Slashdot Mirror
CIA Expert Decries E-Voting Security
ISoldat53 sends this quote from McClatchy DC:
"The CIA, which has been monitoring foreign countries' use of electronic voting systems, has reported apparent vote-rigging schemes in Venezuela, Macedonia and Ukraine and a raft of concerns about the machines' vulnerability to tampering. Appearing last month before a US Election Assistance Commission field hearing in Orlando, Fla., a CIA cybersecurity expert suggested that Venezuelan President Hugo Chavez and his allies fixed a 2004 election recount, an assertion that could further roil US relations with the Latin leader. ... Stigall said that most Web-based ballot systems had proved to be insecure. The commission has been criticized for giving states more than $1 billion to buy electronic equipment without first setting performance standards. Numerous computer-security experts have concluded that US systems can be hacked, and allegations of tampering in Ohio, Florida and other swing states have triggered a campaign to require all voting machines to produce paper audit trails."
Looks like the old phrase "Vote Early, Vote Often" is going to become an automated process.
That should save a lot of people some serious time and money
Stigall said that most Web-based ballot systems had proved to be insecure.
Really? No kidding? You don't say?
These people should read Slashdot. Seriously. We've all been saying this since 1997 or 1998 when the first stories about "Internet voting" began to appear. Nothing has improved from a security standpoint since then and we all keep saying electronic voting of any kind is too easy to tamper with unless there is a verified paper record trail.
And since most of us agree on this when most of us can't even agree on which operating system is the best for general use, which programming language is best for rapid application development, or which text editor is the best, well, that kind of says something now doesn't it?
My blog
Maybe there was tampering, maybe there wasn't. The CIA isn't exactly a source I would trust not to put out false information to further their own agenda.
Don't complain about lack of options. You've got to pick one when you do multiple choice. Those are the breaks.
Feel free to suggest laws if you're feeling creative. I'd strongly suggest reading the past laws first.
This whole thing is wildly inaccurate. Rounding errors, ballot stuffers, lobbyists, corruption. If you're using these votes to do anything important, you're insane.
[...]a CIA cybersecurity expert suggested that Venezuelan President Hugo Chavez and his allies fixed a 2004 election recount, an assertion that could further roil US relations with the Latin leader
Why? Wouldn't it bring them closer? After all, they've got something in common now! =)
...they should look at the electronic vote-rigging in the USA? We know the machines have misreported votes. The president/CEO of Diebold promised to literally do everything in his power to "deliver" Ohio's electoral votes to GWB. A legal recount of the paper ballots was terminated, not in the interest of the American people. Instead of spying on the electoral processes of others, perhaps we could put the effort into running our elections scrupulously.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I like how the CIA (who haven't got a great record for promoting democracy in Venezeula, seeing as they have already mounted at least one coup attempt on Chavez) are wailing about vote rigging.
They didn't seem to care this much about democratic elections when they were backing Pinochet, or the Contras, or any of the other dictators they've pushed on any Latin American country that didn't toe the line.
I used to like democracy. I always thought it was a good idea. But having seen how its most vocal proponent actually treats elections in practice, I am cynical to the point of thinking anybody who talks about democracy is only talking about their guy winning at any cost.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
Are we out of Iraqi oil already?
The CIA, which has in the past actively worked to overthrow (and has succeeded in overthrowing) South American regimes the United States doesn't like, now claims that Venezuela used vote rigging to win a 2004 election recount just two years after a failed coup took place against Chavez that the United State sanctioned.
Forgive me if I don't take this seriously.
'If Christ had tweeted the sermon on the mount, it might have lasted until nightfall.' - John Perry Barlow
The CIA has murdered and tortured men women and childeren (and sponsored these activities) to rig elections and make sure the party they wanted obtained power. So we are now supposed to believe them that elections could be rigged but they didn't take part in rigging them?
Perhaps they are just upset that Chavez rigged the elections better then they did?
While I have little faith in electronic voting if the CIA told me the sky was blue, I would check and then have my eyes examined for tampering just to be sure.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
The point is... how would you know?
Take a look at Black Box Voting and check it out. A while back, they had a YT video where a hacker was (easily!) able to preload a flash disk with values to rig the vote without there ever being any sign of a problem by the voting machines.
Yes, this is / was Diebold, but unless we use some nice sequential hash algorithms and/or cryptography, along with a verified "clean" starting point, it's not possible to trust electronic voting machines.
Further, the problem is that verifying e-votes and e-voting machines has to be done by a professional programmer and security expert. By definition, this makes verification (and trust) basically impossible for the average person. This means that by operating from authority, programmers and security "experts" could (and have!) certify voting machines and equipment and the general population would have no easy, trustable method to know if they're being hoodwinked.
Sorry, voting machines are a bad, bad, bad idea. As somebody who programs/maintains large databases of sensitive data, I can't say with confidence that I'd even be able to trust an open or OSS solution because of the difficulty in ensuring that the software that's been reviewed is the same as the software that's actually running.
For example, what if your compiler was compromised with a virus, so that the compiler itself produced software that was virus laden?
Sorry, e-voting is too complex. The people responsible for their security are parties of interest, and so by definition can never be trusted. E-voting is a bad, bad, bad idea.
Beverly Harris (at Black Box Voting) is a quintessential example of a modern American Hero. History should remember her with the warmth and love given to Benjamin Franklin and Thomas Paine! I can't say enough how much I respect this average US mom who simply demanded that votes be counted accurately. In so doing, she's changed the world for the better. She's received several hundred dollars from me, and I donate more every year. You would do well to throw $5 her way, and maybe download and use her press pack... it's YOUR freedom at stake!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
During the last election there were numerous researchers who showed 280 different ways that the current machines can be hacked within about 6 minutes. The paper trail does nothing as it can also be fooled into passing the tests and still rigging the election. There are no sanity checks or anything in the FlashROM bootloader and anyone can hack it with a JTAG that can be built for about three bucks at RatShack. The Diebold DRE firmware was even online during the election so one could disassemble it and write all the code at home without even gaining access before the hack. I even found detailed high-res pictures of the JTAG port, motherboard, screw locations, and EVERYTHING online. I also know that in my town the machines are loaded into U-Hauls each night and then moved to an insecure warehouse near where I work. This is incomprehensible.
In Utah, Emery County clerk Bruce Funk had independent tests done which found multiple ways in which these machines could be exploited and Diebold fought to silence him and attempted to charge the state $40,000 to 're-certify' them. Then he was forced to resign for having them tested. It is obvious that Diebold knows about the issues and is acting to suppress the information. Now reports are coming in that choosing 'straight party' for Democrat sometimes gives votes to Republicans or does not count them at all straight from the Diebold factory. I voted straight party during the last election. Do you know how that makes me feel? It seems like some of them may be rigged right from the factory and there are no checks and balances in place to ensure that they aren't.
The argument that a 'hacker' could not have time during voting to modify these is just common sense and just does not stand up. It is not a 'hacker' during voting time that I am worried about. Anyone with ulterior motives and access to these machines for even five minutes can sway the election. This is such a simple process that it sickens me.
It doesn't even need to actually happen, the idea that it IS POSSIBLE is enough to disenfranchise voters. I feel helpless to stop it. It is bad enough that here in Utah my democratic vote is almost good for nothing, and then I have to fight the uphill battle on a easily hackable machine. I have worked with electronics my whole life and these machines are less secure than my Xbox360 and iPhone.
Will you please help fight to ban electronic voting? Write your senators, congressmen, and president. Please, someone has to stand up for the rights of the voters. We cannot depend on companies like Diebold and others to elect our officials. This is not paranoia, we can not trust these machines. Once it becomes possible to 'buy' an election we will never get this country back from those who stole it. I fear it may already be too late.