36 of 50 States Have Installed Sensors at 'Elections Infrastructure Level' To Monitor Computer Systems Managing Voter Data or Devices

A majority of U.S. states has adopted technology that allows the federal government to see inside state computer systems managing voter data or voting devices in order to root out hackers. From a report: Two years after Russian hackers breached voter registration databases in Illinois and Arizona, most states have begun using the government-approved equipment, according to three sources with knowledge of the deployment. Voter registration databases are used to verify the identity of voters when they visit polling stations. The rapid adoption of the so-called Albert sensors, a $5,000 piece of hardware developed by the Center for Internet Security www.cisecurity.org, illustrates the broad concern shared by state government officials ahead of the 2018 midterm elections, government cybersecurity experts told Reuters. [...] As of August 7, 36 of 50 states had installed Albert at the "elections infrastructure level," according to a Department of Homeland Security official. The official said that 74 individual sensors across 38 counties and other local government offices have been installed. Only 14 such sensors were installed before the U.S. presidential election in 2016.

Not good enough.

[bluefoxlucid]

You're trying to install a security product inside a vulnerable system to detect compromise. Not good enough. Integrity must be non-repudiated.

Voting infrastructure is harder than voting machines. Paper voting is notoriously vulnerable to corrupt officials; paper audit trails are manipulable and have been used to identify voters and their votes; electronic voting machines can be proven non-tampered, and the votes proven non-tampered. The voting infrastructure, though? That's centralized, and prone to all sorts of attacks--not just computer hacking, but insider threat and social engineering.

Your best protection against infrastructure attacks is same-day registration and same-day party affiliation re-registration.

Re:Not good enough.

[Archangel+Michael]

Paper Voting is subject to corrupt officials, but generally hard to hack wide scale. Further, voting irregularities are easier to spot. And verification of vote tallies are easy.

With Electronic hacking, there is no way to verify vote tallies that have been tampered with at the machine level. And since those machines are electronically connected it is much easier for ONE hacker to affect a large range of voting tabulations, perhaps enough to change the outcome of state and national elections.

Paper Ballots are the worst of all voting methods, except all the others.

Re:Not good enough.

[Archangel+Michael]

https://www.pbs.org/newshour/n...

Re:Not good enough.

WTF? Not sure what to make of this. Paper trails are the most reliable way to ensure integrity of the vote. Corrupting a single paper trail is quite easy; corrupting them en masse is phenomenally difficult.

The idea that electronic voting machines can be proven to be "non-tampered" is laughable - I am now sure you are a troll. Yes there are some schemes that are voter-verifiable. As far as I know, none of the provably-verifiable schemes have ever been implemented in practice.

Re:Not good enough.

[bluefoxlucid]

Paper Voting is subject to corrupt officials, but generally hard to hack wide scale. Further, voting irregularities are easier to spot. And verification of vote tallies are easy.

It's in general difficult to manipulate, yes; although rampant manipulation has been a problem in the past, and continues today with ballot boxes being lost and found frequently.

there is no way to verify vote tallies that have been tampered with at the machine level

You can make it impossible to hide such tampering. I have described how.

since those machines are electronically connected it is much easier for ONE hacker to affect a large range of voting tabulations

There is no radio in an electronic voting machine or electronic ballot box. These are not plugged into any network. If they are, you have zero integrity.

The software must be verified in a non-repudiated method, such that the exact image on these machines is public and can be verified and tested forever. At poll open, the software actually on the machine must be known and exposed--not the software proposed, but the software actually loaded onto the machine. This is non-repudiated: once the public has looked, you cannot go back and change things before they find the dirty part. It's simply impossible.

Re:Not good enough.

[oh_my_080980980]

How do you lose a voting machine.....

Re:Not good enough.

[lgw]

Paper voting has its flaws, but even in famously corrupt counties I'm familiar with (cough) Cuyahoga (cough), there's so many bipartisan sign-offs that it'd take quite a conspiracy to throw an election. (They just buy them, instead)

It's notoriously frequent in tight races for new boxes of ballots to be "discovered in the trunk of a car" after counting begins in a tight race. You'd almost expect "trunk-mounted ballot printers" to be on sale on Amazon.

Sure, we don't see people getting re-elected with "100% of the vote, and 100% voter turnout" Saddam Hussein style (though IIRC Obama got 105% of the vote in Detroit), or other corruption on that scale, but in tight races where you only need a few hundred ballots to be "discovered"? Paper ballots are far from perfect.

Re:Not good enough.

[bluefoxlucid]

I'd imagine you could do that, too; although most of the time people just find ballot boxes (Note: Daily Kos is very liberal and kind of crazy, hurls accusations of malice without hesitation), additional ballots, or whatnot.

It's a really damned old problem.

Re:Not good enough.

Paper ballots are fine as long as the general public has the right to watch the counting process. After all the whining from the GOP the current vote counts here in King County are done in a sort of fish bowl where people can watch from all angles. And surprisingly, there still isn't any voter or election fraud going on same as before the new building was built, Just a bit less whining about alleged fraud preventing them from winning without sufficient support.

Re:Not good enough.

And surprisingly, there still isn't any voter or election fraud going on same as before the new building was built, Just a bit less whining about alleged fraud preventing them from winning without sufficient support.

The claim about Mexicans being bussed in to vote was not really credible to begin with.
Unregistered voters are not allowed to vote and unless you are a legal resident you are not going to be registered.
The thing is, even if the claim was true it wouldn't be caught by counting the votes better.

The election frauds that has happened is typically in the other direction where you get rid of undesired votes rather than adding favorable ones.
A bunch of people were prevented from voting for bullshit reasons. Typically claims that they were still registered in another state despite having voted in several elections previously.
Then there is the whole Georgia issue
While it wouldn't be popular, the only way to get a legitimate result out of Georgia now would be a reelection just to get a record that hasn't been tampered with.

My prediction:

[Narcocide]

This will just become the next attack vector hackers use to compromise the systems.

Re:My prediction:

[bobbied]

This will just become the next attack vector hackers use to compromise the systems.

Next? Um, that would be the FIRST one used to do this.

Where we have demonstrated a lot of hacks are possible on such systems, extremely few (as in I don't remember one) has actually happened during an election where it was suspected that the votes counts where altered.

There has been provable vote fraud, but not electronic voting machine hacks of any import.

Re:My prediction:

[lgw]

This will just become the next attack vector hackers use to compromise the systems.

Attackers? Compromise?

How about this way of describing the system: "Republicans install software on all voting machines in Republican-controlled state to ensure that the election results are correct". Or Democrats, of course, if they've caught up.

Re:My prediction:

[mi]

This will just become the next attack vector hackers use to compromise the systems.

You are absolutely correct. Instead of subverting many little different computers and/or corrupting a large number of officials, an enemy — be they foreign or domestic — only needs to subvert one system and/or corrupt one man.

Even if this big subversion/corruption is more difficult than any single smaller one, it is still easier, than many of those.

We are on the way from "greater or fewer" invalid results to "all or nothing". And, much as I like the "nothing" part, the "all" scares me much more than the "greater".

Re:My prediction:

[eaglesrule]

From Vendor: All of your organizations logged and network security alert data is compressed, encrypted and sent to the CIS SOC. This allows analysts to review previous network activity and search for specific threats or activity related to newly-released signatures, providing a distinct advantage over traditional security network monitoring services.

More importantly, the TLA foxes will be very concerned and interested about guarding this particular henhouse. To preserve the integrity of our elections, of course.

In the meantime, paper trails work

[Dasher42]

We're installing all of this insecure technology around a vital process of our governance, whereas paper ballots and paper trails work elsewhere. Florida failed to provide a clearly understandable paper ballot in 2000, but when has this electronic voting been a fix?

It's a gravy train for government-connected firms, that's what it is.

The only electronic voting I want is something that can give me a QR code to print a paper ballot I can sign off on, giving me time to research the entirety of the options and speeding time at the booth.

I believe this and approval voting would go a long way towards actually fixing things.

Re:In the meantime, paper trails work

[Aighearach]

In Oregon we vote by mail, and we use paper ballots that are optically scanned by the computer.

They can be re-scanned, they can be hand-recounted, no hanging chad. No booth, but you can hand-deliver your ballot if you want.

Re:In the meantime, paper trails work

[roccomaglio]

Florida did not have a confusing ballot. Each county in Florida has a different ballot. It was Palm Beach County that had a confusing ballot, which is developed by their Democratic Supervisor of Election.

Re:In the meantime, paper trails work

[lgw]

QR code? Why did you just insert a non human-readable step?

What we want is computer-assisted voting. You go to the big touch-screen voting machine with pictures of the candidates faces and whatnot, and when you're done it prints a clearly market ballot. You then review the ballot and cast it into the ballot box.

This is so freaking obvious that I can't ascribe good motives to politicians imposing any other system.

Re:In the meantime, paper trails work

[lgw]

*marked

Re:In the meantime, paper trails work

[eaglesrule]

Also the ballot must be in a sealed envelope that is signed with a signature that matches what is on the voter registration, in order to be accepted.

It's amazing to me that people would stand in long lines on a work day just to get to the polls, and that this somehow isn't disenfranchising.

Re:In the meantime, paper trails work

[q4Fry]

How does Oregon prevent each of the following scenarios:

- Poll worker dislikes your vote and throws it away. (Yes, this is problem for counting paper ballots, too.)
- Poll worker dislikes your vote so much that he or she records your name and address for later retaliation. (This is somewhat less of a problem for paper ballots because by the time they look at the ballot, yours is anonymous.)

Is the solution just to hire honest poll workers, or are there other safeguards?

Re:In the meantime, paper trails work

[eaglesrule]

Observers, both from the public and party representatives, are there to monitor processing of the ballots.

I know there is an issue with the number of ballots that are not in acceptable condition to be read by the machine, and a worker must 'enhance' the ballot or transfer the marked choices to a new one. Observers seem very keen on keeping a close eye on this process as well.

Re:In the meantime, paper trails work

[Aighearach]

1) Each party has a right to observers, and the law requires everything to be done in such a way that the observers can observe.

2) There is an optional "security envelope." The ballot is placed inside the security envelope. Everything inside inside the security envelope is anonymized. That is placed inside the ballot envelope, and signed. Then, when counting the votes, there is a two-step process of first validating the ballots and ballot signatures, then the security envelope moves to step two and can be opened and counted. And they know how many validated ballots are in each bin, so it can be re-counted and everything.

So in your scenario, the poll worker would have to already know you personally, and throw out your ballot just from raw personal malice. But where would they put it? They're surrounded by observers, and if they're claiming there is some problem, they just place it in a "problems" bin and somebody else is actually making the decision. So even then it would be hard. But they never know what your vote was, only what bin it went in.

You could have predicted that those types of entry-level complaints would have been addressed in the details of the law when I said "Oregon" and not "Jerrymanderistan" or whatever those flyover states are called.

Re:In the meantime, paper trails work

[q4Fry]

Thank you (and eaglesrule) for responding. That does, indeed, seem to be a system that is hard to cheat, provided that minority party observers are not mysteriously disqualified. That does happen in some places, although I've never heard of it in Oregon.

You could have predicted that those types of entry-level complaints would have been addressed in the details of the law when I said "Oregon" and not "Jerrymanderistan" or whatever those flyover states are called.

I certainly could have predicted that such details would be accounted for, but rather than read the entire body of election laws, I figured I'd ask a person who conveniently lives there. This being Slashdot, I also could have predicted that someone would mistake my honest questions for insults and resort to tribalism.

whose watching what us govt can do with it?

allows the federal government to see inside state computer systems managing voter data or voting devices in order to root out hackers.

Great but where is the checks to make sure a future govt cannot manipulate it.

Re:whose watching what us govt can do with it?

[Archangel+Michael]

Hell Fucking No!

There is a REASON why elections are managed locally. It is much harder to establish a tyranny if you have to hack 174,252 precincts individually than if you could do so from the Federal Level. A problem at one precinct is bad, but contained. problem at the Federal Level means we have Obama or Trump elected for life.

Re:whose watching what us govt can do with it?

[ElizabethGreene]

Do you really have to compromise a hundred thousand of them? Looking at how close our elections are I'd wager that targeted attacks against 1-2% of those could swing a POTUS election.

Single point of failure

[drew_kime]

Can someone explain how this doesn't introduce a single point of failure? Even a plausible theory?

Re:Single point of failure

[Gilgaron]

Well, let's see... 36 states have implemented it, so you probably have, at minimum, 36 entry points to compromise the whole thing. That's a lot more than a single point!

Re:Single point of failure

[Aighearach]

If they're passive devices, it only introduces a single point of failure if the passivity fails. Bad, but not explainable to average people.

Re:Single point of failure

[ElizabethGreene]

I don't see it as a point of failure; I see it as another attack surface.

The one thing distributed voting systems had going for them was you had to hack a bunch of separate disparate systems. Now you've got one tidy gateway into them. :/

Vote by mail, paper ballots, non-network optical

[WillAffleckUW]

Anything less won't work.

Remember, snapshot and full database rollbacks with query/row match for discrepencies in volatile precincts and counties are key for db comparisons. Random audits.

So it's just a performance monitor then?

[Mnemennth]

For our corrupt government to confirm the effectiveness of the hacking they've been doing to all the computer voting machines since they were rolled out?

Wake up. "Russia hacking our elections" was done at the invitation of our corrupt Congress, to allow them the scapegoat they DIDN'T HAVE around the Diebold controversy.

Just as in the years leading up to the market crash and great depression a century ago, it doesn't matter who votes or who they vote for; what matters is WHO COUNTS THE VOTES.

mnem
Smoke & mirrors... always smoke & mirrors.

Won't help

~44 ex-cia people are running as democrats for office now.

They're just moving the cheating this time.

Re:Vote by mail, paper ballots, non-network optica

[bobbied]

Anything less won't work.

Remember, snapshot and full database rollbacks with query/row match for discrepencies in volatile precincts and counties are key for db comparisons. Random audits.

Even then, the issue is counting votes and then securing from alteration the materials upon which the votes are recorded so they can be counted again and again when desired.

Re:Perfect for those worried about foreign influen

[bobbied]

Great, now when the Republics clean house during the midterms, no one can complain that the election was "hacked". Everyone can finally be happy and content with the results.

It doesn't matter who wins, half the country will be incensed about the results... Assuming the last election was any indicator of what we are in for come November.

Re:Vote by mail, paper ballots, non-network optica

[WillAffleckUW]

Add same day in person registration. Most states have figured out how to maintain security of physical ballots, and sequester those where registration is in question for verification.

Re:Vote by mail, paper ballots, non-network optica

[bobbied]

Didn't say there where already issues here, only that having a physical ballot doesn't solve all of the issues with vote count integrity.

You still have to have to get an honest count. This requires a secure means of maintaining the physical ballots so they cannot be altered (or added to or subtracted from) AND you need a way to count them, preferably multiple different ways. I remember the Al Gore Florida recounts, we don't need that mess again.

Security Onion

[PetiePooo]

I don't know, but I'm guessing it's something very similar to Security Onion. (Network security should have multiple layers; like an onion. Get it?)

Albert sensors are probably very similar, using a more hardened platform, with similar FOSS tools installed, and with access to government-specific threat intel feeds and analysis.

Paper Ballots are more secure....

[oh_my_080980980]

Paper ballots can't be hacked and are easier to secure. Simple fact you can't secure voting that's hooked up to the internet.

Diebold or illegal voting?

[mi]

Like the diebold machines? You say this like it stands for anything.

Funny, any time one mentions voting fraud, a highly-moderated response will spring up claiming, such fraud is "miniscule" because no study has ever found anything bigger.

But Diebold can be the butt of FUD-spreading without any sort of proof it ever contributed to actual vote-corruption — and without challenges from the same sticklers to the "unproven therefore false" approach...

Re:Diebold or illegal voting?

[HiThere]

I'm sorry, but to convince me of their integrity it is not sufficient to show that there is no proof that they are corrupt.

FWIW, I still remember the President(?) of Diebold Systems promising to deliver the vote to the Republican candidate as they rolled out their voting machines. It's going to take a lot of very convincing evidence to get me to believe that the machines aren't designed to be corrupt.

Now, to be fair, I believe that the Diebold machines will return the vote in favor of whoever controls them, and that the Diebold company is not that controller. But this is based around plausibility rather than convincing evidence of public statements.

I am totally in favor of the suggestion offered previously of requiring that the code be open, the official binaries signed and checksummed, and the code actually tested that it matches the checksums. But paper ballots probably provide greater security with less chance for confusion. More care, however, needs to go into the ballot numbering system so that they can be traced back to the entity that printed them.

Re:Diebold or illegal voting?

[eaglesrule]

But Diebold can be the butt of FUD-spreading without any sort of proof it ever contributed to actual vote-corruption — and without challenges from the same sticklers to the "unproven therefore false" approach...

I don't understand your point. Are these the same Diebold machines you're talking about?

When a process is demonstrated to be so flawed that compromise should be assumed, why is irrefutable proof even necessary?

Re:Diebold or illegal voting?

[mi]

When a process is demonstrated to be so flawed that compromise should be assumed, why is irrefutable proof even necessary?

Yes! Indeed! Which is exactly the logic, we should be applying to the phenomenon of illegal voting too.

It is easy, it happens — which is more than we can say (with citations) about the Diebold machines, actually.

But, for some reasons, any attempts to improve this demonstrably flawed process are struck down — because, it is said, on Slashdot and elsewhere, "there is no proof".

Re:Diebold or illegal voting?

[mi]

I still remember the President(?) of Diebold Systems promising to deliver the vote to the Republican candidate

He made that promise as a member of the State's GOP, not as the CEO of Diebold. Do you think, other makers of such equipment will have no employees with allegiances to one party or the other — even if they keep their mouths shut?

My point, however, remains. Why is it, that in the case of Diebold the mere possibility of corruption is accepted as evidence of the fact of corruption — without any citations of it actually happening "in the field" — but the same standards of evidence are not applied to the illegal voting? Which is not only just as possible, but actually happens (even if we don't know, how often)?

signed and checksummed

Ah, reliance on software — and the personal integrity of the programmers writing it...

Re:Diebold or illegal voting?

[eaglesrule]

Ah, well, in the timeless words of Scott Foval:

“It’s a very easy thing for Republicans to say, “Well, they’re bussing people in.” Well, you know what? We’ve been bussing people in to deal with you fucking assholes for fifty years and we’re not going to stop now, we’re just going to find a different way to do it."

So it's no wonder that those with potential to lose influence would have difficulty understanding the need to secure a process that desperately needs it.

Re:Diebold or illegal voting?

[HiThere]

The chairman of the state GOP that had just gotten Diebold voting machines selected to count the votes. I'll agree it's not proof. But it's stronger evidence than anything I've seen that indicate they are honest.

And for your second thought, you're right. True certainty doesn't exist in this universe. But that doesn't mean you can't do your best. The programmers writing the checksumming program probably have neither knowledge nor desire to corrupt it, and don't know where it's going to be used. And if it's open source it *can* be validated. People make mistakes, and sometimes lots of people make the same mistake, but it's a better chance than any alternative I've heard.

Re:Diebold or illegal voting?

[mi]

But it's stronger evidence than anything I've seen that indicate they are [dis]honest.

Had he been dishonest, would he really have bragged about it publicly? Please...

And for your second thought, you're right.

You've ignored my main point — which is that drastically different standard of evidence are applied to allegations of illegal voting and subverted machinery.

True certainty doesn't exist in this universe. But that doesn't mean you can't do your best.

The best, in my opinion, is to use different means, procedures, and hardware (if any) — as we've been doing.

Re:Diebold or illegal voting?

[HiThere]

When you're trying to prove something you need stronger evidence than when you're trying to assign probability. Particularly if the probability estimate is going to have large error bars. To me the evidence is strongly in favor of the machines being designed to product the votes they are instructed to produce. I'd agree it's far short of proof. I'd agree they they can be operated honestly, and that that is probably the default behavior.

In short, I see no reason to trust the honesty of the machines and many reasons to doubt it. That this is not proof, I'll agree. But it isn't proof either way...including definitely not proof that the machines are honest.

$5000 is probably a ripoff

[AndyKron]

I'll bet if you could get the same hardware at Banggood it would be $5, not $5000

Re:Vote by mail, paper ballots, non-network optica

[bobbied]

The issue with the Florida recounts in my mind was two fold.

First, the act of counting them, altered the ballots, ever so slightly, when done mechanically. Looking for holes in cards and the problem of missing chads, hanging chads and dimpled chads was insanity. Yes, it was a very stupid system and we should take that as a cautionary tale to not build another system with similar problems.

Second, it was legally pointless to count, recount, manually count and recount these ballots as long as they did. Once the legal process had already run it's course and the election had been legally certified by Florida's secretary of state and presented to congress. It was a done deal, regardless of what the count ended up being or how many times they counted the results after that.

So I would add one additional requirement for ballot handling which goes something like this. "Once the election is certified and all possible legal avenues have been exhausted in the determination of the winners, the ballots will be securely stored for no less than 1 year and no more than 2, unless they are material evidence in an active criminal investigation.

Re: Vote by mail, paper ballots, non-network optic

[pslytely+psycho]

" because anyone with power over you can tell you to bring your ballot to him and fill it out in front on him so that he knows that you voted for his choices. "

Yeah, that's a common problem up here.....LOL.
Please cite a source to this horrible scourge.
Worst....strawman....EVER!

Re:Vote by mail, paper ballots, non-network optica

Second, it was legally pointless to count, recount, manually count and recount these ballots as long as they did. Once the legal process had already run it's course and the election had been legally certified by Florida's secretary of state and presented to congress. It was a done deal, regardless of what the count ended up being or how many times they counted the results after that.

I wouldn't say it was legally pointless.
Even if the election was done with it is still possible to uncover election fraud, so while you can't do anything about the turnout of the election you can still hold someone accountable.

Even if you don't uncover any criminal activity you can still identify irregularities and mistakes so that you can work on preventing them in the future.

Also, I see very little reason to throw away ballots within a year or two.
Storing them is only expensive if you care about the integrity of them. If you are going to throw them away you might just dump them in an unguarded unheated storage facility.
They might not be of interest for legal reasons, but next to the constitution voting ballots may be one of the most important documents we have from a democratic perspective.

Insert bogus Russian hackers waffle

[najajomo]

“Two years after Russian hackers breached voter registration databases”

Under the pretext of protecting us from “Russian hackers” the US deepstate has hacked voting machines.