US Voting Machines Cracked In 90 Minutes At DEFCON

An anonymous reader quotes The Hill: Hackers at at a competition in Las Vegas were able to successfully breach the software of U.S. voting machines in just 90 minutes on Friday, illuminating glaring security deficiencies in America's election infrastructure. Tech minds at the annual "DEF CON" in Las Vegas were given physical voting machines and remote access, with the instructions of gaining access to the software. According to a Register report, within minutes, hackers exposed glaring physical and software vulnerabilities across multiple U.S. voting machine companies' products. Some devices were found to have physical ports that could be used to attach devices containing malicious software. Others had insecure Wi-Fi connections, or were running outdated software with security vulnerabilities like Windows XP.
Though some of the machines were out of date, they were all from "major U.S. voting machine companies" like Diebold Nixorf, Sequoia Voting Systems, and WinVote -- and were purchased on eBay or at government auctions. One of the machines apparently still had voter registration data stored in plain text in an SQLite database from a 2008 election, according to event's official Twitter feed.

By Saturday night they were tweeting video of a WinVote machine playing Rick Astley's "Never Gonna Give You Up."

Not being used any more

[FrankHaynes]

In Virginia these machines have been decertified. I imagine other states have acted as well.

Re:Not being used any more

[fustakrakich]

Problem is that they replaced them with other machines instead of pen and paper.

Re:Not being used any more

18 states are 100% paper ballots.

Hard to hack the results in Michigan when its pen and paper.

Re:Not being used any more

Actually, during the brief recount effort in Michigan before it was shut down, roughly 60% of the ballot boxes opened did not contain the number of ballots they were supposed to. Some were off by pretty significant percentages; I know that one box that according to the ledger should have contained over 350 votes actually contained less than 50. We didn't get even close to opening all of them.

It may not have been a "hack", but SOMETHING definitely happened....

Re:Not being used any more

[0100010001010011]

The thing is you still have a real paper trail.

I'm fine with MI's machines because you get a quick result but still have the actual vote to recount.

Personally the state should buy some ultra high speed machines from 2 separate vendors and do an 'official' count at the state level. And run them until the 2 machines from 2 vendors agree.

Fine any local level machine vendors based on how far they deviate from the state's official count. 1% off? Small fine. 10% off? Huge fine and get a new vendor.

Re:Not being used any more

[dbIII]

Maybe, but it's kind of a big deal if they have ever been used live in an election and are found to be this substandard. It's worth looking at the process involved to purchase the things in the first place to see if there were any shortcuts or criminal activity (eg. kickbacks) in the process to avoid the same mistake happening again.
Also a lot of smug bastards like me get to say "I told you so". Diebold especially were up to a few things that looked very suspicious, including having a convicted fraudster in charge of the project.

Re:Not being used any more

[phantomfive]

Are the newer machines in Virginia better, or are they just newer crap?

IF they're from the same vendors, they're just newer crap.

Re:Not being used any more

[MillionthMonkey]

The agency that's supposed to be in charge of securing voting machines is the Election Assistance Commission, which operates on a $10 million annual budget. A House committee voted along party lines for HR 634, the Election Assistance Commission Termination Act, which will completely shut it down by 2018.

The argument is that "this is a matter best left to the states". According to Rep. Tom Graves from Georgia, "People supporting the EAC are quite frankly proponents for a greater federal role in our elections. States themselves, they're responsible for all the elections. We do not have a federally run election system." Rep. Gregg Harper from Mississippi argued the program has "outlived its usefulness", and that closing it down would save money and cut down the size and scope of government, saying "It is time for the EAC to be officially ended. We don't need fluff".

Re:Not being used any more

[UnderCoverPenguin]

Actually, during the brief recount effort in Michigan before it was shut down, roughly 60% of the ballot boxes opened did not contain the number of ballots they were supposed to.

According to someone from Michigan I met, that meant that the ballots in those boxes were, under Michigan law, not allowed to be recounted.

I don't know if that's true, but I am more and more concerned over just how much of a mess the US election system is.

Re:Not being used any more

[TheLongshot]

Here in Northern Virginia, it has been pen & paper for a while. Haven't seen a voting machine in years.

Re:Not being used any more

[chuckugly]

.... Russian Metaling .... -~ Beau ~-

Could it have been papering, or was it metallic for sure?

Re:Not being used any more

[arth1]

Missouri, where I am still uses a scan tron type machine. Fill in the ovals and slide it in. Those are fine.

I disagree. Any system that does not allow write-ins and blank votes is not fine, in my humble opinion.

Re:Not being used any more

[DaHat]

Are you sure they are all pen & paper? I live in a 100% mail in voting state and can tell you there exists a serious vulnerability in it's system which could allow a nefarious person to swing an election from a single PC... in their (or parents) basement.

I'm thrilled to see the focus on the machines... but there is more to hacking an election than just them.

Re:Not being used any more

[The+Grim+Reefer]

India can do an election with a paper trail. They're poor as fuck and 4x as big.

And 50x as corrupt.

Re:Not being used any more

[arth1]

I live in a 100% mail in voting state

I'm surprised that any election system that pretends to be democratic allows this at all. It opens for both vote buying and household abuse.
A curtained election booth where you leave with a sealed envelope is the standard in most democratic countries for a very good reason. Even for absentee and early voting.

Re:Not being used any more

[arth1]

And 50x as corrupt.

That's obviously false. Even if Indian politicians were 100% corrupt, it would be false. Or do you really think that no more than two US senators and nine house members are corrupt?

If anything, I'd say the US system is one of the most corrupt systems in the world. The big difference being that it's more openly corrupt, with contributions, lobbying and jerrymandering being legal.

Re:Not being used any more

Bitch lost the election she rigged.

because everyone vastly underestimated just how hated that evil murdering bitch is...

Re:Not being used any more

And 50x as corrupt.

The Indians catch 50x as much corruption. That does not mean they have 50x as much corruption as the USA, indeed part of what the indians find and treat as corruption would be considered legal in the USA, even though it is actually what any sane human would define as corruption.

Re:Not being used any more

[Gavagai80]

It seems to me that voting by mail could be made fairly safe if the voter has an opportunity to cancel their ballot after mailing by choosing to cast a replacement vote in person later (so they could perform the coerced vote, but still fix it later secretly -- the the vote buyer couldn't be sure that wouldn't happen). But I don't think that's currently an option anywhere, because there's no system for efficiently locating and removing the previously-mailed ballots.

Re:Not being used any more

[dbIII]

You mean pass the buck

Only if you mean bucks being passed under the table.
The federal agency was supposed to be there to keep whatever incumbents were in each state honest.

"Small government" is far too often a euphemism for "nobody to catch me taking/giving a bribe". It's often the same with "cutting red tape".

If either party actually believed in small government for it's own sake we wouldn't have the massive Homeland Security department or so many people in the TSA.

Re:Not being used any more

[arth1]

It seems to me that voting by mail could be made fairly safe if the voter has an opportunity to cancel their ballot after mailing by choosing to cast a replacement vote in person later (so they could perform the coerced vote, but still fix it later secretly -- the the vote buyer couldn't be sure that wouldn't happen).

It still wouldn't work for families where the master of the house decides if and where people can go.

With mandatory voting booths, the worst such a person can do is prevent someone from voting, which while bad, has less than half the impact of controlling a vote.

Re:Not being used any more

[JaredOfEuropa]

still have the actual vote to recount.

That's ridiculous. You get a quick readout from the machine, hopefully accurate enough to announce a preliminary vote count, but by now it should be abundantly clear that the paper ballots should be considered the actual result. Counting the paper ballots is not a "recount", it is the actual count. The only advantage this type of machine offers is the paper trail, but if you don't use it and do a full recount, then what use is that trail?

Re:Not being used any more

[l0n3s0m3phr34k]

Out of the 235,248,000 eligible voters in the US, I don't think crazy "master of the house" control freaks would really be able to influence the over-all POTUS election. It would be far more of an issue to somehow match all the vote-by-mail ballots up with the vote-by-person ballots to toss out the vote-by-person ones for people that had already voted by mail.

Re:Not being used any more

[l0n3s0m3phr34k]

Also a euphemism for "no one will catch me polluting", and "no one will stop me selling this snake oil", etc. It's also usually espoused by people who already "have theirs" and don't give a f*ck about anyone else lower on the economic scale.

Re:Not being used any more

[msauve]

AC wrote: " I know that one box that according to the ledger should have contained over 350 votes actually contained less than 50. "

Then it should be easy for you to provide an authoritative reference for that claim.

'Cause, The Detroit Free Press didn't report anything like that - rather they reported fairly widespread, but minor discrepancies averaging 2 or 3 per precinct both over and under -

In 158 precincts, the number of ballots tabulated by the optical-scanning voting machines was inexplicably less than the number of people who signed in to vote. At least 362 ballots were not counted in those precincts, even though the voters had been listed in poll books.

Re:Not being used any more

[Rockoon]

..and because the only election we have is for the potus, you make complete sense instead of no sense

Re:Not being used any more

[jedidiah]

On the other hand, you can actually walk up to these people and tell them what you think of them. They are much less likely to be able to escape the rules they make. They actually live in the same communities you do rather than some far off special government district.

Why you are so eager to fellate one set of politicians and dismiss another really astounds me.

Re:Not being used any more

[dbIII]

I'm not sure about the former, but after meeting some of them the latter definitely applies. A couple of the ones I met ended up doing time in prison.

Re:Not being used any more

[LynnwoodRooster]

Well, the sealed ballot from a booth AND having to prove your identity. Here in the US it's supposedly "racist" to ask for for proof of identification and it "targets the poor" to not mail ballots to everyone...

Re:Not being used any more

[Riceballsan]

Well honestly I'd say between abuses it's probably one of the lower ones. There is already a default abuse in place at most polling places, IE shitty availability of the polling locations, long lines etc...

Re:Not being used any more

[dryeo]

It really depends on how it's done. Here in Canada, we've required proof of who you are for a long time. Used to get a card in the mail that, together with a bill or such was good enough, there was also the option of swearing an affidavit if you didn't have ID or weren't registered.
The previous Federal right wing government fucked that up, upping the ID required, stopping Elections Canada from encouraging people to vote, including stopping them from registering people in grocery stores and such and various other tricks to discourage minorities and the poor.
In my household, my wife, a minority, has always used her maiden name to vote as that is what her ID is in, as well as various bills that are in her name. Prior to the election, I went on line to double check that we were registered and the government site said yes we were, including in my wife's case, in her maiden name. Went to vote and somehow her registration had been changed to my name and all she had was our marriage license for ID. Luckily the polling station was quiet and the electoral official was interested enough to spend an hour on the phone to Ottawa to finally fix things. Big hassle and waste of time to do something that usually only takes a minute and she almost lost her franchise. Otoh, during the last Provincial election, with the same problem, it took 2 minutes and her signature to fix things.
My son, due to lack of ID, never did get to vote. He doesn't drive, doesn't have good enough ID (gotta have your address on it), costs $75 at a motor vehicle branch that is 50 miles away to get the needed ID.
Basically the ID requirement can be sanely implemented or implemented in such a way to disenfranchise those poor/minorities that don't vote for the correct party. And America or at least some States, has a real problem as it is with disenfranchising people for reasons as stupid as being a reformed criminal.

Re:Not being used any more

[LynnwoodRooster]

Down here in the US you can almost always get an official, Government issued ID for free, and there are places all over to do so (post offices, DMVs, etc). But we still don't require ID when it's time to vote. You can walk up, claim you are your neighbor - and vote. Then do it again and again and again, moving from voting location to voting location...

Re:Not being used any more

[dryeo]

All it takes is some austerity to close most of those DMV's etc, declare the post office to be federal rather then state/provincial and more austerity to make those free ID's cost $75, as happened here.
Then make the ID requirements more onerous, eg the last government also upped the ID requirements to have your current address on it. Just like that, all the people without a numbered street address such as most native reservations being disenfranchised as well as all those pesky university students who are currently resident at their university but still have ID with their home address, also being disenfranchised.
While I agree that some ID should be presented, it is another way that can be used to disenfranchise certain portions of the population.
Many third world countries simply mark the voter with some indelible ink when they vote to stop multiple voting. If it's actually a real problem down there, mark all voters when they vote.

Re:Not being used any more

[dryeo]

Seems weird that the Federal elections aren't a Federal matter like here in Canada. Understandable by 19th century standards but times have changed.
Also much simpler voting up here. We have a Federal election where I vote for one representative to Parliament and the Members of Parliament decide on the government (or failing that, we have another election). Likewise for the Provincial election, which happens separately and is run by the Province. Municipal elections are more complex, but also happen on a different date.
Makes voting more simpler, we actually have different Provincial parties from the Federal parties (some are the same) and, at least here, don't even have parties in most municipalities.

Re:Not being used any more

[LynnwoodRooster]

Sure, you can always THINK of ways to make free ID impossible to get - but right now, it's not. And the claims by those opposed to voter ID (such as used in your own country, all of Europe, Asia, etc) is that requiring ID TODAY is racist and exclusionary. Not what might happen in the future, but today. I personally think it's because many on the left (those who claim there is no voter fraud despite thousands of convictions for just such activities) love to keep getting those 83 fake absentee ballots, and love those greater than 100% voter turnouts...

Re:Not being used any more

[cascadingstylesheet]

It may not have been a "hack", but SOMETHING definitely happened....

Something happened all right.

The recount was stopped because it wasn't showing the desired result (cheating on behalf of Trump) but rather the opposite (cheating on behalf of Dems).

Re:Not being used any more

[dryeo]

The Provincial austerity measures I mentioned really happened here in BC (no idea about other Provinces). They happened independently of elections, at that the Provincial elections ID requirements are still quite reasonable and judging by the results of the last Provincial election, the government did the election fairly (ignoring taxpayers money spent on propaganda).
Even the Federal Conservatives attempt to disenfranchise the natives backfired, with lots of natives, a group that traditionally doesn't consider the Government of Canada to be legitimate as they signed treaties with the Crown rather then Canada, and therefore didn't usually vote, voting against the government.

As for voter fraud, I haven't really seen any evidence of thousands of convictions. The Heritage Foundation claims 755 convictions in 474 voter fraud cases (multiple convictions per illegal vote?), and whether it is that partisan is unproven, with at least one Republican charged. I do see lots of evidence of legal voter suppression in various States, usually perpetuated by the right when they get the chance to make the rules. Both voter suppression (including gerrymandering) and voter fraud are bad and should be stopped. Yes, reasonable ID laws along with recognizing a right for resident citizens to vote would help.

Re:Not being used any more

[LynnwoodRooster]

Voter suppression? Really? Gerrymandering is used by both sides to benefit incumbents. The most egregious case are Democrat districts. But as far as other voter suppression - I keep hearing claims about it, but never any evidence is ever put forward other than generic claims. Certainly nothing like armed men, associated with a militant left-wing group, standing right in front of a polling place.

Re:Not being used any more

[dryeo]

By voter suppression, I mean where the government actively suppresses certain parts of the population from voting, whereas your example is also something that shouldn't be allowed. A few minutes on Google shows lots of evidence of various forms of voter suppression, from not having a reasonable number of polling stations, through last minute voter roll purges targeting certain groups, through fucked up laws removing the right to vote due to such stupid reasons as having a joint in your possession many years ago (the whole idea of segregation based on the feudal idea of felons is pretty outdated) to bring it back to the original topic, strict voter ID laws. As for gerrymandering, which ever side does it doesn't matter, it's just plain wrong and the whole idea of such an important thing as voting districts being left to politics is just wrong and any party that does it should be voted out.

Re: Not being used any more

[bestweasel]

In the UK, we don't need ID to vote - if you're on the electoral register and are eligible you can vote. Registering is compulsory for adults but does expose you to obligations like paying local council taxes so some people don't and are thus disenfranchised.

Any problems with (im)personation or multiple voting appear to be insignificant - there were fewer than 100 criminal instances found in 2016 when around 60 million votes were cast and half those were on the campaign side.

Having people traveling round to vote multiple times seems like a risky and inefficient way of rigging an election. Far better just to hack the voting machines.

Re:Not being used any more

[arth1]

Prisoners and ex-convicts are for moral reasons prohibited from voting.

Only in a few not very democratic countries. Disenfranchisement is expressly forbidden in most democracies, because it enables oppression - those hit by unjust laws are prevented from voting for those who might change those laws. The African-Americans and native Americans can certainly attest to how this has slowed down progress towards equality, both locally and nationwide.

Re:Not being used any more

[arth1]

A defaced vote also functions as a blank vote, with the additional protection of "Cannot be manipulated".

Defaced votes are void votes, which are not the same as blank votes.
In districts that allow them, a blank vote is a valid vote, for "none of the above".

The distinction is important, especially for votes where a majority is needed:
9 votes for A, 8 for B, 3 void = A wins with 53% of votes
9 votes for A, 8 for B, 3 blank = A only gets 45% of the votes, and a new election must be called.

Re:Not being used any more

[KingBenny]

i think this is one of those recurring meta-topic discussions, the bottomline spans a lot of topics, the root might be the chicken and the egg ... pen and paper-humans can be bribed, and wether they like it or not have up front both a personal preference (likely) and a certain strength of moral compass which might not even need third party interference to alter results a bit here and a bit there actually. Its like pretending cops always tell the truth since they are "under oath" whereas robocop might be hacked unless any of them is superman ofcourse like saying bitcoin facilitates crime, and the dollar never did since al capone didnt get rich on moonshine using bitcoins, neither did escobar and afaik most major carttels in anything be it legal or illegal will use dollar since that amount of money in a blockchain would cause a datastorm that would attract attention which brings us to the next : in the wake of everyone already doing it ten years after the fact, including banks and regulateors : next up : government looks into blockchain technology to secure voting machines ... (and satoshi goes lulz and old men in suits go, why would some scruffy squat rats build something like that, not patent it, and then simply disappear from the planet ?) after that, chapter next up : the A.I. in charge of counting votes decided it was best for the planet if HALL-E 9001 won the election so it 'chose' and so on ....

cracked into little pieces

[turkeydance]

after dropped from the delivery truck

Ah, NOW I understand.

[buss_error]

By Saturday night they were tweeting video of a WinVote machine playing Rick Astley's "Never Gonna Give You Up."

So, you're saying America got Rick Rolled on November 8th, 2016.

Explains a lot.

Re:Ah, NOW I understand.

[omnichad]

No, that would mean a promise of "Never Gonna Give You Up." Unfortunately, we've already been given up.

Re:Ah, NOW I understand.

[CanadianMacFan]

The fat cats are never going to give you up to support their rich lifestyle.

Sometimes an old system is best

[elrous0]

Physical ballots are still the best way to do it. The added confidence and security is WELL worth it.

Re:Sometimes an old system is best

[phantomfive]

Electronic machine that prints the ballot out on paper (so you can verify). You deposit the paper into a bin (or the machine does it automatically).

That way you have the speed and convenience of a machine (no hanging chads), combined with the verifiability of paper.

Re:Sometimes an old system is best

[fafalone]

Well then why don't you have your physical ballot company hire an army of lobbyists and start buying off state politicians, like Diebold et al. did to get them replaced in the first place. No better way to secure your god-given right to profit at the expense of the average person.
Just ditch that whole 'confidence and security' spiel; nobody cares about that.

Re:Sometimes an old system is best

[arth1]

Electronic machine that prints the ballot out on paper (so you can verify).

Bad idea. It opens for voting abuse in that others can demand to see the your vote.

There's also the real-time problem in that those who run the problem gains a theoretical possibility to see votes as they happen, which not only can thwart anonymity, but can influence election results by focusing external efforts (like busing and harassment) where they'll have the most impact.

A system where the votes are not counted until the election ends, and are anonymous from the moment cast seems a lot safer. Curtained voting booths well stocked with ballots and envelopes, and monitored urns seems to be the safest way.

Re:Sometimes an old system is best

[phantomfive]

Bad idea. It opens for voting abuse in that others can demand to see the your vote.

You don't get to take it out of the voting booth. You are right though, that anything attaching the vote to a person is problematic.

Re:Sometimes an old system is best

[arth1]

You don't get to take it out of the voting booth.

Unless they frisk voters for cameras before entering the voting booth, that's a moot point.

Re:Sometimes an old system is best

[aliquis]

We have physical ballots.

Physical ballots and information, media and speech controlled by the leaders instead.

The illusion of a democracy may seem more real then than if you simply lit the ballot box on fire or replace the ballots or whatever... Be smart! Be like Europe!

Re:Sometimes an old system is best

[phantomfive]

That's true of any voting method. No way to prevent that.

Re:Sometimes an old system is best

[arth1]

That's true of any voting method. No way to prevent that.

No, that is not so. The traditional voting booth, stocked with ballots and envelopes prevents that. Any photo taken inside the booth doesn't show what the person really votes. You can fill out multiple ballots in the voting booth, and even seal them in envelopes, but only one envelope is deposited in the monitored urn outside the booth. No one has the foggiest idea what went into the envelope going into the urn except the voter.

Re:Sometimes an old system is best

[phantomfive]

Once you see the printed out ballot in the electronic system, you can cancel or approve it. You could take a picture of it, then cancel it and re-vote.

Re:Sometimes an old system is best

[arth1]

Once you see the printed out ballot in the electronic system, you can cancel or approve it. You could take a picture of it, then cancel it and re-vote.

Ah. That makes it better. I was under the impression that it was an audit trail, i.e. a receipt of what was cast, and not a potential vote subject to change.

But in that case, it's not all that useful either, because you can't really know whether the vote is the same after you hit approve.

Re:Sometimes an old system is best

[phantomfive]

Yeah, that's true. It's similar to the problem of false-bottom voting boxes used in history. How was that problem solved and is prevented?

Re:Sometimes an old system is best

[arth1]

Yeah, that's true. It's similar to the problem of false-bottom voting boxes used in history. How was that problem solved and is prevented?

I don't know how it is everywhere, but where I used to live, the voting urns arrived sealed, and the seal inspected by all parties before breaking it and opening the slot, allowing ballot envelopes. After closing, or when full and replaced, a new notarized seal would be placed on the urn, before being transported under observance to the official counting place, where both the seal and the urn itself would be inspected.

Unless the ones initially sealing the urn and the counters were colluding, it would presumably stop urn fraud.

Re:Sometimes an old system is best

[l0n3s0m3phr34k]

"that it was an audit trail, i.e. a receipt of what was cast" of course, because that actually makes sense. Much of the US voting system is based around the early agrarian system (like why the voting is done when it is) and has little real-world reasoning these days outside of "tradition".

Re:Sometimes an old system is best

[msauve]

Electronic machine that prints the ballot out on paper (so you can verify). You deposit the paper into a bin (or the machine does it automatically). "Be particularly skeptical when presented with evidence confirming what you already believe."

Your .sig is especially relevant.

Re:Sometimes an old system is best

[idji]

Venezuala has a vote today using machines. Gangs came in and smashed the machines - now people cannot vote..

Re:Sometimes an old system is best

[Rick+Schumann]

Paper ballots are secure only if you can trust the entire chain of custody of the aforementioned paper ballots, from end-to-end. If someone wants to destroy them, or alter them, or replace them entirely, then they're useless.

What I want to know is, were the hacks at Defcon done in such a way that they left no traces of having been hacked? If yes then the November election could have been subverted in such a way and we'd never know.

Re:Sometimes an old system is best

[phantomfive]

Yeah, that's basically how, by having observers from all interested parties making sure no side is doing something illigitimate. Then building the system in a way that if something goes wrong, it will be noticable to one of the observers.

Re:Sometimes an old system is best

[endercase]

It wasn't.

Re:Sometimes an old system is best

[endercase]

So in areas where there are no "official observers" that maintain constant eye contact with the paper cast ballots (or receipts) from the other party(ies) there is no check or balance?

Re:Sometimes an old system is best

[phantomfive]

Something like that, yeah

Re:Sometimes an old system is best

[phantomfive]

Oh yeah? Who used a false bottom in the last election? (Or even in the last two decades)

Who will save the day?!

[Dutchmaan]

Where is the Putin/Trump cyber security task force when you need it!?!?!?!

Re:Who will save the day?!

[CanadianMacFan]

I thought they were the ones that hacked the machines so that Trump could become President in the first place. Things were so much easier last millennium when all you had to worry about were some hanging chads in Florida.

Re:Who will save the day?!

Funny thing is that conservatives have been saying there were issues for years now.. You little douchies didn't start until after Trump was elected. In fact most of you denied voting/voter fraud even happened.

Re:Who will save the day?!

[Dutchmaan]

You are incorrect sir. Being against black box voting has been a liberal issue for as long as I can remember, something conservatives seem to support if I recall, and there's a difference between voter fraud and election hacking. I would have though someone as enlightened as yourself could have figured that one out.

Speaking of denying voting/voter fraud ever happened... how do you say that in Russian?

Re:Who will save the day?!

[Dutchmaan]

human rights by nature is a liberal (the non-political meaning) issue

Re:That proves more of a case for our President...

Did you hear of the IT guy (paid millions) just arrested fleeing to Pakistan? Apparently he worked for Debbie Wasserman Schultz, the same DNC bitch that stole election from Bernie.. Why was some random guy making millions? Was he hacking the voter machines?

DWS even threatened a DC Capitol police chief from investigating that: https://www.youtube.com/watch?v=lAAhMVoeCYg
How that her henchman is finally arrested, guess who got his case? Assistant attorney that just happens to be DWS's brother! You can't make this shit up: http://www.hannity.com/content/2017-07-27-conflict-of-interest-dws-brother-works-in-us-attorneys-dc-office/

Demonrats are corrupt to the bone. DNC needs to be investigated, indicted, tried, and locked up. Democrats need to be investigated under RICO.

Re: That proves more of a case for our President..

DNC goose is cooked. Here is the DNC special prosecutor appointment request from Congress. Check out the last page for signatures.

Insecure is cheaper and faster.

If you've worked as a programmer, you know this already.
When someone tells you they want it done by a deadline and they won't hire people who are good at security because they're expensive, instead scowling and saying "you programmers need to make it secure on top of everything else!" what do you think will happen?

Re:Public Key Encryption is a simple solution.

[phantomfive]

It's dangerous to think you have the obvious right answer, there are problems with all the obvious solutions.

In your case, the problem is it doesn't allow anonymous voting, which is a requirement for democracy. There are many examples for how non-anonymous voting can be abused, from vote-buying, to putting enemies on a watch list, to outright killing those who voted for the wrong person.

Oregon Vote By Mail - Hands Down The Best System

[StevenMaurer]

Voters receive their paper ballots about a month in advance. They can either fill it out and put it in the mail, or wait until the last minute and drop it off at any library or county clerk's office (think traffic court). All ballots must be in an envelope signed by the voter or it doesn't count. The county registrar has people trained to check signatures as they come in. If there is a mismatch, they contact the voter when there is time (sometimes older people, or those who have health issues, have shakier handwriting), and the voter can come down to straighten it out.

The ballots are then put in bins, which are then tabulated (for cost efficiency) by high speed vote counting machines on election night. The machines are certified, tested with special ballot runs to make sure they're working correctly, and are not hooked up to the internet. And to the best of my understanding, don't even have any external interfaces.

The paper ballots are never thrown away, in case there is a challenge. If the vote is very close, a recount is done automatically by hand. If not, the losing side can pay to have the recount done. All these processes are open to the public and are typically overseen by everyone from the most kook teabagger to the greenest of pretending-not-to-be-communist green.

About eight years ago, on a special election night in Tillamook, there was a terrible winter storm. The main highway was quite literally flooded by 5 feet of water. Despite this, there was an over 80% turnout. Everyone had mailed in their ballots long before.

Democrats love the system. Rural Republicans especially love the system. It's secure. Almost impossible to pull dirty tricks with. Basically impossible to hack. And best of all - cheap. Seriously. Because it reuses the US post system and libraries, there is no need to organize election stations, monitors, volunteers, reserve space for people to vote. It's nearly half the cost of all other systems.

Surprises nobody

[gweihir]

That is nobody that followed the developments for the last 10 years or so. Of course, the actual experts have been warning of this far longer, but who in politics listens to mere experts. Pathetic.

90 minutes??

[hcs_$reboot]

They were probably not in best shape

Re:Oregon Vote By Mail - Hands Down The Best Syste

[bug_hunter]

So someone lied and tweeted that they opened mail and ripped up votes, and then the post office confirmed that the person has never worked there.

Not really the best counter argument - though obviously there needs to be a lot of monitoring at each stage of handling the vote, just like there has to be that during more traditional voting.

Re: That proves more of a case for our President..

[Cederic]

It is possible to assess and address corruption and fraud across multiple different communities and individuals at the same time.

I suspect the FBI is large enough to manage two concurrent investigations.

So exploit this

[Cederic]

Demand that any electronic voting machine survive two days taking votes on something important (e.g. M&Ms vs Skittles) at DefCon before it can be used in an election.

It's free pen testing, what's not to like?

Physical Voting Machines?

[Bing+Tsher+E]

Physical Voting Machines means they had physical access.

Yeah. Those weird old League of Womens Voters people who volunteer to hang out at the polling places are gonna look at trenchcoat dude and not be suspicious. Right.

Re:Oregon Vote By Mail - Hands Down The Best Syste

[bluegutang]

Problems with this system:
1) No secret ballot
2) Signatures are easily faked

Same pattern everywhere

[Archtech]

The root problem with voting systems is that, fundamentally, they can only be as reliable as the people who operate them. If those people really honestly want to conduct fair, unbiased, honest elections then, on the whole, that is what will ensue. There may be glitches and little pockets of unfairness, but if the people who vote AND the people who run the system all want an honest result, they will get one.

The trouble arises when a critical fraction of those involved in running an election do not want an honest outcome. Frankly, there are so many ways of cheating that it would be tedious to list them. Just imagine what a highly-trained, experienced security specialist would make of any democratic voting system. They are so full of holes that there are more holes than solid material.

Sure, voting machines can be hacked. But if you run a system without any machine more complicated than a pencil, there are still ample opportunities for massive cheating. Anyone familiar with the history of elections could write down dozens of examples. As one of the most often-quoted remarks on the subject tells us, it's not who votes that counts - it's who counts the votes. (And who look after the actual ballots in the long watches of the night, and who has control of the totals once they have been written down).

The situation is just the same as with the US Constitution. Admirable in principle, well-intentioned, and carefully designed to preserve freedoms. But... no piece of paper, in and of itself, can stop people doing bad things. That's obvious. So the missing piece of the puzzle must be that the people who rule choose to act in accordance with the piece of paper. For years now, they haven't.

In a country where the Supreme Court can solemnly declare that bribery is free speech, and that corporations are people, no statement or declaration of principle is safe. Powerful people can simply "interpret" it to mean something entirely different.

Re:Same pattern everywhere

[Archtech]

As a foreigner, I don't really see much point in the screaming and roaring between Democrats and Republicans. It all seems a lot like arguing over the placing of the deckchairs as the Titanic sinks below the waves. To me, it looks very much as if the artificial differences between the parties, and the intense rancour that flows from them, have been deliberately created to keep the people at one another's throats and prevent them from seeing that EVERYONE in Washington is working against their interests.

Re:Same pattern everywhere

[LynnwoodRooster]

What country are you from? Does it require proof of identification when you vote? That would be a great first step for the US...

Re:Same pattern everywhere

[Evil+Kerek]

You mean sort of like when one side decides they aren't going to accept the election results and start rioting? I

Re:Same pattern everywhere

[Evil+Kerek]

I'll take our worst days over a great day just about anywhere else. That's the part you 'foreigners' keep leaving off. Yes, our system has it's issues. Yes we are going at it right now.

And yes...we still have more freedom than any other country in the world. You can't even MAKE statements like yours in half the countries in the world.

These statements are always made in a bubble - what country are you comparing us to? Yep, we're got a lot more turmoil...than China. If you'd rather live in China than the United States, please raise your hand. What? No takers? You mean you don't like having your internet & news utterly controlled by the government? what?

So..yeah...save it.

Re:Same pattern everywhere

[ebvwfbw]

There are major differences between the parties. Trouble is, the left does what the left does. They start with newspapers, teaching, Well here it is -

http://www.freerepublic.com/fo...

Just think of how much of that is already done. Part of that is making people think they are the same thing. Towards that end we have "Republicans" that are Republicans in name only - a RINO. We know who they are, Susan Collins, John McCain that you are probably familiar with. The Democrats go from good guys to just outright flaming crazy. Maxine Waters comes to mind, Nancy Peleosi. They get so mad that sometimes they think George Bush is still president -

She's second up. Watch the people behind her .. they're like HUH?
https://www.youtube.com/watch?...
I'm sure she's told what to say by a handler.

I could bring up the UK Parliament. House of commons... they're common alright. Look at how they're re-arranging the deck chairs with migrants that have absolutely no interest in the UK continuing. They are there to take over without firing a shot.

I hope things are better where you are.

Re:These are not breaches, these are features

[Mrakodrap]

Nicely ironical. Just like when John McCain rants his mouth about "attack on U.S. democracy" whilst busy setting-up quick appointments with well-known ISIS and other middle-eastern terrorists.

Re:Oregon Vote By Mail - Hands Down The Best Syste

[anarkhos]

LOL, all electronic voting systems have central tabulators which are inherently insecure. There is no way to make electronic voting secure without a blockchain.

https://www.youtube.com/watch?v=w3_0x6oaDmI

come on really?

[AndyKron]

Why are voting machine even allowed to be sold on Ebay? Can I buy a used money making machine too?

Re: Oregon Vote By Mail - Hands Down The Best Syst

[dfenstrate]

It sounds like the best system.... for party operatives to drive around and steal ballots out of selected mailboxes or neighborhoods.

Re: Oregon Vote By Mail - Hands Down The Best Sys

[dfenstrate]

My apologies i read your comment more carefully- stealing ballots would require the collusion of the registrar. How honest are these people?
Considering the Democrats went on a campaign to capture secretary of state seats so they could put their thumb on the scales at that level, a few dirty registrars aren't out of the question.

Expensive failure

[MoarSauce123]

Just think how much money states spent on these machines that were built by companies that are far too close to the Republican party. Send all these electronic machines back to the vendors for a full refund and user paper ballots and a pen. Keep it simple, verifiable, and quite secure. Sure, it will take longer to count the votes, but I rather wait a day and get results anyone can trust than get results in an hour and question for years if they were accurate.

Re:Oregon Vote By Mail - Hands Down The Best Syste

[MoarSauce123]

Not any worse than all the other approaches. Around here they do not even make one sign anything. You go to the polling place, tell them your name and address, they look it up in the list, and if it is on the list you get to vote...and just maybe they cross off the right name. Just be faster to the poll station than the folks across town that you can look up in the phone book.

Re:Oregon Vote By Mail - Hands Down The Best Syste

[Rick+Schumann]

That fine and dandy, but as I just said elsewhere: Unless you can trust the entire chain of custody of the aforementioned paper ballots, from end-to-end, it's useless. If someone wants to destroy, alter, or replace ballots, then it's useless.

Re:Oregon Vote By Mail - Hands Down The Best Syste

[LynnwoodRooster]

Until you get that one house with 83 ballots - all with different names - mailed to it. Or you get those Democratic elected officials "finding" more votes after the election and you count them anyway, overturning a Gubernatorial election... And of course - no way to prove who actually cast the ballot because there is ZERO identification required (you know, like Canada , Germany, the Netherlands, the UK, and most of the rest of the world requires).

I know, I know, Trump Trump Trump

[LynnwoodRooster]

But these machines were used prior to the 2016 election, they were bought on eBay. They were used for the previous elections, so...

Re:Oregon Vote By Mail - Hands Down The Best Syste

When I show up with ID and my name is already crossed off on the ballot, I can challenge it and make an accusation of fraud.

When I mail in my vote, I can sell it, or be coerced into "selling" it, and send it in with someone looking over my shoulder to make sure I "fill it in right".

These are not nearly the same failure mechanism.

The former only succeeds if a small fraction of people bother to vote (which is another reason to give people shit for not voting), and requires a large number of people to engage in the fraud.

The latter succeeds if the criminal is sufficiently criminal, and it requires a large number of people to root it out.

Mail-in ballots should be declared, at a federal level, compromised, and considered invalid in any federal election. (And, as TFA shows, the same for all-electronic voting machines. If a vote comes from a voting machine, deem it invalid, throw it out, and move on.)

False equivalency

[Wraithlyn]

Just because paper ballots aren't immune to tampering doesn't mean they're anywhere near as bad as electronic voting machines.

It is much harder to rig paper ballots *on a massive widespread scale* compared to electronic voting. Period.

it's not who votes that counts - it's who counts the votes

Yes, that's the whole point. With paper ballots, the count can physically be observed IN PUBLIC by as many parties as are interested.

A number of years ago, Germany's highest court found that:

• There is a “constitutional requirement of a publicly observed count.”
• “[T]he government substitution of its own check or what we’d probably call an ‘audit’ is no substitute at all for public observation.”
• “A paper trail simply does not suffice to meet the above standards.
• “As a result of these principles,’all independent observers’ conclude that ‘electronic voting machines are totally banned in Germany’ because no conceivable computerized voting system can cast and count votes that meet the twin requirements of being both ‘observable’ and also not requiring specialized technical knowledge.

Smart people.

Re:Oregon Vote By Mail - Hands Down The Best Syste

[John_Sauter]

...Just be faster to the poll station than the folks across town that you can look up in the phone book.

In small towns the poll worker knows everyone by sight, so that kind of fraud is not possible.

Why can these machines even be accessed remotely?

[Targon]

Seriously, why should these voting machines be accessable remotely? Private network, machines talk locally, no WiFi, and all ethernet ports should be locked down. The information can then be uploaded via a manual process, data pull every 30 minutes or something, and then uploaded, again via a closed and secured connection. Local network not being connected to the Internet means any hacking would have to be done locally, local numbers can be verified as well as what was uploaded at each interval. The only thing to be concerned with then, is if individual voting machines are properly counting votes(a printout and display of what a voter voted for SHOULD be shown, just saying, "We have your vote" gives reason to doubt if a vote was properly counted...for all people know, you vote one way, and votes are randomly given to other people if an electronic system does not display who it thinks you have voted for.

Many Countries Went Back to Paper

[Neuronwelder]

We should go back to paper as well.

Medaling, but not by Russians, Paper

[aberglas]

The votes can be altered by any election official. Some voting machines even had an adjust votes.

Paper ballots are even worse UNLESS they are properly scrutineered. In the US, they are counted in secret rooms and nobody is allowed in. And there are strict laws to prevent any recounts or external scrutiny.

Republicans seem to be better at hacking elections than Democrats.

In civilized countries, like Australia, the votes are counted in front of scrutineers appointed by the candidates. All done in a couple of hours on election night. Very efficient, cheaper than voting machines, and impossible to hack.