Electronic Voting
 

How can we make this secure and have people trust it? Currently I have no faith in the diabold machines and I would not be surprised if there were major flaws (intentional and unintentional) in the last election. Personally I feel the only way we can possibly add the security and reliablility is to open source the software. This way all political parties can look at the code and make sure there are no back doors. Hackers from around the world will look for exploits. Personally I think we should do somethink like open source it and then not use it for a few years while people find flaws in the code. In addition all companies that have been used in elections so far should be forced to share their code with at least an idependent team of coding experts to read through the code and look for exploits.

I personally think we should go back to paper ballots and hand count every vote. Absolutely no electronic voting machines.
Clearly the owners of the electronic voting machines aren't committed to finding the candidate with the most votes.

Diebold is also not interested in following the law
source:
http://www.eff.org/news/archives/2005_11.php#004171

If they can do it for ATM's why not voting machines?
:cough:they don't want to:cough:

Paper ballots w/ optical scanners are far more reliable, cheaper,
and can be recounted by citizens.

Or at least a paper receipt. Even if you did like an ATM machine... print a receipt and print on an internal log in the machine.

But yes, electronic voting machines are scary.

I'd like to see an electronic machine that serves as the user interface to produce a printed, paper ballot. People then need clear instructions to check their ballot for accuracy, and the ballot gets counted, possibly with an OCR machine built by a different company.

I'd also like to see the whole thing under the oversight of a bipartisan congressional committee, with consultation from professionals in the IT security field.

Electronic voting in and of itself isn't scary to me, but electronic voting run by Diebold is VERY scary.

Thankfully, Black Box Voting is just one organization working for better electronic voting standards.

Actually, one of my professors was responsible for the state of Maryland's team of IT professionals who investigated Diebold's machine. They found it was hideously flawed, in quite a large number of ways, and they could have done more or less anything they wanted with it.

It's certainly possible to make secure electronic voting a reality - the problem is that the companies with the money that give it a shot don't know two figs about security.

Well, to be fair, that's half of the problem. The other half is that many of the politicians aren't passing laws making things like a paper trail, etc a requirement to validate electronic voting machines. The companies may know nothing about security, but it doesn't help that they're not legally forced to know about it if they want their machines to be used.

pics are from:
http://www.verifiedvoting.org/
http://img418.imageshack.us/img418/9...ipboard1dg.jpg

http://img418.imageshack.us/img418/2...ipboard8nf.jpg

Many states are passing laws....then making exceptions
as in North Carolina (my earlier post)
even a machine with the worst security can print a reciept.
The voter verifies, then drops in a secure box at the polling place.
when the faulty booth is suspect, count the reciepts.
My calculator in the 70's could do this.
Diebold is a multi-million dollar international corporation.
Incompetence is not an issue here......more like negligence/fraud.

Yes, Diebold can't be trusted, especially given the types of things the CEO has said. Personally, I would like to see some sort of open-source system implemented.

I alwasy found it cute that Diebold makes half the ATM's in the US (probably more and in other countries too), but it is so diffuclt for them to make a secure voting machine that prints a receipt.
You know, now I don't feel so safe using their ATM's.

Lebanese Loop - look it up. It's a fun trick people used to play with ATMs, not so much anymore.

This is what we are using for our Municipal elections and it seems to work quite well.

I am quite surprised Bill Gates and Microsoft haven't gotten involved. Not that he'd be any better than Diebold but there is mucho money in this and he could develop a system quite easily.

I am torn on all this. Yes, the president of Diebold made idiotic partisan statements that would make even the staunchest supporter take notice and wonder how legit the machines are.

Yet, on the other hand we are in the process of trying a new technology that will have bugs.

What scares me is that the bugs seem to be acceptable to everyone in charge and Diebold seemingly refuses to work on them. That should send red flags up to anyone purchasing these machines and they should take their business elsewhere or wait until a system that the bugs have been worked out can be put into place.

As for paper reciepts..... I think they should be required of all machines, they are the safety net.

I remember in '92 or '96 Perot saying he wanted to use the internet to have people be able to vote on issues before Congress. I remember people laughed and such but it may well be the true future to voting.

Pop on the internet, place your vote, a copy is emailed to you as a reciept. Granted it takes away the anonymity, but I am sure there are ways to like "lock" the voters IP's to just a secured automatic response system that would erase the IP's within a week or so.

To prevent voter fraud you would be sent a password that could be used only once and that password would only be good from the address the password was sent to.... or a public polling place where people with no internet could go to vote.

I know there are flaws in my scenario mainly because I am not that computer literate but if I can think of something like that someone with far more computer intelligence could put the needed touches on it to make it work.

Voting on the internet, that's a very long ways off and has a huge host of issues that need to be tackled. Voting electronically at a polling station, that's something that can be done without too much trouble to "get it right."

The way that it "needs to be done" is about like this:

You walk in, you enter your voter ID and it gets checked against the voter registration database. If you're not a registered voter, rejected. If you've already voted, rejected. If you are registered and haven't voted, then allow you to proceed.

You select the candidates you're interested in voting for and select "Vote." The software adds an entry to the database showing a one-way hashed value of your voter ID and then the candidates that you've voted for. The candidates' totals are incremented by one and your entry in the voter registration database is changed to show that you've already voted. It will then print out a "Voter Ticket" showing the hash value of your VoterID, and who you voted for.

At a later date, the entire database can be put online and so you can view the hash value of the VoterID as well as who they voted for. This will allow you to do all kinds of fun informational queries such as "People who voted for candidate X for Mayor were more likely to vote for candidate Y for Governor." It'll be anonymous because of the one-way nature of the hash function on VoterID, but you'll know your VoterID and the hash for it (from the ticket), so you can view the database to ensure that your vote was counted.

I'm sure there's more tweaks that need to be done to the system, but it shouldn't be a difficult project, if set up with security in mind.

To my knowledge most tampering has been done more at a local level than a grand national level. You need the local poll people 'on your side' to pull it off. In the not so old days in Chicago (and I have this first hand) the thing was to wait till the polls close and then have people who didn't show up to vote suddenly vote.

My guess is voter fraud is going to stay on this level (provided it doesn't go to the Internet voting) because if you rig the machines, sooner or later someone is going to cry foul (with cause, not the crap we saw in 2004).

So maybe the machines are easy to tamper with, I have no idea, but it won't be a grand campaign, just local politics doing what local politics does best.

Yea, the Diebold machines are pretty easy to rip off. You can tamper with the smartcard to vote as many times as you like or do other tinkering to mess with vote totals on the local machines.

You can then - with a bit of social engineering - find out the regional server's phone number and login information and call in fake vote tallies to change regional information. Beyond that, I'm not sure exactly how the system is set up.

All of the above can be done without the knowledge of local polling people, but obviously if you had someone "on the inside," it would make the process significantly easier.

If it can be tampered with, it _will_ be tampered with. After all, there's power at stake. And no crime is too sordid nor too banal to be committed for power. Not in this country, certainly.

As for tampering being done mainly on the local level -- well, of course. But an elected and partisan county clerk who can "deliver the goods" to the statehouse or sec of state will be rewarded. And the governor or secretary of state who can promise or deliver certain counties or precincts will also be rewarded by the national players.

All politics is local, they say; and national corruption means local corruption in federal elections, as the national players promise money and favor to the state players, who in turn pass along preferences and money to the local players.

It's "machine" politics pure and simple: pun intended, and it will happen whenever there are no checks. Thinking otherwise, or thinking that this problem is purely local, is willful blindness at best.

Thank you, Rodney. You said that far better than I could.

Up here in Canukistan:

1> You are registred to vote via your Taxes and/or the Census. (just check a box on your Taxes!)

2> You look up where you vote.

3> You go to your voting location. You are handed a piece of paper. It has the list of candidates (~ 5 to 10) written out, and a large black-outlined box beside each one.

4> You X, check, or smily the appropriate candidate.

5> You place it in a voting box.

6> The votes are counted as follows:
In the presence of scruteneers for each candidate:
a) The box is opened
b) The ballot is held up
c) The worker says "I see a vote for Bob"
d) The scruteneers either accept or gripe
e) The count is totaled, possibly with "disputed" ballots placed aside

Fraud is still possible, but it is bounded. It does require the partisan scruiteneers being blind and/or corrupt. But it isn't mass-produced fraud.

Each scruiteneer can check their notarized totals against their station's published total. The sum of the station's votes are public, as is the total votes. Corrupting this system requires a corrupt infrastructure the size of the amount of corruption.

I suppose this doesn't work in the USA because of your tendency to stick the kitchen sink on your ballots.

How could you tell if things where foul in 2004? I don't know if there was fraud, but there was no way to tell if there wasn't.

There is no way to know if the computer is cheating and making up votes. The existence of a few anomolous areas (places where the number of votes exceeded the number of people registerd to vote, etc) seems like circumstantial evidence of wide-spread fraud.

I do know in Ohio, there was a problem of some polling places in Columbus, Toledo and a few other places where the machines had tallied more votes than voters..... and the weird thing is.... Bush won those heavily Dem. precincts.

Just an observation. There were supposed to be investigations but then all of a sudden Noe, Taft and the GOP started coming under the gun for fraud and a number of crimes and the election data was forgotten.

[IMHO]I have no doubt there was wide spread election fraud in
2000, 2002, 2004, and will be more in 2006.
http://www.google.com/search?q=election%20fraud
the first 10 hits on google should make any americans
hair stand on end.[/IMHO]

Yet, the politicians, and MSM have managed to divide us
along partisan, racial, class, ect. lines.
for the purpose that we all bicker about what is not important
fraud or no fraud?....doesn't matter anymore
It's too late to change the past
what matters?
the check and balances to prevent fraud
have been removed in many districts across this country.
I would think people would want to secure our polling places
before Hillary, or Joe Biden hires a team of L33t Haxor
to "win" them an election. :shudder:
not to mention: it is hard enough to get an independant on the ballot
I don't forsee they will get a fair vote either.

That or there was no fraud and it was just a hysterical dream of the disillusioned left who can't find anything that stands up beyond a site like commondreams or truthout.

Meh

That or perhaps some of us are smart enough to not trust obviously left wing biased sites for our information on voter fraud.
:rolleyes:

:lol: http://www.google.com/search?q=election%20fraud

Google and 13.5 million finds are all left winged sources....... :lol: :crazy:

Ustwo, I repeat: how can you know there wasn't electoral fraud?

There was means. The systems could be rigged.

There was motive. The head of diebold stated "I will deliver the state (of Ohio) to President Bush". People spend millions getting their favourate politicans elected.

There was opportunity. If you can get a group of people to fix votes at a voting centre without getting caught, a programmer can reprogram voting machines.

And, as it happens, it isn't possible to determine if there is a body, because the machines don't generate any way to independantly determine if they are committing fraud.

A voting system that cannot prove itself clean and honest is a cancer on democracy.

Yea, the whole internet is a vast left wing conspiracy :thumbsup:

Seriously though....I am more concerned with the possability of fraud
in the future than whether or not it occurred in the past.

Sure, electronic voting (and paper voting) is the subject of a lot of fraud. I thought the point of this thread wasn't to argue about if there was election fraud, but how to design a system to reduce fraud?

Must have been wrong :(

I just came across a site for a group called The Open Voting Consortium.

http://www.openvotingconsortium.org/

they even have a link to the source code for the prototype demo
http://sourceforge.net/project/showf...group_id=86315

people can check it out.
try to hack it, and report any holes they find.

It would be great to see this released as freeware to
the citizens/goverments of the world.
the vote could be run on a $400. pc
rather than a $5000. voting machine.
I bet it could be made to run without an operating system,
just to add security.

I like the print idea.....the paper appears under glass
so it can't be tampered with.
when the voter verifies it is correct, and steps away the reciept rolls up
to prepare for the next voter.

Well, you need an operating system - computers don't work without them.

Aside from that, the actual software part of it isn't hard - it's getting people to use it.

Ustwo must have forgotten that the Ohio fraud in 2004 has already been covered in another topic, with a neutral Federal agency confirming all that Conyers found. An early sign of memory loss ought to be looked into immediately.

Could the voting software be it's own operating system?
If DOS is still used, boot into the software instead of win/linix
dunno....I'm more of a hardware guy, software more confusing to me. :lol:

Free should be a good incentive......wait we are dealing with goverment :D

No, the voting software wouldn't be able to be its own operating system. You'd really be better off just taking an existing operating system (Linux, BSD, Windows, Mac OS X) and then developing your voting application for that. Given the hierarchical nature of the whole voting scheme, Windows would be the easiest one to use, as you'd use Active Directory to set up all of the permissions for the machines.

"Those who cast the votes decide nothing. Those who count the votes decide everything." - Atrributed to Stalin.

If the system is corrupt, the system is going to be corrupt no matter what voting method is used. This kind of corruption got JFK the presidency in 1960, and who knows who else. Voting machines are not going to safeguard it if the corruption is at the higher levels. Only a proper oversight of the process can hope to curb its effects. Thats not to say I am happy with the concept of a paperless trailless voting, but the issue of corruption must be fought at the local level where one party dominance in some cities/areas can lead to a complete control of the voting process, and hence the outcomes.

I don't feel the system is THAT corrupt currently. Even the Chicago Machine isn't what it used to be, but this is the kind of issue that must be constantly monitored.

well they actually could write their own basic operating system and run it on embedded processors. Remove all the extra functionality that comes with typical OS's these days and you will greatly increase the security and stability of the OS. Personally i'd prefer voting machines to voting computers. A voting machine that had it's own open source basic OS that was designed for voting and functionality needed with voting only would be the most secure way to do this in my opinion.

It does sound like a nice idea, Rekna, but it brings up a whole host of problems such as "Well, sure, it's open source and so you've got a lot of people that can look at it", but will people look at it? If they do, will they disclose the flaws or will they keep them to themselves to rig votes on election day, etc. I'm not saying "omg use Windows", but rather that using an established operating system is preferable to creating a custom operating system - and it will be much easier to develop for the established system.

If such a project got off the ground (to actively develop a secure eleectronic voting system), I'd wager that they'd go with an established OS instead of a custom built one. As it stands, you can take an OpenBSD system and set it up for a seriously locked down user that is only capable of running a single program, etc. - and that alone will eliminate the vast majority of problems associated with "fluff features." It may not be the prettiest looking thing, but it'd work.

The current technology has no oversight.

There is no need for local corruption with the current voting machine technology. You just change the vote totals, and nobody can tell you did it.

How in the world can you have this belief? What are you basing your faith in the integrity of trackless, partisan, privately owned, and auditless voting systems on? Blind faith in the honesty of everyone involved?

The fact that it is next impossible to catch someone corrupting the current electronic voting machines doesn't mean it isn't happening. The inability to see a theif does not mean the theif is not there.

If there is no reason to believe the voting system isn't corrupt, the vote has no moral weight.

The possibility for corruption does not mean corruption. Not every cop is on the take, not every judge can be bought, not every politican is crooked. Part of the faith comes due to the ineffeciency of the system. It requires so many people to be involved that it would require a great deal of people to corrupt to really change anything but a very close election. I am not going to claim the sky is falling when it most clearly is not.

That's the key right there. It no longer takes a massive conspiracy it takes a couple people, who admit they are committed to delivering the election to republicans, to flip a few switches in a centralized database.

Which is why I am against the current models of electronic voting. The ironic thing to me is the same people who were complaining about the 2000 election issues and pushing for electronic systems, now seem to be the same ones complaining about the electronic systems.

I'd still like to know how heavilypopulated Dem precincts in Ohio ended up with more votes than voters and those precincts won by Bush.

Even when the proof is there and undeniable, politicians and the elections boards do nothing, they just dismiss it.

And when there maybe 100 people involved in a conspiracy and 1 starts screaming and coming forth with the truth, people are quick to point out that the person is a loon, or publicity seeking or whatever....... so you can have as many involved in a conspiracy as you wish, so long as the action is unproveable and when 1 or 2 speak out discredit them enough so noone listens.

But that would never happen in the US.

True. But some are.

It does not require large numbers of people to cause large amounts of vote fraud with poorly designed electronic voting systems.

Poorly designed electronic voting systems where widely used in the last election.

Thus you faith is wrong.

How many unaccounted electronic votes where there? Not ones that you can prove are corrupt -- but ones someone could have easily corrupted.

Edit: added "easily" -- as in, could corrupt en-mass

Suppose we had a system in which any judge could free any prisoner based off secret evidence presented to the judge -- but you didn't know which judge it was that did the freeing.

We don't know that there would be corruption under this system. But having any faith that there would be no corruption is irrational.

The current models of electronic voting decided the 2004 election. If they are crap, then so was the election.

If you believe that no-paper trail, centralized, easily corrupted electronic voting is something you should have faith in, then the 2004 election was a good election. If you believe that no-paper trail, centralized, easily corrupted electronic voting makes a mockery of democracy, then the 2004 was a mockery of democracy.

It matters not who the people voted for. It matters who and how the votes where counted. A large chunk of the votes where counted by unaudited, insecure, easily corrupted computer systems. As such, a large chunk of the votes have no moral weight.

I'm pretty certain that Bush got more than 40% of the vote. I'm pretty certain that Kerry got more than 40% of the vote.

Please cite a single person -- ideally someone of some providence, but I'd take any poster on this board -- who, in the aftermath of the 2000 election, advocated electronic voting, and are now complaining about electronic systems.

They may exist. But you seem to know of them. I'm wondering if this is just the usual "us vs them" cognative issue human beings have, where you attribute negative things to people you dislike or disagree with.

Voting machines hacked
more proof

and diebolds responce to these hacks is just disturbing....

Proving to state election officials how ridiculously easy
it is to hack one of the most important pieces of democracy.
diebold claims that is foolish and irresponsible?
it may have violated licensing agreements?

.......................Pathetic......................................

Nixonian dirty tricks don't need to be as high tech with voting machines. You can just shut down the Democratic phone lines on election day in key states:

http://www.truthout.org/docs_2005/121605O.shtml

Some "mandate", if you need to resort to these measures to insure just enough votes. The Ohio electronic voting discrepancies are not getting the press it deserves.