Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ohio Investigating Possible Vote Machine Tampering Last Year

Posted by Zonk on from the bit-of-dirty-pool dept.

MozeeToby writes "The Columbus Dispatch is reporting on a criminal investigation currently being performed in Franklin County Ohio. It seems several voting machines listed a candidate as withdrawn from the race when in fact he wasn't. By the time the investigations tracked down which machines had been affected, the candidate's name was back on the ballot. Normally, we could dismiss this as confusion or a mistake on the part of the voter(s) who noticed it. In this case, the person who first noticed the discrepancy was Ohio Secretary of state Jennifer Brunner. Further compounding matters, the Franklin County Board of Elections had disabled virtually all logging on the machines to speed setup of the ballot. Naturally, the county board remains skeptical of these accusations."

6 of 213 comments (clear)

  1. Never leave a paper trail by MisterSquirrel · · Score: 3, Interesting

    Further compounding matters, the Franklin County Board of Elections had disabled virtually all logging on the machines to speed setup of the balot. Because we all know what a vastly time-consuming task turning on logging during setup must be.

  2. Ohio by Anivair · · Score: 4, Interesting

    I hate my state. On election night of the last election we almost immediately found a district near me where they had registered more voted for Bush than existed in the whole county. Gotta love when they're obvious.

  3. Re:Heh. by rucs_hack · · Score: 4, Interesting

    The problem is that paper based elections are no more secure, and if the physical ballots are lost, you're screwed. Accidents do happen, so you can't say they never would be. We need a better voting system that takes advantage of our new computing technology.

    I'm not saying that the current electronic systems are a good idea though.

    The primary flaw of the currently available voting machines is that they are all proprietary. This means a company has a commercial interest in hiding flaws, and is more likely to push out a device with flaws (or fight to prevent their discovery), if they convince themselves that fixing the flaws isn't worth it, in view of the profit reduction that would result.

    We need a voting machine system which is impartial, and not run as a for profit exercise.

    I think the best method would be to set up a consortium of major technology corporations to create the voting machines, and have them run it as a tax break, with rental fee's going to charities, not to the corporations themselves. After all, they have all the smart people working for them, and if profit is not a factor, and no single company has control, the system is less likely to be flawed.

    Before anyone starts foaming at the mouth about big companies I say this. They already run your health system, your financial institutions, your currency, transportation systems, and your food supply. It's not such a big leap.
    Plus, co-operation is already happening with software technology.

  4. Re:Heh. by Chandon+Seldon · · Score: 4, Interesting

    The problem is that paper based elections are no more secure, and if the physical ballots are lost, you're screwed.

    They aren't? How many man-seconds alone with the ballots does it take to change the result of a paper election by editing the ballots? How many cubic meters of stuff do you need to carry to swap in forged ballots? Now how about electronically stored ballots?

    --
    -- The act of censorship is always worse than whatever is being censored. Always.
  5. Re:Heh. by ArcherB · · Score: 4, Interesting

    They aren't? How many man-seconds alone with the ballots does it take to change the result of a paper election by editing the ballots? You mean to print ballots that are pre-filled out? I could print about one a second. Not that this matters as I could do it at my leisure.

    How many cubic meters of stuff do you need to carry to swap in forged ballots? If I pre-stuff the box with my pre-printed ballots before the polls even open... Zero. If you swap the ballot box out after the polling and dispose of the original, then you need a replica of the box.

    Now how about electronically stored ballots? Well, since you need physical access to the machines since they are not on the network, this could take a while. Once you get access, how long to upload whatever changes you want to make could take a while. Of course, you also have to make sure to clear all logs of your access and try to make sure that any changes you made are not detected by something as simple as MD5SUM on pre-polling files.

    Sorry to say it but any retard can stuff a paper ballot box. It takes an experienced hacker to hack an electronic election.

    Personally, I feel that an electronic voting machine should print out a serial numbered, easy to read paper ballot that you have to drop into the box before you leave. Now you have the best of both worlds. If the electronic numbers do not match what is in the paper ballot box, investigate. Each serial numbered ballot should have a corresponding electric vote. Now to steal this kind of election, you'd need to stuff the ballot box with votes that are actually in the machines memory. Not impossible to hack, but much more difficult that hacking either a paper or electronic system alone.
    --
    There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
  6. Re:Heh. by dgatwood · · Score: 3, Interesting

    We need a better voting system that takes advantage of our new computing technology.

    I have a pretty good idea where you'd begin.

    • Two stations that must conform to a set standard and may not be built by the same vendor in any polling place.
    • First station casts the vote, second station allows you to verify it. Both count the votes independently and report back independently to separate counting systems built again by separate vendors.
    • The voting station must generate a unique symmetric key that must be registered upstream to the backend counting system, but may not be recorded on the vote token. That backend must then make it available to any other counting system that asks. Appropriate cryptographic protection must be used to ensure no unauthorized system can ask.
    • The checking station must then request that key to decrypt the vote for verification purposes.
    • If the vote verification shows that the vote was incorrect, the user cancels the vote and, upon returning to the voting station, revotes. The cancellation is propagated back to the voting station by the transportation of the vote token as a negative vote.
    • After voting, you retain your voting token, and can connect it to a USB port (or a flash card reader, perhaps) and run a program that queries the vote counting system. Because the encrypted vote is still present, the servers can each independently verify whether the vote was, in fact cast. This path should not allow access to the key needed to decrypt the vote, however, thus preventing people from using this as a way to sell votes.

    Of course, the security would still depend on the standards being defined by a group of people familiar enough with crypto to come up with a robust and reasonably secure standard for doing all this, but at least by requiring independent verification, this significantly reduces the likelihood of vendors being bought off successfully without getting caught, and by allowing vote counts to be verified independently after the fact against all of the counting servers, this significantly reduces the ways in which blocks of votes can get "lost" by corrupt election officials.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.