CIA Expert Decries E-Voting Security

ISoldat53 sends this quote from McClatchy DC: "The CIA, which has been monitoring foreign countries' use of electronic voting systems, has reported apparent vote-rigging schemes in Venezuela, Macedonia and Ukraine and a raft of concerns about the machines' vulnerability to tampering. Appearing last month before a US Election Assistance Commission field hearing in Orlando, Fla., a CIA cybersecurity expert suggested that Venezuelan President Hugo Chavez and his allies fixed a 2004 election recount, an assertion that could further roil US relations with the Latin leader. ... Stigall said that most Web-based ballot systems had proved to be insecure. The commission has been criticized for giving states more than $1 billion to buy electronic equipment without first setting performance standards. Numerous computer-security experts have concluded that US systems can be hacked, and allegations of tampering in Ohio, Florida and other swing states have triggered a campaign to require all voting machines to produce paper audit trails."

Wow....just wow...

[morgan_greywolf]

Stigall said that most Web-based ballot systems had proved to be insecure.

Really? No kidding? You don't say?

These people should read Slashdot. Seriously. We've all been saying this since 1997 or 1998 when the first stories about "Internet voting" began to appear. Nothing has improved from a security standpoint since then and we all keep saying electronic voting of any kind is too easy to tamper with unless there is a verified paper record trail.

And since most of us agree on this when most of us can't even agree on which operating system is the best for general use, which programming language is best for rapid application development, or which text editor is the best, well, that kind of says something now doesn't it?

Re:Let me get this straight ...

[notque]

It certainly isn't credible for the group that funded a coup to then say that elections were unjust when international observers, and polling firms in the region say it was just.

Even the opposition in Venezuela considers the elections just.

You've missed the point

[mcrbids]

The point is... how would you know?

Take a look at Black Box Voting and check it out. A while back, they had a YT video where a hacker was (easily!) able to preload a flash disk with values to rig the vote without there ever being any sign of a problem by the voting machines.

Yes, this is / was Diebold, but unless we use some nice sequential hash algorithms and/or cryptography, along with a verified "clean" starting point, it's not possible to trust electronic voting machines.

Further, the problem is that verifying e-votes and e-voting machines has to be done by a professional programmer and security expert. By definition, this makes verification (and trust) basically impossible for the average person. This means that by operating from authority, programmers and security "experts" could (and have!) certify voting machines and equipment and the general population would have no easy, trustable method to know if they're being hoodwinked.

Sorry, voting machines are a bad, bad, bad idea. As somebody who programs/maintains large databases of sensitive data, I can't say with confidence that I'd even be able to trust an open or OSS solution because of the difficulty in ensuring that the software that's been reviewed is the same as the software that's actually running.

For example, what if your compiler was compromised with a virus, so that the compiler itself produced software that was virus laden?

Sorry, e-voting is too complex. The people responsible for their security are parties of interest, and so by definition can never be trusted. E-voting is a bad, bad, bad idea.

Beverly Harris (at Black Box Voting) is a quintessential example of a modern American Hero. History should remember her with the warmth and love given to Benjamin Franklin and Thomas Paine! I can't say enough how much I respect this average US mom who simply demanded that votes be counted accurately. In so doing, she's changed the world for the better. She's received several hundred dollars from me, and I donate more every year. You would do well to throw $5 her way, and maybe download and use her press pack... it's YOUR freedom at stake!