New Bill Could Finally Get Rid of Paperless Voting Machines

An anonymous reader quotes a report from Ars Technica: A bipartisan group of six senators has introduced legislation that would take a huge step toward securing elections in the United States. Called the Secure Elections Act, the bill aims to eliminate insecure paperless voting machines from American elections while promoting routine audits that would dramatically reduce the danger of interference from foreign governments. "With the 2018 elections just around the corner, Russia will be back to interfere again," said co-sponsor Sen. Kamala Harris (D-Calif.). So a group of senators led by James Lankford (R-Okla.) wants to shore up the security of American voting systems ahead of the 2018 and 2020 elections. And the senators have focused on two major changes that have broad support from voting security experts.

The first objective is to get rid of paperless electronic voting machines. Computer scientists have been warning for more than a decade that these machines are vulnerable to hacking and can't be meaningfully audited. States have begun moving away from paperless systems, but budget constraints have forced some to continue relying on insecure paperless equipment. The Secure Elections Act would give states grants specifically earmarked for replacing these systems with more secure systems that use voter-verified paper ballots. The legislation's second big idea is to encourage states to perform routine post-election audits based on modern statistical techniques. Many states today only conduct recounts in the event of very close election outcomes. And these recounts involve counting a fixed percentage of ballots. That often leads to either counting way too many ballots (wasting taxpayer money) or too few (failing to fully verify the election outcome). The Lankford bill would encourage states to adopt more statistically sophisticated procedures to count as many ballots as needed to verify an election result was correct -- and no more.

ballot images

[phantomfive]

Ballot images should exist, too.

Re:ballot images

[ctilsie242]

David Chaum has some excellent work on auditable voting systems, with excellent trails of proof. However, it doesn't seem that municipalities really care, as opposed to buying what the lowest bidder has to offer.

Re:ballot images

Ballot images should exist, too

Hhhm. I've been on black box voting's mailing list for over a decade. But I'm not so sure I like the idea of ballot images. For a couple of reasons:

1) If they have serial numbers, it threatens ballot secrecy because you can sell (or be extorted) your vote and then prove it by providing the serial number.
2) If they don't have serial numbers, you can still write something on the ballot to make it identifiable as your vote.
3) If the serial numbers are consecutive its likely that someone could de-anonymize votes given access to other data (like smartphone location data showing who was at the polls at certain times).

Every choice in system design is a trade-off, but BBV seems to be a little naive to the risks here since ballot images are theoretically public documents and they are explicitly advocating crowd-sourcing their verification.

Re:ballot images

[phantomfive]

The main things to guard against are:
1) Don't make the images individually identifiable
2) Don't consider the images to be authoritative. The paper is still authoritative.

Re:ballot images

Paper has been the de facto source of verification of authenticity

No. You fundamentally misunderstand the role of paper ballots in modern elections.
It is the overhead of physical paper that makes it the best available deterrence to vote fraud.
The risks of paper ballots are well-known (mainly ballot box stuffing) and we have processes to make that difficult (election observers, distributed nature of polling stations and statistical analysis of vote distributions and counts).

The benefits of electronic ballots don't come anywhere near to making up for the increased risk of fraud. All it takes is one unpatched bug and an entire election can be hacked at the press of a button. There is no equivalent failure mode for paper ballots precisely because of all the overhead.

Elections are not a common event, thus the benefits of electronic voting are small compared to the increased risks. We can afford the relatively small cost of the overhead of paper ballots in exchange for the immensely more valuable protection of election integrity.

Voter ID

[JackieBrown]

As long as they are talking about making voting more secure, they should add into the bill voter ID requirements

Re:Voter ID

[jellomizer]

Just as long as the ID requirement is fare to all people of different races and economic standings, and doesn't lead to improper tracking on who voted for whom. Not like many of the GOP ID Laws, which in general try to isolate the poor and groups who wouldn't vote for the GOP. By making getting the ID difficult, expensive, or inconvenient to those votes who may not have the resources to get such ID's

Re:Voter ID

[R3d+M3rcury]

you go to DMV with something like a birth certificate or SS card and you get a voter ID free of charge.

What if they close the DMV offices around you? So you have to travel 40 miles to the nearest DMV office to get a Voter ID, what's the big deal? You don't have a car? Can't afford one? And there's no way to get there by bus or you'd have to take an entire day off from work to do it?

Re:Voter ID

[arth1]

FWIU, you go to DMV with something like a birth certificate or SS card and you get a voter ID free of charge. What's the problem?

How do you get to the DMV if you live 30 miles away from the closest one, and have to work two jobs just to put food on the table?
And if you don't have a birth certificate or SS card, what then? A trip to the social security office with two witnesses, if both you and them have the time and the resources?

This is discriminatory, and is intendedt to be so. It's not about what's fair, it's about getting more votes for your candidate by any legal means.

Re:Voter ID

[arth1]

And it should be apparent that the problem isn't overvoting anhow, but undervoting. That's the problem that should get priority.

Re:Voter ID

[Ol+Olsoc]

As long as they are talking about making voting more secure, they should add into the bill voter ID requirements

Absolutely, but a particular group always tries to bring that up right before elections. This ends up becoming a dogwhistle to make certain that the faithful get out to vote.

The fix for this is very simple. When you register to vote, you get a photo ID taken, and a card issued. If you are already registered you get one the next time you vote. And in addition to the photo id, it goes into a database that you have the id. If you cannot find your ID, your drivers license wil be cross referenced with aanother form, such as Driver's license, oyu ar eissued a new ID, and you can vote.

Then it is phased in over a couple election cycles.

Then along with the ID, you cannot be denied the ability to vote - indeed keeping a person from voting should be a third degree felony for the polling place manager(s) Give them an incentive for promotion of enfranchisement. Lines with a wait time longer than an hour will be a misdemeanor, and must be addressed by a new group of poll workers and a solution. As well, the Voter should get a confirmation that their vote has been counted.

Any problems with that? Disenfranchisement as a felony will probably be the one most people doen't like. But some groups like issuing felonies, so maybe that's a win win?

Now the interesting thing is that I am holding in my fat little hand, a voting ID card. Seems they already exist. Standing by to hear why my proposal won't work.

Re:Voter ID

[beelsebob]

Why on earth would an ID be required? It's a needless extra complication for no good reason. You send out the voting cards to all registered voters, they show up at the polls, you score them off the list as they receive their ballot. Done. Everyone is identified, no one needs to get expensive, or complex to get ID cards.

IDs don't make voting any more secure, they only make it harder to vote.

Re:Voter ID

[penandpaper]

How do you get to the DMV if you live 30 miles away from the closest one, and have to work two jobs just to put food on the table?

Same way you get to the polling station?

if you don't have a birth certificate or SS card, what then?

I am not sure. What do we do if someone can't prove they have a legal right to vote which is what I thought the point of a voter ID was supposed to address?

This is discriminatory, and is intendedt to be so.

HOW?!?! I don't understand. They can get to the polling station but not the DMV (as an example, I am sure they can get the ID in other government facilities that the law would spell out. Hell allow over the phone or by mail to solve that problem). They can't prove they have a legal right to vote but they can still vote but it's discrimination if you ask for proof of who you are?

There are 12.5 million illegal immigrants in the US. In California, they are given a drivers license which is enough to be able to vote. How many votes swung the last election? Clinton had 3 million more but actual swing votes? 60,000 maybe in key districts? Do you think maybe that could have an influence on our election, more so than spurious anonymous sourced Russian meddling?

Re:Voter ID

[EndlessNameless]

Do you live in the US? There are far more polling stations than DMVs.

My nearest DMV is the next town over, and it shared between three cities. I pass 4-5 polling places on my way there, and that's the most direct route.

My polling place is about a mile away---I could easily walk over there to vote. And I didn't count it as being on the way to the DMV because it's down a side road that I wouldn't take.

Re:Voter ID

[EndlessNameless]

There are 12.5 million illegal immigrants in the US. In California, they are given a drivers license which is enough to be able to vote.

Calling bullshit right there. You have to be a citizen before you can register to vote. A driver's license doesn't get you on the voter rolls.

I know this may be confusing, but you can do two different things at one place. The DMV can both issue licenses and register voters---and they can have different rules for each thing. Amazing, right?

Anyway, if you think I'm as full of bullshit as you are, feel free to read it yourself:

http://www.sos.ca.gov/election...

Re:Voter ID

[kqs]

If I can paraphrase your argument:

    * About 600K people die of cancer each year
    * Only a few thousand die of certain other diseases.
    * Therefore, until we can prove that another disease kills more people than cancer, then we should not try to fix any other disease.

Counter-argument: we are complicated people. We can work on more than one issue at a time.

Second counter-argument: if people chose not to vote, that is their right. I assume that you don't want to take that right away from them. But if they should be able to vote but cannot, then you ARE taking their right away from them, which seems a rather higher priority problem to fix.

Re:Voter ID

[arth1]

The left opposes voter ID laws simply because they depend on ineligible voters to be competitive in national elections. It's that simple. It's why they challenge in court and in the media any attempt to cleaning up voter rolls or any other measure that would limit their ability to bus illegal voters in to swing elections.

Except that all investigations into this show that citizens being prevented from voting occurs orders of magnitude more than illegal voting. There's absolutely no evidence of "bus[ing] illegal voters" has ever occurred, but plenty of evidence of citizens being blocked from voting. The two problems are not even in the same ballpark.

No, you know perfectly well that the purpose of stricter voting regulation is to block more potentially democrats from voting. Plain and simple. Claiming otherwise is disingenuous.

Re: Voter ID

[prefec2]

I am baffled by the fact that there is no general ID in the US which is compulsory. In countries like Germany you have a general ID and you have to specify your permanent residence (your state contact address). Through this you are automatically registered to vote and get all voting materials necessary to that address. You also pay your taxes there. The information is used for all elections town hall to national parliament and of course EU parliament. And you can forbid the state to give away your data to third parties.

So the they hack the tabulator instead ;)

[brainchill]

People should realize that the vote tabulators for paper ballots are still ancient computers with very little oversight too.

Re:So the they hack the tabulator instead ;)

[acoustix]

But doesn't that require them to be onsite as opposed to "hacking" an election from tens, hundreds or thousands of miles away?

I'm a fan of the scantron sheets myself. They're easy to use, and I get to make sure my ballot is cast when I insert it to the reader. It also provides for easy recounting as well. It's not perfect, but it will do.

Re:So the they hack the tabulator instead ;)

[JohnFen]

Yes, that's still a point of potential failure. But at least paper ballots reduce the number of points of potential failure.

Re:So the they hack the tabulator instead ;)

[Green+Mountain+Bot]

Which is why it's important to keep the paper. Then you can have people verify the count under supervision.

Re:So the they hack the tabulator instead ;)

[CanHasDIY]

The machines at the bank that count cash are based on 100-year-old technology, but the financial industry still relies on them heavily, because they just fucking work.

I like paper ballot

[oldgraybeard]

We have paper ballots and unconnected standalone tabulators. The more tech, the more chance for issues, problems, etc.

Tighter voter ID would also be on my list for Voter Roll integrity. I am amazed when people just laugh about the number of dead individuals still voting ;)

Re:I like paper ballot

[hey!]

I'm convinced that of the great advantages of voting machines is that you can manipulate an election without rigging the count. You just rig the wait times.

I've been voting for almost 40 years now on optically scanned paper ballots, and I have never had to wait more than five minutes, even in the most hotly contested elections they just throw up another row of cheap, pop-up voting booths. And there's never any machine glitches to deal with either.

When I read about places where people wait for hours to vote, I wonder how it is possible to spend so much money on computerizing a process, only to make it much, much slower and more cumbersome -- unless it was somehow intentional.

Re:I like paper ballot

[ghoul]

There is a very simple way to do this. Have an electronic voting machine with a paper printout. Voter votes, prints out his ballot and puts it into the ballot box. When counting the electronic count is used but with 10% of the paper votes counted by hand to verify the counts are good. If the counts dont match up statistically or the election is close the backup paper ballots get counted by hand. You get speed and you get accuracy. You have a national level organization standardize the machine format to be used by all local authorities. Heck in India there is a National Election Commission whose only job is to conduct elections. They are pretty multipartisan as their terms overlap across elections and every party which comes to power gets to put its appointees on the commission but that would never work in US as the US distrusts federal solutions.

Re:I like paper ballot

[hey!]

Alright, name one documented instance where a busload of dead voters cast fraudulent votes.

For that matter if this is some kind of voter conspiracy, why wait for the last second? Poll workers are not detectives, they don't exercise judgment; they simply go by their voter registration lists. Either you're on the list and can vote, or you've been purged and have to cast a provisional ballot. Showing up with a mob of impersonating buddies at the last minute doesn't affect that one way or the other.

The reason people show up at the end of the day is they have jobs.

Re:I like paper ballot

[rahvin112]

"Dead people" vote all the time if you count the dead people after the vote. 40 some odd people die every second in the US. Thousands will die after voting before any kind of accounting. Every time a politician has trotted out a list of dead people that voted, when verified it turned out the list was compromised of two things, people who died after voting, and people with the same name as someone that died.

Dead people don't vote, but they certainly die after voting. Thousands will die in the day after a vote, many more will share the names of the people died. Every list of "dead people that voted" is comprised of both. Anyone citing this as some actual thing that happens all the time is just repeating propaganda they hear on TV and doesn't have any idea how it happens.

Re:Sounds like reversion.

[Nkwe]

This is such a knee-jerk reaction from people who don't understand tech. Why not simply.. 1/ Stop the ability for having physical access to the inner computer, NO USB ports, no wifi, Ethernet module inside the case so you only have one cable trailing (POE) - or two if AC is required to power a small touch screen (really?), go all Apple with custom torque screw drives and lots of them to open these machines. 2/ No internet access for these devices or the server ever, voter lists are loaded into an onsite server which provides DHCP for the voting machines (anything with an incorrect MAC address gets dropped on to a blackhole VLAN).

If I've missed anything...

You have missed the point that the people that operate elections in the field rarely understand tech. It is very common for volunteers who have no knowledge of computers to be election officials. Because of this you cannot rely on a secure configuration at the polling places. Using technology to assist the voter in generating a machine (and human) readable anonymous paper ballot and then using technology to tabulate that same ballot is the way to go. Actually vote by mail is the way to go, but that is a different discussion...

No they shouldn't

[rsilvergun]

It's a defacto poll tax combined with voter suppression. Anywhere it's been implemented it's instantly become expensive and difficult to obtain the necessary Id. It's a trick by your friendly neighborhood aristocracy to give you the illusion of Democracy without all the nastiness of the 'wrong' people voting.

Re:No they shouldn't

[ghoul]

I feel the electronic voting machines should have a few questions on the constitution and civics and only after you answer them correctly should you be shown the screen which allows you to vote. Too many people who have no idea of what democracy means vote hence making the whole exercise a farce where the one with the most TV time (and by extension the most corporate lobbies) wins because most people dont know what they are voting for.
The questions can be pulled from a rotating questionbank so no 2 people get the same 5 questions and if some party is willing to educate their voters on the right answers to all 5000 questions well now you have an informed voter.

Re:No they shouldn't

[Ichijo]

Also remove every "(R)" and "(D)" from the ballot. Let's not make it quite so easy for people to vote along party lines.

Re:No they shouldn't

[rickb928]

" then you stack the courts with your people at record pace."

Bill Clinton appointed 2 Supreme Court Justices, 66 Federal Appeals Court Judges including 14 to the Ninth and 10 to the Second, and 305 Federal District Court judges.

Obama's record is similar. So is George W Bush's. HW served only one term, but had confirmed a commensurate number of judges.

So far, Trump has appointed and had confirmed one Supreme Court Justice, 12 Federal Court of Appeals Judges, and 6 Federal District Court Judges. He is on pace, given two terms, and assuming the Senate approves ALL his nominees, to appoint perhaps a total of 2 Supreme Court Justices, 38+ Court of Appeals Judges, and 50+ Federal District Court Judges. To match Clinton;s pace, he will need to double his Appeals Court nominees and more than quadruple his District Court nominees. And get a relatively unfriendly Senate to go along.

Compared to Bill Clinton, he's not keeping up at all. Obama's record, slightly lower than Clinton's, is also daunting.

Packing the courts is not an exclusively Republican endeavor, and claims that Trump is more active and successful than recent Republican Presidents is yet unwarranted and unsubstantiated. In fact, Presidents since Reagan have had relatively consistent numbers of judges confirmed, with Carter an exception. Of course, Trump's term is still young. Who knows, he may yet come close to matching his predecessors.

Re:No they shouldn't

[CanHasDIY]

Also remove every "(R)" and "(D)" from the ballot

That is truly brilliant, as outside Presidential elections, most people probably don't actually know the candidates names.

Re:No they shouldn't

[Solandri]

If that's what you believe, then you'd better start condemning Canada, Germany, the Netherlands, Norway, Switzerland, the UK and ironically Mexico for succumbing to this insipid takeover by the aristocracy via voter ID cards.

If we applied to other programs the same standard opponents of voter ID cards use (it was abused in the past, so it must never be implemented), we'd have to eliminate pretty much every government program in existence including social security, medicare, food stamps, public housing, unemployment insurance. Such an uncompromising position ("anywhere it's been implemented") is nothing more than playing the race card.

Re:No they shouldn't

[shilly]

1. The UK has a pretty torrid relationship with voter ID requirements, and it's absolutely no fucking surprise whatsoever that the current bunch of right wing Tory cunts are busy doing a pound-shop imitation of the Republicans in relation to gerrymandering, introduction of voter ID requirements, changes to registration requirements for students, moves from household to individual registration etc etc. They know that discouraging the young and poor from voting is central to their success.
2. There's only one country in the world that pulls a stunt like requiring voters to get ID from a DMV centre and then shutting down the majority of the centres that serve poor people. Everywhere else has the decency not to behave like absolute cunts, but not the people in charge of voting in various US states.

Re: No they shouldn't

[prefec2]

It would be better to have compulsory ID which anyone must have which includes specifying a contact address. If you are poor you obviously do not need to pay anything for the ID. However, I have heard in the USA such IDs are not compulsory and you do not get registered automatically which in turn complicates things for people who do not use an ID in their daily live which are poor people.

Re:No they shouldn't

[Ichijo]

Removing the D's and R's will exacerbate long lines at a polling places and discourage voting.

Long lines at polling places are a sign that more polling booths are needed. Let's not try to rush people through them like sheep.

Re:No they shouldn't

[JackieBrown]

Do I need an ID to purchase a gun?

Scantron is fast, but not reliable

[raymorris]

At my last job exam scores were calculated with Scantron machines. Though the Scantron was faster than grading by hand, it is unreliable, so every sheet had to be double-checked by a human. The people had to correct the Scantron results rather often.

One Scantron machine was noticeably less reliable than another; perhaps some maintenance, aligning and cleaning it, makes a big difference.

Re:Scantron is fast, but not reliable

[habig]

At my last job exam scores were calculated with Scantron machines. Though the Scantron was faster than grading by hand, it is unreliable, so every sheet had to be double-checked by a human. The people had to correct the Scantron results rather often.

Really? When teaching large intro courses, I have to resort to scantron grading or go mad. Not an ideal way to do tests, but sufficient for freshman survey courses.

Anyway - I have never had a student come to me and say "this question right here - the scantron got it wrong." And believe you me, if it had ever happened, I'd hear about it several femtoseconds after the student got their grades back. So, after untold tens of thousands of bubbles filled in by my students over the years, not one error that I know about. That's pretty reliable. Maybe my university uses special ultra-premium hardware. (probably not).

Not counting the occasional instruction-ally challenged person who ignores the "#2 pencil" thing and uses pen. I have no idea why computers are blind to ink. Mental note - when Skynet takes over, smear ink on yourself to evade the hunter-killer robots.

Good start

[rsilvergun]

now end Gerrymandering and repeal Citizen's United with a few well targeted laws and maybe we can talk about America being a Democracy.

We need this ...

[CaptainDork]

... and USPS, and landlines, and fax, and credit card imprinters.

Re:the less human involvement in counting the bett

[JohnFen]

I don't see how having people manually count ballots could possibly be more reliable than having it done by a machine.

It makes election tampering more difficult to pull off.

Re:the less human involvement in counting the bett

[Sarten-X]

Ehhh......

In the interest of understanding, you should know a bit of my background: I used to build robots, and these days I do a lot of work automating manual processes.

I see it as a mixed bag. On the one hand, a manual recount is more error-prone on the surface, but it's also less error-prone in that a manual review can account for more inconsistency. Where a smudge on the paper might confuse an optical reader, a human would have no problem determining the correct result. Yes, that can be resolved with high-end visual sensors (essentially cameras), but those single-purpose devices are also far more expensive than a human's time. Using statistical analysis also means that the one vote wouldn't matter, but such a situation could be problematic if, say, paper ballots were stored incorrectly.

Having humans involved also drastically reduce the attack surface if interference is considered a viable threat. Having a farm of 500 vote-counting machines means one attack can be repeated 500 times with expected success. Having 1000 humans means that 1000 individual corrupting attacks must be executed, and there's just a slim chance they'll succeed... and a good chance they'll alert authorities. As a check to validate a machine-generated initial count, humans are certainly a safer option.

As with any system, defense in depth is the best option. We expect the machines will handle the initial count correctly, but it needs to be verified by the humans. We expect they'll handle the recount properly, but to ensure the correct methodology, the statistical parameters are being prescribed by law, open to public review and criticism. To ensure the law matches society's expectations, we have the democratic process allowing new representatives to revise the law as needed.

No, it isn't perfect, but it's the best the world has to offer.

paper checking

[supernova87a]

I recall a few years ago (maybe 10 years?) during the GWB election, that there was an elegant proposal by voting researchers on how giving each voter someone else's anonymized receipt / code to check online via a website later was a very simple method that could audit the results with just a few % of people doing the checking. And people checking get the satisfaction of being part of the system, and/or maybe being rewarded if they find a mistake.

Does anyone else recall this method?

It sounds kind of like the method in China where, to help ensure that people ask for sales receipts and make everyone pay tax -- by looking afterwards for their receipt being a winning lottery ticket on the national website.

Re:paper checking

[swillden]

Does anyone else recall this method?

10 years ago it was probably Punchscan. It's been improved significantly since than, simplified and streamlined, but with even better auditing, and renamed. The current version is Scantegrity II.

I post a link to it on pretty much every slashdot article about voting. Mostly it's ignored amid heated discussions of peripheral issues and lots of curmudgeons who say all you need is black X on a piece of paper and a horde of volunteers to count 'em up. (I'll note that the curmudgeons aren't wrong, exactly, but application of some more modern ideas can significantly improve the process.) I also usually get one or two replies that boldly assert that there's no way voters can use receipts to verify that their ballots are counted correctly without also being able to prove to a third party how they voted, thus enabling vote buying and coercion. I agree that it is counterintuitive, but so are lots of ideas in cryptography and mathematics.

Re:Only half the problem. Need stronger voter ID'i

[Eldaar]

It's not that requiring IDs in and of itself is somehow racist. It's that minorities (as well as students and the elderly) are the least likely to have ID that meets the requirements of the law.

So if you don't currently have valid ID, you obviously need to get a new one. And since that costs money, requiring it is akin to a poll tax.

As a result, a federal court ordered Wisconsin to offer IDs for free at the DMV (https://www.nytimes.com/2017/09/25/us/wisconsin-voters.html). However, this has not been implemented very smoothly (https://www.reuters.com/article/us-wisconsin-voter-id/wisconsin-official-told-dmv-not-to-push-free-voter-id-cards-idUSTRE78713P20110908).

You could argue that the requirement of an ID is still ok, Wisconsin just did a poor job of implementing it. But really, you've just created an ADDITIONAL barrier to voting (in addition to getting time off work/waiting in a line/registering to vote).

The thing is, the whole voter ID movement is a solution in search of a problem (http://www.nytimes.com/2007/04/12/washington/12fraud.html). There has never been evidence of voter fraud at any meaningful scale, and there is little reason to believe people would risk getting caught given the small benefit an extra vote would offer. However, as noted in one of the articles above, voter ID helps increase turnout among those who have proper ID, and decrease turnout among those who are less likely to have it to begin with (people who tend to vote Democratic). There are conservatives on record expressing their preference for lower voter turnout (https://www.youtube.com/watch?v=8GBAsFwPglw) and we're seeing them get their way.

Paper Ballots

[DodgeRules]

I love paper ballots. Now let's make better readers. Suggestions for different designs:

1. Standalone reader that can be placed such that the exit of reader #1 can be placed next to the entrance of reader #2 (etc...) for immediate recount during elections.

2. Standalone reader that has 3 scanner heads. All 3 heads must read each ballot the same to exit to the verified bin. Any differences and the ballot is kicked back out the entrance to be attempted again. Voter is confident that if the ballot is accepted, the votes have been properly counted.

Any suggestions for secure ways to transfer vote totals from polling locations to state election headquarters?

Re:Paper Ballots

[swillden]

There is a better solution to the auditability you seek: Scantegrity II. End-to-end verifiability, including the ability for any person or organization to verify the final tally, and for any voter to verify that their vote was correctly included in the tally, but without enabling the voter to prove how they voted to any third party (to avoid enabling vote buying and coercion).

Re:Only half the problem. Need stronger voter ID'i

[Green+Mountain+Bot]

For fuck's sake. The amount of personal effort involved in voting illegally so far outweighs the potential personal benefit that this is a waste of time that creates more of a problem than it solves. In person voter fraud is next to non-existent. But voter ID laws depress turnout, and typically are implemented in a way that disproportionately affects minorities and the elderly.

Re:Sounds like reversion.

[Sarten-X]

Ooo! I love these games!

1/ Stop the ability for having physical access to the inner computer, NO USB ports, no wifi, Ethernet module

Put a vampire tap on the Ethernet cable.

inside the case so you only have one cable trailing (POE) - or two if AC is required to power a small touch screen (really?)

I don't recall the details, but there are some attacks perpetrated by modulating power, essentially causing transistors to behave erratically, with a variety of effects.

go all Apple with custom torque screw drives and lots of them to open these machines.

Just like the TSA keys, right? The ones that can be easily fabricated and bought now that pictures of them were published in a news article?

2/ No internet access for these devices or the server ever, voter lists are loaded into an onsite server

...So I can hack the onsite server, or impersonate it.

which provides DHCP for the voting machines

DHCP is a broadcast-based protocol, though, so I can drop in my own server that will respond to requests with my own configuration.

(anything with an incorrect MAC address gets dropped on to a blackhole VLAN).

I first listen for an existing MAC address on the cable I've tapped, then spoof it.

If I've missed anything...

Yeah, you missed a few things. The main one is that you're thinking about how to lock down a system, rather than attack it. To use an analogy, you're putting a deadbolt on your front door while leaving the windows open.

Assume that every component of your system will be under attack. Not just the ballot counts, but the names listed, the user interface, and the infrastructure. Assume that it will be under attack at all times: In manufacture, storage, shipping, and during the election itself. Assume that your adversary has technology you don't, and will break anything that isn't proven to be impossible. Finally, assume that any knowable results of an individual's vote will be used to coerce or intimidate the voters.

Cost

[michael_cain]

The big question is, "Congress might mandate it, but are they willing to pay for it?" In most states the cost of the voting equipment falls on the counties. Any that bought voting equipment in the last decade are going to fight tooth and nail against having to replace it. I have a friend who works in the electronic voting machine business; she tells me that they're still doing repair work on 20-year-old machines because of counties who don't have the money to replace them.

Re:Good idea

[JohnFen]

There is nothing really wrong with electronic voting systems that wasn't wrong with the old mechanical ones, punch cards or even the old paper ballots.

Well, the punch cards were always a terrible idea and remain so. And you're right that there is no perfectly secure method. That said, there are two things that make the electronic systems worse: they're easier to subvert (more points of potential failure), and if subverted, it's easier to make it unnoticeable and/or impossible to prove tampering.

Re:Sounds like reversion.

[shilly]

Why should I, as a voter, trust that the company that makes these machines has not been subverted in some way? The problem with all electronic voting is that it can be subverted and no-one will ever know. There is no alternative audit record that can prove or disprove the fraud.

Re:Only half the problem. Need stronger voter ID'i

[HornWumpus]

We should just follow UN best practices.

Which call for voter registration, picture ID, thumb marking, paper ballots, see through ballot boxes and immediate public counting.

It literally has all been worked out. But, for some reason, we're special.

PR + Transparency

[mx+b]

Usually the district maps are drawn by bi-partisan groups and are routinely tested in the courts to make sure they are fair. What kind of rules do you think we need here that we don't already have?

That is definitely not the case in most states. In Pennsylvania, there is an ongoing court case that was recently taken up by the state Supreme Court that challenges the gerrymandered maps drawn by state Republicans using partisan voter data. Currently the state legislature simply approves the map, so the dominant party effectively gets to choose the map, and can of course make sure it is a favorable one.

Independent redistricting groups are a step in the right direction, but your word of "bi-partisan" shows the flaw in that system too. We don't want "bi-partisan" where the two major parties begrudgingly agree on a map that has "equal amounts" of gerrymandering. They're basically just dividing us up into gang turf at that point, "You take this district, and I'll take this district". We do NOT want that. We want NON-PARTISAN elections that are completely out of the hands of any party's decisions.

The way you do that is with Proportional Representation. We each elect a representative from a choice of all candidates -- no partisan primaries that get to tell us who to vote for -- and use a proportional ranked choice algorithm to determine the winners. The beauty of this system is that it works best when there's lots of choices, so you can at least establish a small number of static "super-districts" that don't need to be redrawn if not completely do away with districts in their entirety. This means our election process is no longer controlled by any party and is fair to all candidates of any party or even independent candidates, and therefore may the best candidate win according to voter interests.

Citizen's United seems like a good decision that upheld the 1st amendment to me. I don't think you can restrict companies and non-profits from making political donations or doing political activities w/o restricting free speech in the process. Maybe we can just require that funding of political activity can proceed with out any limits as long as the source of funding is 100% disclosed and must be 100% from USA sources? Seems to me that the issue isn't the amount of money, but that people may not be aware of the source of the funding. Full timely disclosure of who's donating what to whom would fix that.

Companies and non-profits are not people, they are not living breathing entities. They don't have thoughts, feelings, opinions, they can't serve jail time when they do something wrong. They are completely legal constructs, and as such should not have any rights under the Constitution.

The owners and investors of any company or organization have ALWAYS been completely free to donate to campaigns as individuals. They've never been restricted in that sense. The organization can even issue a statement of endorsement and encourage its members to donate to a particular candidate or party as individuals, that's not been restricted either. At least not in general, there's some basic rules like you can't donate to federal campaigns if you work for the federal government, etc., but for the most part there are no restrictions other than a limit on the donation amount. So this idea that organizations being able to contribute money as "free speech" is a completely invalid argument. They've always had "free speech" with their own personal money as individuals.

What those business owners and investors discovered is that they can use their organizations and businesses as shells to HIDE what they are doing. They can move around lots of money, they can claim tax breaks out on certain expenses. If they donate as individuals, their names are attached to the donation (as it should be transparent!), but then of course if you are a rich Republican or a rich Democrat you might turn off voters if they know you're supporting a candidate. So instead, you donate y

"Computer Glitch"

[johnsie]

Just last month they were counting the votes in the Honduras presidential election. The sitting president tried to get a second term (despite a constitutional one term limit). While the vote was being counted it was announced the he was losing the election. Then all of a sudden there was a "computer glitch" and a pause in the counting. In the end it took more than two weeks for the votes to be counted. Of course he won. The Organisation of American States said there were irregularities and that there should be a new election. The US on the other hand congratulated his win and turned a blind eye to the irregularities and the 'minor' constitutional thing. A few days later Honduras was one of the 9 countries who voted in favour of of USA having it's embassy in Jerusalem. It's amazing what can happen when you use an electronic voting system.