New Hampshire Set To Pilot Voting Machines That Use Open-Source Software (therecord.media) 111
According to The Record, New Hampshire will pilot a new kind of voting machine that will use open-source software to tally the votes. The Record reports: The software that runs voting machines is typically distributed in a kind of black box -- like a car with its hood sealed shut. Because the election industry in the U.S. is dominated by three companies -- Dominion, Election Systems & Software and Hart InterCivic -- the software that runs their machines is private. The companies consider it their intellectual property and that has given rise to a roster of unfounded conspiracy theories about elections and their fairness. New Hampshire's experiment with open-source software is meant to address exactly that. The software by its very design allows you to pop the hood, modify the code, make suggestions for how to make it better, and work with other people to make it run more smoothly. The thinking is, if voting machines run on software anyone can audit and run, it is less likely to give rise to allegations of vote rigging.
The effort to make voting machines more transparent is the work of a group called VotingWorks. [...] On November 8, VotingWorks machines will be used in a real election in real time. New Hampshire is the second state to use the open-source machines after Mississippi first did so in 2019. Some 3,000 voters will run their paper ballots through the new machines, and then, to ensure nothing went awry, those same votes will be hand counted in a public session in Concord, N.H. Anyone who cares to will be able to see if the new machines recorded the votes correctly. The idea is to make clear there is nothing to hide. If someone is worried that a voting machine is programmed to flip a vote to their opponent, they can simply hire a computer expert to examine it and see, in real time.
The effort to make voting machines more transparent is the work of a group called VotingWorks. [...] On November 8, VotingWorks machines will be used in a real election in real time. New Hampshire is the second state to use the open-source machines after Mississippi first did so in 2019. Some 3,000 voters will run their paper ballots through the new machines, and then, to ensure nothing went awry, those same votes will be hand counted in a public session in Concord, N.H. Anyone who cares to will be able to see if the new machines recorded the votes correctly. The idea is to make clear there is nothing to hide. If someone is worried that a voting machine is programmed to flip a vote to their opponent, they can simply hire a computer expert to examine it and see, in real time.
Re: computer expert (Score:1, Insightful)
Re: (Score:2)
yea sure, your just moving the hinge point for the nutjobs
Wow. It's as if I could see the future [slashdot.org].
Re: (Score:3)
yea sure, your just moving the hinge point for the nutjobs
Naah. Voting verifiable. Between PKI and the blockchain, it would be pretty simple to do.
"Verifiable" seems to mean something different to computer scientist and to voting watchdogs. To verify voting, you still need paper trail, or else it's not verifiable.
Which this system has. This is software to count the ballots. The physical ballots will still exist to be recounted if needed.
From the article [therecord.media]: Some 3,000 voters will run their paper ballots through the new machines,
First to use OSS? Not. (Score:3)
Have been since 2020.
I don't care (Score:5, Insightful)
a) I'm against any system that can't be physically watched by multiple parties and recounted if necessary. Electrons in a machine is just too easy to game and leave no trace..
b) What's the advantage of electronic voting anyway? (Is it just "we have the results a few hours earlier!!" That doesn't seem enough)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
if they had paper ballots with a chain of custody then there would be less chance of fraud
You are assuming that the chain of custody is not corrupted. There are many cases of ballots being swapped or going missing despite a chain of custody. Who watches the watchers?
Paper ballots are susceptible to fraud.
Electronic ballots are susceptible to fraud.
But the fraud mechanisms are different. So the best solution is to have both. E-voting for immediate recording plus a printed paper ballot/receipt that can be audited.
Re: (Score:3)
Re: (Score:3)
Travis County clerk Dana DeBeauvoir is a leader in developing and designing voting systems:
https://www.wired.com/story/da... [wired.com]
Because she has been working on multiple ways to expand voting access and improve election integrity, she has been targeted by the fascist (and literally criminal) Texas attorney general:
https://www.texastribune.org/2... [texastribune.org]
https://www.texastribune.org/2... [texastribune.org]
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
This is a classic fear of the unknown...
There are plenty of ways that paper based voting can be corrupted, and there are plenty of recorded incidents where that happened - and no doubt plenty more where it went undetected.
Having open source code for the voting system allows anyone to verify the integrity of the system.
Having both electronic counting and paper ballots allows for the results from two methods to be compared, and means that anyone wanting to commit election fraud would need to find a way to sub
Re: (Score:2)
You don't need blockchain to tell whether your vote was counted as you intended. You just need a public list of who voted and how. However, people want secret ballots for a lot of very good reasons, and blockchains violate that.
Re: I don't care (Score:1)
Re: I don't care (Score:1)
Re: (Score:2)
How does an illegal vote get cast anyway? It means that someone voted in my name while I also voted in my name, which makes both ballots get tossed out. Or maybe if the fake signature is not good I get to keep my ballot. The idea of "illegal votes" is so nebulous that it means very little in modern elections. A busload of undocumented aliens can not vote! When they inspected discrepancies in ballots during actual investigations the number of fraudulent ballots is extremely small, and most discrepancies
Re: (Score:2)
"It's not the people who vote that count, it's the people who count the votes"
Voter fraud is not just a case of illegal duplicate votes, there are many more options than that.
Assuming someone does illegally duplicate your vote, if the vote is on paper how is the duplicate identified? Especially with anonymous voting. It's quite difficult and time consuming to identify duplicate votes.
Assuming both duplicate votes get tossed out, then duplicating the votes of known supporters of the opposition is a viable st
Re: (Score:1)
Re: (Score:2)
Blockchain is too often used as a magic bullet, by people who really don't understand what it is. Serializing everything is fundamentally inefficient, and an election in a major country will have millions of transactions, and doing this serially instead of in parallel is a non-starter. If someone does understand blockchain, then they understand what certs are and how they can be used in parallel with a tree of trust rather than a serial chain of trust. But fundamentally the issue is that you can't get a
Re: I don't care (Score:1)
In quite a few countries its the paper voting systems that are misused for election fraud by booth capturing, vote /ballot stuffing etc. It's also easier for incumbent to manipulate under the guise of 'security' etc.
Open-source, blockchain, immutable, easily auditable - those are all better options but to be introduced very carefully.
Re: (Score:2)
If I had mod points, I wouldn't know whether to vote this "Funny" or "Insightful" but since I don't please accept both virtual up-votes from me.
Re: (Score:2)
+1 Funsightful.
Re: (Score:1)
When I lived in the Boston area (Watertown, MA) in the 90s, you voted on paper in a privacy booth. Then to actually vote, you went to a desk and handed your paper ballot, clearly marked, to a polling officer. That person is someone who quite possibly knows you. They might be a town official or librarian or someone. They then double-check your name and address, and then they look at the ballot. "Hey, I thought it was a secret ballot!?!" Oh, they explained, "We need to make sure you voted correctly. Can't ta
Re: (Score:1)
When I lived in the Boston area in the 90s
Can't take any chances after that Gore debacle in Florida.
Yeah, that 90s Gore debacle that happened barely happened in the 90s.
Re: (Score:2)
"The fact that it's open source means that you and anyone else can actually determine if such is possible and demonstrate that it could be done rather than just theorizing about it. It also means that such vulnerabilities can be fixed."
The SSL [wikipedia.org] guys agree with you.
Re: (Score:2)
The fact that it's open source means that you and anyone else can actually determine if such is possible and demonstrate that it could be done rather than just theorizing about it. It also means that such vulnerabilities can be fixed.
All you have to do then is prove that the source code matches the program running on the machine in the booth.
It also assumes the compiler hasn't been rooted: https://wiki.c2.com/?TheKenTho... [c2.com]
Re: (Score:2)
The fact that it's open source means that you and anyone else can actually determine if such is possible and demonstrate that it could be done rather than just theorizing about it. It also means that such vulnerabilities can be fixed.
That statement is trivially false. The fact that it's open source means that >computer experts who understand PKI and blockchain can examine it. Not me, and not "anyone".
All you have to do then is prove that the source code matches the program running on the machine in the booth.
Resulting in voting system in which government officials now have the ability to have computer experts stand up and can testify "I have examined the code, and didn't find any vulnerabilities". If the public believes these experts, that would be outstanding.
It also assumes the compiler hasn't been rooted: https://wiki.c2.com/?TheKenTho... [c2.com]
True enough. More notably, it assumes that just because it's open source, it can'
Re: (Score:2)
More notably, it assumes that just because it's open source, it can't have vulnerabilities. Have open source system ever had vulnerabilities exploited?
They should use a Mac for the voting machine They are immune from malware and cannot be hacked. It just works!
Re:I don't care (Score:5, Insightful)
You would never be able to prove, at the voting booth, that the black box you have in front of you actually runs the software and only the software, plus the hardware it CLAIMS to be running.
With paper voting YOU could VERIFY the process up to the ballot box (which does the anonymization) and then EVERYONE can verify the process.
Re: (Score:2)
Everyone who receives the ballot paper can validate the process.
I can't sit at home and be sure my vote was included. That's what electronic voting offers. You can duplicate whatever data is being tallied. And multiple people can perform the same operations on it.
The worry is from "are my results in there, or were they changed?" And I thought we had tools for that (signing a message with an identity not known/linked to you).
But what about anonymity? What if we batched together many votes as a pool? Li
No, it does not mean we can validate it works (Score:2)
The only way to do that is with a verifiable process to ensure that the image on each machine precisely matches the hashes that can be generated with the public sources and no additional software has been loaded. None.
So far, we don't have a process in place to have every machine checked by IT specialists to make sure they're oper
Re: (Score:2)
The only way to do that is with a verifiable process to ensure that the image on each machine precisely matches the hashes that can be generated with the public sources and no additional software has been loaded. None.
So far, we don't have a process in place to have every machine checked by IT specialists to make sure they're operating at that level.
This would actually be trivial to do. There are already people checking the machines each time they turn them on. An external diagnostic device wouldn't be much more than happens now.
Re: (Score:2)
It's not as though non-electronic means are immune to tampering or free of issues.
It might be a question of scale.
If I want to tamper with paper ballots I need access to them. There are a lot of polling stations, and counting facilities, and a lot of people working in them. This makes large (and I mean 'large') scale fraud incredibly difficult. Sure, it's possible to conceive of a situation in which the results from a single county (or w/e) tip the balance, and hence we can imagine a 'useful degree of cheating' when it comes to paper ballots, but a one in a million edge case, while an in
Re: (Score:2)
This is the strength of our distributed voting system.
A couple volunteers could tamper with the votes in their neighborhood polling place -assuming that the other half dozen volunteers don't notice/care. But there are a million such neighborhood polling places in the country. It would take an inconceivably vast conspiracy to have a significant impact on a national election.
Re: (Score:2)
But there are a million such neighborhood polling places in the country.
Err... correction. There are a couple hundred thousand, not a million.
My point stands -but my math sucks! Don't ask me to count votes: 1...2...16...50...6...30...umm.
Re: (Score:2)
It might be a question of scale.
If I want to tamper with paper ballots I need access to them. There are a lot of polling stations, and counting facilities, and a lot of people working in them. This makes large (and I mean 'large') scale fraud incredibly difficult.ng process.
Major elections sometimes are very close, and come down to a very few (or even one single) vote cast in a critial neighborhood.
Re: (Score:2)
It means some people can verify it, but outsiders who are skeptical of democracy will always claim it isn't right. Ie, how do you know the software I'm looking at is on that machine, how do we know someone hasn't replaced some of the machines, how do we trust your certificate chain, etc. When the secretary of state, or local commissioner of elections, who is a life long conservative Republican, swears on a stack of Bibles that all the investigations show the election was fair, they get accused of being me
Re: (Score:3)
I'm against any system that can't be physically watched by multiple parties and recounted if necessary. Electrons in a machine is just too easy to game and leave no trace..
Agreed. At a minimum, any electronic voting machine must (a) print the voter's choices onto a paper ballot, (b) allow the voter to inspect that ballot for accuracy, and then either approve or reject it, and (c) keep all paper ballots in a secure location so that they can be manually recounted if/when necessary.
That way, you don't have to trust the software, because you can verify its results by hand whenever there is any doubt.
What's the advantage of electronic voting anyway? (Is it just "we have the results a few hours earlier!!" That doesn't seem enough)
For vote-counting, it's also much more accurate to count votes electronically th
Re:I don't care (Score:5, Interesting)
Agreed. At a minimum, any electronic voting machine must (a) print the voter's choices onto a paper ballot, (b) allow the voter to inspect that ballot for accuracy, and then either approve or reject it, and (c) keep all paper ballots in a secure location so that they can be manually recounted if/when necessary.
That way, you don't have to trust the software, because you can verify its results by hand whenever there is any doubt.
That's what we do. You get a scantron ballot, fill in the appropriate bubbles for your choices, then run it through a machine. The machine keeps the tallies but the paper ballots are there in case there are questions and can be handcounted.
Unlike in Georgia where voting servers are wiped [apnews.com] the moment a lawsuit is filed about voting irregularities.
Re: (Score:1)
In a (probably futile) attempt to forestall the acolytes of the Big Lie, your link:
- is from 2017
- doesn't involve a device directly used to count votes
For the 2020 election, Georgia replaced their DRE voting machines with ballot-marking devices. The paper ballots were used for the recounts.
Re: (Score:2)
To add to that, the link states that the defendant in the lawsuit was the Republican election official.
Re: I don't care (Score:2)
Yeah, it's a solution looking for a problem. But it will become normal since it saves money. A lot of money. Election day is goddamn fucking expensive.
I've worked on polls for over 30 years. In the past 10 years or so polling place counts on the actual day have reduced 10-15% due to pre-polling and e-voting online.
People will always want to go to a polling place on the day, maybe it will reach 50-50 in the next 4 or 5 cycles. By then we'll have two or three more generations of technology and it will becom
Re: (Score:2)
a) I'm against any system that can't be physically watched by multiple parties and recounted if necessary. Electrons in a machine is just too easy to game and leave no trace..
b) What's the advantage of electronic voting anyway? (Is it just "we have the results a few hours earlier!!" That doesn't seem enough)
a) that's why there are people from the various parties on site watching what's going on when votes are counted.
b) Yes, getting the results as quickly as possible but also as accurately as possible. Scanning a ballot is orders of magnitude faster and more accurate to count than some fat-fingered ape going one by one. If speed wasn't an issue, all the fascists out there wouldn't be howling there's goings on because it's taking too long to count the votes.
The only way to to allow hand counting of votes woul
Re: I don't care (Score:3, Insightful)
Re: (Score:2)
Yes, a much smaller country too. And you don't have lines of people demanding to inspect each and every ballot during a recount, hoping to find some tell tale bamboo fibers that prove the ballots where whipped from China.
The big delay is often with the mail in ballots. For some reason, most (all?) states forbid them from being counted in advance. And each envelope has a signature that has to be verified by hand, then the ballot removed and placed in a boxes to be counted when finally allowed. That right
Re: (Score:2)
You clearly didn't read the article then, or even comprehend the summary. What is being discussed is electronic counting of the ballots. Paper ballots go in, results get tallied - the ballots remain in a lock box. The results of this OSS pilot will be cross-checked against a public hand count. There are no jurisdictions in New Hampshire that vote using purely electronic means. There are paper ballots; there are audits [nhpr.org].
It is widely acknowledged by election officers [npr.org] - ya know, the p
Re: (Score:2)
Now let's say you've 50,000 watchers who each, serially, want a recount? If you say "sorry, we've done 20,000 recounts already, and the election was 6 years in the past", still some lunatic (probably from Arizona) will claim it was stolen and that the government officials are covering it up. There is no satisfaction possible for the conspiracy theorits!
The logic goes like this:
1) Our guy won, it's obvious. We've never met a single person who like the other guy. This is our base condition.l
2) The election
Re: (Score:2)
Agreed.
I want voting to be essentially scantron: a slip of paper that can be tabulated automatically by machine, but also can be hand counted by humans for audit/troubleshooting purposes. It is a known good technology that we are all familiar with.
If you want use a touch-screen voting machine to generate it instead of pencils, fine -it may reduce errors (partial/misfill/smear/etc.) but the actual vote must be a hardcopy printout that shows in human readable format alongside the scanbubble so that the voter
Re: (Score:2)
It could also have a serial number on it so you can verify your own vote later.
ie. Take a pic of your slip and type the number into the government web site.
Re: (Score:2)
This isn't really an electronic voting machine it is an electronic vote counting machine. You vote bay marking a paper ballot. The ballot is then run through the vote counting machine to tabulate the vote.
You don't trust the count? You can ask for a hand recount of the ballots.
I just want an auditable paper trail (Score:3)
I want the voting machine to print out a piece of paper which has my votes on it, in a way I can personally verify before I drop it in a locked box. This lets the machines provide rapid updates for election day, and any questionable results can easily be audited by opening the boxes and checking the tallies.
Open source is nice, but I can't personally audit that it's the code running on the machine when I cast my vote. Nor can I tell if someone opened the machine and changed the tallies.
Re: (Score:3)
Re: (Score:2)
Oh you're right, I failed. Yes, I support an open-source scantron machine.
Re: (Score:2)
Re: (Score:3, Informative)
Republicans don’t want a paper trail. https://apnews.com/article/202... [apnews.com]
Easier to make false claims that way.
Re: I just want an auditable paper trail (Score:1, Insightful)
Re: (Score:2)
I don't think you understand. A few Republican legislators in one state don't want to spend $37 million dollars for new equipment, and that obviously means that you can safely ignore all of the evidence of your own eyes and ears and just accept his generalization.
Yes, Republicans [Re: I just want an auditable...] (Score:2)
Not just "a few Republican legislators." Until 2020, enhancing election security was a Democratic issue, and the Republicans blocked it. If you can remember that far back, do recall that the fear was that Russian hackers would try to manipulate the election results, and the Republicans were holding the position "no, the Russians didn't attack the election and won't try to do that."
I posted a handful of links above, but google will give you more: https://thehill.com/homenews/h... [thehill.com] https://www.usatoday.com/s [usatoday.com]
Re: (Score:2)
That's just bs. Every republican I know is *screaming* for a paper trail... its the democrats that want wide open standards, no audits, no ID, no paper
Turns out not to be the case. It was the Republicans, not the Democrats, who blocked the voting security bills in 2019.
https://thehill.com/homenews/h... [thehill.com]
https://www.usatoday.com/story... [usatoday.com]
https://www.upi.com/Top_News/U... [upi.com]
https://www.theguardian.com/us... [theguardian.com]
Re: (Score:2)
That's just bs. Every republican I know is *screaming* for a paper trail... its the democrats that want wide open standards, no audits, no ID, no paper
Republicans are screaming incoherently at everything because they don't want to admit they lost the election. The Dominion machines did nothing but scan paper ballots and certain people are still claiming they somehow rigged the election.
Meanwhile, the original concern about voting machines were the GOP backed Diebold machines that had zero paper trail and could actually lose votes [slashdot.org].
The Open vs Closed Source distinction is meaningless for voting machines since you can't rely on the machine running the softwa
Re: (Score:1)
I want the voting machine to print out a piece of paper which has my votes on it, in a way I can personally verify before I drop it in a locked box.
That is how most states electronic machines work. Go to one machine, make your choices, print the ballot when done, look at the results to be sure they match the choices you made, go to a second machine that tallies the votes.
Re: (Score:1)
Plenty of voting machines work like that. Obviously you could skip the machine entirely and just mark your vote on paper with a pencil, but somehow people manage to screw that up. Here's the machine being used where I live, it prints out your vote result so you can visually check it, and then you walk over and insert the paper into a scanner while a clerk watches.
https://www.essvote.com/produc... [essvote.com]
"handles the entire marking process, eliminating unclear marks and the need for interpretation of the voter
Right idea, but it needs more (Score:2)
The machines must be designed in a way where all code is directly inspectable, and is distributed on roms to all machines.
It's all well and good to use oss for handling elections, but you can't really say that posting stuff on github is sufficient; I have to trust you that the code you posted is what's running on the machines, and in order to do that I have to be able to access the code on the machine (and it would be bad if I find that I have a way to flip bits while inspecting them).
The other trust proble
Re:Right idea, but it needs more (Score:5, Insightful)
The problem is actually both simpler and more difficult than that, because it's not just a matter of coming up with a system that a trained computer engineer would consider trustworthy.... most voters are not trained computer engineers, and the real threshold is coming up with a system that they will consider trustworthy and agree to use.
For most people, that eliminates just about anything more complicated than indelible-ink-on-paper. You can talk to them about pic24s and cryptographic code signatures and code review and so on until you're blue in the face, but you might as well be talking about elves and faeries for all the good it will do you. For most of them, all the technical explanations will be understood as just a long-winded way of saying "trust me", and many of them won't.
That doesn't mean we can't use computerized voting systems, but it does mean those computerized voting systems need to commit ballots to paper, so they can be hand-checked when necessary to verify that they are working as expected.
Re: (Score:2)
No, it's the wrong idea.
Use well designed paper ballots and manual counting. It works, is incredibly effective and is essentially unhackable.
Re: Right idea, but it needs more (Score:2)
If the vote counters use hand held calculators to add up their tallies then you're introducing a mechanism by which a hypothetical hack could occur and more importantly you're introducing a black box that will be a magnet for conspiracy theories in close races.
Re: (Score:2)
handheld calculators? What the actual fuck are you taking about??
The way it's done is have one paper per vote. They are counted in pairs with randomly assigned partners. You make stacks of 10, then stacks of 10 of those etc. Where's the hack?
Re: (Score:2)
Manual counting is inaccurate and labor-intensive. Verifiable electronic counting of paper ballots is better and cheaper.
Can we get some Chaumian influence here? (Score:2)
What would be nice is if we could get some true cryptographically verified voting [chaum.com] as per Dr. Chaum. Something that can allow people to prove that their ballot was counted, but yet remain anonymous.
Re: (Score:2)
Re: (Score:2)
My understanding is that this system allows you to prove that your vote was counted but not show who you voted for.
Re: (Score:2)
SO MANY RED FLAGS! (Score:5, Insightful)
I decided to take a little peek at VotingWorks and they have their code on github. [github.com]
Here are my concerns:
* Everything is written in Python and Typescript. NOTHING IS COMPILED TO BINARIES.
* Dependencies are pulled via npm, yarn, and pnpm. NO PACKAGE VALIDATION.
* Boots from a generic/unsecured Debian image you install on a VM from an non-validated ISO image. WTF?! THAT'S NOT SAFE AT ALL!
* It runs a service on AWS. WHAT IDIOT THOUGHT THAT WAS SMART?!
They are presuming there are no bad actors in these huge open source ecosystems. Everything about this is wrong.
Re: (Score:2)
Here are my concerns: (1) Everything is written in Python and Typescript. NOTHING IS COMPILED TO BINARIES. ...
I understand the rest of your concerns but not this one. Why would an interpreted language be any greater a risk than a compiled language?
Re: (Score:3)
If the web server is compromised, the attacker can change anything in the program with a text editor. With a compiled language, they would need access to the source code. While it is possible to hack binaries, it is not only vastly more difficult to do.
This is also an argument against public open source software for zero compromise applications. For most applications, having the open source community review security is good enough and arguably better than most closed source
Re: (Score:2)
It is almost 2023 and we have mofos on here advocating for security-through-obscurity. SMH
Re: (Score:2)
If zero compromise is a goal, code review with third party assessment by a certified and qualified assessor and signed binaries is required. Allowing anyone to branch and modify code that is then used to replace a trusted system's code is a simple a
Re: (Score:2)
Why would an interpreted language be any greater a risk than a compiled language?
* Reliance on an interpreter to execute which could be compromised at any stage (including runtime).
* No code signing.
* Static program analysis becomes impossible.
The important thing (Score:2)
There's a long history of secure voting machines (Score:3)
for auditing, and accepted signatures in the executables, on all their
'new' voting machines. No network, naturally;
without physical access, you couldn't hack them.
And, hacking would invalidate the signatures.
So far, the scheme has worked. There's a lot of noise claiming fraud,
but... good evidence says not.
Re: (Score:2)
The really sad part is that a lot of the people complaining about electronic voting can't even be bothered to read the summary. It clearly states that the voter uses a paper ballot to select their choices and then the paper ballot is fed through the "electronic voting machine" (it really isn't a voting machine just a vote tabulator). That paper ballot that the voter filled out is saved and can be hand counted to verify the electronic tally.
Be careful ... (Score:3)
CBS and @macfarlane assert without reason or sense here that if you want election audits, or use your right to object to a state's electors, or even if you oppose *unconstitutional* changes to election laws, that makes you an "election denier."
Re: (Score:2)
The whole thing is foolish at best so it makes sense that it would attract the election morons but since it's about the tabulation machines (not really a voting machine-- hell, you could call a mechanical pen a voting machine) those nuts are going to cling onto it.
Any computer system requires experts who have to be relied upon as a holy man for each group who believes in their abilities and honesty. A voting system must be so simple an idiot can follow what is going on which means it can't rely upon ANY te
They are trying to gaslight you (Score:2)
And by "you," I mean everyone, not just Republicans or Democrats. An unfounded conspiracy theory has no evidence backing it up. There is PLENTY of evidence backing up the accusation that our elections are highly hackable internally, externally or both. We've known this for two decades; security researchers have consistently p
All Voting Software (Score:1)
Past NH vote counting issues with optical scan. (Score:1)
Re: (Score:1)
More follow-up details:
https://www.doj.nh.gov/sb43/documents/accuvote-introduction-20210512.pdf
NH voters currently blacken little circles on a paper ballot which is then scanned by a machine designed in 1986 using an NEC V25 chip (last made in 2003). It has no OS and most I/O is physically disabled. Results are stored on a battery-backed SRAM card last manufactured in 1998. Firmware is about 20k lines of C and assembly.
So it's actually a pretty secure and verifiable system. The main problem
Fixing the wrong problem (Score:3)
To paraphase Stalin: He who votes is unimportant,
he who counts the votes is important.
It's nice to have an accurate and secure voting machine, but poll workers
can add additional votes for those who failed to vote, or they could substitute ballots of those who
did.
So while some countries mandate voting to prevent extra ballots from being cast, you still need Poll Watchers.
Ways to ensure integrity (Score:3)
The first thing that one needs to understand (and admit to) is that a proprietary voting machine (or vote counting machine) cannot be audited. (But but but...) No buts. If you aren't allowed to see the source code and the schematic because it's "proprietary", it can't be audited or verified. (Oh but that's not a problem!) Really? Well, consider this analogy: gas pumps all have stickers on them saying that they have been verified by the local weighs and means department. But that verification process is to dispense known quantities of fuel into a measurement flask. Nefarious individuals knew this and programmed the pumps to dispense those amounts correctly but short it for any other amount. They were busted of course but long after people got screwed. The same methods can be applied to a proprietary voting machine. So, open source hardware and software that includes binary verification with something like MD5 would mitigate this potential problem.
But what's to prevent someone from duplicating a paper ballot and magically showing up with stacks of them in the middle of the night because they were "found" in the trunk of a poll worker's car? At the moment, nothing. It's really painfully easy to copy current paper ballots. But we do know how to make it really hard to do that. The US Mint has a lot of features to do this. Special paper with those little red and blue hairs in it for one. The seals are reflective. There are verification pens for store owners to use. Beyond that, you'd need to apply a GUID to the ballot and use a sparse table of verified GUIDs so you couldn't just pick a random number.
Of course, nobody in government is going to want to do any of this because they really don't want to fix the problem. They either want to be able to cheat or they want a political football to distract the citizenry from other issues.
Re: (Score:2)
But what's to prevent someone from duplicating a paper ballot and magically showing up with stacks of them in the middle of the night because they were "found" in the trunk of a poll worker's car? At the moment, nothing. It's really painfully easy to copy current paper ballots.
Can you point to a single instance of this actually happening? Because I looked around (albeit briefly) and couldn't find one.
That's not to say that no one ever has tried to forge a ballot... but there's absolutely zero evidence of this happening at scale.
I'm not a "Venezuela Stole the Election" Type, but (Score:1)
Re: (Score:2)
Dominion Voting Systems is almost a perfect how-to-not example for secure elections.
In what sense?
Getting everything open source is a good start.
Getting everything open source is completely irrelevant.
The security of a voting machine is based on a verifiable paper trail.
If you're relying on a specific version of a code base being run on the unmodified proper hardware then you have no security.
Re: (Score:1)
An academic study of the problem (Score:2)
rocket science (Score:2)
Um, is this really that hard to code?
I don't care what software they use, as long as there is a paper trail of ballots, and by paper trail i mean PAPER ballots that are preserved for a LONG time.
Let's just get rid of all voting machines (Score:1)