Comments

CallMeLateForSupperAugust 8, 2016 7:07 AM

I've heard and read many citings of what Trump implied re: rigging of the November election but not even one voice pointed out that, to the extent that the election could be rigged *against* him, it could be rigged *for* him. Such a voice could seque to a conversation about security of vote casting systems.

Dewight REaAugust 8, 2016 8:58 AM

Might have been a good article, but Wired.com claims that I am using an adblocker. Which I do not. I am not able to read any of their content, regardless of the web browser that I use.

e625ffa9e687de1748ae9bf6c209c2026c27e2e0190449a4174b27c7206dfda6August 8, 2016 9:12 AM

Why does the US use voting machines at all? They are prone to manipulation and hacking, and they don't seem to accelerate the reporting of outcomes at all. Canada uses old fashioned paper and human counting, and results are generally available within an hour or so of poll closing, except in very tight races. US results often seem to drag on all night. Further, voting machines require maintenance of capital stock that is used only one day every couple of years, which seems wasteful. So again, what is the advantage of voting machines, other than making contractors rich and providing opportunities for easier vote tampering?

TimHAugust 8, 2016 9:49 AM

Both the RNC and DNC operate on the basis that they can use any measure to save the country by ensuring that the wrong person doesn't get elected. So neither will want to fix this. The push to fix will come from an independent entity.

BillAugust 8, 2016 10:19 AM

@e625ffa9e687de1748ae9bf6c209c2026c27e2e0190449a4174b27c7206dfda6: Because lawmakers could throw huge sums of money at their cronies and donors to come up with these flawed devices.

albertAugust 8, 2016 11:45 AM

@Dewight REa,

I have Firefox (with AdBlock and NoScript) on Linux. The instant the page appears, I hit ESC many times to kill the load. It works. You must do it for each new page load.

Search this blog for other techniques. It has been discussed in detail earlier.

. .. . .. --- ....

WaelAugust 8, 2016 11:48 AM

@keiner,

one of my favorite links...

A fully functional product must allow for both candidates to lose :)

BlockAdsNowAugust 8, 2016 12:07 PM

@Dewight, I have uBlock Origin and uMatrix and the page loads without any issues (and no ads).

x2bike4uAugust 8, 2016 12:48 PM

I use Firefox on Windows. If you enable reader mode right after you open the page on Wired, you can read it with no ad blocker nagging from Wired.

Richard AkermanAugust 8, 2016 1:19 PM

At the very end of the WGBH interview you state your strong opposition to online voting on security grounds, which is excellent, but you also said that online voting would increase turnout. All of the available evidence is that online voting doesn't increase turnout. I've collected just a few examples at evidence about online voting (particularly turnout). The City of Kitchener also did a 2012 report FCS-12-191 on Internet voting (PDF) that has tables listing turnout from various jurisdictions that tried online voting and showing there is no increased turnout trend. Finally, Estonia, which is the only jurisdiction that has national online voting, has no dramatic turnout trend even after 9 years (plus it has many security issues of which I'm sure you're aware).

GaryAugust 8, 2016 1:34 PM

I haven't thought about voting security as much as some, but it seems like the anonymity requirement is a bit of a red herring, since we already have mail-in ballots in most voting districts. Assuming that we had some strong means of authenticating voters, and a well-tested, open-source application to process the votes, why should Internet voting be any less secure than mail-in ballots? The only authentication on my current ballot is my signature, which is practically illegible.

Alien JerkyAugust 8, 2016 2:14 PM

A trick to get around Wired's website AdBlocker Blocker.

If using Firefox (I do not use the others, but probably is similar)

Type about:config into URL

Should default the cursor to the search box. Type javascript into the search box.

You will see an entry near the top of the screen called javascript.enabled

Double click it. It turns off javavscript.

Now go to wired.com and enjoy. Also try a bunch of other websites. Near instant loading. Every advert thingy requires javascript to work, but most websites will still feed the core information and graphics without javascript enabled. You get the basic graphics and all the text without the junk.

Some websites, like Netflix, need javascript to operate, so just do the about:config again, type javascript into search, double click javascript.enabled to turn it back on... now you are back to the normal junky mode.

keinerAugust 8, 2016 2:35 PM

@jerky:

Or install Noscript addon and enjoy full control on all scripts allowed with one click. Don't forget to remove the whole "Whitelist" in the config of Noscript!

Clive RobinsonAugust 8, 2016 3:52 PM

@ Dewight REa,

Might have been a good article, but Wired.com claims that I am using an adblocker.

If you don't have javascript on, it displays OK and without adverts or other annoyances.

As I've been saying for years, why on earth would you want someone you dont know anything about running code you know nothing about on your machine? Especialy these days when adds almost always carry tracking code of some kind.

Further there is no real need for javascript on sites that mainly serve up text...

ArclightAugust 8, 2016 4:02 PM

When California had the famous recall election in 2003, there were 135 candidates who qualified to be on the ballot for governor. The existing paper-punch machines couldn't accommodate this. What did they do? They printed the ballot on legal-size paper and asked voters to fill in the boxes of their choice with a standard black pen. The ballots were then counted with an optical scanner, of the type used to grade university exams and such.

I have no idea why this wasn't just adopted as the standard. The machines can count ballots very quickly and accurately, and the unabridged, original ballots are still available for a hand count or counting using a different machine/software if there is an integrity question. There's very little special equipment needed, and the supplies (printed papers and black pens) should be recognizable by most people.

Arclight

jon bondyAugust 8, 2016 4:53 PM

I listened to Schneier's comments about voting security with interest. A number of threats were discussed, but what seems to be lacking is a threat scenario. Is the threat that someone in the voting machine company inserts malicious code? Is it that a malicious someone can get physical access to the machines before voting? Is it that the machines can be hacked because they are online? Vaguely saying "voting machines are insecure" or "the voting system is insecure" may be true, but it would be improved if the threat scenarios were enumerated.

David LeppikAugust 8, 2016 5:14 PM

@jon bondy: see Electronic voting, Documented problems (Wikipedia)

TL;DR:

There have been numerous problems with e-voting machines, many of which could have been legitimate bugs or fraud, we can't tell. E-voting machines in the US are usually Windows touch-screen computers, with all the vulnerabilities of Windows, or PCs in general. This includes physical tampering (replacing the card that contains the data), password guessing, and breaking in via a WiFi network.

And that's not including the possibility that a developer who writes e-voting software puts in malicious code, as has been done for lotteries.

לַחסוֹםAugust 8, 2016 5:42 PM

To block the Wired ad block blocker, exclude the following URL in your ad blocking app:

www.wired.com/assets/load

TedAugust 8, 2016 7:05 PM

"Homeland Security chief weighs plan to protect voting from hackers"

“It’s time for the US government to "carefully consider" whether America’s election system should be considered as critical infrastructure, which would trigger greater digital security measures for electronic voting machines, said Jeh Johnson on Tuesday at a Monitor-hosted breakfast for reporters.”
“Like exciting critical infrastructure sectors such as electric utilities and water treatment plants, “There’s vital interest in our election process,” said Mr. Johnson. "We’re actively thinking about the election and cybersecurity right now.""
“If the US considered the election process as a critical infrastructure, the designation would have significant implications to how federal officials would respond to a possible cyberattack. There is no timeline yet for making that designation, but Johnson said he's considering reaching out to election officials."
“There is not one federal election system, but rather 9,000 jurisdictions involved in voting across America that collect, tally, and report of votes. And as more voting machines are automated and election districts rely more heavily on computers to count votes, elections are more susceptible to cyberattacks, many cybersecurity experts warn."
“Johnson noted that a recent White House directive on how the nation should respond to significant cyberattacks named Homeland Security as the agency for “fixing and patching” vulnerabilities that could affect critical infrastructure."
“"I’m the fireman," Johnson said, adding that FBI Director James Comey "is the cop.""


United States Election Assistance Commission “The U.S. Election Assistance Commission (EAC) was established by the Help America Vote Act of 2002 (HAVA). EAC is an independent, bipartisan commission charged with developing guidance to meet HAVA requirements, adopting voluntary voting system guidelines, and serving as a national clearinghouse of information on election administration. EAC also accredits testing laboratories and certifies voting systems, as well as audits the use of HAVA funds.”

jimbo1qazAugust 8, 2016 7:41 PM

Also YesScript is a lightweight alternative to NoScript (disable scripts on specific problematic sites, then reload)

Mike JeaysAugust 8, 2016 8:30 PM

A major disadvantage to on-line voting (and mail-in voting) is that the voter can be influenced by others, such as a spouse or partner. Voters should be free to tell their spouses and friends that they have voted one way, and actually vote the other, without fear of recrimination. The traditional poll booth is much better from this point of view, and cameras should be banned in polling stations. (Not easy with the current profusion of cellphone cameras).

John SmithAugust 8, 2016 9:47 PM

I have a dream ... that the next Presidential Election will be won in a landslide by Boaty McBoatface. Officials and pundits from all across the country will solemnly opine (yawn) that no-one could have seen this coming.

Rock on, Boaty. Rock on.

WaelAugust 8, 2016 10:14 PM

@Clive Robinson,

closer to the knuckle

I'll remember that expression: "and there it is" :)

Clive RobinsonAugust 8, 2016 10:23 PM

@ jon Bondy,

Is the threat that someone in the voting machine company inserts malicious code?

If you look back at those involved with the companies that design/make/sell voting machines in the US, you will often find they were "serious" financial supporters of the GOP...

It's the kind of thing that does not inspire confidence, especially when the machines lacked features you would expect such as supporting secure auditing.

Thus in some respects the companies "were their own worst enemies" for inspiring confidence.

Clive RobinsonAugust 8, 2016 10:38 PM

@ Wael,

I'll remember that expression

I know you occasionally look into where common expresions come from, can I suggest you might not want to on this one if you are even a little squeamish...

Scott "SFITCS" FergusonAugust 8, 2016 11:07 PM

@Clive Robinson

Re: Dilbert

See S2 E17 Ethics.
The manager "wins" the National Voting Software contract during a game of golf with his buddies who take turns at "winning" government contracts. He then forces Dilbert to manage the project. (who initially thinks it's the best project he's been forced to do)

Special interest groups declare Dilbert their biggest threat and try and bribe him to backdoor the program, but he refuses to compromise his ethics - even after reanimating Benjamin Franklin for advice and being told the average voter is too stupid to matter.
Dilbert doesn't backdoor the program but...
Drunk voting becomes the thing, and skiddies enroll a fictuous candidate Hairy Ass McSomething(?) - who wins the election by a landslide.

It highlights some of the problems with i-voting, but overlooks a few (even without counting security).

WaelAugust 9, 2016 12:50 AM

@Clive Robinson,

I know you occasionally look into where common expresions come from

Yes, I have interest in word and expression origins. You've got me pinned!

can I suggest you might not want to on this one if you are even a little squeamish

Out with it! Save me the trouble, or that a yellow card in the form of a moderator "knuckle sandwich" waiting to happen?

ianfAugust 9, 2016 1:19 AM


@ Wael declares an “interest in word and expression origins. Clive's got 'im pinned!

That interest has a name, and its name is etymology. You can also look up onomastics. There, two more words to tattoo on your boudy in the privacy of your boudoir.

"Pinned" = you mean pinned down, or mistyped "pinhead?" There's a difference.

WaelAugust 9, 2016 1:44 AM

@ianf,

The first word, I know. The second, I didn't and I'll probably forget it the moment I push submit. You haven't recovered, have you? It's okay! I knew someone with your symptoms, but he's better now! A few sessions with a competent shrink did wonders to him.

"boudoir", eh? I'll remember that! I won't comment on the "got me pinned".

Clive RobinsonAugust 9, 2016 4:40 AM

@ Wael,

Out with it! Save me the trouble, or that a yellow card in the form of a moderator "knuckle sandwich" waiting to happen?

The word "knuckle" has been around for well over 1500 years and does not mean quite what many people think it does. It's similar to butt in that respect.

When people buy "hog butt" for smoking / barbeques they are actually getting the "shoulder" not the "leg" or as some think the bit above the leg.

The "knuckle" used to refere to what we would call our knee or hip joints (crown knuckle and saddle knuckle respectivly). Hence an expression from around 1500 years ago saying you were up to your knuckle in it ment things were hard going as in winter snow or spring/autumn mud.

When a carcass was butchered the knuckles were cut out as these did not aid in cooking etc and just added "dead weight". Thus originally "cutting close to the knuckle" implied that a butcher was getting a bit extra for nothing by leaving in more usless and heavy knuckle bone in the joint of meat. That is he was being "a bit cheeky", and is often the case with such male only proffessions the language could get a little "ribald" and those that had that mentality were often those "cutting close to the knuckle" hence the meaning changed in common parlance.

So from originaly being the butchers equivalent of "the miller's thumb" or the sailors "on the fiddle" it changed in common parlance to mean some on who indulged in "ribald language" in male only company of the stock yard or the French equivalent of "risque language" when in the mixed company of court (french was the "courtly language" in England for over a thousand years).

P.S. Having seen ianf's input, you might want to look up the word Onanism and it's religious origins. Just don't be drinking coffee/tea when you read it as it might be messy.

WaelAugust 9, 2016 5:28 AM

@Clive Robinson,

The word "knuckle" has been around for well over 1500 years and [...] "risque language" when in the mixed company of court (french was the "courtly language" in England for over a thousand years).

I appreciate the elaborate explanation! Very interesting. Not as grotesque as you made it sound in the privious post.

you might want to look up the word Onanism and it's religious origins...

Now I read the whole article. I wasn't aware that the word is derived from "Onan", son of Thamar. I was aware of the story but not of the word origin. I read the book cover to cover in more than one language, btw... Now, I won't forget the word!

RatioAugust 9, 2016 5:39 AM

@Wael

Now I wasn't aware that the word is derived from "Onan", son of Thamar

Oedipal slip? (Staying with the theme...)

Playing With The Fabric Of DemocracyAugust 9, 2016 12:10 PM

@Gary

I haven't thought about voting security as much as some, but it seems like the anonymity requirement is a bit of a red herring, since we already have mail-in ballots in most voting districts.

Trust your gut. The world may be falling apart at the 'seems'. Before Snowden, a lot of things 'seemed' to be one way, but were actually another.

The anonymity requirement still matters to the spirit of democracy. Whether or not what we have now is close enough to that spirit, or if the spirit is still just a dream is hard to say.

The mafia exists. The government likes to pretend that it has things under complete control. Things are not as they seem.

Never Say AnythingAugust 9, 2016 12:23 PM

@Clive Robinson

Thus in some respects the companies "were their own worst enemies" for inspiring confidence.

And far be it for the NSA to engage in helping better calibrate the confidence of the citizenry. My money is on whoever the NSA wants to win the vote, winning the vote.

RatioAugust 9, 2016 12:36 PM

@Wael,

According to the story, Tamar was Onan's brother's widow, not his mother. In the story of Oedipus on the other hand...

WaelAugust 9, 2016 1:06 PM

@Ratio,

According to the story, Tamar was...

Thank you for the correction. I am able to gather what you insinuated now :)

I wonder what, on a average, the number of relevant comments are before we completely digress off topic. I'm also wondering which thread had the largest number of entries. I remember one particular thread reached 253 or 258 comments. Sorry, your handle got me thinking ;)

Sgt BarnesAugust 9, 2016 3:54 PM

@Wael
Re: I'll remember that expression: "and there it is" :)

If you want some interesting etymology, ask a Vietnam combat vet about the usage of "There it is." or "And there it is."

ianfAugust 9, 2016 4:30 PM


        Last word on this from me, I have a batch of chili pancakes to bake

@ Wael,
              so a(ny?) hotlinked new term from me makes you think of submission, eh? Fine, just THINK first whom to (I don't do freebies).

You haven't recovered, have you?

Do s.p.e.l.l. out what was there for me to [not] recover from. Upon inspecting that link, all I can see is that
(1.‍)‍ you obsess over an 8 month old exchange we had
(2.‍)‍ you refer me to some allegedly foundational text signed Judy Muller, titled "Judy Muller Annoyed About Nouns as Verbs," that recounts the many ways in which one Judy Muller is pissed off by language abuse—of which, however, you do not accuse me of. Then
(3.‍)‍ you claim that I indirectly answered your question—what question?

Apparently all that is still vivid in your mind. So do refresh mine, pretend I'm demented or something, just this once.

I won't comment on the "got me pinned".

You just did, but never mind, I'll soon forget what it was about (what was it about?)


Later, you are egged on by Clive Robinson, whose learned explanation of the etymology (= term you apparently already know) of the word "knuckle" you simply can't get enough of.

Well then, here's my MUCH shorter, MORE palpable elaboration: ask any drunk in a pub if he could, please, explain what the English word "knuckle" resolves as. ANY.

Continues Clive: Having seen ianf's input, you might want to look up the word Onanism and it's religious origins...

    Wael: Now I read the whole article. I wasn't aware that the word is derived from "Onan"…

a. My input = onomastics, the linguistic study of given names, companion science to toponymy, the study of place names. There is no connection in the Wiki pages I gave to any of the below.

b. Clive's association: Onanism, with religious origins.

c. Wael's comment: [now that he's been made aware of that], he “won't forget the word!” (late developer).

d. One Ratio makes a 2¢ deposit thinking that "Onanism" and "Oedipal" are somehow connected. See your momma blush.

e. Wael feels the heat, but doesn't really dare to point the finger at "whomever brought the topic up," i.e. Clive… but I harbour no such inhibitions. Also word of advice to Ratio: withdraw from this… dialogue.

WaelAugust 9, 2016 4:58 PM

@ianf,

Ok. I got a good laugh out of this one:

One Ratio makes a 2¢ deposit thinking that

I needed that one :) You insult him then you advice him to stay out of the discussion :) -- okay, enough digression from the topic of the thread. Apologies to every one and the moderator.

RatioAugust 9, 2016 6:14 PM

@Wael,

Sorry, your handle got me thinking ;)

That thinking (reason) is what the handle's all about, although I guess congruence is important, too. ;)

@ianf,

One Ratio makes a 2¢ deposit thinking that "Onanism" and "Oedipal" are somehow connected. See your momma blush.

Accidentally mistaking Tamar for Onan's mother connected the two ideas. You'll figure it out, it's not that hard.

</off-topic>

FrancesAugust 9, 2016 11:53 PM

Yes, the use of paper ballots in Canada is simple and straightforward and can be counted quite quickly. However, remember that American ballots are often quite complex which Canadian ones are not. Although our system is quite simple to use, I don't think you can fairly compare them to American ballots.

In Toronto municipal elections, we use a counting machine which seems to work quite well. However, there has been discussion of using ranked ballots for municipal elections and I don't know if the counting machines can cope with that.

CuriousAugust 10, 2016 8:30 AM

I wonder: is voting machine software so proprietary that it is an industry secret? Maybe not even accessible for inspection by a government?

SteveAugust 10, 2016 10:10 PM

Some things, albeit farfetched, but then again, maybe not, come to mind when I think about Electronic Voting machines.

1. With many of the machines being Windows-based, suppose they all get updated to Windows-10? With all the telemetry buried in it, Microsoft could have the outcome of a given election before anyone else.

2. Microsoft could choose to send out a Windows-10 update during an election. Does it brick the voting machines? Do other manipulations? Cause massive lines of voters waiting to vote while the machines are updating?

3. Slightly different: require everyone using a voting machine to use a 2-factor authentication. A voter is required to input a PIN-code that is texted to their cell-phone while in the voting booth. Of course, the voter is then Geo-tracked and IP-tracked, and all his habits are paired with how he voted. Do all Trump voters have coffee at Starbucks? Just look at how useful the 2-factor authentication has worked for seniors wanting access the the SSA web site.

Joe StalinAugust 11, 2016 2:13 PM

Lame, very general Wired article filled with truthyness: "there’s no indication—even in Virginia—that there’s ever been any interference" [in elections]. And Russians "hack" myth again just like the unattributed NYT story from Aug 10 by Eric+Eric. Why Bruce recommends this "My Little Pony" level
article and ignores well documented history and real study of election
manipulation should raise questions.

What about Ohio 2004 where the counting was done out of state in a GOP controlled server with the sys admin found dead in a small plane accident just before being deposed? What about the computerized manipulation of voter lists like the 2016 Brooklyn NYC Primary and in multiple other state voter lists written about by Greg Palast? But this is certainly not computer "interference" in elections, just good clean fun.

Many other problems can be traced to computerized vote counters, including vote fixing, absentee ballot manipulation, etc. Actual counting of paper ballots is so very rare that I cannot remember a single instance of a state or county completely hand counting since computerized counting began.

Look at Black Box Voting for the latest found simple MicroSoft database hacks for "default on" fractional vote weights in counting software of the paper ballots including attack methods,election organization weak points,likely actors, software and email histories of creating this attack during development.

Bruce seems weak on this stuff.

Wim TonAugust 15, 2016 2:56 PM

Why bother manipulating voting machines as the elections can be manipulated upstream already?
For example, Gerrymandering and preventing the registration of voters who may vote for the "wrong" party?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.