Yet Another E-voting Machine Vulnerability Found
from the because-of-course dept
We’ve been talking about the ridiculousness of e-voting machines for well over a decade. If a machine doesn’t include a paper trail for backup, it’s suspect. That’s been the case since e-voting machines have been on the market, and many of us have been pointing this out all along. And the big e-voting companies have a long history of not really caring, even as their machines are shown to be vulnerable in a variety of ways. So it come as little to no surprise to find out that security firm Cylance has announced that it’s found yet another set of e-voting vulnerabilities in the Sequoia AVC Edge Mk1 voting machine. Sequoia especially has a long history of buggy, faulty machines.
Of course, with all the talk of “rigged” voting this year, the fact that some machines are hackable is very, very bad. Mainly because it just enables conspiracy theory talk to seem much more believable. It remains true (for somewhat ridiculous reasons) that while these vulnerabilities do exist, a widespread hack would be quite difficult. The real problem is at the margin, where low level vote changing could occur. As Ed Snowden rightly notes, the hacking may not be difficult, but using that to rig an election is much more difficult, and would almost certainly be caught.
Hacking voting machines: not that difficult. Hiding a secret deviation in votes from after-the-fact statistical analysis: nearly impossible.
— Edward Snowden (@Snowden) November 7, 2016
That said, this remains ridiculous. Even the appearance of potential vote hacking is a problem in actually getting the public to trust the results of an election. I can pretty much guarantee that no matter who wins tomorrow, someone will allege e-voting machine hacking, and point to this (or perhaps other) vulnerability disclosures in the days leading up to the election. And that’s bad. For over a decade we’ve been sounding the alarm that it’s ridiculous to use such electronic voting machines, and it would be a damn good idea to fix things. Would have been nice if someone listened.
Filed Under: e-voting, evoting, paper trail, vote rigging, vulnerability
Companies: sequoia
Comments on “Yet Another E-voting Machine Vulnerability Found”
There is a candidate who won’t believe the result if he loses, and this will just be more ammunition in his attempts to overturn such a result.
Re: Re:
don’t be daft, punk: NEITHER of the two hydra heads of the one and only Korporate Money Party want to ‘fix’ the electoral college and the broken election systems we suffer under… (it is already fixed to their liking)
the absolute proof : IF they really were interested in election integrity, WHAT/WHO has been stopping them lo these countless decades ? ? ?
no, the ONLY rational conclusion is that The They WANT a broken systrm they control behind the curtains…
Re: Re:
He’s not wrong, though. I mean if the Democrats had a hue and cry about Bush and the “hanging chads” in 2000, Trump voters have every right to challenge the results of easily one of the most contentious elections in modern history — and one where the opponent has a history of corruption going all the way back to, of all things, Watergate.
Not to mention good ol’ Palpatine Soros has his crooked fingers in the company that owns a significant number of these machines. Dominion is its name, I believe. If you thought Bush having a stake in Diebold was bad, well, considering the depths of pure, unencumbered, psychopathic evil that Soros and his puppet whøre are capable of, you might as well call this round Diebold with a Vengeance.
My vote at this point goes to Kim Jong Un 2016: Make America Glow Again.
Re: Re: Re:
Hillary’s only connection to Watergate is she was on the team investigating it. She wasn’t fired from it and there was no unethical behavior. The only people saying otherwise are Rush Limbaugh and Donald Trump. See https://www.reference.com/history/hillary-clinton-s-connection-watergate-bd95ec761bddda24
Your vote goes to Kim Jung Un because you didn’t bother to familiarize yourself with the US Constitution, Article II, Section 1 which clearly states one has to be born in the United States to qualify.
You sir, epitomize this:
https://www.youtube.com/watch?v=LQCU36pkH7c
E
Re: Re:
Considering his opponent rigged the Democratic primary against Bernie and rigged the debates by being fed questions from the moderators, I would say he would be just in his doubt about the election results.
It’s not a bug, it’s a feature!
Re: Re:
Hillary Clinton likes this.
That’s not very comforting, knowing that those deviations have been found in at least three recent elections. After-the-fact statistical analysis only produces trivia if the results are ignored.
Re: Re:
It is a basic fact of statistics that false positives and false negatives will always occur. While it is hard to hide true negatives, the occurance of false negatives will require more than statistical evidence to confirm fraud.
Re: Re: Re:
Still not comforting. Instead of deviations being ignored, you’ve merely declared them to be easily dismissed. Any REAL deviation – as these appear to be – can be responded to with “That proves nothing. False positives and false negatives will always occur.”
I’m having a hard time finding any of the articles on it because of the noise that is the internet (especially with the last year of politics being what it has been), but wasn’t their cries of alarm during the Democratic primaries because of post-vote statistical analysis saying their was something screwy happening in the primaries?
If that was so quickly swept under the rug and forgotten, what’s to say that cries of the same after the main election will be any different?
I am losing trust that our democracy is in any way democratic… and that any ones cares.
Re: Re:
Are we talking about exit polls, or something else?
Because there’s a pretty good explanation for why exit polls disproportionately favored Sanders ( http://www.nytimes.com/2016/06/28/upshot/exit-polls-and-why-the-primary-was-not-stolen-from-bernie-sanders.html ); tl;dr younger voters are likelier to participate in them than younger ones.
Re: Re: Re:
Re: Re:
Many people in the public probably care.. Of course, to be able to do anything about it, they would either need a functioning democracy or to be able to overpower the gov’t.. Good luck with either of those options.
No Hacking Here!
The machines are correct – and they show that the projection of our candidate being 11% ahead in the polls was also accurate. The losing candidate only got 48% of the vote, while our winning candidate got 59% – exactly 11% more. The machines were not tampered with by any external parties. Trust us.
But:
Snowden forgot the data in the count. Not everyone votes on each issue. Some skip to what is important on that ballot, to them. Issues on the ballot, local taxes, that initive, etc. So there may be a o in any spot. There may be many interested parties to hack the system or create a false trail. That’s why a verify able has to be created. It’s not just the bad person who wants your missed vote.
Years ago I wrote a blog post suggesting end-to-end verification. I got one Nirvana Fallacy reply, otherwise crickets.
I dunno. Sounds good in my head, but I don’t know if it could really be done.
Re: Re:
The major issue with end-to-end verification is doing in such a way that the voter is still not individually identifiable. We’ve all seen "anonymized" data become identifiable.
Re: Re: Re:
I do not subscribe to this.
If you are nor prepared to stand up for your vote, maybe you should not have one?
I think it would be just as easy to prove that someone is trying to harass you over your vote.
Most people are registered to a party and if you talk to them more than a couple hours a day you can likely find out how they vote.
Re: Re: Re: Re:
Well, that is possible, but having a presidential candidate making veiled threats about using weapons and having a history of going legal on people that critizise him, it is not impossible.
But a much more likely way to use such information is the mexican way where people get payed for voting a certain way. While money talks and bullshit walks, I don’t see the balance between the parties remaining forever in those circumstances as the economic support relies on picking the winner and getting the advantages it brings…
Re: Re: Re:
I’d been somewhat worried about the same outcome (although not to the extent that it had caused me to believe that end-to-end verification was a bad thing). However, I’ve seen a bit of information about using homomorphic encryption to allow a person to verify their vote without it also being specifically verifiable to a third party.
The specifics of the system are quite interesting in that any member of the public is able to verify the identities of the people who voted and encrypted versions of their votes, as well as the total vote tallies but, there isn’t any way to figure out who voted for whom once a voter completes the process and leaves the voting booth with their encrypted ballot copy. That is a part of the system that the video explains better than the paper does.
Rotten Tomatoes
It is a stupid idea to use machines that can’t do a recount. Well, I guess they actually can. You press the recount button, and it displays the same numbers you already have.
What’s the problem with paper ballot?
Re: Re:
Harder to rig elections with paper ballots.
This is the best our two party system has to offer, how sad.
Pee Wee Herman 2016.
As a former security wonk, I’m all for the fat laundry marker and cardboard ballot system.
My local electors, alas, have gone the Diebold terminal route. Because it’s important that national news services get their figures as soon as the polls close, as opposed to a couple of hours for the blue-haired old ladies to count the paper ballots in the open, on cafeteria tables.
Massachusetts-- OCR cards instantly tabulated, hand-recountable
One complaint, though minor compared to other instant systems:
Sometimes officials are tempted to alter OCR cards so that the machine can read what it looks like the voter intended. It would be safer if such cards were left unchanged, for tabulation only in the official hand recount. Any markings made on them by officials should be in a different-colored ink from the voter’s.