Voting Machine Manual Instructed Election Officials To Use Weak Passwords (vice.com)

← Back to Stories (view on slashdot.org)

Voting Machine Manual Instructed Election Officials To Use Weak Passwords (vice.com)

Posted by BeauHD on Monday November 5, 2018 @03:30PM from the didn't-get-the-safety-memo dept.

An anonymous reader quotes a report from Motherboard: An election security expert who has done risk-assessments in several states since 2016 recently found a reference manual that appears to have been created by one voting machine vendor for county election officials and that lists critical usernames and passwords for the vendor's tabulation system. The passwords, including a system administrator and root password, are trivial and easy to crack, including one composed from the vendor's name. And although the document indicates that customers will be prompted periodically by the system to change the passwords, the document instructs customers to re-use passwords in some cases -- alternating between two of them -- and in other cases to simply change a number appended to the end of some passwords to change them.

The vendor, California-based Unisyn Voting Solutions, makes an optical-scan system called OpenElect Voting System for use in both precincts and central election offices. The passwords in the manual appear to be for the Open Elect Central Suite, the backend election-management system used to create election definition files for each voting machine before every election -- the files that tell the machine how to apportion votes based on the marks voters make on a ballot. The suite also tabulates votes collected from all of a county's Unisyn optical scan systems. The credentials listed in the manual include usernames and passwords for the initial log-in to the system as well as credentials to log into the client software used to tabulate and store official election results.

101 of 197 comments (clear)

Min score:

Reason:

Sort:

Unity? by Anonymous Coward · 2018-11-05 15:50 · Score: 1

So you agree we shouldn't use electronic voting machines?
Great! Agreement!
Go ahead do the gaslighting or whatever its called, as long as it ends up with verifiable election systems. Systems where the voter knows the machine counted their vote correctly, and that Kemp agent could not simply upload a file to a voting machine to set a new vote result.
This is not the Russian elections.
1. Re:Unity? by LynnwoodRooster · 2018-11-05 15:55 · Score: 4, Insightful
  
  Paper ballot, voter ID, absentee ballots need to be applied for each election. No need for anything else.
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
2. Re:Unity? by PopeRatzo · 2018-11-05 16:17 · Score: 5, Informative
  
  Paper ballot
  That's how we do it here in California, which has the fairest and most secure elections in the country.
  
  --
  You are welcome on my lawn.
3. Re:Unity? by Anonymous Coward · 2018-11-05 16:17 · Score: 5, Insightful
  
  In Russia they use paper ballots, and the number of people through the door is about 1/3rd of the total claimed vote count.
  When a candidate wins that Putin doesn't like, he cancels the election due to ballot stuffing (because they didn't stuff enough ballots in to rig the vote, they have to cancel it due to their own ballot stuffing!).
  You also need the structures in place to verify the count, verify the votes correspond to the people who voted and so on.
  Once you decide to put party before country, and manage to seize power over the judicial processes that control the election you are lost.
  You end up with elections run by the people who are running for election (Kemp in Georgia), decided by partisan judges (like Kavanaugh), with news outlets telling lies they know are lies. (Fox News).
4. Re:Unity? by LynnwoodRooster · 2018-11-05 16:27 · Score: 1
  
  The issue is we ignore the next two, which are just as important. One out of three doesn't cut it...
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
5. Re:Unity? by PopeRatzo · 2018-11-05 16:39 · Score: 4, Informative
  
  The issue is we ignore the next two, which are just as important. One out of three doesn't cut it...
  Oh, we have all three. When I registered to vote earlier this year, I had to show proof of my citizenship and a photo ID, and we have vote-by-mail that you don't have to be "absent" to use.
  By the way, the states that experts have ranked as the worst for electoral integrity are Arizona, Oklahoma, Wisconsin and Tennessee. Also, Texas, Georgia and South Carolina rank pretty low.
  
  --
  You are welcome on my lawn.
6. Re:Unity? by PopeRatzo · 2018-11-05 17:29 · Score: 2
  
  Or are you opposed to proving identity when voting, like most of the rest of the world requires?
  Texas doesn't require voter ID, so why aren't you complaining about them? Neither do South Carolina, West Virginia, Utah and a bunch of other states.
  "Most of the rest of the world" has universal, single-payer healthcare. I don't see you calling for that you dumb fuck-whistle.
  
  --
  You are welcome on my lawn.
7. Re:Unity? by LynnwoodRooster · 2018-11-05 20:14 · Score: 1
  
  Fail on TX, you fuck-whistle. Plus I live in California, so what TX does is of less concern to me than what CA does. Why don't you care about the integrity of the election? Perhaps because when fraud occurs, it benefits your political belief, meaning you put results ahead of ethics?
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
8. Re:Unity? by LynnwoodRooster · 2018-11-05 20:22 · Score: 1
  
  Provisional ballots allow a person to cast a ballot even though they are not listed on the voter rolls. Yes, you don't even have to prove you are registered in order to cast a ballot which, in at least one instance, were mixed in with regular ballots potentially throwing the election which was decided by less than 130 votes.
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
9. Re:Unity? by Anonymous Coward · 2018-11-05 21:37 · Score: 1
  
  Provisional ballots are not counted unless you go to the election officials office the next day and prove you are you. That's the whole point of a Provisional ballot.
10. Re: Unity? by orlanz · 2018-11-05 22:59 · Score: 1
  
  It's not some "commission" or "committee"; it's the people. There are still enough people here who will standup to corruption.
11. Re:Unity? by Anonymous Coward · 2018-11-05 23:40 · Score: 1
  
  Citation needed on "most of the rest of the world". I've voted in two countries, and neither of them demands to see ID at the time of voting. (Incidentally, neither one limits the franchise to citizens only, either.)
  Seriously - citation? It can't be too hard to find this sort of thing out.
12. Re:Unity? by Kiuas · 2018-11-05 23:44 · Score: 5, Insightful
  
  Or are you opposed to proving identity when voting, like most of the rest of the world requires?
  Greetings from the rest of the world. Here in Finland we do in fact have to provide ID upon voting, and we do not have to to register to vote because your ID is checked against a list of eligible voters upon arrival to the voting site. However, social services also funds the cost of the ID for those who cannot afford it (which is why essentially everyone in Finland has an ID). This being the case, the ID requirement does not prevent anyone from voting regardless of income status. This point is often conveniently left out in the american discussions over voter IDs when the 'pretty much everyone else does it' -argument is presented because from what I've seen so far, voter ID proposals in the States don't have provisions for providing an ID for people who can't pay for it, and that's the crux of the problem.
  Voting is such a fundamental right that it should never be gated behind a financial barrier of any kind, wouldn't you agree?
  
  --
  "It is the business of the future to be dangerous" -Alfred North Whitehead
13. Re:Unity? by LynnwoodRooster · 2018-11-06 00:36 · Score: 1
  
  I agree 100%! And I think most States currently give free ID for those who need it. The issue then becomes "but it is so much time and effort to get the ID!" when, in fact, there is not much you can do as an adult WITHOUT the ID. Like get a job. Or medical care. Or buy alcohol. Or drive. Or open a bank account. Or use Western Union. And many other things.
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
14. Re:Unity? by LynnwoodRooster · 2018-11-06 00:41 · Score: 1
  
  If you'd see the second link I used, unverified provisionals were mixed in with regular ballots - and thus counted, because once mixed they could not be pulled back out. If you don't have provisionals in the first place, then you don't run the risk of contamination.
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
15. Re:Unity? by twdorris · 2018-11-06 00:54 · Score: 1
  
  Greetings from the rest of the world.
  Best intro ever. And a nice follow-thru to boot. This post wins.
16. Re:Unity? by bluefoxlucid · 2018-11-06 01:48 · Score: 1
  
  Think about the Internet. There are thousands of points where data leaves, moves through intermediate routers, changing hands, until it reaches a location. Your bank, for example.
  Why do you use encryption when sending your credit card details? It moves from your PC to your ISP, through several core routers. Random people can't sniff it. Your traffic isn't exposed to untrusted third parties; arguably, all of the systems through which your data flows are more-trusted than the merchant to whom you're sending your credit card number!
  "Computers can be hacked", right? What if the "hacker" is a technician at an ISP? Remember that guy who did that with the lottery?
  Paper ballots begin at polling centers, where we trust staff to not manufacture additional ballots in the back and swap out ballot boxes with duplicate seals. They transfer through a chain of custody, always in the hands of 3-5 people who we assume aren't colluding, or stored in a secure location we assume isn't intruded upon by someone with a key and admin access to the security logs. They change hands several times.
  That doesn't even get into the error rate of counting--with the implication that you can manipulate the error rate. People freak out about that when it comes up: Kris Kobach in Kansas was giving instructions about what ballots to not count (spoiler ballots, in late, etc.), and he was also a candidate in the GOP primary for Governor. You get a lot of individual judgment with hand-marked paper ballots especially--is that a stray mark, or just a little outside the circle? Is it enough to flag to an observer that the purchased vote has been cast faithfully? Does the signature sufficiently match the one on file? All up to personal taste.
  Paper ballots are a complex, flimsy, and insecure network.
  
  --
  Support my political activism on Patreon.
17. Re:Unity? by pjt33 · 2018-11-06 02:01 · Score: 1
  
  Paper ballot, voter ID, absentee ballots need to be applied for each election
  That last one would be quite irritating, because sometimes elections are called outside of the usual timetable (e.g. to replace someone who died in office). I think I prefer the system in my country, where you have to renew your application each year. I get a reminder three months before my postal ballot registration expires, and as long as I don't sit on it for ten weeks I can be sure that my renewal is received before the registration expires.
18. Re:Unity? by Kiuas · 2018-11-06 02:10 · Score: 3, Informative
  
  Here in the US, most States provide zero-cost ID
  Do they? 'Cause that's news to me. I asked an American living here in Finland that I have befriended about this and he said it's BS. So one of you guys is wrong. I tend to trust my friends more than strangers on the internet but because I wanted to make sure I went to Google and 10 seconds later found this in the wiki
  
  According to a Harvard study, "the expenses for documentation, travel, and waiting time [for obtaining voter identification cards] are significant—especially for minority group and low-income voters—typically ranging from about $75 to $175. When legal fees are added to these numbers, the costs range as high as $1,500."[49][50] So even if the cards themselves may be free, the costs associated with obtaining the card can be expensive.[49] The author of the study notes that the costs associated with obtaining the card far exceeds the $1.50 poll tax outlawed by the 24th amendment in 1964.
  The study in question is a 2014 study from Harvard Law School titled The High Cost of ‘Free’ Photo Voter Identification Cards '
  So a trusted and informed friend and a dude from Harvard Law against 1 anonymous coward... damn, this is a tough one but I do think you may in fact be full of shit, because I did crunch the numbers and came tot he conclusion that a 'free card' costing anywhere from 75 $ upwards is not in fact free.
  This reminds me of that quote from Hitchiker's Guide to the Galaxy:
  
  “But the plans were on display”
  “On display? I eventually had to go down to the cellar to find them.”
  “That’s the display department.”
  “With a flashlight.”
  “Ah, well, the lights had probably gone.”
  “So had the stairs.”
  “But look, you found the notice, didn’t you?”
  “Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”
  
  --
  "It is the business of the future to be dangerous" -Alfred North Whitehead
19. Re:Unity? by Kiuas · 2018-11-06 02:17 · Score: 2
  
  Damnit, the link to the study is broken, sorry people. Here's a working one.
  I clearly need more coffee.
  
  --
  "It is the business of the future to be dangerous" -Alfred North Whitehead
20. Re:Unity? by mjwx · 2018-11-06 02:32 · Score: 1
  
  Or are you opposed to proving identity when voting, like most of the rest of the world requires?
  Greetings from the rest of the world. Here in Finland we do in fact have to provide ID upon voting, and we do not have to to register to vote because your ID is checked against a list of eligible voters upon arrival to the voting site. However, social services also funds the cost of the ID for those who cannot afford it (which is why essentially everyone in Finland has an ID). This being the case, the ID requirement does not prevent anyone from voting regardless of income status. This point is often conveniently left out in the american discussions over voter IDs when the 'pretty much everyone else does it' -argument is presented because from what I've seen so far, voter ID proposals in the States don't have provisions for providing an ID for people who can't pay for it, and that's the crux of the problem.
  Voting is such a fundamental right that it should never be gated behind a financial barrier of any kind, wouldn't you agree?
  This.
  
  Here in the UK we do not need to provide ID, but do need to provide our name to get it struck off the roll. However registration is required as we have to vote in our electorate and only one electorate, so it needs to be known which electorate we live in. if I had to provide ID, any form would be acceptable, including ones issued for free by the government or a reputable organisation (like a student ID).
  
  --
  Calling someone a "hater" only means you can not rationally rebut their argument.
21. Re: Unity? by Anonymous Coward · 2018-11-06 02:43 · Score: 1
  
  I think his point is that paper ballots are necessary, but not sufficient.
  You need to have honest people all along the way as well.
22. Re:Unity? by dryeo · 2018-11-06 04:11 · Score: 1
  
  Around here (Canada), the paper ballots are counted at the polling station when the polls close, with members of the public including party members of all interested parties, watching the process like hawks. At that, I'm free to watch the whole process from beginning to end if I desire (assuming room, which I've never heard of being a problem)
  There is a weakness with the advanced/absentee votes, which almost never enough to affect the outcome, having to be stored. Usually the absentee votes aren't even bothered to be counted. Candidate wins by 2000 votes and only 1000 advanced votes, why bother counting.
  
  --
  https://en.wikipedia.org/wiki/Inverted_totalitarianism
23. Re:Unity? by HiThere · 2018-11-06 04:52 · Score: 1
  
  Sorry, but no. Absentee ballots are a permanently available choice. Also, the paper ballots, while they exist, are read by a machine, probably the one mentioned in the article. I've never heard of the original paper ballots actually being recounted manually to check the result.
  FWIW, this information is current as of July, 2018. I'm not sure of it's current state. I'm also not sure which items are county or city specific.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
24. Re:Unity? by PopeRatzo · 2018-11-06 04:59 · Score: 1
  
  my vote by mail in Washington would beg to differ
  Respect to Washington. They do elections right up there.
  
  --
  You are welcome on my lawn.
25. Re:Unity? by HiThere · 2018-11-06 05:12 · Score: 3, Informative
  
  This depends entirely on what is accepted as an ID, and how hard it is to get. I recently moved, and it was quite a hassle, partially because I can't drive.
  The new state wouldn't accept the ID from the old state, and demanded a birth certificate. And the one issued by the hospital wasn't acceptable, it had to be a government issued birth certificate. And the place where I was born raised a large number of obstacles to getting the certificate without going there. (I don't know what it would have been like if I'd gone there in person.) Eventually they issued one after paying money, waiting, filling out forms, etc. ... and they never did do anything that would really check that I was who I said I was.
  So. The issuing of the ID was free. The getting of it took a modest amount of money (not enough to pay for the paperwork), but a tremendous amount of bureaucratic shuffling, and didn't really prove anything anyway except that I'd gone through the bureaucratic paper shuffling.
  So I'm not really impressed with the "ID requirements". They don't provide actual ID and they cause a tremendous amount of hassle. Photo + digitized fingerprints would be much better as unique IDs, or any of various other biometric markers. They should always be needed to be tested in person for any significant trust, because the "coded id" could be duplicated, so this should only be used to issue secondary ids from. And the database should never be connected to the internet, even indirectly, but the "coded id" should be matchable against any other reading.
  Even so, you couldn't trust this system, because eventually there would be illicit copies made. And in a way this lack of trust is valid, because I'm certainly not the same person I was a decade ago.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
26. Re:Unity? by PopeRatzo · 2018-11-06 05:13 · Score: 1
  
  Sorry, but no. Absentee ballots are a permanently available choice. Also, the paper ballots, while they exist, are read by a machine, probably the one mentioned in the article. I've never heard of the original paper ballots actually being recounted manually to check the result.
  Paper ballots in every state are read by machine, and they are retained in case a recount is needed, which it seldom is because except for a few tokens we keep around for laughs, we don't allow Republicans to get anywhere near a position of power here in California. That's how we keep it so nice here.
  And they're not called "absentee ballots" any more. It's just vote-by-mail. It's the exact same ballot that you get at the polling place and you can either drop it off early at one of the qualified locations, mail them, or bring them to the polling place yourself like my wife and I just did.
  
  --
  You are welcome on my lawn.
27. Re:Unity? by bluefoxlucid · 2018-11-06 05:15 · Score: 1
  
  Public view?
  Your main weakness is recounting. Let's work backwards from electronic for this one.
  With electronic voting machines, once you've proven the integrity of the machine, you can prove the ballot set. Everyone votes, the machine displays some kind of computation, and only then do you enter the machine to remove the ballots (digital media copy, whatever).
  For provisional ballots cast in-person (wrong polling center, etc.), you load the provisional ballots into your hash set by the same rules, marking them as provisional--and you don't include identifying information in that set. This still exposes identity to the public if your polling center collects only a few provisional ballots (if it's only one, we know whose is provisional), which is the same problem as very few people voting (one polling center here had 67 people vote in the primary, with only three Republicans who all voted for the same candidates, so I can give any of them their exact ballot back. Imagine three people voting in the General by provisional in a pile of 1,600 votes). The solution is to obscure who is voting provisionally.
  Under this scheme, ballots are traceable: the central authority publishes each ballot set with its polling center. We can all recompute the hash and prove the ballot set is untampered. They can strike any provisional ballot, so long as they leave its contents up in the ballot set and mark it rejected.
  As you note, absentee ballots come in the mail, are paper, are not observed, and so represent a weakness. Disenfranchisement represents a larger threat, so we accept this weakness. On military base and ship, we can actually run the same kind of public election as here, observed by the public of the men on ship--who of course will leak if they're not allowed to record election ballot traces.
  So what about paper?
  Well, you can slip a piece of pencil under your fingernail and spoil ballots when counting paper in full public view. You can miscount. Election judges can collude, despite the whole reliance on people not colluding (we've seen this in other places).
  We perform our recounts days or weeks later, with ballots kept in a secure location. Again: how do I know anyone in the chain-of-custody isn't just a group of 3-5 people who can print a new seal and are fully-willing to collude? Buy a few people off, get them an election pen (remember what I said about pencil?), and they can create a few new spoiler ballots.
  In an election with 100,000 ballots, one state here recounted with 3,500 fewer, and claimed they must have just found more spoilers (without explaining which were probably not originally spoilers). We just accept that. Three percent of votes.
  See how many avenues of attack we have? Now look at our electronic voting machines. Yeah, hell no. The stuff out there is horrible. That doesn't mean paper is safe; it just means we damned well better move to stronger EVMs if we're going to move off paper.
  
  Candidate wins by 2000 votes and only 1000 advanced votes, why bother counting
  Computing whether a candidate won can be...difficult. Take any Smith-efficient system. You have to compute all the one-on-one pairings: if a ballot ranks Bill 1, Anne 2, and Jim 3, then Bill vs Jim is 1 vote to Bill, Bill vs. Anne is 1 vote to Bill, Anne vs. Jim is 1 vote to Anne. These pairings are important.
  To get the Smith set, you find out who wins these.
  Let's say Bill, Anne, and Jim each get a majority of rankings above Dave and Mary. Dave and Mary categorically lose against these other three. Dave and Mary are out.
  Now we have Bill, Anne, and Jim. Bill beats Anne; Anne beats Jim; Jim beats Bill. O
  
  --
  Support my political activism on Patreon.
28. Re:Unity? by Darinbob · 2018-11-06 07:17 · Score: 1
  
  There is a problem that many in the US do not believe voting is a right, and they're greatly opposed to the wrong sorts of people voting since they might vote for the wrong things. There are those who don't want college students to vote, since they're not in the country for a full 12 months. There are those who don't want convicted felons to vote even after they are out of prison. There are even those suspicious of members of the military voting when they are stationed overseas.
29. Re:Unity? by Darinbob · 2018-11-06 07:24 · Score: 2
  
  You can get jobs without ID. You need a social security number, but you don't need ID for that. The problem is that the people for whom voter IDs are difficult to get tend to be the sorts of people who don't vote the way the powers that be want them to. Ie, the poor, the elderly shut-ins, the homeless, widows who never needed this stuff until after the husbands died, etc.
  When elections are tight, disenfranchising a very tiny minority is enough to sway elections.
  Getting a driver's license is a royal pain in the ass in many places. A identity card from the DMV is similar. People are reporting 8 hour waits at the DMV in California (because of the increased demand for the ridiculous Real ID cards that you can only get in person), and I had to book an appointment 3 months in advance for the DMV!
30. Re:Unity? by Darinbob · 2018-11-06 07:26 · Score: 2
  
  I think this is because Republican states are the most intent to prevent those who might lean Democratic from voting. That's the poor, minorities, college students, etc. In Democratic leaning states it is much more difficult to prevent or discourage rich whites from voting.
31. Re:Unity? by Darinbob · 2018-11-06 07:27 · Score: 1
  
  How do you show proof of citizenship? A driver's license doesn't cut it. No one in the US is issued with a certificate of citizenship when they are born. My birth certificate may not even count for me to get my Real ID as now apparently I may have to apply for a "long form" version. A passport may work, but very few in America have those or carry them around everywhere. To register I prove my identity, but not my citizenship, but check a box that I agree under penalty of perjury that I am a citizen.
  In my view, every citizen should vote with as FEW hurdles to jump over as possible. Getting more people to vote is better, even if they're going to vote the opposite of how I vote.
32. Re:Unity? by Anonymous Coward · 2018-11-06 08:03 · Score: 1
  
  Want to buy or keep a gun, which is a constitutionally-protected right? You need to be of age, show ID, go through a background check, be subject to tons of restrictions, individual states will violate the constitution every way they can to stop you, etc.
  Want to vote? Go right ahead! You just need a name and a polling location, or a name and an absentee (mail-in) ballot. Requiring something as simple as an ID check is verboten nation wide despite the fact that each individual state is supposed to run their own elections.
  It's absurd. Require ID to vote. Make the ID cheap or free (in certain cases). Make it available at DMVs and maybe post offices. Do it like the Real ID laws for travel, where you announce it well ahead of time. (But don't do it like the Real ID laws where states like CA were given multiple extensions for no reason.)
33. Re:Unity? by LynnwoodRooster · 2018-11-06 10:26 · Score: 1
  
  You can get jobs without ID.
  Not legally. You must fill out an I-9 form when you are employed - and that requires considerably more than just an SSN.
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
34. Re:Unity? by Darinbob · 2018-11-06 10:43 · Score: 1
  
  Ya, this was a pain for me. Drivers license is used, but I never had a social security card (cardboard, hand typed, totally and utterly insecure) so eventually I went and got a new one. I think I've used a birth certificate before, although I may have to get a new one since it's not "long form".
  I'm still thinking about the good old days before we had soviet style "homeland" security.
35. Re: Unity? by astrofurter · 2018-11-06 16:28 · Score: 1
  
  Paper ballots are a good, necessary start. However they are by no means sufficient to secure elections against organized corruption.
  Consider for a moment several amusing stories of election antics from San Franshitsco: http://sfist.com/2016/11/04/ri...
36. Re: Unity? by astrofurter · 2018-11-06 16:42 · Score: 1
  
  "the good old days before we had soviet style "homeland" security"
  I, too, remember living in a Free republic. Alas, the youth of today have grown up under the Empire. They may never know the taste of that simple, relaxed Freedom we thought had given us victory over the Soviet Union.
37. Re: Unity? by astrofurter · 2018-11-06 16:54 · Score: 1
  
  C'mon bro - we live in a bureaucratic totalitarian state. If one doesn't have a valid government ID, one is good and truly fucked. Voting would be the very least of one's problems.
38. Re: Unity? by astrofurter · 2018-11-06 17:00 · Score: 1
  
  "People a lot smarter than you"
  Respek their authoritay!
39. Re:Unity? by LynnwoodRooster · 2018-11-06 19:58 · Score: 1
  
  Texas poll workers letting non-citizens vote, no problem at all. Keep on ignoring the voter fraud! Fuck-whistle, indeed...
  
  --
  Browsing at +1 - no ACs, I ignore their posts. So refreshing!
40. Re:Unity? by PopeRatzo · 2018-11-07 03:16 · Score: 1
  
  Project Veritas? Really?
  James O'Keefe is just Jacob Wohl with costumes.
  
  --
  You are welcome on my lawn.
41. Re:Unity? by HiThere · 2018-11-08 05:53 · Score: 1
  
  Changing the name doesn't change the thing. I was permanently registered to use an absentee ballot, because one time I needed to, and I never changed it back, but I did usually drop it off at the polling place.
  FWIW, I don't accept that all Democrats are honest at counting votes. I also don't accept that all Republicans are dishonest at counting votes. So the end of your first sentence is invalid for me (and calls into question any argument I can't check).
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
Why is it by Anonymous Coward · 2018-11-05 16:07 · Score: 3, Funny

The that biggest idiots always end up handling the most important tasks?
1. Re:Why is it by Anonymous Coward · 2018-11-05 16:45 · Score: 1
  
  Because technical brilliance, and leadership, are two entirely different skill sets.
2. Re: Why is it by Anonymous Coward · 2018-11-05 18:52 · Score: 2, Interesting
  
  True. One involves bullying others in a manner that looks like comradery. The other is very much technical and facts-based.
  Hint: Facts get in the way of achieving desireable outcomes. Meeeeeh
The Creds by zamboni1138 · 2018-11-05 16:09 · Score: 1

The username is: password The password is: password
1. Re:The Creds by f3rret · 2018-11-06 02:16 · Score: 1
  
  For extra security you should set the password to "username"
  
  --
  Admit nothing. Deny Everything. Make Counter-accusations.
Reasoning by PPH · 2018-11-05 16:15 · Score: 2

Ever seen the people who volunteer to staff polling places? Do you want to budget for the tech support staff needed to reset passwords when Aunt Eugenia forgot it again?

--
Have gnu, will travel.
1. Re:Reasoning by DethLok · 2018-11-05 21:17 · Score: 4, Informative
  
  in Australia (apparently a nazi country since we have govt regulation of business, gun control, national healthcare?) we also have the Electoral commission.
  They run the voting system.
  Everyone votes the same way, on paper.
  They hire extra staff from existing public service agencies, experienced & arguably trustworthy govt workers.
  Voting is too important to let states or cities make up their own rules, or to let just anyone work in the polls.
  And boy, am I curious to see the results and hysteria of these US midterm elections, it is going to make Bush vs Gore look like a couple of toddlers fighting over a toy!
2. Re: Reasoning by orlanz · 2018-11-05 23:09 · Score: 3
  
  No, Voting is too important to let centrals run it. I don't think you understand how voting works in the US. Nationally, no one votes directly but same safeguards as states.
  State level, you need a LOT of corruption across a highly distributed network of independent voluntary organizations to impact a vote. That complex non-standard setup is the primary safeguard against vote results tampering. The second is the volunteers who have a self interest in making sure the other isn't cheating and many independents who ensure no one cheats.
  At the local level, you do have independent and committee based outsiders who ensure the few locals aren't cheating the local population.
  The paper based voting system in the US that has been used for decades is pretty good. It was the State level discrimination laws and more recently end voter manipulation via social media that has been their only real threats. A "committee" would have made both worse.
  BTW, we do have many committees here, they just aren't the only thing the system relies on.
3. Re: Reasoning by bluefoxlucid · 2018-11-06 02:15 · Score: 1
  
  State level, you need a LOT of corruption across a highly distributed network of independent voluntary organizations to impact a vote
  The votes move from hand to hand from thousands of locations through small groups of trusted parties. That's tens of thousands of weak links--millions in some states.
  
  The paper based voting system in the US that has been used for decades is pretty good.
  It is. It's a complex mess with enormous integrity problems, but it's only severely-abused in a few places--and that severe abuse is relatively minor. A strong, decisive victory or even just huge voter turn-out is usually enough to overcome the level of tampering even in states where it's rampant.
  We estimate about 30,000 ballots just tossed out in Florida every year. Ohio did a recount once and came up 3,500+ ballots short, with the excuse that "it's probably spoiled ballots" but no trace to show which ballots were spoiled (yeah, "We're not sure, we guess it's X, it's probably fine, trust us" fuck you).
  Small numbers.
  My concern is we can't prove integrity. I can fix that with electronic voting machines, so long as we follow some god damned strict standards. Give me a little time; we have to do this right.
  
  end voter manipulation via social media that has been their only real threats.
  You should see paper ballot security considerations. Many of these are built on the idea that you can trust some party by putting other parties around them, under the theory that they're adversarial and will act as checks on each other; unfortunately, we have Democrats endorsing Republican candidates now, and besides that you can just join a party and carry out espionage (really, vote tampering is an enormous offense and an attack on our national security).
  You can fix that with voting rules that reflect the voter's preferences better. The combination of Single Transferable Vote for multi-winner elections, the Big Party Rule (a party with 25%+ registered voters can nominate two candidates for single-winner elections, but only by primary election using STV), and a strategy-resistant Condorcet method like Tideman's Alternative Smith would provide pretty good protection. Electoral Fusion helps, too.
  Big Party Rule upends the base voter issue: a ton of people will vote R or D, and now they have two R and two D candidates. You get Trump vs. Rubio, Bernie vs. Hillary. Combine this with any Condorcet system and you now need a mutual majority favor.
  Under the Big Party Rule, you would probably get Bernie from the left and Hillary from the moderate Democrats; interfere with a huge pro-Bernie propaganda campaign and you get excitement for Bernie, but who is the second choice? It's ... still Hillary. The same is true of Trump and a more-moderate candidate like Rubio.
  Hit the General Election and now what?
  Well the entire moderate independent vote is going Hillary-Rubio or Rubio-Hillary. The moderate R goes Rubio-Trump or, for the Never Trump crowd who voted Hillary, Rubio-Hillary. The Pro-Trump crowd will go Trump-Rubio-Johnson-Hillary because they want to shoot down Bernie Sanders by putting Hillary above him (they might or might not rank Stein above or below Bernie at the tail end). The Bernie crowd is going Bernie-Stein-Hillary-Rubio, Bernie-Hillary-Stein-Rubio, or so forth.
  In this scenario, a huge amount of the population is trying to NOT elect Trump or NOT elect Bernie. That makes those two unelectable. The voters on the left have said they'll concede to the Republicans if they take Rubio (that's what actually would have happened in this line-up, based on the data I've been able to dig up); the voters on the far right have said they'll settle for Rubio if not Trump; moderates are taking Rub
  
  --
  Support my political activism on Patreon.
4. Re: Reasoning by wonkavader · 2018-11-06 04:02 · Score: 1
  
  This is all true, but it ignores the fact that we have partisan administration of the voting system, as well. And that's always the party in power. And we HAVE that "lot of corruption" necessary to make an impact.
  We have unfair poling place positioning and voter to polling place rations. We have voter suppression based on IDs. We have laws which forbid felons to vote. We have no penalties for targeted "accidental" mailing of the wrong date or location for voting by the partisan voting administrators. We have partisans disqualifying mail-in votes and not informing the senders that their vote won't count until it's too late for them to vote otherwise. Fun stuff.
  If we had a federal standard for voting, it might indeed be worse than what we have. It might also be better. We're not going to get one either way, as the people who would vote on that derive their power from gerrymandered, voter-suppressed, locally-controlled election systems.
  We had a candidate (Lawrence Lessig) who ran ENTIRELY on this, but he got nowhere, because it turns out nobody wants to elect a president who says he won't tackle foreign policy, education, taxes, the military, etc. and will quit once he fixes the one thing he was running for.
  There's a lot we could learn about voting from looking at other countries and especially at Australia. We're not gonna do that, though, because the people making these decisions love it this way.
5. Re:Reasoning by HiThere · 2018-11-06 05:47 · Score: 1
  
  The House may change, but the Senate is going to stay R, or possibly turn more R, because more D's than R's are up for reelection.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
6. Re:Reasoning by jbr439 · 2018-11-06 10:01 · Score: 1
  
  in Australia (apparently a nazi country since we have govt regulation of business, gun control, national healthcare?) ...!
  I believe that every developed country on the planet, with the exception of the US, is a 'nazi country' by this definition.
  So don't you go feeling you're special :-)
  [written from nazi country Canada]
7. Re: Reasoning by philmarcracken · 2018-11-06 10:58 · Score: 1
  
  And yet your vote barely matters https://www.youtube.com/watch?...
Re:California Republicans by Anonymous Coward · 2018-11-05 16:18 · Score: 2, Insightful

You probably wouldn't last 20 seconds in front of Robert Mueller without blurting out some retarded falsehood and getting insta-carted off to Federal prison, just like Trump is about to...
With Trump there are two possibilities.
1. He knows 100% what he is saying. He is on top of things but chooses to lie about everything, even when it makes no sense to do so.
2. He is mentally unfit for the position he is in, but not stupid. He is a very accomplished con man and is going with his gut and his wits to find the levers necessary to move the electorate, mo matter the cost, particularly with respect to keeping the senate, which are really the only ones who could really stop him.
Notice that (1) doesn't make sense. His own actions sometimes don't make sense from this viewpoint, and his own lawyers have said, you can't testify. You will be convicted of perjury. I think it is really 2. We have someone in office who thinks the ends justify the means, if the result is Trump wins, and really only has two skills. 1. He is an accomplished con man. 2. He never gives up. Have you noticed that several times lately his only defence is, "It worked," as if that is all he needs? That is his ends justify the means stuff.
Re:For the record by PopeRatzo · 2018-11-05 17:22 · Score: 3, Informative

I am replying to a partisan hack that is dishonestly pretending to misunderstand whats in the article. on purpose. Basically, a lying fucking cunt.
Nothing to misunderstand. A voting machine manual was insecure by design, and the only states where it was used were states run by Republican jackoffs. It's all right there in the article.

--
You are welcome on my lawn.
Re:For the record by Anonymous Coward · 2018-11-05 17:31 · Score: 1

Because Obama literally told Trump in 2016 that it was a conspiracy theory to think our elections could be hacked.
https://www.nytimes.com/2016/10/19/us/politics/obama-donald-trump-election.html
Selective amnesia seems to be a reoccurring thing in these days. Perhaps something is in the water?
Re:Unity? RATZO = racist seditious traitor KILLED! by Zontar+The+Mindless · 2018-11-05 17:56 · Score: 1

Funny how the voter ID types go running for cover when it's pointed out that a national ID card would take care of the issue, and does so in most countries. But a national ID card ZOMG NWO!!

--
Il n'y a pas de Planet B.
Monkey See, Monkey Do by Tablizer · 2018-11-05 18:34 · Score: 1

I bet they hired some clueless shlub who wrote the manual based on observing actual practices instead of checking with a security expert. Seen it happen.
Boss: "Fred, I'm reassigning you to write the manual for the new voting system."
Fred: "But I don't know anything about voting systems."
Boss: "Just observe the testers in action, and write down what they do."
Fred: "Okay, I can do that! On-it, boss!..."

--
Table-ized A.I.
1. Re: Monkey See, Monkey Do by orlanz · 2018-11-05 23:14 · Score: 1
  
  Let's put aside the issue of using a password based system in the first place. But a "security expert" would have made things worse. So the official manual will say use a secure 10 character, upper, lower, special, & number password.
  The unofficial manual will say look for tape under the machine.
  Atleast with the current manual, people will be less likely to share their accounts because it's so easy to setup new ones.
2. Re: Monkey See, Monkey Do by bluefoxlucid · 2018-11-06 02:28 · Score: 1
  
  Let's put aside the issue of using a password based system in the first place.
  No, let's not do that. It never even occurred to me to use passwords when I stared writing the SAFE VOTES guidelines (elections procedures and standards specifically for elections run via direct-recording electronic voting). I didn't even require 2FA--largely because using the credentials to do anything permanently takes the machine out of commission, causes alarms, and generally draws a whole lot of attention and stops your election, but also because the credential is created at poll open and is destroyed at poll close that day.
  
  the official manual will say use a secure 10 character, upper, lower, special, & number password.
  Assuming the accounts are persistent and long-lived, I would have said to use either TOTP, PKI (FIDO U2F, Smart Card), the two as a 2FA pair, any password plus TOTP or PKI as a 2FA pair, or a single-factor password of at least 14 characters and preferably generated as four random dictionary words (49 bits with 5,000 word dictionary and no variations, vs. 52 for 4-class 8-character).
  TOTP has a huge problem: if you demonstrate the installation of the software image on the machine, such that you can prove an untampered image, then the public observes the TOTP credential. You can't keep it secret. This is also true of entering a password.
  
  --
  Support my political activism on Patreon.
Re:For the record by Tablizer · 2018-11-05 18:42 · Score: 4, Informative

T wasn't blaming the "rigging" on Russia, but on Democrats/illegals. It was T's burden to show evidence for them doing such.
I suppose if you claim everything is rigged/bugged/fake, you'll accidentally be right roughly 10% of the time in a general sense.

--
Table-ized A.I.
Failure is not an option by jd · 2018-11-05 19:11 · Score: 4, Insightful

Few obvious questions.
First, with aren't they using smart cards with passwords on the keys?
Second, why did the software permit weak choices? Manual be damned.
Third, why are infosec officers not replacing those pages in the manual, training users in proper procedures, rejecting the products at user acceptance or running tools for weak password detection?
This is a failure of the entire procurement procedure, start to finish.

--
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
1. Re:Failure is not an option by bluefoxlucid · 2018-11-06 02:54 · Score: 1
  
  First, with aren't they using smart cards with passwords on the keys?
  Because voting machine manufacturers are money-changers, not security experts. They make ATMs, they make voting machines.
  
  Second, why did the software permit weak choices?
  Made to order.
  
  Third, why are infosec officers not replacing those pages in the manual, training users in proper procedures, rejecting the products at user acceptance or running tools for weak password detection?
  The same companies who provide the machines also provide voter outreach and elections consulting. They'd be the ones deciding if you should reject this shit.
  Why do you think I'm starting a business and breaking into that industry? Paper ballots look kind of like the Internet to me (from thousands of polling places, through the hands of small groups of trustees, flowing to central State offices... looks just like all the online banking traffic), and the electronic voting industry is run by people with no background in IT security or risk management. Everything is run wide open and vulnerable to all kinds of attack. Somebody needs to fix it.
  
  --
  Support my political activism on Patreon.
2. Re:Failure is not an option by wonkavader · 2018-11-06 04:31 · Score: 1
  
  The voting machine companies arrived like there was a gold rush. The most important selling point of any voting machine system is "NO RECOUNTS" because A. recounts cost money, and B. The people counting the votes don't like them.
  NO RECOUNT sets the bar pretty low -- "just throw a machine together that spits out an excel spreadsheet or an access database."
  NO RECOUNT actively discourages a paper trail.
  The designs were stupid. The purchases were stupid. All money spent on them was a mistake. No one wants to admit that, so they double-down.
Re:Unity? RATZO = racist seditious traitor KILLED! by LynnwoodRooster · 2018-11-05 20:17 · Score: 1

We have de-facto national ID cards now - passports. And with the requirement for Real ID, pretty much all State-issued driver's licenses and ID cards will be effectively a national ID card. But why do I have to prove ID and tell the Federal Government what I'm doing when I buy a firearm, but not when I vote?

--
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
Perhaps rely on physical security. by 91degrees · 2018-11-05 20:51 · Score: 1

Sometimes I think we should remove all digital security features.

Based on the same principle that the way to make people drive more carefully would be a 6 inch spike in the middle of the steering wheel, people rely on passwords and encryption when they aren't completely effective. More to the point, the users typically don't understand them that well. The passwords themselves are next to useless here. Might as well remove them entirely.

If the security systems are removed, then we'd have to rely on things like solid cases, and physical locks and keys. Something that can not be easily broken and will show a clear indication is someone has done so. We would have to isolate the device from the network entirely.
1. Re: Perhaps rely on physical security. by orlanz · 2018-11-05 23:19 · Score: 1
  
  Or you can just use actual secure methods of authentication. The stuff that is found on any standard enterprise level laptop. TPM chips, two factor, encryption, etc. I think we got this stuff down pat about 10 years ago? In the IT world, that's basically a lifetime ago.
2. Re: Perhaps rely on physical security. by 91degrees · 2018-11-06 00:14 · Score: 1
  
  The problem is enforcing it right along the chain.
  
  2 factor authentication is inconvenient, and people circumvent inconvenience. In this case they can't even be bothered doing single factor authentication properly. So they'll share the password, and the security card, or SecureID generator or whatever.
  
  I think to get this to work we'll need to fix human stupidity. Sadly I can;t see this happening.
3. Re:Perhaps rely on physical security. by bluefoxlucid · 2018-11-06 03:06 · Score: 1
  
  So here's the thing: computers can be made impenetrable; physical locks can't. Computers, however, are immensely difficult to validate: we can ensure a small code body (maybe 4,000 lines) is correct, but we can't ensure the whole OS stack, the enormous application in its entirety, all libraries, and so forth are correct.
  You know that thing where you can't hack into a computer that's unplugged and unpowered? You can totally hack into a lock by getting a large enough hammer. Any lock. You can manufacture a duplicate lock, a duplicate seal, a duplicate ballot box.
  A computer that's powered on, only accessible via port 443 with TLS, and configured to reject a client not presenting an appropriate authentication certificate has a relatively-small code path to deal with. Unfortunately, at that level, you're facing the operating system's network stack, its firewalling stack, parts of the TLS library, and anything in the application that tries to identify the user by reading the data (which should just be using the TLS library to ask for the principle). That's a lot of code. If all of that is secure, holes everywhere else don't give hackers access unless those hackers are also valid, authorized users trying to exceed their access.
  
  We would have to isolate the device from the network entirely.
  And there you go.
  Voting machines only need to collect and package votes. They need to exist for one day, and they only need to release their contents in a batch--or in a one-way stream such as by FEC light transmission. Folded Reed-Solomon at 5,000% correction, a flashing LED, and a photosensor on the thing across the room would let you safely transmit votes during voting, if you really want. Thing is you still need to batch everything up at poll close and provide proof of the ballots in public view to confirm the vote tally.
  So we're down to a single approach: unplug the machine from the Internet entirely. You vote, it collects votes. At poll close, it computes some kind of reproducible hash of the ballot set, which it displays for all observing. We all write it down, take pictures, whatever. Then it transmits votes--possibly by someone opening the locked door, plugging in a USB device, and copying the ballot set off physically.
  With no surface to attack, it's secure.
  You still need to prove the integrity of the machine at poll open. Remember: software manufacturers, hardware manufacturers, and all elections staff and authorities are also threats.
  
  --
  Support my political activism on Patreon.
4. Re:Perhaps rely on physical security. by 91degrees · 2018-11-06 06:14 · Score: 1
  
  A lot of this can be handled with low tech methods though. Make sure the machine remains visible at all times. Put plastic tape over any access hatch so you know if it's been tampered with. These low tech security measures are a lot harder to circumvent, and based on tried and tested methods that work well even for paper hand-counted ballots.
  
  I agree with your concerns about the network stack. And I really don't have any idea how we can avoid attacks at the development or production stages.
  
  I don't understand the reasons behind a purely electronic system. Personally I think that any voting system should provide a piece of paper with a mark on it. If the paper is then counted by machine, then fair enough. I realise there are issues there as well. I was around for Bush v. Gore, but I think those problems can be avoided.
5. Re:Perhaps rely on physical security. by bluefoxlucid · 2018-11-06 09:04 · Score: 1
  
  Make sure the machine remains visible at all times. Put plastic tape over any access hatch so you know if it's been tampered with.
  Lexan case, locks, sensors, alarms--visual and audio.
  
  If the paper is then counted by machine, then fair enough
  Analog failure: machine misreads ballot. Direct-recording machines can display the ballot as it is understood.
  Paper is easy to compromise: you can manufacture, alter, and lose it. The same is true of all data, really. You only have integrity inside the polling center.
  
  --
  Support my political activism on Patreon.
Re:For the record by LynnwoodRooster · 2018-11-05 21:06 · Score: 2

You idiot. OpenElect is used in Illinois and Virginia both of which went for Hillary! Just go away - you're wrong all over the place, provably so...

--
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
how hard is it? by pereric · 2018-11-05 21:26 · Score: 3, Insightful

Should not be too hard making a good voting system?
Sweden (and many Europeans do it like this): Every citizen get sent a physical voting card to their home address (including information on where and how to vote). No need for registration, just being a citizen (national elections) or at least legal resident (local elections). Election places are all over towns, usually in schools of libraries. They are staffed by volunteer respected citizen.
On election day, you go to the election place, take some ballots and envelope, and put one ballot in one envelope per election. Then you show your card at the front desk (always staffed by several volunteers), and get ticket off in the electoral roll. If you have lost your card, you can use some ID. The envelopes are put in sealed boxes (one per election) under your supervision. (Oh, you can also hand in you vote in advance, at advance election places anywhere in the country (and at consulates). They will be sent to your election place, and used if you haven't voted physically)
The boxes are kept under supervision, and when election closes, counting starts. Everyone is welcome supervising the opening of boxes and envelopes, as well as the counting. Results are usually presented the same evening. The ballots are then handed in and re-counted once at a central location for each county just to be sure.
The system is easy to audit, and hard to cheat - especially on a systematic nation-wide level (which is much easier if there is a electronic system to attack)
1. Re: how hard is it? by orlanz · 2018-11-05 23:21 · Score: 1
  
  That's pretty much how it's done in much of the US at the local level. Except for mailing and using a voter card. Proof of identity & residency is all that is needed.
2. Re: how hard is it? by dunkelfalke · 2018-11-06 00:50 · Score: 1
  
  In Germany, the voting card is just for convinience. An ID is enough, but without the voting card the election observers would have to look up the name in their list.
  
  --
  "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
3. Re: how hard is it? by squiggleslash · 2018-11-06 02:23 · Score: 2
  
  No it isn't. The US doesn't automatically register anyone, you have to manually register. That's a pretty significant difference right there.
  The entire US system is built around building as many hurdles to voting as possible. So you have to manually register. You frequently also need an approved form of ID. If you move house, both your voter registration and your ID become invalid. If you have no legal address, you have even more hurdles to jump - in some states this means getting an "official address" from the local sheriff, which for historical reasons many Americans are fearful of.
  Your registration too is vulnerable. It can be cancelled due to any number of voter suppression techniques, from minor inconsistencies between names on registration vs, say, driver's licenses, to mail being returned when sent to a voter's address.
  Finally, efforts to help voters are often illegal. One organization (which ended up the victim of a smear campaign, so I won't name it because that'll just turn people off ironically because they were fooled by this very issue) tried to mass register voters by knocking on doors, asking residents to fill in registration forms, and then delivering them to the local government. They found themselves responsible when some residents, and even some volunteers, put false information on the forms (like names of football players, people who didn't actually want to vote but, in the case of residents, wanted the door knockers to go away, or in the case of volunteers wanted to collect money from the organization for turning in enough registrations), finding it was both illegal not to turn them in, or to turn them in altered, but also illegal to turn them in with the false information. An election official in Georgia who told an elderly woman how the voting procedure worked was put on trial for helping her because, as she wasn't illiterate or disabled, the state believed she wasn't entitled to help (the election official was acquitted after 20 minutes of jury deliberation, but she had been facing 15 years in prison, and the fact the judge didn't stop the trial and nobody questioned what happened suggests her acquittal was a mild case of jury nullification)
  It's nothing like what's in Europe. In Europe, registration is automatic, and you're encouraged to vote.
  
  --
  You are not alone. This is not normal. None of this is normal.
4. Re:how hard is it? by Ol+Olsoc · 2018-11-06 02:24 · Score: 1
  
  The system is easy to audit, and hard to cheat - especially on a systematic nation-wide level (which is much easier if there is a electronic system to attack)
  The same people who claim that there is election fraud are not making the claim because they want to eliminate election fraud.
  So they would hate your rather nice system with a passion.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
5. Re: how hard is it? by Darinbob · 2018-11-06 08:52 · Score: 1
  
  In California you're allowed to use a provisional ballot much of the time. Ie, if you move to a new location within the same county but did not re-register you can still vote but with a provisional ballot, and it will get counted as long as it shows you did not vote in any other precinct. If you move to a different county without re-registering, you can still vote with a provisional ballot, it will just take a bit longer to verify. For most hiccups, you can get the provisional ballot.
Defective by design by shentino · 2018-11-05 21:59 · Score: 2

Anyone wanna bet that this was done deliberately to make them easier to hack? Whoever made these things should know damn well how to keep it secure. Especially with the shenanigans around Diebold and so on. Election fraud is big news with the people who make the damned machines so there's no way they are doing this out of ignorance. These rules seem specifically designed with the OPPOSITE of security in mind.
You know, you can have one orange finger and you'll get the benefit of the doubt. Two orange fingers and you'll still get the innocent until proven guilty treatment. But when your whole hand is orange and there's cheese powder on your lips and teeth? Dude, I didn't have to see you do it to know that you stole the fucking cheetos!
1. Re:Defective by design by bluefoxlucid · 2018-11-06 03:10 · Score: 1
  
  Diebold made ATMs. They're money-changers. They see a need for a system that collects and transmits votes.
  When you build a microwave oven, you don't load it up with fork-detection hardware. You tell people to never microwave a fork. In an election, people are intentionally trying to microwave a fork, and you need defenses against that. Diebold, ES&S, Hart, these people built a microwave to accomplish microwaving food, not to accomplish microwaving food in hostile territory where even the people who bought the microwave are trying to sneak forks into the microwave.
  I'm getting into the business. It starts with security. Gonna be a while before I'm ready to play, but you know what? Everybody hates all of these people. They have no idea what they're doing. I'm going up against giants, but you gotta realize: I'm not competing with them; they're competing with me.
  
  --
  Support my political activism on Patreon.
Re: Unity? RATZO = racist seditious traitor KILLED by orlanz · 2018-11-06 00:07 · Score: 1

3/5 US citizens don't have a passport. I bet that's a little higher in the voting population which has a lot of elderly that traveled less abroad (they also didnt need passports for MX & CA).
Re: Unity? RATZO = racist seditious traitor KILLED by LynnwoodRooster · 2018-11-06 00:40 · Score: 1

And the other half of what I wrote? Real ID is effectively a national ID.

--
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
Meanwhile in DNC Land by Anonymous Coward · 2018-11-06 01:16 · Score: 1

Meanwhile in DNC Land, the DNC literally RIGGED their primary in 2016.
Hillary stole campaign money from other DNC candidates through a bizarre loophole allowing doners to give her over $100k each when the normal cap is $2.5k. (minor)
She colluded with Boston news outlets giving them Sanders smear stories to run, and telling them which days to run them.
Colluded with the WaPo, who fed her political stories early so her campaign could edit them and the WaPo would publish her versions.
Superdelegates.
Refusing to let the DNC fund any of Sander's campaign.
Removing access to DNC voter information from Sander's campaign right before Super Tuesday.
and on and on.
Not a peep from you about all that, because it helped "your guy" win. Instead of complaining about ACTUAL election fraud, you bring up conspiracy stories with no evidence. You don't care about fair elections, you have made that perfectly clear to us.
PopeRatzo is attempting to reclaim his crown as dumbest poster on /..
1. Re:Meanwhile in DNC Land by wonkavader · 2018-11-06 04:26 · Score: 1
  
  Hillary was a crap candidate and the DNC's shenanigans (I don't know that all of your points above are true -- I suspect many of them are false, but if every one were true it wouldn't change anything) were in HUGE part the reason we got into this mess. But the reality is we're now, quite blatantly a kleptocracy -- we've gone from a first world government to a third-world one over night. And the Republican party is frantically trying to stop anyone from doing anything about it.
  The Democrats need to be back in power, because we have a CHANCE at decent government with them. We've seen how utterly corrupt the Republican party is. Comparing the rampant corruption of this administration to the previous one, or of the Republican party vs. the DNC, is seeming the mote where the beam is absurdly obvious. It's simply disingenuous.
  The DNC needs to be overhauled. But that has to wait for a few more weeks, and needs to be finished or put on hold a solid 9 months before the next election.
humans by cascadingstylesheet · 2018-11-06 01:19 · Score: 1

Electronic systems are used by human beings. The vast majority of whom are terrible at security.
Re:For the record by Ol+Olsoc · 2018-11-06 02:21 · Score: 1

According to the article, every single one of the 10 states where these machines were used are Republican states where Donald Trump won.
Why doesn't anyone look surprised by that?
If the voting machinery was not corruptly designed to be intentionally hacked, they missed a good chance to do just that.
Carnegie Mellon performed a test to see how secure voting machines were. They were not secure at all. They had a pretend election, and could easily go in and switch votes so that the loser won.
There are still some rumblings regarding the Kerry vs Bush outcome in Ohio, and Karl Rove's election night meltdown when he refused to accept that the Kenyan Terror baby won Ohio. In the first case, apparently a lot of people decided to lie in the exit polls, and in the second, Rove seemed to suggest the sort of magic that the Carnegie Mellon people showed was pretty trivial to do.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Re: Unity? RATZO = racist seditious traitor KILLED by Cro+Magnon · 2018-11-06 02:22 · Score: 1

Aren't there still a bunch of states that don't have RealID? I know Missouri doesn't.

--
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Voter ID = nazi bullshit by Uberbah · 2018-11-06 02:22 · Score: 1

Paper ballot, voter ID

Like questioning Obama's birth certificate, the facts around voter ID - namely that in person vote fraud is so rare it may as well not exist - have been stated far too many times for anyone to advocate for it without engaging in outright sophistry. Sophistry like rattling off cases that wouldn't have been prevented by requiring an ID in the first place, like fraudulent registrations or ex-cons voting in states that don't allow it.
Re:For the record by Uberbah · 2018-11-06 02:27 · Score: 1

I actually expect that if rigged vote counts are discovered after the election, they will be rigged in favor of Trump
Yeahno. Trump wasn't a part of the establishment, which is why they came up with the the Russiagate BS to jerk him around as needed.
Have you not been paying attention? by wonkavader · 2018-11-06 04:13 · Score: 1

It's in full swing:
https://www.reuters.com/articl...
https://www.vox.com/policy-and...
https://www.americanbar.org/pu...
Hell, even wikipedia has it: https://en.wikipedia.org/wiki/...
No E-Voting - We Know Too Much by BrendaEM · 2018-11-06 04:16 · Score: 1

The people here on Slashdot who might be able to devise a secure electronic voting machine--are a minority compared of those here who could hack it.

--
https://www.youtube.com/c/BrendaEM
Legal fees for an ID??? by huckamania · 2018-11-06 04:26 · Score: 1

Sorry, you, your friend and the dumb ass from Harvard are still wrong.
1. Re:Legal fees for an ID??? by HiThere · 2018-11-06 05:42 · Score: 1
  
  An assertion is not proof of anything, and is only evidence of one person's opinion. He quoted a study (which I didn't bother to check) and provided a (corrected) link. Admittedly I didn't follow it. This is at least the form of evidence based decision making.
  You offered only your assertion.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
Similar story by Thad+Boyd · 2018-11-06 04:36 · Score: 1

I used to work as a temp on GoDaddy's web design team.
Our first day, we had to go through a "security" tutorial that, among other things, advised that we satisfy the "mixed-case and at least one symbol" requirement by using an initial capital letter and putting an exclamation point at the end.
I e-mailed the security team to explain to them why this is bad advice ("you've just removed all the benefits a six-character mixed-case password with a symbol has over a five-character all-lowercase password"). Unsurprisingly, I never heard back.
USA is a Republic and oldest existing Govt by huckamania · 2018-11-06 04:40 · Score: 1

Thanks for all the advice, rest of the world, but we're good here. It's nice you've finally figured out how to run your countries. Keep in mind that there are many, many years between the founding of our countries current governance and the founding of your current government. It's not even close.
If and when this government topples, then you, the rest of the world, can compete to see which of your governments last as long.
1. Re:USA is a Republic and oldest existing Govt by wonkavader · 2018-11-06 04:43 · Score: 1
  
  Right. Not invented here. Therefore of no value. Yep. Good point.
  Let's all go back to polishing our flintlocks.
2. Re:USA is a Republic and oldest existing Govt by DethLok · 2018-11-06 21:00 · Score: 1
  
  While the system of government has changed, thanks to a lost war, the ruling family hasn't, in the last... 2,500 years or so.
  https://en.wikipedia.org/wiki/...
  And of course, there is the United Kingdom, as has been pointed out by an AC. They settled the American colonies, who ungratefully rebelled!
Re: For the record by Tablizer · 2018-11-06 05:16 · Score: 1

Which country has righteous politicians?

--
Table-ized A.I.
Re: Unity? RATZO = racist seditious traitor KILLED by astrofurter · 2018-11-06 16:58 · Score: 1

You sure told 'im, Boris!