Slashdot Mirror
How To Spot E-Vote Tampering?
Precinct Election Judge writes "I am one of the Republican Party Precinct Chairs in Harris County, Texas. Since in 2006 Republican Rick Perry won the Governor's race in my precinct I will be the head election judge at my polling station this November. (My Democratic counterpart will be assistant election judge.) I have read with interest the stories about voting machine hacking, and I want advice from those of you who are experts on what to watch for to make sure there is no fraudulent activity at my precinct during the election. What activities should I look for? Keep in mind my restrictions: I will be at a table in the front of the room with the voter rolls signing people in, I can only approach the voting machines if a voter asks a question or if I have strong reason to believe there is fraudulent activity, the last thing I need is for someone to say the Republicans are trying to keep people from voting! And finally, although each station and voter will be visible from my seat each machine has 'blinders' around it so I will most likely not be able to see the hands of each voter while they are at the station. Thank you in advance for all suggestions."
So what you're really asking is what sort of evidence of tampering you should be sure to avoid leaving behind?
Does your E-Vote equipment produce a voter verifieable paper trail?
If it doesn't have a paper trail, ask yourself why.
That's the hard part about e-voting. It's hard to tell when something fraudulent is happening. With pen and paper, human counted voting, it's easy to watch to ballot box to ensure it's empty when you start, that no extra votes are deposited, and that all votes are counted properly. With computers, it's hard for people to actually watch and see what's going on. You could probably swap out the entire insides of a voting machine, make it work completely differently, yet look exactly the same, without anybody noticing.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
Is that tampering is difficult or impossible on a black box electronic voting machine. Does it spit out a paper trail?
If the machine says Diebold on it, there's a good chance it has been tampered with.
But here in Illinois where we're so patriotic that even being dead won't keep you from voting, there is only one question that needs to be asked:
"Did anyone vote?"
If yes, there was fraud.
"Vote early, vote often". Note that our last Republican Governor is in Federal prison, and our last Democratic Governor spent time in prison after he lost to the Republicans.
Seriously though, the only way to keep an electronic voting machine honest is to use one that spits out a human-readable paper ballot that you, as an election judge, can make sure gets in the ballot box so if there's any doubt, humans can perform a recount.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Look for the flashing lights and sudden appearances of 3d interfaces - because everyone knows that hacking is just like it appears in the movies
1. What kind of equipment will you be using?
There are a number of models which have been shown to be tamperable with no evidence of tampering available at the time of voting. Step 1 is to make sure you aren't using any of these machines.
You can't really do anything about it at the level of the voting machine because they will most likely have exploits
and deliberate backdoors such as insertion of a master configuration card instead of the voting card or perhaps
gui/keypress combinations and they will be alone with the machine. And then there are also manipulations as the
scores are communicated to aggregation servers so you're stuck with so many holes it's like carrying water in a
handbasket.
The only thing you could do is watch each voter as they operate the machine which is not legal. What you might
try is not using wifi so to actually inconvenience them to have to come in and stand in line.
I think you should be more concerned with malfunctioning e-voting systems, in particular situations where the voter believes his/her vote has been recorded as intended, but the final tallies do not reflect the voter's intent.
A good way to achieve this is to have a verifiable record of the votes cast.
As far as hacking, you should probably seal the machines with strong tape, including any keyholes, ports, access panels. This would make it easier for you to detect someone tampering with a machine, due to the increased effort required to do so. It also would make it more difficult to tamper with the machine without leaving a trace.
The system is set-up to PREVENT voters from fraud. Even on the electronics, it is set-up. Any issue will almost certainly be out of your control. The real problem with the electronics is that the COMPANY who built and service it can commit fraud. And it is next to impossible to detect. All a politician has to do is pay off somebody up high and then the company will do things like last minute software updates in warehouses, that were post inspection. Sadly, it is easy to do.
I prefer the "u" in honour as it seems to be missing these days.
Your election might have been tampered with if ... ... 90% of the votes are cast for someone not supposed to be on the ballot. ... a voter walks into the voting booth carrying a whole bunch of tools and saying "this may a take a few minutes." ... a voter wheels one of your voting machines out claiming it needs to be "serviced" for a few minutes. ... at the end of the day you find the computed vote tallies don't match the number of voters you've recorded at your polling station ... or the machine's own total of cast votes. ... at the end of the day the "secure" lock for the voting machine is being held together with some duct-tape and a wad of chewing gum.
:)
Come on everyone! He's asked for our help, chime in!
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
Bush wins.
Just put blinders around the Screen/Interface, and have a single cable going from the blinders to the box that remains in plain sight to everyone. (And that cable should plug into the interface outside the blinders so you can't unplug it without being seen) That should help prevent messing with the machine physically, but there probably isn't anything/much you can do to thwart a software type attack. Thoguh really, I liked the system we had here in New Brunswick (Canada) for our Municipal elections. Scan-card readers, the actual readers out in the open where everyone could see them. The only thing out of sight was when you marked the ballot, and the ballots remained available for the recounts if needed. We had one council seat in Saint John that is going to a re-election because the results were initially 1 vote off one way, then 1 vote off the other way, and finally tied after a recount of the paper ballots that were scanned. (The descrepencies were due to partially spoiled ballots in other sections of the scan cards)
If there's e-voting, there's the potential to tamper. More likely than not, any tampering will not be the result of a voter messing with something or a hacker, but someone on the 'server side' of the transaction; the lack of accountability and accounting is the real issue with these systems.
I'd have given him a +1 funny.
Modding myself offtopic with the NKB checkbox.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
1. Verify that you're using electronic voting machines.
2. You cannot verify the voting machine itself.
3. Elections are fraudulent without transparency.
I maintain that the whole concept of electronic voting machines is so idiotic that anyone who doesn't realise what using one means, is in effect giving up his/her right to vote.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
The most egregious fraud on electronic voting machines is completely out of your control, and most likely happens out of sight of any precinct level election official: in the software that is installed on the machines. Unless you have the authority and knowledge to inspect many thousands of lines of code on each machine, you are powerless in this regard.
However, most machines have some type of USB, SD card, or other hardware interface that might be protected with some type of tamper proofing, like the foil seals on aspirin bottles. This is probably beyond your authority to put in place, though.
The only thing you can do is pay attention to the tabulations, if you get to see them.
I recommend you watch Hacking Democracy for insight on what to watch for.
(In other words, I'm a Democrat striving for civility.) I would suggest to you that most types of fraudulent activity will take place where you can't see them--that is, not in your presence. These machines have a lot of vulnerabilities, and it's not necessary to stand there and tamper with them while you are pretending to vote. My first thought on being confronted with one of Maryland's soon-to-be-vanished Diebold systems was that I could have brought in a pocket full of cards containing whatever I wanted them to contain. Assuming that your jurisdiction is still making gestures towards the secrecy of the ballot (via the privacy screens), you and your counterpart wouldn't even see that. I suppose that the poll watcher/election judge/whoever who is assigned to escort voters to the machines and get them started could watch for clumsy fraudsters dropping extra cards out of their pockets. Aside from that, if the fraud happens, you won't see it.
"Here's what's happening. You're starting to drive like your Dad..." - Red Green
Simple, take all electronic voting machines (especially ones that are made by Diebold) and throw them out with the trash.
Then have all voters use paper ballots and do it the "old-fashioned" way.
Also, my understanding is that the greatest tampering threat with EVMs (electronic voting machines) is tampering done AFTER the votes have been collected (say by "Republican Party Precinct Chairs" who may have came up through the ranks via the Tom DeLay School of Gerrymandering and Election Re-engineering). If there's no human-verifiable paper-trail, and the votes only exist as bits, it is essentially impossible to validate the results afterward.
-AC
In all fairness to the /. crowd, I'd say that the best place to ask this question would be the forums of http://www.blackboxvoting.org/
From what I have read of their analysis of previous elections I would guess that they have seen it all before.
I am Slashdot. Are you Slashdot as well?
Apparently there are these tubes that stuff moves through. Try to make sure no one is crawling through them with bombs like Al-Keida.
This is my sig. There are many like it but this one is mine.
There is a standard, well developed way to determine if a ballot has been rigged. Tampering with e-voting machines is just the most modern technique, in the past people have stuffed ballot boxes or simply lied about the results. Easy stuff.
So, standard solution: ask the people as they leave the polling station.
This is called an "exit poll" and it's remarkably accurate. Except of course in the last couple of elections in the USA, where the exit polls utterly failed, especially in districts that had new shiny e-voting machines with no paper trail.
My blog
On election day (since the machine could have an internal clock and work just fine any other day), leave one voting machine alone, and at the end of the day, cast your ballot on it (this may be necessary to "activate" it).
Then check the machine and see if your vote was counted correctly.
I'm not sure if there's much you can do unfortunately. I don't think you're allowed to do exit polling since you're a precinct judge. If somebody was able to do some exit polling at your precinct you'd at least be able to see if those numbers are similar to the final tally to see if any tampering happened.
It's the first answer I thought of.
Is it just my observation, or are there way too many stupid people in the world?
If it is tampered with, it is probably going to before you ever see it. Your watch is not a good target. Too many people and a single hacked machine or two will stand out like a sore thumb to statistical analysis. Much better to get at a bunch of them while they are waiting to be distributed to the polling stations.
Are you even an interesting target? Would a 2% shading of your numbers change cascading electoral numbers? The perfect crime would be to hack hundreds of machines in a critical state's critical swing districts and then shade the numbers by the tiniest amount needed to do the job. See Ohio in 2004. That kind of electoral sharpshooting is beyond my expertise, but it's part of what makes Rove the power that he is.
Where did your machine come from? Who guarded it and how? Where did they get it from? Can it be opened with a hotel mini-bar key?
-- your Web browser is Ronald Reagan
Your post's enumeration of duties seems the best place to focus your efforts. Checking IDs and sign in sheets, preventing voter intimidation, and generally keeping a lid on procedure seems more important than being distracted by the possibility of a subtle electronic scam. Electronic fraud would most likely have been done to the machines before you get to see them and would be undetectable if done right. If done wrong, it will probably just look like a broken machine.
You're not going to spot it, that's the problem. For all you know the machines will have already been tampered with before you even open the polls.
Unix is user friendly, it's just selective about who its friends are.
As numerous others have noted, I don't think it's a high probability that anyone will try tampering with a machine while it's out there on the polling station floor with your (and presumably others') eyes on it.
... though it may be there is no way for you to guarantee this.
You might want to find out what kind of process is in place to ensure the machines arrive at your facility in a "clean" state (i.e. they can be proved to accurately record and tabulate a series of test votes)
Second precaution: nobody, absolutely *nobody* gets unsupervised access to the machines while they are in storage prior to voting day. Somebody with a pop machine key and a USB stick can do in five minutes what ten thousand voters wouldn't be able to do on election day.
Unlike our first commentor, this is a more serious approach to the problem. Depending on the model of machine you're using, there's really no way to spot it as it's happening given your restriction set. Your problem is not with "box" stuffer vulnerability, but record vulnerability - Slashdot's collective outcry has been because there was no security or checks and balances put into Diebold's (and their later off-shoots) machines, causing potential for huge abuse at any point before voting, and any point after voting until announcements are made. We think contracts were pushed to facilitate this weakness in the system, but are powerless to change it individually. As a disclaimer, the following measures, even if followed to the letter, will not guarantee vote security if using machines with the above mentioned vulnerabilities, and will not permit any politician to pretend otherwise. That said, here are problems on the systems themselves that should not be allowed by default to address your time of interest (voting); open ports - of the system has a floppy drive, a cd rom drive, or any sort of pluggable port besides the power cord, that is accessable with moderate difficulty, that's a breach waiting to happen. Ask your technitions this specific question - "are there any IR or radio devices in these terminals?" A program built to listen for wireless devices is just as serious as a USB port being open. Ask them about the system inputs. If there are keyboards, "have you disabled all possible shortcut key combinations to prevent system access?" There is more that could possibly go wrong, but I'm sure Slashdot will have plenty to say. P.S. Hope you weren't expecting an overall warm welcome - your party's reputation here was shredded and torched over the past 8 years.
Let me fix that: "I want advise on how to tamper with my machines and not get caught."
[Heh, trolling is fun.]
It must have been something you assimilated. . . .
... vote on paper. The only thing that works, really. There is no way to really be certain that no tampering happened. There are just too many ways. To check every machine would take experts weeks.
So: vote on paper. Like the Netherlands. The threw away all their Nedap machines. Wise thing to do indeed.
After sorting thru blackboxvoting.org and .com and otherwise trying to stay abreast of this stuff for years, I have to admit that the HBO documentary I saw last year blew the doors off any other analysis I have ever seen. Also, it makes sense to people who don't understand hardware, network security, or statistics, only sparse attention span required.
Check it out: http://www.hbo.com/docs/programs/hackingdemocracy/synopsis.html
I think it's important to realize that voting machines are so insecure that preventing fraud entirely is impossible. That said,
1) Ensure that the machines are physically safe before the election. Don't leave them in an insecure area between the time that you check them to ensure that the counts are at zero (and DO check that) and the time that voting begins. Allow nobody near the machines without both ID and a witness at all times, including yourself (you don't want to be accused of anything), ESPECIALLY if they claim to work for the company that makes the machines. In fact, if anyone you don't know shows up to work on the machines, get approval from as far up the chain of command as can be managed and WRITE DOWN the name, time, etc. if it happens. Consider some sort of tamper-evident seal for the area where the machines are stored (your local trucking company can provide you with a handful of the ones that they use on freight trailers).
2) Watch for voters who are holding either memory cards or keys. The best-publicized ways of messing with a machine involve unlocking the machine and/or inserting a card with altered data. Keep in mind that the memory cards can be a lot smaller than those giant plastic cases around some of the official cards. Also keep in mind that if you see this, it might just be somebody with a spare memory card for their camera and a set of car keys.
3) After the polls close, physical access becomes a big deal again. Don't allow anyone near the machines or cards without ID and a witness, including yourself. Ensure that the machines are locked away, and find out who has a copy of the key to the room/closet/truck/whatever.
--
A hoverchair would provide a great view of the room.
You never expect irony, do you?
Want to be a professional wrestler? Visit www.iyfwrestling.com
@iyfwrestling
if you do, scrap whatever you have there and buy brasilian electronic ballots.
they're not tamper proof, but i bet they're a lot more resilient than anything from diebold.
other than that, what i can advise is to put as many sticker seals as you can. any place where two or more casing parts touch each other (covers, joints, seams, whatever) put a sticker there. if there's a key hole, cover with a sticker. this will help with detecting any physical tampering that could give an atacker access to the internals of the units, one of the ways an atacker could use to get access to and change the voting information.
this is one of the security measures used in our ballots here in brasil. we have been using stickers since as log as i remember, even on the old ballot canvas bags.
again, it's not perfect, but creates extra dificulty for the atacker, and make it easier for you to spot anything wrong, which might be just what you need.
What ? Me, worry ?
When and if the candidate you like doesn't win, cry fraud at every opportunity, and don't stop insisting until you've proven it. When the candidate you like wins, insist that the vote is airtight and rock-solid.
That's pretty much all there is to it.
I'm a resident of Galveston right next door to you, and I'm really glad to hear that people in my area are thinking about this. Unfortunately, there probably aren't many things you can do during actual voting without appearing to be violating the voters privacy or interfering in the process, this is why the ability to conduct an audit in the event of fishy results is so critical.
The best I can suggest is to make your concerns heard among your peers and superiors, make sure that as many people as possible know that this is an issue we should *all* be concerned with. The more reasonable people who speak up the less we look like a fringe group of paranoid geeks. Other than that, find out as much as you can about the machines you are using. Do they have a paper audit trail? If not, who approved their purchase and why? Look them up by make and model, have they been broken before?
To slashdot users, enough with the trite smart-ass responses. Here is someone who is ostensibly trying to keep things fair, lets give him the benefit of the doubt (besides, our counties are so red he doesn't need to tamper to win) and try to come up with solutions. We have been complaining about voter machine vulnerabilities for years, now someone is finally listening. Do we jump down his throat, or do we welcome him to the table?
Spoken as a registered Democrat who desperately wants his vote to be counted.
A cynic might suggest that someone who wanted to ensure they didn't get caught manipulating the vote would surely seek input from a community uniquely suited to catching them out or, for that matter, hacking the system.
I can't imagine that the person honestly doesn't know any shenanigans would take place long before the machines were on public display.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
That's the whole problem with these voting machines. Because the entire process is shielded from view by the code being proprietary, it's impossible to guarantee no-one is fudging the numbers.
So, to sum up: You can't.
This is admittedly a little off-topic as it doesn't answer the original poster's questions, but I'd like to see a national system where, when I vote I'm issued a random number. When I get home I can look up my number on the net and it will show how I voted. That way I at least know how my own vote was counted.
Even worse is having too many machines being broken, or not enough machines to begin with, so voters have to wait hours in line, and many just end up leaving after deciding it's not worth it.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
You need a way to verify that the electronic results have not been changed. The only solution I have been able to come up with is to generate a paper trail. When a citizen votes electronically, he should be shown a paper receipt that he verifies has his choices on it. That paper receipt is stored.
At the end, your number of paper receipts should be the same as the number of electronic voters. You can sample from the paper receipts to make sure the distribution of votes in the paper receipts is the same as the electronic receipts.
You still get the benefits of electronic voting but retain the ability to reduce the ability to tamper by making electronic tampering detectable.
This does nothing to prevent the receipts from being stolen/miscounted, but at least we are back to century-old techniques for voting fraud against which our century-old methods of security are reasonably valid.
I also don't know what happens if tampering is discovered after the fact.
It is my understanding that you can get results in different formats from the machine and from the central repository (ie. the main computer at election HQ). This might be total number who voted, the totals cast for each item on the ballot, and the total for each candidate. I have heard that on some machines, it is blatantly obvious that these don't add up. Also, if you have time, calculate the results a second time and make sure they match exactly.
Finally, if you can get the results from the central computer at your election HQ, make sure they match what you sent in. I have heard that it could be possible to tamper with the results in transition or even the main system.
As a precinct chair, there is very little you can do, besides asking folks to report any suspicious behavior on the machine's part (displaying a selection other than what they selected, for example).
The real fraud, if it happens at all, happens quietly behind the scenes. The machine behaves exactly as it is supposed to but adds a number to the wrong tally. You can't check it later because there is no permanent record of what the voter saw on the screen before pressing "vote." The sole record is of that machine's final tally at the end of the day.
As others have said, the solution is: paper. Whatever they select on the screen, you ask the voter to print it out and read the paper. Then you stuff the paper in a locked box. You count the machine's tally (it's more cost-effective) but you now have a permanent record verified by the individual voters which you can audit in order to verify that the machine did as it claimed. Someone hacks the machine? No problem: just count the papers.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
Does your voting system use any type of wireless connection to receive data from the polling devices? If so, you're better off monitoring the parking lot than the voting booths.
The real issue is that the majority of electronic voting machines have been designed to be as unverifiable as possible. No paper trail, no way to verify the operating system or recorded vote counts. These machines have been cracked in the past and it's virtually certain to happen again - and the people operating the polls won't know what happened unless they're the ones perpetrating the fraud.
Something else that I find illuminating: the election judge asking this question is a Republican. Curious, don't you think?
Focus on things that are within your domain of inspection / control. For example, something is wrong if the total number of votes is greater than the total number of people who voted.
The questions that voters ask you may also be a tip off that there is a problem. Has a machine done something unexpected? Are the machines behaving in a consistent way for all voters? Does one machine seem to be faster than another?
The machines can't be trusted. Period.
Advise everyone to vote on a paper ballot. If they can't, they should impeach their registrar of voters.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
I can't imagine that the person honestly doesn't know any shenanigans would take place long before the machines were on public display.
Your imagination is a pretty poor thing. You can not conceive of someone having heard about a problem and immediately asking other people instead of doing their own research? You've never even see that happen on Slashdot? Damn.
Given the mood of the country, any race in which a Republican wins should be considered suspect.
carefully place bubblewrap under each machine - listen for the popping if anyone starts manhandling them
E-voting is a priori suspicious.
...laura
As election judge, you're actually the most likely person to tamper with the machine. Tampering with a tamper resistant machine in front of an audience in pretty much impossible. As election judge you're the one bringing it to your home a couple days before and bringing it back to the counting center afterwards so you're the one on the hook.
If you see any of these guys, you might want to be suspicious:
McCain (not a TX resident)
Obama (not a TX resident either)
Clinton (not a TX resident, pissed at both of above)
Ahmadinejad, Casto (either), Chavez, etc (not TX residents, but like to joke around with the US)
and of course anyone who looks like this:
http://www.april.org/association/documents/alan-cox-sticker-drm.jpg
The world is made by those who show up for the job.
The problem I see with a paper trail is that, for instance, union reps or employers could demand the voting receipts of their members/employees to confirm that they voted correctly.
Isn't this a possibility?
We must be alert to the danger that public policy could become captive to a scientific-technological elite. - Eisenhower
Is to make it easier for the voter to SEE how s/he has voted.
Instead of a punched hole or whatever on a card, you SHOULD have the name of the person you selected printed in NICE BIG LETTERS on the ballot. And ONLY the name of the person you selected. No confusion.
Other than that, the old style paper ballots work best.
I'm assuming that you have the Hart InterCivic system as stated by The Verifier. In that event, as other authiors have noted you may have no hope of detecting truly electrionic tampering. However you may spot some things. The links below also apply to Diebold and ES&S systems as well.
I would be sure, to tell all voters to read the confirmation screen carefully. Many other locations have reported instances of vote switching where voters, once they reach the closing screen, see a different outcome than they pushed. Evidence from a Rice University study indicates that less than 30% of people even read this screen but those that do have reported nontrivial numbers of flipped votes.
Secondly I would educate yourself about the machines. Ohio's Everest study, particularly chapter 14 contains many scary things about the machines. Some you can look for, many you cannot.
You will also find information from the California study notably the red-team reviews of the hart system.
Voters Unite is also a source of some good info As does Pollworkers.us which is a useful site for those working the polls.
... in traditionally democratic parts of the world like Kosovo and Ukraine ... ... training has been provided. Doesn't the USA run to that then?
Count the number of people who come into each facility. After that, just have each terminal report how many it votes it took. Just add them together. If the numbers are significantly skewed--then there's been a problem, and you'd probably have a re-vote.
The only way I personally will trust an electronic voting machine is if it prints out my vote on pain paper and asks for my approval before the vote is dropped in the box. This is obviously not how any of these machines are designed, so unfortunately we can trust none of them.
In the absence of the ideal, the only thing that somewhat ensures a proper vote tally is a paper trail. Every vote is printed directly on some physical medium when it is cast.
But even this is sadly not the case in many districts. Without the paper trail, you have NO guarantee that the election means anything at all. You can demand open source for the software on the machine; you can demand to see statistics before, during, and after the election; you can demand a box for yourself to see if you personally can figure out how to hack it; but all those acts are moot, if you don't have the paper trail to begin with.
-dave
6th Street Radio @ddombrowsky
Simply have the voter hand his/her ballot to the Republican watching the box who then hands it to the Democrat watching the box who then hands it to the 3rd party representative watching the box who then deposits it in the box in front of the voter and the other two representatives.
The entire process would take 3 seconds per voter per box and ensure that each voter only submitted a single ballot.
Now, solving the problem of whether that person votes at multiple locations or under multiple names is a different issue. But one that can also be solved fairly easily.No one is saying that because no one wants to bet against the stupidity of some of the fools out there.
But that doesn't matter as long as the margin between the candidates (authentic votes only) is larger than the number of votes cast by the "fools".
And THAT is achievable.No they aren't. The paper trail is to validate the votes the machine counts. NOT to track the voter.Fuck that. The poll workers are the ones most likely to commit fraud. NEVER trust them. Have your people watch them at every step.And many of us WILL be volunteering to do just that.
To prevent voter fraud, tell the blacks their names aren't on the rolls. They probably have felony convictions and it would be fraud for them to vote.
named Micah, touching and caressing the voting machine, while empathically closing his eyes...
Where I vote, we connect a line (kinda like a scantron) then we stick the ballot in the machine and the machine counts it. Voting is done on paper and counted by a machine. You end up with a paper trail and an electronic count. You can always go back and count the paper ballots.
Coder's Stone: The programming language quick ref for iPad
This is a great reason to bring in SmartCards + anonymizing Digital Signatures into the realm (IIRR Belgium has an interesting voting scheme around this).
... this is the way to do it without the waiting involved with paper-based ballots.
Paper trails are a bunch of BS if you ask me. Why would anyone trust paper more than cryptography?
You need to be able to have multiple backends in different locations simultaneously being posted vote result envelopes.. as well as the individual machines containing their own logs.
At the end of the day you'll have instant voter readout after you have the various machines correlate votes and make sure no duplicates/inconsistencies are made by the entitys.
Now.. OpenSource is a strong req end-to-end on the machines so that no invisible bogusity can be implanted. Why would you trust a black box to count your votes?
fortunately for the people of your texas precinct, you are obviously a man of integrity, to even ask this question so publicly
the surest way to protect from any sort of tampering is more people like you
unfortunately, what makes electornic voting so insidious is it does a few things:
1. order of magnitude more attack vectors. sure with paper ballots you can throw a truckload out, manufacture duplicates, etc. but for every way you can hack paper voting, there 10 more ways to hack mechanical voting, and 100 more ways to hack electronic voting
2. force magnification. how messy is it to create the conspiracy of many people to mess with a paper voting system? how complicated is the conspiracy? how long does it take? meanwhile, one well placed hacker can manipulate the voting for an entire county, state, or country, in a matter of seconds
2. untraceability. paper ballots are messy. they leave finger prints, it is slow to change them, you have to hide or burn them, etc.. electronic voting meanwhile: one person with the right knowledge and access can, in a few seconds of time, create entirely false audit trails, statistically sound voting variations, etc. such that you don't even know if you can depend upon the integrity of the votes
3. lack of transparency. the legitmacy of any government depends upon trust. even the appearance of not knowing what is going on behind the scenes is enough to create rumbles in the populace, feelings of helplessness and being disconnected from their government. a paper ballot you can touch, feel, trust. its a piece of paper. it goes in a box. trust. transparancy. governmental legitimacy. electronic voting is black box. your vote goes in one end... something happens. i can't see it, i can't touch it, i don't know what is going on... out the other end comes sausage
it is not entirely wrong to say that the greatest threat to democracy in the world today is not religious fanatacism, is not authoritarian regimes... it is electronic voting
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Make sure the machine has been guarded from a point where the manufacturer no longer takes responsibility (*), until after it has been counted.
This won't prevent all fraud, but it will make it so that any fraud is the manufacturer's fault, rather than your own. Felten loves to take photographs of unguarded (i.e. easily compromisable) machines on his blog.
(*) Yeah, it's a bit naive to think there's any point where the manufacturer does take responsibility, but .. well .. just pretend there is. Fake it with this rule of thumb: as soon as the machine arrives, somebody has to watch it until the votes are counted, to make sure no one has changed the software, for example.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
There are three parts. First, a paper trail. For the best security level here, print a copy of the vote, along with some ID number for the voter (but no further personally identifiable information), at the machine for the voter to review. Print another copy at your desk with the ID number and voter's information, but nothing about their vote, at your desk. They must stop and sign it (modify as needed for disabilities) on their way out to verify that they checked their vote.
Second, a regularly updated vote count. This will have the total number of votes cast, and you can manually compare that to the number of people who have voted. Update this something like every 5 minutes. Additionally, send the data to a central, secure server for the state. This server keeps each data update separate, making sure there are no discrepancies in each update (no negatives, totals add up, etc.). This also has the benefit of eliminating the stupid delay for vote counting. Once the polls have all closed, the total is IMMEDIATELY known.
Third, coordinate with exit pollsters to check the totals regularly, say every 15-30 minutes. This isn't a 100% method by any means, especially since people could lie about their vote if they so desired. But if any major discrepancies start showing (polls show 75% for one candidate, totals are 55%), review the paper trail immediately. Have some "nonpartisan" state officials present who can review the paper trail while you continue to man the desk.
Yes, this requires significant change on many levels. And it will give a better, faster voting system. Present the idea to your Secretary of State and see where it goes.
http://www.flickr.com/photos/joshillustrates/414916629/sizes/l/
That's what you wanted, right?
aka: Ban screw drivers and flash drives.
The new kind of voter fraud that is introduced by electronic voting machines is one where the software pre-installed is corrupt. Certainly, people can try to hack the machine at the voting booth, but that can be spotted more easily and has less overall impact. Corrupt software, however, has the potential to steal many more votes. The probability of corrupt software increases when the software is proprietary, but that's all there is right now (nudge to visionaries: develop open-source voting machine with paper trail, sell machines to counties like this one, Profit!).
In Travis County, TX (where I live) they have a system in place that uses "parallel testing." This is where they randomly select a machine at each precinct at the start of election day and vote a randomly selected number of times throughout the day to simulate people voting. They keep track of how they voted and verify that was what was recorded correctly at the end of the day. Not foolproof, but pretty smart and a good safeguard.
Here's the report (very cheesy):
http://www.co.travis.tx.us/county_clerk/election/pdfs/NIST_paper_051005.pdf
when the dead rise from the grave and vote Republican.
If your machines show "All your votes are belong to us" then you've got a problem.
Voting security research is happening in Houston at Rice. Get in contact with Dan Wallach in the Computer Science department.
Here in NM, the law says that after the polls close, we (poll workers) must POST A COPY of the paper trail outside the precinct so voters can see within their district how many votes each candidate got in each race.
This doesn't prevent the kind of tampering that happens at the central tabulator, as in Ohio in 2004, but it does give us all (voters) the opportunity to have a greater chance of seeing shinnanigans early so we can know when it is obvious that we need to jump up and down about something.
troll, funny, does not matter.
:)
I live in Harris Co. and the machines are pretty horrendous. They look pretty, but there is no form of verification whatsoever. As for the asshats who say that we have secure electronic systems for securities trading, credit card systems and bank ATMs... well just remember that not one of those systems is anonymous.
As to detecting "fradulent activity" as an election judge, well if you hear somone operating a power screwdriver or see small parts being dropped on the floor, well that is about as good as you can get on detecting tampering with those damnable machines. In other words, you are not going to detect any fraud that involves hacking the machines. You are limited to what you can do to prevent "old fashioned" fraud - ie the vote early and often crowd. Since there are no ballot boxes you don't have to worry about them being tampered with
Now if you could demand photo ID (and anyone presenting those cards from the Mexican consulate should be immediately deported) and compare that against your local voter rolls that would be nice. It would also be nice if you had some way to update your voter rolls by checking against death certificates issued in the last year.
Using a machine as an interface would be fine, just let it print a darn ballot that the voter can verify.
You either believe in rational thought or you don't
But you will NEVER be able to convince the bleeding hearts that there was not cheating, as long as a Republican wins. It's in their nature. It's OK for Daley to cheat in elections in Chicago, it's OK to vandalize buses set to get GOP voters out to the polls, etc...
Remember, it's not fascism when they do it.
Prof. Farnsworth - "Oh a lesson in not changing history from Mr I'm-My-Own-Grandpa!"
Most of problems with electronic voting are structural and institutional, and thus not something that you can easily fix on site. They say only a fool tries to rig an election on Election Day; the same applied to preventing fraud. Bring this issue up within the party apparatus and within local and state government. Talk to other election judges about this. Enough conversation and concern within the political class may prove more effective than the warnings of experts. Also, incase nobody else has said this, thank you for taking this issue seriously! Your commitment to public integrity is to be commended.
At this stage you need to put tamper tape over all USB/SD/PC card/floppy slots AND regularly check them for tampering. Many states that use e-voting systems mandate the use of tamper tape per the Maryland guidance, but fall down on checking it. Poll judges should check the tamper tape every 2 hours at a minimum, and decommission any machine that shows any evidence of tampering.
Spyder
If there is tampering it won't take place during the voting and be done by a voter. It will most likely be a technican who "needs" to change out a faulty card. Or it will be an individual who needs to load "special" software to tabulate the votes, or something silly like that.
See if ISO is involved.
- (BOOL)isVoteCountTampered:(long)votes countedBy:(NSString *)entity {
if([entity isEqualToString:@"ISO"]){
return TRUE;
} else {
return (FALSE || ![self confirmCount:votes]);
}
}
Intimidation is one reason. Another is embarrassment.
With this upcoming election with the likely hood of a black candidate then it becomes a little of both. Many will reply with what they think the questioner wants. This will happen regardless if the person being asked is black, white, brown, red, green, or blue. Besides, why should they tell anyone. Its their right to cast their vote in secret. Let alone the fact you will have people who purposely give the wrong answer just to jack the results.
This is what makes secret voting so damn important. People should not modify their votes because they are uncomfortable or intimidated.
This is as important, if not more important, than fraud because its the worst kind of fraud.
There are members of Congress looking to take away this freedom from those whose workplaces are deciding whether to unionize or not. The rule is that to get the vote to take place a majority of cards must be returned. This happens a lot because most people are not going to stand up to someone or worse a group and tell them "no I don't want a union". They fear reprisal or intimidation, let alone flat out harassment.
Then when the vote is held each is cast in secret and suddenly the union loses. Do you really want to believe exit polls are any different? No, what they serve now is sensationalism in the press and the basis for conspiracy theories. They throw doubt onto a vote for people who refuse to accept they could lose. After all an election is the ultimate rejection for the loser.
The idea solution. Electronic voting using pictures selected by the candidate and a paper card spit out printed with the name and picture on it. This card would be folded and inserted into a ballot box to be used if the election is contested. Record retention should be sufficient to protect the right of recount if probably cause can be show.
We can't please everyone and we shouldn't try. Some people will simply make new lines in the sand.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
I think there's not much you can do except ensure there's dual control over all machines (one dem and one rep) anytime a machine is in a non-voting mode (ie, setup, takedown, etc). During the actual voting process there's not much you can do but ensure the people are able to use the machines to the best of their abilities. I may be out of place, but I'm pretty sure most historical ballot tampering happens either before or after the polls are open -- during there's just too many witnesses.
As an election judge, your best avenue is for fairness is in future elections -- it's really too late for 2008 to get decent e-voting machines. If your electoral officials did something stupid, like purchase machines from Diebold, then take them to task using whatever process you have available.
I work as a elections inspector in California, which means that I'm in charge of a single precinct -- I'm basically the head pollworker, responsible for the accountability of the ballots and equipment from the time it's delivered to me until the time I turn it in immediately after the election. Because of that, it's important that I am fully aware of what's going on with our equipment and alert to the possibility of tampering. My best defense has been knowledge -- which is a double-edged sword. I know how our system works. I understand the reasoning for each step of our process. I've taken every possible class offered by our county and achieved the highest possible level of certified proficiency with the equipment. So, instead of wondering what could go wrong, I understand the risk areas. For example, our equipment now has unique coded seals for every unused input/output port, and I know to watch to ensure those stay intact.
Ask "Why?" Ask to have equipment and processes explained to you. But at the same time, make sure that every moment of the day, you're acting beyond reproach. I hold my poll workers to very high standards, because every moment of every day, we're possibly under scrutiny, and it's important that there never be even the slightest incorrect impression that we're not being fully compliant to the rules and laws involved. I've actually had poll workers get angry and leave early because I was asking them to comply with the rules and they were unhappy being told, "No, you can't talk to your friend who is voting about politics" or "No, you can't imply you don't like a candidate by giving someone a funny look when they ask about a ballot option," or "No, you can't use your laptop/PDA/cellphone in our polling place".
But I'm pretty freakin' idealistic about what I do. If I lived where I grew up, I'd be a poll worker in a place where these have been real problems for decades. Right now, I live and work as a poll worker in a part of the country that has not historically had problems with voter disenfranchisement. So my work may have less meaning, in some ways, but it's still important. (Sorry, I feel very strongly about what I do, and it's hard not to talk about that.)
You would do yourself and the voters a big favor by considering BOTH. They are different things.
Voter Fraud is where a voter misrepresents some element of their vote cast. Maybe it's casting more than one vote, a vote in the wrong place, a vote without entitlement to vote, etc...
The GOP seems focused on the latter, BTW. It's a touchy subject for sure. IMHO, you are doing the right thing, and will have the high ground if you are focused on getting as many voters to vote as possible, not keeping as many voters from voting as possible.
The key here is that Voter Fraud is some act on the part of the voter.
Election Fraud is where the result of the election is being manupulated. That difference between preventing as many voters as possible, and promoting as many voters as possible, is one that can be election fraud, as well as being voter fraud. One example that serves to demonstrate election fraud would be to publish information that would disqualify voters that would not otherwise be disqualified. If this is done in a discriminatory fashion, there is a solid case for it potentially being voter fraud. Could be ignorance too, and that's gonna be one for the courts for sure!
Another case of election fraud would be mis-programmed voting machines, or deliberate under / over allocation of them to impact the numbers of votes and the accuracy of the votes. (and I'm getting to the topic of accuracy in a moment) We saw some of this in Ohio big time in 2004, BTW.
Still another would be manipulating the record of the vote. This could be done to impact or prevent a recount, for example. That's totally election fraud, not voter fraud. Maybe every voter did the right thing, but the election is still hosed. That's one way to tell the difference right there.
Now, can you trust the damn things?
No. Absolutely not. I don't care if they have a paper printer fitted or not, and here is why:
When you make a mark on media, as the voter, the chain of trust between your intent and the record of the vote is complete! You know what who you want to vote for, and you can directly see the record of the vote cast. This record does not require any enabling technology to be observed and verified as being true to the intent and therefore the "right" vote cast.
When you vote with electrons, this chain of trust is broken! Really, the voter knows who they want to vote for and does something to tell the machine their intent. So far, so good. Now, here's the kicker and why we should NEVER, EVER use the machines.
What gets recorded is what the machine thinks the voter intent is! Think this part through. Let's say we walk up to the machine and cast a vote for Bob. We push the Bob button, get visual feed back, and a printed piece of paper that shows that the vote was for Bob. Feeling good right?
What if the electronic record of the vote is for Jane? How can we know? We can't actually see the electrons now can we? The machine can easily show us a Bob vote and contain a Jane vote in the record used for the tally and there is absolutely no way we can verify that didn't happen, short of direct observation and a real time tally, keyed to each vote. (and that's just stupid)
Here's another very simple way to look at it. Say I am the voting machine and I'm keeping a mental record of votes cast so that I can contribute them to the final tally. You vote Bob, and I count one for Bob. Then, I change that to Jane, after you have verified it. What evidence is there for that vote having ever been Bob? There is none. Electrons can just change, where paper will show some evidence of having been changed. The physical media is rendered less than perfect in the process of counting votes. Electronic storage devices don't exhibit this same quality on a directly observable human scale.
Put simply, it's a vote by proxy and therefore cannot be trusted.
Some will say the paper can check the electronic results. I would agree, but invoking the check i
Blogging because I can...
If you think it would be an issue of "someone [saying] the Republicans are trying to keep people from voting!", then don't have a specific party affiliation.
IMO, those running and judging the polling place shouldn't be denoted by affiliation with a party, to keep the polling place as free of bias as possible.
Just my (impractical and probably impossible with how the system is setup) two cents.
in some parts of the u.s. they're responsible for printing the (absentee) ballots and preparing the e-voting machines. sometimes they get it wrong. better not wait until the last minute to "check" things, it might be too late.
When you recognize love in another and realize how precious it is, everything else seems so insignificant.
Firstly, I'm going to assume that you have no control over the initial condition of those voting machines, and whether or not those machines generate a paper trail. Of course one would hope that the machines are checked by an independant authority, and that they generate a verifiable paper trail. This is more about protecting the machines while under your watch.
If someone is determined to hack a voting machine, there will be little you can do to stop it. The key is being able to detect that some change was made. I doubt you'd have the kind of access or knowledge to detect software changes, but since nearly all voting machine hacks require access to the hardware you will be able to do something. Use tamper evident tape to seal the case, cover keyholes and block any open ports. The important part to this is to have multiple witnesses around when you apply the tape, and when you verify the tape is still there at the end of the day. Get them to sign an affadavit if you can. If a machine (or machines) have been tampered with under your watch, then you can alert the appropriate authorities.
Use profiling for starters. Look for white males between the ages of 18 and 60, then watch their behavior. I guess a real pro won't get nervous, but the amateurs will look nervous. If they get to vote behind a curtain, well, you're out of luck. Just check the seals before and after. Also, make sure the chain of custody is verified. Enlist the help of your Democratic counterpart.
Best regards.
Are too stupid for voting fraud that involves computer hacking... In the primaries (early voting and regular voting) over 1000 people VOTED TWICE ( http://blogs.chron.com/houstonpolitics/2008/03/kaufman_1100_people_voted_twic.html ) The DA's office is trying not to prosecute them... My guess... the morons did not know that when you vote in the early primary, you should not vote again in the second primary...
Some of these concerns addressed are not so important... simply because Harris county is run by and consists of the largest amalgam of morons in the US.
When did they diagnose you being a republican?
First off, I'm not an expert. And also, I'll assume that you're not asking because you really want to find out what methods watchdogs would use to try to detect *you* messing with the votes so that you know how to properly cover your tracks.
But I have to say that the problem with e-voting (in my eyes, anyway) is that it's easier for an "inside" person (that means *you*) to tamper with the votes. To that end, at a minimum, I would feel that, even if a voter asks you for help, you shouldn't approach a voting machine without being accompanied by your Democratic counterpart (or some other official who's political interests are contrary to yours). Whenever possible, any citizen who cares (don't worry, I think there are only 4 in the nation) should be able to watch anything you do (short of approaching a machine at the behest of a voter).
As far as guarding against individual voters messing with stuff, that's particular to the voting machines you use in your precinct. If there's some software flaw that would let a voter get into an "admin" screen or something... then you're screwed, because the only way to detect it would probably be to *see* the screen, which I doubt you're allowed to do. Otherwise, there'd need to be a hardware intrusion, so you'd have to figure out the ways that someone could open the voting terminal (or somehow gain access to the data card or electronics) and do what you can to ensure that, were someone to try it, it would require very conspicuous behavior.
On a side note, one of the requirements of any secure voting system is that the public be aware of what chicanery to look for. For example, PunchScan looks like a very compelling system which allows voters to ensure that their vote made it into the finally tally unmodifies but *without* anyone being able to find out who they voted for afterward. However, the system can be defeated unless the public knows what (seemingly innocuous) anomalies should set off the alarm bells.
http://arizona.typepad.com/blog/files/Stonewall_handout.pdf
This was written for the Stonewall Democrats. It includes boilerplate public records text at the end, some examples of dirty stuff seen in public records, examples of screwed-up facilities (with pictures) and more.
This is an example of an after-action report written along these principles:
http://www.bbvdocs.org/sequoia/Maricopa-County-Elections-Report.pdf
I'm doing another right now for Monterey County California for the election of June 3rd '08. Found all sorts of crazy stuff. That should be posted at http://blackboxvoting.org/ in a day or two.
Jim March
Member of the board of directors
Blackboxvoting.org
Also, make sure that there are full audits of random machines after the election to try and catch any localized tampering with the electronic results. If any is found, then all machines must be audited (verification of paper vs. electronic results). This can be costly, both from the time and expense perspectives, but necessary to ensure a fair, and impartial vote.
Sometimes, real fast is almost as good as real-time.
We get so hung up on paper ballots as if this would be a cure all for voting fraud. In the Northeast, paper ballots were eliminated in favor of mechanical voting machines in order to eliminate fraud.
Yup, that's right. Back in the beginning of the last century, the biggest voting fraud was ballot box stuffing and ballot replacement. Read Carter's book "Turning Point: A Candidate, a State, and a Nation Come of Age" about his 1962 election for State Senate and see what type of fraud can occur with paper ballots.
When New York and New Jersey went with the mechanical voting machines, they instituted quite a few procedures to help eliminate fraud. The polling chief has a book containing all registered voters with their signatures. When a voter comes to vote, they sign that book, and the signatures are compared. Once the polling chief is satisfied that the person is a registered voter, they have the person sign a voting ticket in the ticket book. Once the ticket is signed, it is given to the person in charge of the voting booth. This person threads the ticket onto a string, and pulls a large lever to set the machine for voting. The voter enters the machine, pulls a lever to close the drapes, and this unlocks the voting switches. The voter can flip the switches for the people they want to vote for, and then pulls the lever to open the drapes. This registers the tallies and resets the voting switches.
The procedure is overseen by representatives of everyone on the ballot. A voter cannot vote twice because the machine needs to be reset by the person in charge of the voting booth. Diseased voters no longer show up to vote since you now have signatures to match against. The levers are set by the county and the machine is sealed and cannot be reset without a master key. The mechanical machines and the procedures that went with them helped clean up the elections in the Northeast.
The problem is that these mechanical systems (which could be programmed in a very limited way) have been replaced by general CPUs with some form of voting software that no one is 100% sure how it works. You could always see how the gears and levers turn, but you can't see electrons flowing through silicone. It isn't the lack of paper as much as the lack of assurance that no one replaced the software or the tallies on the memory card.
What we must understand is that a secure voting system is more than just a paper ballot which can be stuffed by the dozen into a ballot box. It is a whole procedure of verifying the voter, the ballot, and that there is a one-to-one correspondence of voters to ballots.
My suggestion is to take care of what you can. There is no way of knowing if the software on the machine hasn't been tampered with before it was brought into the polling station. But, verify that the memory card is sealed and cannot be tampered with. Verify that the counters are reset and are zeroed out before the voting starts. Put a system in place to make sure that voters can only vote once. Make sure that no one is hanging over the voter. Make sure the voters actually finished voting. Some will press the buttons for their candidates but forget to push the final "Vote" button. Make sure that the machine has been reset before each voter.
When the vote is finished, tally up the various totals and make sure they are in agreement. The number of votes should match the number of voters. Track the number of voters who simply decide not to vote and count them in any total.
More importantly, follow whatever procedures you have. Get a hold of them before election day and study them thoroughly. That's the biggest problem. The volunteers at the polls not knowing the voting procedure.
Lots of luck. I use to be a Texas poll watcher when we had those idiotic punch card ballots. We would verify that each card has cleanly punched chads before handing them to the voter. We had to verify that each voter had only a single punch card and we also would quickly examine the punched ballot for dimpled or hanging chads before
The easiest way is low-tech and fast. Just make the machine look like it was tampered with. They generally have a custody seal that has to be broken to get it open; often just a sticker. Someone can cut that sticker in 2 seconds with a pen knife. Now every vote from that machine is in question. If you are a member of party X and you know your voting precinct is mostly party Y, you could do a lot of damage in that 2 seconds.
Not much you'll be able to do about it.
How long do you have the voting machinees before election day? The easiest way to detect software-level fraud is to randomly select several machines (all if possible), enter fictional vote tallies of at least 100 votes, and print out the results. Ensure they match. If they do, happiness. If not, you have something to worry about. Don't forget to erase the fictional vote tallies before election day.
There are only so many people involved in the voting process. The people with the ballot boxes ARE the ones more likely to commit fraud. Whether that offends you or not, it is a fact.
Preventing fraud means facing that fact. Not being offended by it.
When the various sides keep watch on each other, basic human suspicion helps prevent fraud. No one wants their side to lose because the other side stuffed the ballot box or "lost" votes that would have gone to them.
to elections where Democrats are unpopular?
I'm not an expert, but here's my take:
When you cast your vote, you are given a printed, human-readable copy of your ballot with a unique random index number printed on it, assigned at the moment your vote is cast, which is not linked to the voter rolls.
All the votes are available on a website as a spreadsheet, sorted by index number. Anyone can download the sheet for a given district, or for all precincts.
So, you download the sheet for your precinct, find your index number, and verify the recorded votes against your paper copy of the ballot.
You can also count the votes for each candidate, and see that your totals match the officially reported ones.
If they're not already, make the voter registration rolls open public records. That means that anyone can make spot checks, verifying that there are no dead people on the rolls. This list can be sorted by address, so you can check that there are not bogus addresses, or 100 people living in a two-room apartment.
The total number of voting records must be less than the total number of registered voters.
So, any individual voter can verify that:
1. His vote was recorded correctly.
2. The totals are being reported correctly.
3. Bogus votes haven't been inserted into the system.
Although that last check is weak, if enough people do spot checks, widespread, systematic fraud will likely be spotted, increasing the risk.
In the wrong hands, sanity is a dangerous weapon.
That's when your boss tells you to give him your number with a vote for $candidate_X or you're fired.
I like electronically generated, standardized paper ballots and standardized ballot counting machines. But if they're going to tamper with your vote, they'll tamper with that number, too.
There's a novel called RUNOFF by Marc Coggins that describes a fictional election in San Francisco where the result is changed when the security on city's electronic voting system is defeated. It gives a pretty good (and entertaining) discussion of the various exploits that might be possible in the real world. The author apparently consulted with e-voting expert David Dill in the CS Dept. at Stanford.
If you don't see any, next in line is Democrats. Either one is a sure sign something suspicious is happening/happened/about to happen.
It's just great that California has instituted a requirement for a voter-verifiable paper trail for e-voting machines, but the fundamental problems still remain.
The problem with these machines is that there's no guarantee that the ballot that the voter verified actually matches what gets recorded in the memory of the machine, and what eventually gets transmitted upstream.
Yes, a manual recount based on the paper trail would catch massive vote fraud - but that's only going to happen if the results are obviously bogus.
The results of the voting machine review that the CA Secretary of State performed are here:
http://www.sos.ca.gov/elections/elections_vsr.htm
Reading those reports is pretty scary. The state identified a bunch of weaknesses in the various systems, and imposed requirements on the vendors to plug the most egregious security holes. But there are literally DOZENS of operational requirements imposed to ensure that the voting is secure and that the privacy of voters is maintained.
As a large supporter of full disclosure I would have to disagree. The only way to fix potential holes is to bring them to light. There will always be people attempting to find the next big hole in security, making it public how you can work around something may have a short term effect of feeding "script kiddies" but in the end it's undeniable that it is beneficial to security at large.
If i had one dollar for every brain you dont have, i would have $1.
Everyone knows that the most effective way to fight voter fraud is with another form of fraud: voter suppression.
All that's left to decide now is which form of electoral fraud will deliver the precinct to your favorite candidate.
Have fun!
I wouldn't ask this question here, maybe you will get some good responses but you will also get a bunch of seemingly good (but on deeper thought, not so much) responses from more-or-less clueless people that don't actually have any experience at election security. I would try instead Ed Felten at http://www.freedom-to-tinker.com/, or even Bruce Schneier. Both these people are experts in the field, and both have discussed these issues extensively on their blogs.
Haven't you guys got it all backwards? Why make an E-Voting machine that can be hacked/cracked or whatever when the real problem it was trying to solve was that voters (using paper) were incompetent. Wouldn't a more secure (and fail safe system) be a digital 'verifier' machine. That is, the voters use paper as normal and then place it in the 'verifier' to check that their vote is actually valid (and also display it on the screen for the voter to check). The vote then still goes into the traditional box.
If there's reason to believe your machines are being compromised, then just don't use them. Paper ballots have worked effectively for several decades and are far more difficult to compromise in large numbers without actually destroying them in the process. You can avoid other practices like box stuffing by using methods similar to that used in our currency to prevent counterfeiting.
Sure, it may not be as convenient as a computer when it comes to counting the votes, but can we realistically afford to be cutting corners on something as important as voting?
As long as paper ballots are out of the equation, people will always question the integrity of the voting system, so long as the votes being cast lack a physical presence that can be counted by anyone.
8==8 Bones 8==8
First your question holds the telescope at the wrong end. Tampering by voters is much less likely to occur because it is unlikely to change an election out come or occur in an undetectable manner. The people to watch are the election officials, with pre-a nd post voting access to the machines.
That said what a voter can do depends on what machines you have in use. Lets consider the big three Diebold, Seqouia edge or ES&S ivotronic and no voter verified paper trails.
On the ES&S, the voter is usually facing the machine in a privacy carrel and the machine is a flat block. It very possible for a voter to complete obscure the following transaction ( I know because I've done it). Flip the 5 pound machine over and you find little plastic door. you can easily force this open. Behind it is the Flash memory cards. Yank these out and put them in your pocket. close the food and flip the machine over. Leave and the election is screwed.
It's also possible a diabolically well outfitted voter could have a second PBS device in his pocket. Armed with that, he can can admin access to the machine and do anything they like and vote as many times as they wish.
With Sequoias edges, depending on the model revision number there can be a little yellow button on the back. Pressing that causes the machine to go in to supervisor mode. If I lean forward I can just reach around and get that button. If you were watching you could see me execute this clumsy maneauver.
I've never had the chance to play with diebolds so I can't offer specifics Some diebolds have an unguarded IR port that a hacker might be able to do something interesting with on their palm pilot. But I don't think there's any known attacks yet.
On all of these machines, it's possible to miscalibrate the screens. The screens can be miscalibrated by heat or scratching them with keys. In the neighboring county we had one guy running for office actually carve his name into the machine. Unfucking believable.
That same county had a vote buying operation going on (a few people got arrested and convicted). So make sure people vote alone.
For systems with paper tapes (not paper ballots) you can sell your vote if you have a camera or cell-phone camera because a picture of the voted paper tape before it scrolls out of sight is proof of vote. So no cameras!
But the problem with all these is that there's a huge risk to the bad voter and they can only affect a few votes. At worst they wreck one machine and probably get caught. Vote flipping is hard if not impossible at the retail level.
THe really fun things happen when supervisors can reprogram systems, get access to the flash media and have the ability to replace it.
Perhaps the best way to sabotage an election is the Denial of Service attack. Simply having machines not boot in the morning tends to filter out working wage-class folks over seniors or people on salaries. Having long lines in the late afternoon filters out working moms that have to go pick up the kids and take them to soccer practice. Likewise breakdowns in the evening are cool because you can close the polls while there are still people who have not voted. (see Ohio for example).
Some drink at the fountain of knowledge. Others just gargle.
Perhaps e-voting machines are vulnerable, but let us not forget that computers are responsible for tallying results all the way up the chain to "the winner is..."
wish I had mod points
There is essentially nothing you can do. There is a 'black box' (voting machine). Nobody except the guy that last tampered with it knows what it does. Voters push buttons on the box, and the box makes some entries in a database. There is no way to correlate the two.
If you ACTUALLY want to insure there is no (electronic) tampering. Disable the machines and have everyone cast paper ballots. Otherwise forget it. Personally I would resign since I wouldn't be capable of doing my job under the circumstances, and frankly maybe this charade would end if all the poll workers stood up and did that.
Thank you for asking though, it is really nice to know someone is concerned. Sorry we can't be more helpful, but the above is literally (and sadly) the truth...
"Malo periculosam, libertatem quam quietam servitutem." -- Jefferson
1) Make sure the company who built the machines is 100% reliable and they do 100% effective background checks on 100% of their employees and 100% of their patches and upgrades are secure and legitimate, and that no human there ever errs.
2) Make sure that all your machines are 100% physically secure 100% of the time up to and after elections so that the internals cannot be swapped or hacked, and that no human in charge of this errs
3) Watch 100% of voters 100% of the time to make sure none of them alters or hacks the machines, and make sure none of your staff ever err
See? It's easy! All it requires is blind faith that humans are infallible and will never do wrong intentionally or through error.
I'll stick to paper.
Jail all the Republicans before election and let them out after.
The chances of election tampering happening in your berg are pretty slim. People are just not sophisticated enough and the system is in too much flux to pull is off easily. As things settle and people gain experience the security holes will be bigger issues.
The bigger issues are two fold. Errors and the Appearance of fraud. These are indistinguishable on electronic voting machines.
So you job is to stay calm and go the extra mile to keep everything transparent. It does me no good if your deputy, the guy you've know since you were 8, donated his kidney to you, and married your kid sister seem trustworthy to you. You still have to do things the long boring way. Two people do operations, other witness. No ones word is taken for granted.
post results on the precint door if the law allows, BEFORE you transmit any results.
transparency is the key to trustworthy elections. Don't worry so much about fraud as making people see how the process works.
Some drink at the fountain of knowledge. Others just gargle.
I'm seeing a lot of comments that my idea is bad because my vote secrecy is lost. But the receipt with the random number needn't be printed on forms that say "Clark County Voter Verification Receipt" etc. It can be a simple fortune cookie size piece of paper with a number on it and that's all. If you need one to prove to your boss that you voted Republican, then you'll find hundreds of them in the trash and on the ground outside your polling place. You could grab some of them in advance to put in your pocket in case your boss is waiting for you. The number could also be simply written down or memorized. Or be chosen from a list. There's lots of ways that this could be done without losing the right to a secret ballot.
Absolutely nothing. The hackers know what they are doing, and have too much help.
Technology is not to blame here. People are led to think computers are broken and inferior to paper. The problem is with knowledgeable people using them to achieve even superior goals, such as rigging votes. Its like a nuke in the wrong hands. That is why they need to be taken away. Not because computers are flawed, but because those that possess them are irresponsible.
You need to start thinking now about how you are going to convince the loser (and his supporters) that he actually lost...especially if you can't convince yourself. You will have only testimony from the machine; a machine you will be forced to admit is under your control.
Modern science has yet to produce an instance of non-trivial code which is also bug free, and you are asking the loser to believe your electronic voting machines are 100% bug free, 100% tamper proof, and 100% tamper evident? They know they are not, you know they are not. Nobody is being fooled.
Resign. You have already lost the game.
Or plan to keep enough paper ballots on-hand for the entire registered population, and just declare the machines broken before the start.
It's the only way to be sure.
Because you know after the final vote is cast, your post here will become part of the lawsuit by whomever loses.
A new kind of meat designed to appeal to vegetarians.
And if it does, a voter can be bought and/or pressured to vote for someone else — the buyer (or the thug) will demand to see the voting confirmation before giving the money (or letting the kids go)...
No "paper-trail" — open to fraud. "Paper-trail" — no voting privacy. Make your choice...
In Soviet Washington the swamp drains you.
This has got to be one of the very best comments/suggestions I have read on the whole e-voting business.
MOD THIS GUY UP -- he deserves a FIVE not a ZERO.
And if any election workers are reading this-- this is the money shot.
But that, aside... you're more likely to run across incompetence than actual voter fraud. Or situations where the voting worker hands out the wrong ballot, or thinks that "American Independent" means "No Party"...
Or won't use the vote checking machines, or other technology available. I suppose you could keep an eye on anyone with a thumb drive, if you have electronic voting machine. In all honesty your voter fraud is going to come from within than from your average "Joe Voter" who votes both YES and NO for a proposition.
Hey election supervisor, the only way to make sure electronic voting machines are being tampered with is to not use them.
USE PAPER BALLOTS
Thank you Dave Raggett
Your problem is not the voters. It's the people in the back room who are counting the votes. As has been demonstrated repeatedly, anyone with access to the vote counting machines can easily tamper with the votes, so unless there is a paper trail that the computerized tally can be verified against, there is no way to prevent vote tampering.
Gun control: The belief that a woman, raped and strangled with her panties, is morally superior to a dead rapist.
I live in Harris County, and I've worked elections with the electronic system. My advice: give it up. There's plenty of opportunities for fraud, but most won't play out in the precinct polling locations on election day. The real opportunities are in the initial programming of the machines, and the tally process at the end. If someone wants to hack the election, a simple programmatic change will be far more effective. An "adjustment" of your precinct's numbers will be far easier at the Election supervisor's office late Tuesday evening. Or perhaps during the several days the voting machines are stored at the polling place prior to the election. And since there is no paper trail, it would be almost impossible to prove.
Everyone knows the Republican National Committee wrote the book on rigging elections. You're just not going to the right meetings.
--
make install -not war
Tampering with the mail is a FEDERAL OFFENCE. So, why don't we use that to our advantage. You make your electronic vote. It prints out a pre paid postage mailer. You double check the vote yourself. If there is any mismatch, the paper ballot counts. If the ballot doesn't show up from the mail, the ballot is voided, but you also got a receipt and contact information to follow up with. The electronic vote, mailer ballot, and receipt have a random generated number that is guaranteed not to duplicate, so they can be matched without revealing identity. Messing with the electronic system is a normal charge, unless it changes the outcome of the printed ballot, which should be caught immediately. If not, too bad. Your lack of attention cost you your vote. However, messing with the delivery of the ballots is a normal offence. The ballots are sent to the state level. If, for some reason, the electronic vote doesn't match the mailer ballot, the voter then checks on their receipt. The hows and whys of this system should be made into PSA's a full year before the election occurs, so everyone knows what to expect. Don't think it's going to happen, but it could work.
Mark Anthony Collins
I don't think Republicans can learn anything new about stealing elections.
But for everyone else, BlackBoxVoting.org has just published a new toolkit for spotting rigged elections as they happen, and in evaluating their aftermath.
BBV.o is run by Bev Harris, who can be difficult to work with, but her entire operation is an "open source" style project that hands out tools and info to anyone who wants to DIY. Try it at home!
--
make install -not war
The only thing you Yayhoos are proving is that the whole notion of electronic voting is silly - If your going to have an electronic machine to create the ballot, then the voter is going to sign it and drop it in a box, wtf is the point of the machine? I also find it funny that the same people who were screaming FOR electronic voting after the 2000 election are now screaming AGAINST it....also, the idea that fraud in elections is something new which is somehow connected to only electronic voting...You should work in a polling place sometime - it is quite mundane and civil - the tricks don't happen there....Then there's the whole notion of a choice - like there's actually a difference between democrat and republican - when they talk, they sound different, but when they're in power, there is no difference.
The point of the secret ballot is so that these can't be issues in the first place.
Secrecy? Do you really think your vote is anonymous? In Ohio: When I walk in, I wait in line.. The LOL'S (Little Ol' Lady Squad) asks for my Name and ID. After They Find me in the books, I have to sign in on a numbered page. That Signature is compared on my Voter registration page. They never look much the same, but I don't think anyone really cares. The last lady gets told the sequential line # that I'm signed in on, and punches that into the diabold (I think) card reader thing.
That Card links me to my vote. I then go and vote my votes. at verification time, it is printed... I can then choose to change it, and I have in the past if I misread a name, etc.
After changes it is verification time, again. after final verification is printed, and I have agreeed that that is my vote, it prints off lots of #'s and stuff and then form feeds the sheet out of the window.
I'm (I shouldn't) assuming that those #'s link back to the Card # / translation to my voter line # / name. If they don't, I'd be surprised because that is the audit trail that NEEDS to be there, and that is what I want.
I do not care about a secret vote because I am not ashamed of my vote.
The only people that need secret votes is if they are afraid of who they are voting for, and if it is that bad, then we have other problems beyond voting machines to worry about.
Now, My UNION that I belong to has indicated that THEY want to take away anonymous voting... THAT is wrong because with such a smaller sampling of people, then there can be revenge directed and extracted onto a worker who didn't vote the "correct" way. As for General election, I don't think that will be an issue.
BTW,
If I'm not carrying ID or have a non photo ID, I can vote provisional. But that doesn't really count unless a recount is asked for. This is where a lot of dead people vote. It's all paperwork that you don't have to verify, just swear under "oath" that the information provided is correct. (Right...)
--- Relax, that mass muderer is just trying to reduce our carbon footprint, one fetus at a time...
This is one of the BEST ideas I have heard! and I've read a lot about the issue (long before ./ even noticed anything.)
A random machine acting as a control that has a known voting pattern input during the same period of time would help catch tampering. Hardly anybody has thought this one up or dares to do it (because the machines cost so much and it would mean more voters have to wait.) Good thing to have one or two of the volunteers do all day long. (video tape that machine as well...)
Too much talk of this idea however will just let the companies ("hackers") know to ignore machines that have an unusual input pattern and count them honestly.
Democracy Now! - uncensored, anti-establishment news
You are wrong on nearly all counts.
(1) E-voting tampering has proven to be rampant and has been reported virtually "everywhere", i.e., it is impossible to predict what precinct will be victim, rural or otherwise.
(2) "The people", sophisticated or not, are not the problem. The problem is sophisticated, carefully prepared, and sneaky people who are in positions of authority or easy access. That is, the people to watch are voting officials and employees of the voting machine company, and anyone else who has "special" access, even if that is just tallying the count.
(3) Real errors are few, and they are EASY to distinguish from fraud. In order for electronic voting fraud to be worthwhile, each tampered machine must have significantly skewed results. You are correct, however, that "appearance of fraud" can be a problem.
You are also correct that transparency is your greatest ally. However, all the "apparent", public transparency you can muster will not compensate for "oddly designed" or hacked software on the voting machine. The only transparency that will solve that problem is public access to the machine's code. Some states are adopting laws to that effect.
Votes aren't donuts. Funny that my spell checker doesn't like doughnuts. I wonder what Mitch Hedberg would say other than "I bought a doughnut and they gave me a receipt for the doughtnut... I don't need a receipt for the doughnut. I give you money and you give me the doughnut, end of transaction. We don't need to bring ink and paper into this. I can't imagine a scenario that I would have to prove that I bought a doughnut. To some skeptical friend, 'Don't even act like I didn't get that doughnut, I've got the documentation right here... It's in my file at home. ...Under "D".'"
Instead I would file my vote receipt under "V".
If you are trying to ask the question, "How can I detect fraud?", you have already lost.
To win, you must be able to prove the absence of fraud.
I went through and read the whole report for the specific voting machines in San Mateo county (where I happen to live, too), and they're probably the best of a bad lot (Hart Intercivic eSlate). I'm still left wondering why we want to go through all this expense and difficulty to solve problems that don't even exist for paper ballots, marked by the individual voter.
Yes, yes, I know - it's all the fault of the Help America Vote Act. I really don't buy it that the level of technical work that went into all this precluded simply creating a human- and machine-readable voting record that the voter can drop in a ballot box.
I don't miund if the voting process is assisted by a computer, keeping people from spoiling their ballots by accidentally over-voting, or with stray marks on the ballot. I just want the end result (the thing that's counted) to be something that I can independently verify is correct, and that can be hand-counted.
I'd also argue that hand-counting should be the rule, rather than the error-recovery mechanism, but that idea seems to have remarkably little traction.
My state uses a marked paper ballot that is then deposited in an optical reader for counting. If the machine is in error, there are paper ballots to count. And nobody's name is on the ballot... but they must check off their name on the "registered voters" list in order to get the ballot.
Number of voters is verifiable, and number of votes for each candidate are verifiable, but nobody knows WHO voted for whom.
If Ron Paul is winning, you've been duped. More than once.
Nothing but a voter verifiable paper output that is then put into a ballot box can guarantee that an electronic voting system is working properly.
In my experience, optical scanners showed the least issues with tampering; however, still leaving the possibility of ballot box stuffing if the paper ballot collection box is not properly engineered or secured. Now on the issue of Diebold's AVOS that was tampered with in Ohio, this was only achieved by poor upgrading practices (i.e. certifying all upgrades and updates) and allowing Diebold corporate officials access to county systems. Remember if you are a state official your job is to make sure that everyones vote is counted and done correctly. Corporations are there to make money by any means necessary, even if it means to rig an election so that they can have an elected official in their pocket.
The problem with using a magical box to count votes is that the cheating probably doesn't happen under the watchful eyes of poll workers, but before you even open up. The machines would already be told to count wrong. In the cases of cheating at the poll on voting day that would depend on the machines being used. If someone brings a soldering iron with them they're probably cheating, though.
Only after the voter has verified the paper matches his/her intent, then the voter finally casts his/her ballot.
Umm??? Anything can happen after the vote has been "cast."
We're talking about digital electronics. No one can observe their workings. Things can always be changed without anyone ever knowing.
Spoon not. Fork, or fork not. There is no spoon.
IANA-American, but from what I understand, if the Republicans win, consider it hax.
Amirite ?
Oh, I'm sorry, are you nauseated by my godless gay-spreading liberal "bias" ?
Thanks, I'll be here all week. Try the veal!
-Billco, Fnarg.com
the only 'tampering' I have found is that the Republican judges don't show up to work. Can't open the polls if only 1 party is present. Yes, I am is a very red state but he few blue areas that we have seem to misteriously have this happen. People (D and R) I am sure are figuring out how to game the system. Another example is the Supreme Court has basically disinfrancising many folks by requiring a government ID though there has been few if ANY cases of fraud.
"If you are on fire you can just stop, drop, and roll. If you fall into Lava you are just dead." - my 5yr old daughter
You'll be fine...
Just don't let Michah Saunders get near one of them.
http://www.imdb.com/character/ch0015555/
"Persistance is Fertile" - Me. I can quote myself if I want to.
In addition, voter coercion is illegal. Your employer or union boss might as well ask if you are a lesbian or threaten you with firing if you don't sleep with them. Anybody attempting to break the law on a scale needed to flip an election will get caught. I like the reciept/verify process. I'd also eliminate the need for the poll. Let me doing it effing online. You'll still need centers to count/tally/work/rally/celebrate/mourn so I don't think meatspace voting options would be reduced. It may even be possible to develop more sophisticated exit polling by third parties. And ineligible voters should be eliminated (to at least a 99% certainty level - 99% of all voters are verified). An ineligible voter is just as bad a ballot box stuffer.
For the life of me, it is a damn mystery why people here (not you) focus on secrecy. I don't want my congressman voting in secret - why should my I be any different? Where accountability is mandatory, secrecy should be abhored. Maybe that is 'too far' on voting for everyday citizens being asked to contribute in a small way. Nonetheless, secrecy should not be more important than verification.
Exit polls aren't wrong, just the people who report them. When is the last time you were told the confidence level along with the margin of error, (or the sample size, allowing you to compute the necessary information)? A +/-2% margin of error with 68% confidence doesn't mean much.
Boy, this topic touches a nerve. Dubya's residual neo-GOP in Texas just disenfranchised me this year. They think voting is a sacred boon, whereas I was just some kind of idiot who thought it was a sacred right, and even something of a public duty.
I was born in Texas, and have an honorable discharge from the military. I even graduated from a university in Harris County. I've never been charged as a felon--but I don't live in America now. Until this year they've mostly allowed me to vote, but they are extra desperate this time around, so the representative of the Secretary of State's Office told me I can't vote.
Anyone know a good lawyer for this sort of thing? I really wouldn't mind sticking it to them, and hard. However, I think it's basically a case of you can't fight city hall. Dubya has the gold, so he made the rules.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Do you realize that you will be there to guarantee the fairness of the vote and that you have to turn to a public forum because you have no idea about how you have to do that ?
Actually, if people ask you how to be sure of the fairness of the vote without a paper trail, the only honest answer is "you can't". There. With this you will have been doing your job.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
current evoting system is too much broken.
my suggesion is as follows:
when voting each voter is assigned a unique voter number. When votes are counted the following data is published nasion-wide:
voter ID + his vote choices
having that each voter can check if his choices where counted as he expected them to be counted
since his voter ID is known to himself only his vote is still anonymous even when published
The trick here is that you're not trying to prevent tampering (which you can't, really), so much as you're trying to detect it. Rather than duct tape, which *will* get worn and torn a bit from being handled (I mean, how many people do you know that won't pick at it if they stay in the booth for more than a few seconds?), a great idea is candle wax.
You could find stuff like the hinges to the ballot box, and/or other such joints that must move to tamper with the physical paper trail, but really shouldn't move under ordinary usage. Then, melt a droplet of candle wax on top of the joints. If it's out of the way in a user inaccessible place, and especially if on top of a hinge with lots of "holds", it'll hold solid, and won't be diturbed unless someone tampers with the machine.
They cannot be trusted even then. eg: How do you know the binary running is the one verified / certified? How about behavioral testing? User Interface issues, misalignment, etc...?
Bottom line is that you, the voter, are forced to trust a proxy in order to cast your vote.
Blogging because I can...
Here in France I use to systematically attend, I undertand and do everything you say, but the person in charge of the global coordination (appointed by the mayor) usually phones the results home before we publish them on the doors...
Herve S.
-[d]-
As a Harris County voter, I applaud your concern!
A sensible verification method for the machines might be the chip and pin method, whereby after a certain number of customers the next one is verified by signing a receipt. So certain ballots would be printed and checked - then they don't have to print everything...
The best way to avoid electronic election fraud is to not use electronic voting machines to begin with. If you have to use electronic machines, however, the second best way is to be sure you're not using Diebold machines. Also, keep people like Karl Rove, Wally Odell (http://www.motherjones.com/commentary/columns/2004/03/03_200.html), and other Republican operatives away from the electronic voting machines. However, all these won't really prevent the machines from registering votes for George W. Bush, since they came from the factory with a pre-programmed narrow margin of victory for the Republican party. Since you're a republican, the fix is in and you have nothing to worry about.
-- I am. Therefore, I think!
Someone who is absolutely positive of what they are going to do, how they are going to do it and how long it is going to take to perform will probably be undetectable.
:)
Someone coming in and tring to hack the system on the fly "should" be identifyable by the length of time required to vote.
Have a stop watch for each voter. Start the watch when each voter enters their booth. Stop it when the exit. Log the results. Deviations >10% are either:
A) suspect
or
B) Texans from Harris county
Armaments, 2-9-21 And Saint Attila raised the hand grenade up on high, saying, 'O Lord, bless this Thy hand grenade' N
The biggest problem that will be encountered at the election is the complete lack of qualified candidates to choose from. Given that we are stuck with a two party system and have over 200 years of evolution creating politicians that are excellent at sound bites and collecting money from lobbies none of the candidates have the peoples interests at heart. They are owned by conglomerates and lobbies that paid good money to pass whatever legislation they want.
No matter which candidate gets into office very little useful legislation will get passed. It will be more of the same pork barrel projects giving money to the "friends" of the candidates that won.
The really funny part is if by some stroke of luck or trickery the Democrats get the White House they still won't pass any useful bills even though they would control all parts of the government except for the judiciary. In some ways it will be better if the Republicans keep the White House since that would provide a check on Congress and the White House as they fight it out for another four years.
Choose teams consisting of one registered democrat and one registered republican to perform all the tasks listed by others (transporting the machines, setting them up, watching them.) Have them work in pairs the whole time, and in advance show them the papers you will have them sign saying "I did not tamper with, nor did I witness anyone tampering with..." It won't absolutely prevent problems (nothing will), but it will CYA if someone accuses.
Could that be the problem?
If the voter with no special needs is handed a felt-tip and a paper ballot, all he needs to vote is three walls and a curtain. The machinery can be saved for the people who really need them.
Presto! much shorter lines.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
The e-vote balloting machines are very simple, and provide little opportunity for a user to "hack". There are no memory cards or USB ports. There are four buttons and a scrolling wheel. The machines are daisy-chained to a central hub which initializes the ballot on the machine, and records the completed ballots. The hubs are headless, and have no provision for voting for any individual or party. It would be a difficult proposition for any user to affect the system via the e-ballot machine, or the hub.
:^)
Things to look out for:
Input into the system is via a scrolling wheel, not a touch screen, and this may initially confuse some of our older voters. Be sure that the voter knows to "check the box" with the select button, and not just scroll down and press the wheel (which does NOT select anything). Watch for voters that forget to press the "Cast Ballot" button before they leave, because an uncast, but registered, ballot causes several problems. The single most important thing is to have the voter check their final vote summary before pressing the "Cast Ballot" key. When the American flag waves, your vote is cast
You, as a Precinct Judge, have a stack of paperwork to complete prior to opening the polls, and even more after closing the polls. Both you (as a Republican), and your Assistant (second-in-command, who is a Democrat), will open the sealed hubs and verify the total vote count of the machine (non-zero), serial number, and this election's vote count (zero). No less than 3 register tapes from each central hub will be run, and the total ballot count *will* match the exact number of signatures in the poll books AND the number of ballots assigned/cast by the voters -- or you will have to explain why (hence the problem with an un-cast ballot, above). Follow the checklist and instructions, and it will go smoothly. Try to keep a running total of poll signatures, and check it frequently with the hub ballot totals -- it will speed up reconciliation, later.
A copy of the register tape will stay in your permanent records, as well as a copy of the polling list and other germane documents. You can actually compare the register tape with the published precinct vote information in the paper the next day.
Note: I volunteer at our Harris County, TX, precinct. I am an assistant to our Precinct Judge, and have used/setup these machines for the last three years.
First, identify tamper points on the machine. For example, I expect there to be a place where you can connect an external device such as a USB device or memory card. These points must be secured, and I believe that the methods to secure them are provided (tape). You can not protect against issues that are inherent to the machine, so don't worry about them. For example, if the machine has a bug such that canceling a vote still records it, well, you can not do much about that.
The e-vote software needs to seed the data at random intervals from a list. It should store the data hashed. You filter the resulting seed votes (and remove them) from the results using the same list, but not before validating them all to see if any of it has been changed. If any of the seed data has changed, the results have been tampered with. The lists should be generated randomly, formulated into data that looks like the rest of the data, and loaded into the voting machine daily to prevent predictability. It's not rocket science... Of course the risk is that someone loses the seed data file, or uses the wrong one accidentally. You need to design the system so it's really hard to make this mistake, but is stored in the voting machine hashed with a strong algorithm. Losing this file would invalidate the machine's results. You'd need to store a list of all voters that used each machine daily, but in a way that you couldn't associate the voters with the votes, so if the worst happend they could be called back to revote. This would be very fun to build and quite effective...
Don't kid yourself. It's the size of the regexp AND how you use it that counts.
If I had a dollar for every brain I didn't have, I'd have over six billion dollars. Of course, that's just human brains, do animals count?
(NKB checked)
If brains were dynamite, most people here in Springfield wouldn't have enough to blow their noses.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
I don't think the voters are the ones you need to be worried about. These machines are very faulty and have a lot of vulnerabilities. Why we're still using them after what happened in florida is beyond me.
But in case you're interested there is great documentary called "Hacking Democracy" (you can watch it straight from google) shows all the things that can go wrong with these machines and just how unsecure they really are.
That's precisely the problem with e-voting (or one of the many, I should say), you CAN'T detect tampering. Frankly, you're screwed. And from what you write, it sounds like you already know it. My suggestion is to do everything you can to get the county to switch to optical scan machines. They are the most secure (tamper-resistant, etc.) voting method. They are also the cheapest. We've been using them for a long time in Ozaukee County, Wisconsin and have never had the slightest problem or concern. It boggles my mind why every county in the country isn't using optical scan machines for voting. But then again, it boggles my mind why any precinct in the country is using e-voting at all. Petition your local government to switch to a more secure voting technology (such as pen and paper, for instance). That's really all you can do. Everything else is just a band-aid on a broken bone.
Under the conditions you describe, you can't.
And it would be very Very VERY difficult for a voter to do it.
It's before the polls open and after they close that tampering with electronic voting machines happens.
Voter fraud happens on the machines you DO NOT see, not on the ones you do. Compare the count of how many machines are at your site with how many you should have with how many the state says you should have when you call them.
http://www.bradblog.com/?p=6043
When the results are final and "American Ninja" receives 801 votes, I think you'll know you're in trouble.
Make sure the postelection audit is Ohio'd,
in other words pick the "random precincts"
so you miss the tampered ones.
You are asking how to make sure your cheating
does not get detected, right?
The fault, dear Repuke,
is not in your stars
but in yourselves
that you are underlings.
Or, in the case of the Repuke Party... it lies in your party. If you want to know who's vote tampering... look at the Republicans working at the polling place. Or look in your mirror. You guys may have denied the will of the American people for at least eight years, but the conservative movement has finally choked to death on it's own filth and corruption.
Not even your vote rigging is going to stop the Obama-rama!
But hey, thanks for the permanent one-party majority. We couldn't have done it without you. Really, I mean it- we couldn't have done it without you. Keep staying that course!
The grandparent had a point you seemed to have missed. The problem is the lines. Allowing people to use pencil and paper instead of voting machines isn't enough. If the encourage option is the voting machine a lot of people will stand in line waiting for one to be available without really thinking about using pencil and paper to get out of line more quickly.
So, for the availability of paper and pencil voting to solve the line problem, you have to do a few things:
Doing those things will solve the line problem. The mere availability of pencil and paper voting does not.
Need a Python, C++, Unix, Linux develop
This show is some of the best investigative journalism I have ever seen.
Hacking Democracy
http://www.hackingdemocracy.com/
I would highly recommend that you and your counterpart from the other party watch it.
In case you aren't able to get a hold of it or watch it, I'll summarize it for you here.
Please keep in mind that these attack vectors come from election officials. Fraud from voters can be stopped by the people who check the name and registration at the door.
To protect against these attack venues, I recommend that no one person be left alone with any memory cards or with the central tabulation computer. In other words:
In short, even thought these machines are highly vulnerable to tampering, I think having a two-person system supervise both the memory cards and the central tabulator should put most minds at ease.
You may also want to check out:
http://www.blackboxvoting.org/
I hope this helps.
This is what you do:
Step 1: Kill yourself.
And that's it!