanting to blame the machines is logically an ad-hoc theory, albeit an interesting one.

      However, I don't think the earlier quoted correlation studies were done in Ohio voting districts. Given the various illegal stunts pulled by Blackwell, Noe, and other republicans in addition to the placement of e-voting machines would doubtless cloud any correlation between e-voting machines and bush-leaning districts, so any kind of e-rigging claims in Ohio can't likely be substantiated.

      Correlating manufacturer/party contributions with extent of likelihood of that manufacturer's machine to lean in a party's favor would really be interesting.

      --
      "We are all geniuses when we dream"
      - E.M. Cioran
  2. Re:In two easy steps ... by Anonymous Coward · · Score: 1, Informative
    Quick search. First couple of results:
  3. Know Where To Look by American+AC+in+Paris · · Score: 2, Informative

    Folks, if there's gonna be wholesale election fraud, a smart fraudster is going to do it where nobody is looking. Don't expect it to take place in the precincts that make the news for irregularities.

    Expect it to take place in places where Candidate X carries 70-75% of the vote.

    That is, expect it to take place in places where Candidate X carries 75-80% of the vote.

    If you don't want anyone to notice you're doing it, do it where nobody will notice; if the election is close enough (which so many of them are,) your candidate will carry the day.

    --

    Obliteracy: Words with explosions

    1. Re:Know Where To Look by Rob+the+Bold · · Score: 3, Informative
      ``Expect it to take place in places where Candidate X carries 70-75% of the vote.

      That is, expect it to take place in places where Candidate X carries 75-80% of the vote.''

      Why change these results if your candidate already won anyway?

      Why? To win a state and the state's electoral votes (in a presidential race).

      In the US, the president is elected by the Electoral College. Each state sends a certain number of "Electors" to the Electoral College to cast their vote's for that state's winning candidate. So on a state-by-state basis, it's a winner-take-all system. So you want to change outcomes in counties in order to win a whole state. Here's a way to cheat with the above system (minimizing chances of getting caught):

      1. Pick a populous state with a close election like Ohio or Florida or several others.

      2. Adjust the vote for your candidate up by 5 or 10% in counties where you expect him to win. This increases the overall statewide vote for your candidate. Enough, you hope, to push your candidate over the top.

      3. Your candidate wins the state, gets those electors, and wins the Electoral College vote.

      4. Profit.

      --
      I am not a crackpot.
  4. Re:Premium access ? by HWguy · · Score: 4, Informative

    Yes, you are missing something. The entire article is available. You just have to click through it page by page. The PDF is a convenience for subscribers. You can make your own PDF with just a little work if that's what you need.

  5. Access? by mogrify · · Score: 2, Informative

    In an article that exposes flaw after flaw in the electronic voting system, the one thing that really made my jaw drop is that the master vote tabulation is stored in an Access database. To my mind, Access is crippleware designed for quick-n-dirty solutions on small data sets for people that don't know any better. Putting it into a production application is madness. Madness!

    --
    perl -e 'foreach(values %SIG){$_="IGNORE";}while(){}'
  6. Email this story to your representative by nuzak · · Score: 5, Informative
    Go IMMEDIATELY to http://www.house.gov/writerep/ and send them an email/contact form entitled "How to Steal an Election", with the URL http://arstechnica.com/articles/culture/evoting.ar s in the body. Vary the title if you prefer (I'm open to suggestions), and please do add something in your own words about how much the unaccountability and lack of transparency concerns you.

    Repeat this process for http://www.senate.gov/general/contact_information/ senators_cfm.cfm (the Senate's small enough that they just list them all on one page)

    After about a thousand folks do this, a staffer might actually go print out the story and hand it to their congresscritter in a brief.

    I'd also like to ask the Ars Technica people to make an exception for this story and make the PDF available to non-subscribers, as it would really help to disseminate this story to the right people. I'm not really sure how to go about contacting them.

    Here's my letter (slightly munged of course by slashdot):

    I recently came across "How to Steal an Election" at http://arstechnica.com/articles/culture/evoting.ar s which lays out in rather devastating detail how flawed the current system of electronic voting is. I am concerned that our election process has effectively been privatized by a small number of companies, some of which are overtly partisan in their politics, and none held accountable for the numerous and easily-exploitable security flaws in their equipment. One of the equipment companies in particular has taken to smear campaigns and litigation against its critics in an attempt to silence them.

    I understand that voting should and must be accessible to the disabled, but this can be done without compromising the security and integrity of our elections. Slot machines in Nevada are subjected to extremely rigorous design standards for security, while voting machines have no such standards at all. This situation cannot go on -- I urge you to secure our elections with appropriate legislation.

    [signature stuff removed]


    --
    Done with slashdot, done with nerds, getting a life.
  7. Re:Liberal Vote Counting Procedure by Anonymous Coward · · Score: 1, Informative
    6. SUE IN COURT (they still lose)
    The case was named Bush v. Gore, not Gore v. Bush.
  8. Re:In two easy steps ... by lixee · · Score: 4, Informative
    1. Make sure head of company that supplies voting machines is a vociferous supporter of your party
    This actually happened a few months ago in Mexico; http://www.correntewire.com/mexico_calderons_broth er_in_law_wrote_the_vote_counting_software_and_its _already_been_hacked

    If you're not convinced the election has been stolen, check out this excerpt from an article by McNeills:
    Victor Romero is a Doctor of physics who specialises in statistics and randomness at the National University of Mexico. He studied the electoral commission computer results closely and he believes there is strong evidence of interference. Dr Romero explained to me a very unusual statistical pattern he noticed with the PRD vote as the tallies came into towards the end. "The PRD was winning and then suddenly at about 70% they start losing and never even gained .01 of a percentage," he explained. It seems incredible that as the last 30% of results came in, the PRD share of votes never increased. "It could be like this and then like that," Dr Romero explains, moving his hands up and down, "More of one party and less than another. But not in order. The order here is completely unexplainable."
    --
    Res publica non dominetur
  9. You can buy them from Diebold by caffeine_monkey · · Score: 5, Informative

    Unbelieveably, Diebold actually has an ecommerce site where you can buy all their electronic voting machine products online, including memory cards, security tape, and access keys. I'm really hoping they verify that you're an elections official before they actually ship the stuff to you:

    http://www.diebold.com/nasadmk/cgi-bin/desi_cata log.pl?section=9

    Here you go - buy a dozen keys, for you and your friends:

    http://www.diebold.com/nasadmk/cgi-bin/desi_cata log.pl?section=9&id=163

    On a funny/sad note, the front page of their election products site as a glaring coding error (%=rs("newsdate")%):

    http://www.diebold.com/dieboldes/

  10. Re:Lack of ethics by nuzak · · Score: 2, Informative

    > However, if you leave your personal philosophies out of the equation: what's to say that genocide is wrong, in absolute terms?

    Well hell, if you leave personal philosophies out, there's no such thing as "wrong" at all. And if my aunt had balls, she'd be my uncle! You can argue from the lack of an absolute morality, but you certainly can't deny that personal moralities exist, and are in large part shared by societies. Most moralities are squishy enough to support inconsistencies, but any morality that not only allows, but actually supports glaring contradictions, needs to be reevaluated. Thus does gay marriage create a bigger knot than genocide across the world.

    --
    Done with slashdot, done with nerds, getting a life.
  11. Re:But what about by Hannibal_Ars · · Score: 4, Informative

    Ok, cracks about my (in)famous lack of humility aside, you have a great point. This article took me a week from concept to execution, and over half that time was spent making the diagrams. Ultimately, I did a little over two days of basic technical research for this (including email correspondence with security experts in this area). I am not an infosec expert and I don't pretend to be--I'm just good at digesting tech info and turning it into a form that a non-specialist audience can grasp.

    There are many Slashdot readers who could get up to speed on how to really steal an election in about half a day (or less) using publicly available documentation. The hardware isn't that complex at all, and the vulnerabilities in Windows (for the GEMS server) and WinCE (for the machine) are very well-known.

    What I've described here is very, very low-hanging fruit for anyone with real security expertise.

    --
    Senior CPU Editor | Ars Technica | http://arstechnica.com/
  12. Let's be bold: internet democracy by emmanuel.charpentier · · Score: 2, Informative

    Using the internet and its almost unlimited capacity to copy data around, I'm designing a system that aims to be simple and trustable.

    It's easy yet disturbing. We can obtain a secure system if we remove anonymity. Then it's almost simple, distribute around the vote database and allow anybody to check the results.

    In that kind of context, verification is mostly a technicality and could rely on consensus.

    To regain some bit of anonymity, there can be a system of reinscription on the electoral list using a pseudo. Simple too, and while the person/pseudo relationship is private, everything else remains public and verifiable.

    There are three basic stones in such a system:
    * P2P servers
    * electoral list
    * PGP signatures

    Simple, basic, strong.

    I'm trying to construct such a system using Ruby on Rails, here is my project: http://leparlement.org/

    You can also come discuss security here: http://leparlement.org/security

    It's a moderated forum *and* a mailing list. Please, come and test it!

  13. Re:OTHUMOR by rthille · · Score: 2, Informative

    There were lots before OS-X, Not sure how easy it is to find info about them, since they were pre-internet, but they exist, passed mostly by floppies.

    --
    Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
  14. Re:Lack of ethics by rblum · · Score: 3, Informative

    Please do not confuse religious fascists with Christians. They might call themselves that, but they are not. There are plenty of decent Christians out there.

  15. Re:Self-Verified Voting by RosenSama · · Score: 2, Informative

    Schneier recently wrote up such a proposal using only paper ballots coby Rivest of RSA fame.