Damning Report On Sequoia E-Voting Machine Security 200
TechDirt notes the publication of the New Jersey voting machine study, the attempted suppression of which we have been discussing for a while now. The paper that the Princeton and Lehigh University researchers are releasing, as permitted by the Court, is "the same as the Court's redacted version, but with a few introductory paragraphs about the court case, Gusciora v. Corzine." What's new is the release of a 90-minute evidentiary video — the researchers have asked the court for permission to release a shorter version that hits the high points, as the high-res video is about 1 GB in size. See TechDirt's article for the report's executive summary listing eight ways the AVC Advantage 9.00 voting machine can be subverted.
Actual report: (Score:5, Informative)
http://coblitz.codeen.org/citp.princeton.edu/voting/advantage/advantage-insecurities-redacted.pdf
ES&S has the same crap, as shown by UCSB (Score:5, Informative)
California ordered a review of all the machines used in the state last year. They would give access to university security labs to one manufacturer's machines at a secure location. I mean the machines were held in cages over night and there was controlled access for only the researchers, etc.
They were asked to evaluate the machines.
UC Santa Barbara did ES&S, and their analysis is here. [ucsb.edu]
They also have a short video on the subject, here it is on youtube [youtube.com]
In short, all the machines were utter crap. The "seals" can by bypassed by bending some plastic. The locks can be bypassed with a screwdriver. Plus the software is susceptible to viruses, and they managed to make the machine vote for whoever they wanted. Even though all the machines have the VVPT (voter-verified paper trail).
Re:Where are these machines used? (Score:5, Informative)
Check the map.
Optically-read Paper Ballots (Score:4, Informative)
Re:"E-Voting Machine Security" like "Microsoft Wor (Score:3, Informative)
Making a human and machine readable, voter verified, printout is far from impossible in fact it's simple. Safely getting Paper ballots from the voting locations to a central polling place is simple. Counting the human and machine verifiable ballots with a high degree of accuracy is simple.
Now making a e-voting system that is obtuse and vague enough that elections can be skewed with a good sot at deniablity and a complete lack of papaer trail? That's difficult.
There have been dozen of high security, low cost/technology, handicapped accessible solutions proposed here on Slashdot. It is quiet obvious that a secure voting system isn't the actual priority, when these systems are purchased. It stands to logic that there is instead a different priority. I have to wonder what that priority would be, that doesn't qualify as treason.
Re:So what? (Score:5, Informative)
"That's quite a lot of fud with not much to back it up with."
damn lameness filter, the 9 megabyte pdf is not FUD, it was a court ordered analysis of the voter system used in new jersey. http://coblitz.codeen.org/citp.princeton.edu/voting/advantage/advantage-insecurities-redacted.pdf [codeen.org]
NOTE REGARDING REDACTIONS. As paragraph 1.1 and Appendix L explain, this research was conducted pursuant to a Court Order by the Hon. Linda Feinberg of the New Jersey Superior Court. Sequoia Voting Systems filed a motion alleging that certain parts of this report contain protected trade secrets. Plaintiffs dispute Sequoia's contentions. Judge Feinberg has expressed her intention to preserve Plaintiffs' objections until the time of the hearing when she will rule on the merits of Sequoia's claims of trade secret. We are confident that the Court will then permit release of the full, unredacted report. In the interim, the Court encouraged us to release the report with redactions. Paragraphs 19.8, 19.9, 21.3, and 21.5, as well as Appendices B-G, are redacted in this release.
20 minutes in (Score:5, Informative)
Anonymity and reliability are directly at odds (Score:5, Informative)
Most of the common credit card fraud-prevention schemes (such as date/time stamping every transaction) violate this. Not really a surprise, since the credit card system is designed to enforce accountability, the antithesis of anonymity (the whole purpose of anonymity is to avoid accountability).
Fundamentally, anonymity is about removing traceability information, and fraud prevention is about maintaining it. These are both core requirements, and they directly work against one another.
torrent for the gigabyte video file (Score:4, Informative)
Here you go, a torrent for the 1 gigabyte hi-res video:
advantage-insecurities-exhibit-hires.mp4.torrent [homeunix.net]
Re:Don't look (Score:0, Informative)
Registration is not voting. Nice try, fail.
Re:if electronic voting (Score:3, Informative)
Surpisingly I agree with you on this one.
Heres how we do it in OZ.
All paper ballots. Voters must be on the electoral roll 2 weeks before the election, at a minimum.
At all times opening and closing of ballot boxes is done in the presence of representatives of the political parties and the electoral commision.
When you go to the polling station, you are asked your name and ID, which is then marked as voted on the electoral roll.
Votes are then counted under the eyes of party scrutinneers from all parties that wish to have them present.
Easy quick and very hard to game.
It is a complete mystery to me that anyone would think that well organized paper ballots are not by far superior to electronic voting.
Re:"E-Voting Machine Security" like "Microsoft Wor (Score:3, Informative)
Re:Paper ballots are ABSOLUTELY safe! (Score:1, Informative)
Re:Anonymity and reliability are directly at odds (Score:4, Informative)
Re:Don't look (Score:5, Informative)
"why bother with rigging the voting machines...it seems this year a simpler method has been found, with Acorn registering everyone they can, dead, undead, fictional or alive"
This is, as the poster must be surely be aware by now, not what happened. What actually happened is that a few ACORN employees got lazy and filled out fake voter registrations using the. names of athletes, characters from fiction, etc.). ACORN found out, fired the people responsible, and identified the bad registrations to the authorities when they turned them in. They were required to turn them in by law, as it is illegal to not hand in any voter registration forms due to the obvious potential for abuse if the registration organization is allowed to be selective about which registrations to submit.
Because ACORN identified the suspicious registrations, and because the government agencies that process the registrations validates them, there were likely few or no fake voters actually registered to vote.
And, of course, Micky Mouse, etc., is not going to show up to vote.
So the fraud was not the creation of fake votes, but of ACORN (and to a degree the voter registration agencies) getting their time and money wasted by a few former ACORN employees. Given that ACORN hired 13,000 people and generated 1.3m legitimate registrations, the number of bad registrations reported so far is surprisingly small (a few thousand is claimed).
For actual voter fraud, you'll have to look elsewhere. Like, say, electronic voting machines, caging, etc.
Re:Don't look (Score:4, Informative)
"is rigging the machines not just as bad as encouraging and aiding voter fraud by fraudulently registering voters multiple times, fake voters, etc?"
Rigging machines is much worse. Rigging machines can affect every vote cast in the machines.
Registering fake voters results in no fake votes, because fake voters don't show up to vote. It is legal for people to register multiple times, so long as they only vote once.
So you're right that "if it is bad for one side, it is bad for the other side too". But in simply saying that doesn't magically make the behavior of the two parties identical.
Historically the Republicans have been the minority party that applies superior tactics and funding to win national elections. When you're the majority party you don't need to cheat - you need to have the rules enforced. When you're the minority party, you do all you can to get every vote.
For example, changing people's voter registrations between parties without their knowledge (http://conspireality.tv/2008/10/20/finally-an-actual-arrest-in-vote-fraud-case-and-its-a-republican/), however, turns out to be illegal.
Re:Don't look (Score:1, Informative)
Registering fake voters results in no fake votes, because fake voters don't show up to vote. It is legal for people to register multiple times, so long as they only vote once.
Apparently you have never heard of a little item called an "Absentee Ballot".
No, you don't have to show up to vote. It is in some cases legal to register in multiple states provided you have actually moved residency and cast only one vote.
The fraud referred to is people who register their cat, parrot, fish, dead parents, etc. and then send in absentee ballots for them.