Slashdot Mirror
DEFCON Conference To Target Voting Machines (politico.com)
An anonymous reader quotes a report from Politico: Hackers will target American voting machines -- as a public service, to prove how vulnerable they are. When over 25,000 of them descend on Caesar's Palace in Las Vegas at the end of July for DEFCON, the world's largest hacking conference, organizers are planning to have waiting what they call "a village" of different opportunities to test how easily voting machines can be manipulated. Some will let people go after the network software remotely, some will be broken apart to let people dig into the hardware, and some will be set up to see how a prepared hacker could fiddle with individual machines on site in a polling place through a combination of physical and virtual attacks. With all the attention on Russia's apparent attempts to meddle in American elections --
former President Barack Obama and aides have made many accusations toward Moscow, but insisted that there's no evidence of actual vote tampering --
voting machines were an obvious next target, said DEFCON founder Jeff Moss.
"Russians" didn't hack the voting machines (I don't know for sure, mind you, but it's pretty implausible). *If* they did anything (and this is far more plausible), then it was messing with the voter's brains, aka "social engineering", aka FUD, aka PsyOps.
Yes, the vulnerabilities in the voting machines are embarrasing. Yes, it's fun uncovering them. There are many other reasons for counting votes the "traditional" way, secure machines or not. Still: don't let all this geeky stuff detract from the elephant in the room: buying Facebook personal data in bulk and correlating it with past votes, then sending targeted fake news has done much more in the last big polls (at least for Brexit and for the US Presidentials it is *known*) than any "classical hacker" vote fraud could have done.
Hey, you USians even have a word for it, courtesy of one of your three-letter agencies: PsyOPS!
Heck, I'm willing to believe that some voting machines are secure. However, my bet would be that secure voting machines are both expensive and not very widely used.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
Because it's too hard to get an ID?
Indeed, that idea itself is most definitely racist, if you go by a reasonable definition of "racism". It implies that black people are incapable of obtaining a state-issued ID while everyone else who wants to vote has no problem doing it.
Apparently this is solely because they are black. It cannot be because of any concern about poverty because there are lots of poor white people (more in fact). Also, the proposed "solution" is always to abandon any voter ID requirement. To subsidize the small cost of state-issued IDs (the DMV fee/etc) or give them away for free to low-income people is never seriously proposed.
Of course, when the shoe is on the other foot, Dems sqauwk for voter ID:
If you were expecting a principled stance from any politician you are definitely going to be disappointed. They support whatever seems to be in their immediate interests at that particular time, no matter what they perceived to be in their interests in the past. The "Dems" are not unique in this respect. Power plus a lack of any real personal accountability seems to do this to people.
It won't change until we all realize that an honest, trustworthy voting/electoral process is in everyone's interests and that this is not a difficult problem to solve.
Seems to me it would be just the opposite. No wireless, no lan. Just stand alone machines. The only way they could be hacked would be by physical contact with each machine.
Wuddooeyeno? IITYWYBMAD? Like nuts? eclecticallyincorrect.com
Of course, because mandating a separate photo ID for voting only, which expires after a single election, and is only able to be obtained from a limited number of locales, some of which disproportionately placed in affluent neighborhoods is in no way thinly veiled racism.
Thirty four characters live here.
Let's hope to hell there is no networking option for them. Look what happens to everything else with a NIC. We should let that alone be the prime example of why to keep voting and machines off the internet or even networks all together. Should have to plug into each machine and then authenticate before it tells you or allows you to do anything.
Heck, I'm willing to believe that some voting machines are secure. However, my bet would be that secure voting machines are both expensive and not very widely used.
The secure machines are reserved for safely gerrymandered districts.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
well, the states that hillary should have won (and dubya^3 has admitted the dems "should have won easily") all use un-auditable machines with no paper trail, so it's impossible to prove they weren't hacked. the margin in those states was 77k, so all they needed to do was have a few K deplorables pull the curtain & plug in a usb stick...
The problem is not suppressing the black vote it is allowing NONCITIZENS to vote.This is only because the Dems need that illegal voting bloc to win a national election. They had it this past election and STILL did not win. 30 + million illegals in the US. It is not a hardship to prove who you are and your citizen status. The only people arguing against voter ID is the Dems wanting the illegals vote. This has nothing to do with the black vote. That is used so the race card can be played.
Add to this, closing DMV offices in areas where minorities live. Add to that Kafka-esque requirements for how you document who you are before they give you an ID in the first place. Send people away with no idea for bureaucratic reasons for a couple of times. The obvious question is how big a problem is voter impersonation fraud. And when pressed, officials are only able to come up with a *very* small number of cases.
I understand the sentiment, though I disagree with it. "Trump == BAD || Trump == OTHERPARTY" so let's do all we can to delegitimize the election."
But widespread hacking seems to me to be a near impossibility, due to the way the US election system is set up. For those outside the country: We don't have a central counting system. It's district-by-district, state-by-state. With different machines, people, safeguards, watchers, etc. Not impermeable, but pretty darn good.
If the Russians did "hack" the election, it was via propaganda to change the hearts and minds of voters. Which is exactly what our politicians do every day. So even if they were involved, even at the request of a given candidate, I don't quite see the problem. It's just the modus operandi, working as designed to fool the American public into voting for a particular candidate.
Add to this, closing DMV offices in areas where minorities live. Add to that Kafka-esque requirements for how you document who you are before they give you an ID in the first place. Send people away with no idea for bureaucratic reasons for a couple of times.
The obvious question is how big a problem is voter impersonation fraud. And when pressed, officials are only able to come up with a *very* small number of cases.
How the hell can you know if there is any voter impersonation fraud when there's no requirement for a voter to actually identify himself?
Was not my candidate. Tell me WHY I should not need to prove my identity and my citizenship status to vote. I need to get a background check to exercise my Second amendment rights. I say voting is more important than that.
I think you have a short memory, Russia was confirmed to have hacked two election databases, and so FBI offered help to states to secure their voter machine networks (which some took up and others did not).:
http://www.nbcnews.com/news/us-news/russians-hacked-two-u-s-voter-databases-say-officials-n639551
"Hackers based in Russia were behind two recent attempts to breach state voter registration databases, fueling concerns the Russian government may be trying to interfere in the U.S. presidential election, U.S. intelligence officials tell NBC News. ....The breaches included the theft of data from as many as 200,000 voter records in Illinois, officials say."
"The incidents led the FBI to send a "flash alert" earlier this month to election officials nationwide, asking them to be on the lookout for any similar cyber intrusions.
[See FBI Issues Warning After Two State Election Systems Are Hacked]"
"One official tells NBC News that the attacks have been attributed to Russian intelligence agencies...
"This is the closest we've come to tying a recent hack to the Russian government," the official said."
I'm all for requiring ID, if you make it free and easy to get.
But that's not really what this is about, and claims to the contrary ignore both the factual evidence, as well as the long history in the U.S. of politically motivated hurdles to voting. Only in the USA do we actively make it HARDER for people to cast a ballot.
This is why, in states where they've mandated voter ID, those same legislatures have also closed down DMV offices and cut hours, making it actively harder for people to get that ID. Oh, sure, they're not stopping you from voting, they're simply putting up another hurdle, knowing that some portion of the people it's targeted against will simply decide it's too much hassle.
Empirical evidence has also shown that it's a vanishingly small problem, on the order of magnitude where misprocessed ballots are likely to have more impact on an election. Also, the size and scope of a conspiracy required to mobilize a number of people large enough to have a significant impact, at the direct risk of felony conviction for something that is easily traced to them, is the stuff of ridiculous Hollywood movie plots at best.
On the other hand, there's real reason to be concerned about closed-source systems being used to tabulate votes, especially when in some cases there is no outside paper trail to confirm what the machine is saying. Why bother bribing people to come in person, when I can just have a hacker run a program that adds or alters the counts in the machine?
Incidentally, this is one of the really cool things about DEFCON, and one of the reasons why I like to go. It really is a -hacking- conference, in the original sense of the word. There's all sorts of things you can get hands-on with, take apart, scan, mess with, etc. No releases, no NDAs, no "but don't really do anything that could break it." In the last two years I saw everything from cars to home appliances to ICS/SCADA systems and more. This is exactly the kind of thing that DEFCON is known for, and I look forward to messing with them myself (as well as watching what others do and find).
What's even more interesting is that from what I've seen, it's increasingly the companies and the government themselves bringing this stuff, because they're realizing the value of unleashing the curiousity and skill of the hacker mindset on some of these things, never-mind the PR value (Two years ago Tesla brought a Model S to the main ballroom, and let people hack away at it, while advertising their bug bounty program, for instance).
AC the USA does not have a fully integrated, digital networked voting system. Locals results are counted locally and then sent up to the national level.
Staff and volunteers, sets of political party staff at a local level would see a difference or change between their very local count and some new "altered" all "digital" state and federal numbers.
So any efforts would have to be very local and any new mil looking strangers wondering secure voting areas around would get noticed.
Gerrymandering https://en.wikipedia.org/wiki/... is always reported on.
The different US political parties do track the vote counts, do exit polls and within their own party have a full understanding for each part of the USA, the votes been counted and the vote count flowing up into the US election system.
Its too late to use "hackers" from another nation federally later. Too many smart people have see the local numbers and can do the math.
The only way around that is per device per voting location. That needs an unnoticed sneaker net of new people getting in, altering devices, sneaking out and none of the really interested party political locals been aware of strangers and unexpected results.
Domestic spying is now "Benign Information Gathering"
I NEVER cared for ANY electronic voting machines. It is way too easy to change electronics. All these hack attempts do is give whomever is the opposition in DC, a 30 second sound bite on TV, as to why they lost an election. To remove that, go back to paper ballots. To add to that, after you vote, you should dip your finger in that non removable ink also.
In-person voter fraud is shockingly rare. (Some states have mandated picture ID or other forms of identification to vote for years, by the way.) From 2000-2012, there were 2,068 cases of voter fraud. 10 of those were in-person voter fraud.
10.
So, the ostensible goal of most of these voter ID laws, that they need to be in place to stop voter fraud, is really a non-factor. This is a solution in search of a problem.
Then why do it?
Well, for one, it's an appeal to ignorance. "There has to be voter fraud, we don't have any way to stop it!" Except, of course, we do. Even states that don't require picture ID have methods of catching fraudulent ballots.
For another, it's clearly being used as a way to block certain types of voters (poor, minorities) from legally accessing one of their rights. It's not a coincidence that those blocks of voters tend towards voting for the Democratic party.
Now, don't get me wrong. I think it makes sense that everyone should have a picture ID. It's damn useful to be able to prove who you are to the cops, to potential employers, whatever.
But let's make it accessible. Don't close down places that provide picture ID, don't make it harder.
No political party with honest intent should be trying to restrict people from voting.
Mr. Hu is not a ninja.
Percentage-wise, poverty disproportionately effects some races more than others, and while poverty in and of itself is not a protected class, race is. That's why it's used as a legal challenge.
Plus, in the US, we consider poverty to be a moral failing, unless we can excuse it through racism, disability, etc.
But there's an easy way to require voter ID without running into a legal challenge - make it easy to get. Nowadays it just takes a digital camera to make an ID - so why not set it up so that any public assistance office has the ability to take a picture, send in a form, and the voter ID can be mailed to the poor person.
For the working poor who aren't living off assistance, we could apply a tax credit - have a valid ID for voting - $25 off your taxes.
This way would likely survive a legal challenge. But it would also increase the number of voters.
Now if you are for voter ID, the above plan doesn't sound bad. If you are for voter suppression in order to favor a particular party, the above sounds horrible.
Have any of the official US agencies had a go at hacking these voting machines or is security left entirely to the manufacturer?
That's because in-person voter fraud is so shockingly rare as to be non-existent. Depending on the state, it can be very easy to register to vote fraudulently, or send in a fraudulent mail ballot.
But in-person voter fraud, which is the only type of voter fraud that picture IDs would address, hardly ever happens. But it's the only type of voter fraud that gets fixated on by the GOP.
Mr. Hu is not a ninja.
The problem with politics is the process only allows for dishonest candidates.
They are there to outsource and sell off all our resources.
99% of candidates are corrupt and will never represent citizens.
Check out how many are Business types and Chamber of Commerce members (Way too many)
The corrupt political system makes it almost impossible for anyone honest to get on the ballot.
Challenge: I have better access to my Video, Music, Pics and Text than anyone on Earth.
Brennen Center, Washington Post, Atlantic, Mother Jones, UCSD, UW, Cornell, Cambridge. There is a mix a academic original research and easily accessible, but thoughtful articles in that list.
Here is an example
https://www.nytimes.com/2017/0...
And based on the comments she voted republican not democratic.
A bit like the lady who was so concerned about vote fraud - that her vote would be switched over to Clinton - that she decided to commit voter fraud...
https://www.washingtonpost.com...
As Winston Churchill might have said (but didn't). The possibility of a voting machine with a network interface no more entered into my mind than that of a battleship being launched without a bottom.â
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
Fraud in vote-by-mail is lower risk and easier. Why would anybody even attempt in-person voter fraud? It would be like stealing guns from a military armory when you could steal them from a random person's house while he or she is gone for the weekend.
Check out my sci-fi/humor trilogy at PatriotsBooks.
The only confirmed hacking attempts were performed by DHS against Indiana's and Idaho's election systems.
Indiana joins Idaho in claiming DHS tried to hack their election systems
Please show me where the Obama justice department even enforced the law. Just it is not enforced does not make it OK. Stupid argument. Being in the country should get them prosecuted and deported. But "Sanctuary Cities" and their voting blocks like LA.
Cops often steal ("confiscate") ID from homeless people just to mess with them.
Most voter fraud would be prosecuted at the state level, so for example ask the republican Alabama Secretary of State, John Merril, how many convictions he his state has for at poll voter impersonation.