36 of 50 States Have Installed Sensors at 'Elections Infrastructure Level' To Monitor Computer Systems Managing Voter Data or Devices

A majority of U.S. states has adopted technology that allows the federal government to see inside state computer systems managing voter data or voting devices in order to root out hackers. From a report: Two years after Russian hackers breached voter registration databases in Illinois and Arizona, most states have begun using the government-approved equipment, according to three sources with knowledge of the deployment. Voter registration databases are used to verify the identity of voters when they visit polling stations. The rapid adoption of the so-called Albert sensors, a $5,000 piece of hardware developed by the Center for Internet Security www.cisecurity.org, illustrates the broad concern shared by state government officials ahead of the 2018 midterm elections, government cybersecurity experts told Reuters. [...] As of August 7, 36 of 50 states had installed Albert at the "elections infrastructure level," according to a Department of Homeland Security official. The official said that 74 individual sensors across 38 counties and other local government offices have been installed. Only 14 such sensors were installed before the U.S. presidential election in 2016.

Not good enough.

[bluefoxlucid]

You're trying to install a security product inside a vulnerable system to detect compromise. Not good enough. Integrity must be non-repudiated.

Voting infrastructure is harder than voting machines. Paper voting is notoriously vulnerable to corrupt officials; paper audit trails are manipulable and have been used to identify voters and their votes; electronic voting machines can be proven non-tampered, and the votes proven non-tampered. The voting infrastructure, though? That's centralized, and prone to all sorts of attacks--not just computer hacking, but insider threat and social engineering.

Your best protection against infrastructure attacks is same-day registration and same-day party affiliation re-registration.

Re:Not good enough.

[Archangel+Michael]

Paper Voting is subject to corrupt officials, but generally hard to hack wide scale. Further, voting irregularities are easier to spot. And verification of vote tallies are easy.

With Electronic hacking, there is no way to verify vote tallies that have been tampered with at the machine level. And since those machines are electronically connected it is much easier for ONE hacker to affect a large range of voting tabulations, perhaps enough to change the outcome of state and national elections.

Paper Ballots are the worst of all voting methods, except all the others.

In the meantime, paper trails work

[Dasher42]

We're installing all of this insecure technology around a vital process of our governance, whereas paper ballots and paper trails work elsewhere. Florida failed to provide a clearly understandable paper ballot in 2000, but when has this electronic voting been a fix?

It's a gravy train for government-connected firms, that's what it is.

The only electronic voting I want is something that can give me a QR code to print a paper ballot I can sign off on, giving me time to research the entirety of the options and speeding time at the booth.

I believe this and approval voting would go a long way towards actually fixing things.

Re:In the meantime, paper trails work

[Aighearach]

In Oregon we vote by mail, and we use paper ballots that are optically scanned by the computer.

They can be re-scanned, they can be hand-recounted, no hanging chad. No booth, but you can hand-deliver your ballot if you want.

Re:In the meantime, paper trails work

[lgw]

QR code? Why did you just insert a non human-readable step?

What we want is computer-assisted voting. You go to the big touch-screen voting machine with pictures of the candidates faces and whatnot, and when you're done it prints a clearly market ballot. You then review the ballot and cast it into the ballot box.

This is so freaking obvious that I can't ascribe good motives to politicians imposing any other system.

Vote by mail, paper ballots, non-network optical

[WillAffleckUW]

Anything less won't work.

Remember, snapshot and full database rollbacks with query/row match for discrepencies in volatile precincts and counties are key for db comparisons. Random audits.

Re:whose watching what us govt can do with it?

[Archangel+Michael]

Hell Fucking No!

There is a REASON why elections are managed locally. It is much harder to establish a tyranny if you have to hack 174,252 precincts individually than if you could do so from the Federal Level. A problem at one precinct is bad, but contained. problem at the Federal Level means we have Obama or Trump elected for life.

Re:Vote by mail, paper ballots, non-network optica

[bobbied]

Anything less won't work.

Remember, snapshot and full database rollbacks with query/row match for discrepencies in volatile precincts and counties are key for db comparisons. Random audits.

Even then, the issue is counting votes and then securing from alteration the materials upon which the votes are recorded so they can be counted again and again when desired.

Re:Diebold or illegal voting?

[eaglesrule]

But Diebold can be the butt of FUD-spreading without any sort of proof it ever contributed to actual vote-corruption — and without challenges from the same sticklers to the "unproven therefore false" approach...

I don't understand your point. Are these the same Diebold machines you're talking about?

When a process is demonstrated to be so flawed that compromise should be assumed, why is irrefutable proof even necessary?