6
   

Electronic Voting Machines

Forums:
Email this Topic Print this Page
 
 
edgarblythe
 
Reply Mon 8 Aug, 2016 11:27 am
Stealing an American election can take less than eight minutes, at least that’s the conclusion of Princeton professor, Andrew Appel and graduate student, Alex Halderman. According to him, it would be child’s play for the Russians, or pretty much anyone, to completely change the results of our November election and the entire experiment cost just $82.

Appel was able to purchase an electronic voting machine online. It was called Sequoia AVC Advantage and despite the fact that it’s an outdated behemoth, it’s still used in four states, including the swing states of Virginia and Pennsylvania.

Clutching a screwdriver, he deftly wedged out the four ROM chips—
they weren’t soldered into the circuit board, as sense might dictate—making it simple to replace them with one of his own: A version of modified firmware that could throw off the machine’s results, subtly altering the tally of votes, never to betray a hint to the voter. The attack was concluded in minutes.

Source: Politico
Proving the vulnerability of our elections has been a passion of Appel’s since 2002, after George Bush was selected by the Supreme Court following a contested race, with accusations of vote tampering, between Bush and Al Gore.

After last month’s hacking of the Democratic National Committee, allegedly by the Russians, a lot of Americans are concerned that the same thing can be done to our elections.

This week, the notion has been transformed from an implausible plotline in a Philip K. Dick novel into a deadly serious threat, outlined in detail by a raft of government security officials. “This isn’t a crazy hypothetical anymore,” says Dan Wallach, one of the Felten-Appel alums and now a computer science professor at Rice. “Once you bring nation states’ cyber activity into the game?” He snorts with pity. “These machines, they barely work in a friendly environment.”
One of the problems with our electoral process is that even so-called national elections, like presidential elections, are run by the states and sometimes even by counties. All in all, there are over 8,000 voting jurisdictions, mostly run by volunteers. There are no requirements, only suggestions, that those jurisdictions follow certain guidelines. The vulnerability of voting machines can be so bad that even our iPhones are more secure.

The Princeton group has a simple message: That the machines that Americans use at the polls are less secure than the iPhones they use to navigate their way there. They’ve seen the skeletons of code inside electronic voting’s digital closet, and they’ve mastered the equipment’s vulnerabilities perhaps better than anyone (a contention the voting machine companies contest, of course). They insist the elections could be vulnerable at myriad strike points, among them the software that aggregates the precinct vote totals, and the voter registration rolls that are increasingly digitized. But the threat, the cyber experts say, starts with the machines that tally the votes and crucially keep a record of them—or, in some cases, don’t.
Many districts are moving away from voting machines, as they should, but there are still enough districts, even in swing states, that if the election is even a little close, our election could easily be rigged. It’s not just the voting machines that are at risk. Election officials use computers, often with outdated hardware and software, to prepare ballots, prepare electronic files, keep track of voter registrations, etc.

It would be one thing if there was some sort of uniformity – perhaps the federal government could use their cyber security resources to prevent malfeasance – but there isn’t. Local voting districts are not expert in cyber security, but they are put in charge of the validity of their ballots. For many, a high school computer student would be able to offer more security than they currently have.

Appel doesn’t have solutions to offer. That’s far more complicated and likely a debate for years to come, but for this year’s election, things could be quite grim. If it’s even remotely close, the Russians, the Chinese or any number of foreign and domestic agents could be very undemocratically determining the fate of our nation.
http://usuncut.news/2016/08/08/princeton-professor-proves-it-takes-just-seven-minutes-to-hack-our-elections/
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 6 • Views: 1,149 • Replies: 41

 
Robert Gentel
 
  1  
Reply Mon 8 Aug, 2016 07:09 pm
@edgarblythe,
Electronic voting gets a bad rap but I do not think it is fundamentally any more insecure than paper ballots (remember hanging chad? Manual counts and recounts? They have their own issues too).

But that being said, it does seem that early electronic voting machines suffer from pretty shoddy security designs. But if they all issue a printed ballot to the voter the kinds of attacks this describes can be easily identified.
edgarblythe
 
  2  
Reply Mon 8 Aug, 2016 07:42 pm
@Robert Gentel,
I have always held that if they don't leave a paper trail they cannot be trusted.
0 Replies
 
maxdancona
 
  1  
Reply Mon 8 Aug, 2016 07:55 pm
@Robert Gentel,
I think I disagree with you Robert. When you are tampering with votes electronically, it is far easier to impact a massive number of votes, and it is easier to hide your tracks than with paper ballots.

Not to mention that paper ballots can be recounted in a reliable way.

You can steal paper ballots... but that is much harder to do in a widespread way without getting caught. Writing a hack to secretly change one in 10 votes randomly would be nearly impossible to detect with no way to figure out what happened.


izzythepush
 
  1  
Reply Tue 9 Aug, 2016 04:19 am
This is from a BBC article about hackers for Clinton.

Quote:
In many states in the US, electronic voting booths are used to cast ballots. Typically, voters will be given a smart card loaded with their details that they can use, just once, to place their vote.

But security experts have long suspected that the system has several vulnerabilities.

“Some of the biggest concerns are manipulation of the cards used to vote, allowing people to vote multiple times,” warned Kevin Haley, from security firm Symantec.

"There’s also the collection of the ballots itself. The ballots sit on the electronic voting machines, unencrypted.”

Brian Varner, a Symantec researcher, demonstrated how a tiny card reading device costing around $10 (£7.70) could be potentially used to reset the card so it could be used multiple times by the same person.

Symantec stressed that the company had no evidence that the scenarios it put forward had actually been tried out for real - but its concern is echoed by many.

The US Department of Homeland Security is having high-level discussions over whether or not to designate voting machines as critical national infrastructure.

If that happens, it will mean a lot more investment in keeping them secure.

Mr Haley did offer another idea - why not vote using only a piece of paper and a pencil?


http://www.bbc.co.uk/news/technology-37009421

We don't have them over here, paper and pencil, put an X in the box. (We don't have problems with hanging chads either, democracy is too important.)
0 Replies
 
Robert Gentel
 
  1  
Reply Wed 10 Aug, 2016 03:54 pm
@maxdancona,
maxdancona wrote:
Writing a hack to secretly change one in 10 votes randomly would be nearly impossible to detect with no way to figure out what happened.


Nearly everything you say assumes an insecure electronic voting system but they can be secured to the same degree of security as paper balloting systems. In any case much more than voting already relies on security of electronic systems, our financial system for example.
maxdancona
 
  1  
Reply Wed 10 Aug, 2016 04:24 pm
@Robert Gentel,
Voting system require anonymity. This is the reason that financial systems can be secured and voting systems can not. When I make a financial transaction I can check to see that my money went the way I expected it to. In voting there can be no audit trail.

There are any number of ways I can hack a voting system to change the results. I can intercept the input device to change the input. I can bypass the UI to make the user think she made a choice she didn't intend. These would happen before encryption so encryption would be irrelevant.

I can install a little routine to add votes (maybe checking the voters that didn't vote). I can install a little routine to change the counts reported (before they are encrypted).

Of course any of these hacks could be done on a financial system (and some of them have been done). The difference is that with an audit trail, as you have in a financial transaction, missing money will be detected, and when it is detected there will be an audit trail to show what happened. Of course, Bitcoing is built to provide anonymity, and you and I both know how that is working out.

An electronic voting system that has anonymity as a requirement is inherently insecure in a way that an electronic financial transaction not requiring anonymity is not.
Robert Gentel
 
  1  
Reply Wed 10 Aug, 2016 04:31 pm
@maxdancona,
maxdancona wrote:
Voting system require anonymity. This is the reason that financial systems can be secured and voting systems can not. When I make a financial transaction I can check to see that my money went the way I expected it to. In voting there can be no audit trail.


Just because you aren't familiar with the ways to do so does not mean it cannot exist. The bitcoin block chain is just one example of a way to have both anonymity and accountability.

Quote:
There are any number of ways I can hack a voting system to change the results. I can intercept the input device to change the input. I can bypass the UI to make the user think she made a choice she didn't intend. These would happen before encryption so encryption would be irrelevant.


That's why you give the voter their transaction id, their vote id that can then be audited. See the bitcoin block chain example for one clear demonstration of how it can work.

Quote:
I can install a little routine to add votes (maybe checking the voters that didn't vote). I can install a little routine to change the counts reported (before they are encrypted).


Again, see the bitcoin block chain as a way of decentralizing and democratizing the acceptance of these transactions. There is no need to rely on just one machine to process the vote.

Just because you had not imagined it doesn't mean it cannot be built securely.

Quote:
Of course, Bitcoing is built to provide anonymity, and you and I both know how that is working out.


They are failing due to political, not technical reasons. Or rather political dispute over technical direction and the realization that it must rest with a central control. In the case of voting there is not a problem with having a central authority administrate it as that is already the case and the technological advent of the blockchain and the distributed ledger is, in fact, an example of how to have the anonymity and accountability that is needed.

They are also failing because as a concept we don't really need anonymity and decentralized currency as much as convenience and bitcoin is a pain and not convenient at all.

But the block chain and distributed ledger are brilliant technology that can be used for many other purposes and bitcoin's struggles are not due to these technologies.

Quote:
An electronic voting system that has anonymity as a requirement is inherently insecure in a way that an electronic financial transaction not requiring anonymity is not.


Says you, because you are not an expert in the admittedly very complex computer science behind more secure systems than you are able to conjure.
maxdancona
 
  1  
Reply Wed 10 Aug, 2016 05:59 pm
@Robert Gentel,
Actually Robert, I am familiar with this area (I work as a software engineer and have to think about these things). Encryption doesn't solve the problem. There are a large number of hacks that can end around encryption.

Let's take the first hack I suggest. I insert a bit of code into the UI so that your vote that you intend to make for Fred gets registered as a vote for Joe (which is then encrypted as vote for Joe).

Maybe I am missing something... but please explain how your "block chain" solves this problem.

maxdancona
 
  1  
Reply Wed 10 Aug, 2016 06:04 pm
@Robert Gentel,
Let me see if I understand your system (after trying a bit more to understand).

Each voter will have a private key. And with that private key the voter will be able to see every vote that he or she has ever cast. Is that what you propose?

It is my belief that every system involving public transactions by three or more parties are vulnerable to any number of hacks. This is why the audit trail is key to any financial transaction. I have done some work in computer security (I don't claim too much expertise, but I do understand the issues and how cryptographic systems work).

Any computer security expert will tell you that having an audit trail is a critical part of any modern secured system.
maxdancona
 
  1  
Reply Wed 10 Aug, 2016 06:11 pm
@Robert Gentel,
One more point.

I think you are making the claim that it is that it is always possible to secure a system (correct me if I am reading you wrong).

I assert that it is always possible to find a exploitable flaw in a secured system.

The reason that I am probably correct is that for system to be secured... every single flaw must be detected and corrected.

For a system to be compromised, all you have to do is find one flaw.
cicerone imposter
 
  1  
Reply Wed 10 Aug, 2016 06:25 pm
@edgarblythe,
In 2003-2004, I served on the civil grand jury in Santa Clara County, and one of the task we took up were the voting machines. Our conclusion was they were secure as long as nobody was able to get inside them except the voter. That the machines were protected when the voting times were over.
When the voter showed up, they had to sign their name by their name and address on the voter's registry.
I have not heard of any voter fraud in our county before or since.
maxdancona
 
  1  
Reply Wed 10 Aug, 2016 06:45 pm
@cicerone imposter,
Quote:
Our conclusion was they were secure as long as nobody was able to get inside them except the voter.


I am curious Cicerone. How did you conclude this? In order to conclude this, you need a capable independent security expert to have access to the machine. I am pretty sure there is any machine that has been made to this date that independent security experts have concluded is actually secure (you can correct me if I am wrong).

Part of the problem is that for these voting machines, marketing is more important than security. If you can convince voting boards, you can make sales whether they are actually secure or not (and they are not).

If you can tell me what make and model of machine it is, I can tell you if it has already been compromised (at least by security experts). Many of them have.

0 Replies
 
maxdancona
 
  1  
Reply Wed 10 Aug, 2016 06:49 pm
@cicerone imposter,
I am not saying that there has been voter fraud on these machines.... but security researches have shown many time that a talented hacker could compromise many of these machines.

And the problem with electronic voting is that if the machine tells you that there were 2,123 votes for Fred and 1,983 votes for Joe... there is no way to know if there was fraud or not. The records are lost, and unless you go and ask over 4,000 people for whom they voted and were sure they were telling you the truth, you wouldn't know if there was fraud or not.
cicerone imposter
 
  1  
Reply Wed 10 Aug, 2016 06:58 pm
@maxdancona,
Poor response. I couldn't delete it.
0 Replies
 
Robert Gentel
 
  1  
Reply Fri 12 Aug, 2016 01:57 pm
@maxdancona,
maxdancona wrote:
Actually Robert, I am familiar with this area (I work as a software engineer and have to think about these things). Encryption doesn't solve the problem. There are a large number of hacks that can end around encryption.


Encryption isn't a huge part of this, you only need things to be anonymous but the result is perfectly fine to be public.

Quote:
Let's take the first hack I suggest. I insert a bit of code into the UI so that your vote that you intend to make for Fred gets registered as a vote for Joe (which is then encrypted as vote for Joe).

Maybe I am missing something... but please explain how your "block chain" solves this problem.


When you vote you get a transaction ID, and anyone (including the voter) can look up the vote of that transaction ID. If someone is changing votes this will be easy to prove (at least as easy as it is to prove if someone changes paper ballots).
Robert Gentel
 
  1  
Reply Fri 12 Aug, 2016 01:59 pm
@maxdancona,
maxdancona wrote:
Each voter will have a private key. And with that private key the voter will be able to see every vote that he or she has ever cast. Is that what you propose?


There's no need for each voter to have a key, the necessary encryption can be done with just each machine having a key.

Quote:
It is my belief that every system involving public transactions by three or more parties are vulnerable to any number of hacks. This is why the audit trail is key to any financial transaction. I have done some work in computer security (I don't claim too much expertise, but I do understand the issues and how cryptographic systems work).

Any computer security expert will tell you that having an audit trail is a critical part of any modern secured system.


I see no problem with having an audit trail in an electronic voting system. It can even be public for all to see that way.
0 Replies
 
Cycloptichorn
 
  3  
Reply Fri 12 Aug, 2016 02:00 pm
@Robert Gentel,
Hey RG. You're right about the Blockchain. I honestly think that's one of the most revolutionary new ideas to come on the scene in a long time and it has many potential applications that haven't even begun to be discussed yet, securing the vote being a prime one of them.

Cycloptichorn
Robert Gentel
 
  1  
Reply Fri 12 Aug, 2016 02:00 pm
@maxdancona,
maxdancona wrote:
I think you are making the claim that it is that it is always possible to secure a system (correct me if I am reading you wrong).


No, just that it is possible to secure it to the same degree that paper balloting can be.

Quote:
I assert that it is always possible to find a exploitable flaw in a secured system.


Sure, but paper ballots aren't infallible either, so requiring that would be a nirvana fallacy.
0 Replies
 
Robert Gentel
 
  2  
Reply Fri 12 Aug, 2016 02:01 pm
@maxdancona,
maxdancona wrote:
And the problem with electronic voting is that if the machine tells you that there were 2,123 votes for Fred and 1,983 votes for Joe... there is no way to know if there was fraud or not. The records are lost, and unless you go and ask over 4,000 people for whom they voted and were sure they were telling you the truth, you wouldn't know if there was fraud or not.


Why do you assume electronic voting just goes into the ether? There's no reason that has to be the case. There can be a public log of every vote and every result. Just like anyone can look up any bitcoin transaction.
0 Replies
 
 

 
  1. Forums
  2. » Electronic Voting Machines
Copyright © 2025 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 05/15/2025 at 10:11:12