Matt Blaze on Securing Voting Machines

Matt Blaze's House testimony on the security of voting machines is an excellent read. (Details on the entire hearing is here.) I have not watched the video.

Posted on December 5, 2017 at 6:39 AM • 35 Comments

Comments

ParkerDecember 5, 2017 9:39 AM

If you want evidence MB's testimony isn't merely academic, just look at the FCC public comment system and how easily fraudulent entries can be used to skew decision making, even at the highest level, and to issues affecting the nation.

No one knows many fake scam comments were entered into the system on which the FCC is basing to some extent, it's decision. And yet they don't have time to verify them. Hurry, let's ram it through before anyone has a chance to see.. hey, wait a minute. Sorry, too late.

D-503December 5, 2017 1:03 PM

If the intended goal is an accurate vote count, there is no known substitute for hand-marked paper ballots counted by hand in public. Which is how federal vote counts used to be done in my country until about ten years ago.
Yes, ballot boxes do get stuffed, lost, or stolen, but the presence of an auditable paper trail limits such incidents.

With electronic voting, electronic tallying, and electronic surveillance of polling stations, it's anybody's guess how people actually voted. Which is the entire point of electronic voting machines, etc. Our political leaders don't trust us to always vote the 'right' way.

albertDecember 5, 2017 1:10 PM

@Parker,
What makes you think that the FCC even cares about public comments? The telecoms decided, and the FCC will obey. The rest is for show. This is the era of truth by proclamation. Actual comment (or vote) count is irrelevant.

@D-503,
"...If the intended goal is an accurate vote count, there is no known substitute for hand-marked paper ballots counted by hand in public...."
I agree. This was the result of much discussion on these pages. Vote counting is only a part of the problem. There are other ways to fix elections. And they are very low tech.

. .. . .. --- ....

Petre PeterDecember 5, 2017 1:54 PM

Remember! Complexity is the number one enemy of security. Why do we have the most complex voting system in the world?

Remember, remember...democracy cannot function without a secret ballot. Germany understood this after the Social-Democrats-it created order to regulate not to confiscate. In the United States, i see threats that confiscate instead of rules that allow choice. A choice that threatens to confiscate leads to order that is not based on truth—it leads to disorder. Pre-registration is an example of this threat, especially since it’s done in the school my children go to.

Remember ! Trespassing On The Freedom Trail and forget about black.out . Maybe HAVA could help me find some squares that are squares without choke points(grass i cannot sit on, ponds i cannot swim in and boats that look like swans)

If everything is private, why do i need a public administrator?

A beautiful read but not a single occurance of the word square-the most primitive forms of re.set.

echoDecember 5, 2017 2:45 PM

I personally find with a lot of issues is the US can be very US-centric. US ideas and public discussion such as this is very interesting and a strongly positive contribution in many ways. I do wonder though if discussion with a more international perspective or comaprisons with equivalents such as the EU might make discussion more accessible and stimulate more domestic contributions within an international audience.

This is my simple understanding and simple questions.

I have wondered if a machine based system might be designed to provide basic ballot filling and counting. This paper says it already exists and is in use. (Ballot Marking Devices, pages 5-6.)

* Only a step above a pure manual paper system.
* Caters for able and disabled people.
* Simple.

After voting the vote would need to be counted. (Optical Scan Ballot Readers, page 5.)

* Impossible for reader to tamper with paper vote.
* Manually verifiable.
* Simple.

What is the simplest most relaible implementation which does away with software upgradeable and hackable logic? Build to last? Understandable and designable and replicable by anyone with a higher level education?

Re-reading the paper it seems my questions are the opposite of systems being deisgned with maximum cleverness and broken by simplicity. Perhaps if a system is designed from the simple basics and cleverness can't break it then the system is sound?

hmmDecember 5, 2017 2:57 PM

Why do we have so many different machine vendors and models? That's fragmentation by design!

There ought to be ONE SECURE STANDARD.

book_reviewDecember 5, 2017 3:00 PM

Clive Robinson, amongst others, typed about elections on the current squid. His headline was 'Paper, Paper For your votes'.
https://www.schneier.com/blog/archives/2017/12/friday_squid_bl_603.html#c6765366
or search for 'election' there.

Voting related and/or OT

Are they (the USA public in general) a bunch of dummies?

1) Are white women in the USA dumb enough to give the Trump Team ("'tt'") wins in the upcoming elections in the USA (Alabama and Georgia, come to mind). IIRC white women gave tt the presidential win in the last presidential election.

2) Are they (the USA public in general) such a bunch of dummies that we can respond to questions with 'That's a good question' and then recite relevant, tangential, or irrelevant talking points. For example, how a Conservative FCC commissioner responded to questions on 1A today (downloadable mp3; 32:43)
December 5, 2017
An FCC Commissioner Makes The Case For Net Neutrality
Here's what we did. We sat down with a current Federal Communications Commission commissioner as well as a critic of the FCC's move to repeal net neutrality. Then we opened our phone lines and let listeners ask the questions. The FCC has been reversing and revising many regulations, and the national conversation about net neutrality is heating up. While some argue repealing net neutrality gives internet service providers too much power over consumer content, others say it's not only good for consumers, but good for business.
https://www.npr.org/podcasts/510316/1a

or are we a bunch of dummies who have been betrayed 'for chump change'
https://www.theverge.com/2017/3/29/15100620/congress-fcc-isp-web-browsing-privacy-fire-sale

or see how in Portugal pricing is 'splitting the net into packages' (graphic)
https://www.theguardian.com/technology/2017/nov/22/net-neutrality-internet-why-americans-so-worried-about-it-being-scrapped

and
3) presumably eff.org, aclu.org, etc., are playing the long game. Is there any reason for powerful players, TLAs, the big ISPs, Amazon, Apple, Facebook, Google, Wikipedia, Netflix, eff, aclu, and so on and numerous smaller ISPs and up to millions of websites to bring the WWW to a crawl before the upcoming FCC vote.


hmmDecember 5, 2017 4:24 PM

" Are white women in the USA dumb enough to give the Trump Team ("'tt'") wins in the upcoming elections in the USA "

At risk of talking about politics, let's define the "Trump Team" - do you mean all the spineless Republicans in Congress who called him unstable and dangerous and stupid and dishonest, but now support him as far as tax cuts for the ultra-wealthy corporatist agenda? Or do you mean Trump's administration himself, his appointments and lawyers all headed for prison for lying to the FBI - or worse?

http://news.gallup.com/poll/211817/democratic-edge-party-affiliation-seven-points.aspx

Since the election the # of people (mean avg) willing to say they lean Republican has declined 8 percent.

People really, really hate Hillary Clinton - even now. It was a bad idea to run her, period.
Water under the gate. Bridge, water under the bridge. Right.

But people are waking up to the bullsh*t. Even insane right-wing quasi-traitors admit, he's not helping.

Trump is now saying he's above the law. Mueller the next day subpoena'ed all his bank records worldwide. Trump says he's not concerned about Flynn turning State's Evidence, as his twitter account is blowing up as he rails against the FBI and the "Deep state" - It's like Alex Jones stuff, only less believably laid out.

He even called in a favor from Murdoch at the WSJ to op-ed a smear on Mueller - get this - for firing a guy who made inappropriate texts that implied bias or indiscretion as a professional agent. He did his job to the point of firing a guy for the POSSIBLE APPEARANCE of indiscretion. Contrast that.

Trump is now floating a proposal to make a Blackwater-style (Betsy DeVos is the sister of Eric Prince) PRIVATE INTELLIGENCE AGENCY styled after the CIA that answers to him and does not report to Congress. You can't make this up. He's gone full Himmler.

So to your question, are Americans stupid enough to accept fascism wrapped in the flag, waving the cross, supporting a child molester for hyper partisan treason essentially that undermines out Republic and Constitution directly, irreparably, willingly?

I wish I could say that's a ridiculous question.

TatütataDecember 5, 2017 4:53 PM

The Computer Chaos Club published a 23-page long report last September auditing "PC-Wahl" one of main tallying and reporting software packages used in Germany. It identified fairly catastrophic vulnerabilities, including a very amateurish software signature "verification" which allows code injection through the update mechanism. A demo was provided.

This package was the used by reporting offices in the September 2017 federal election.

Germany uses a paper and pencil ballot. So it isn't only 100% electronic voting that must be looked after.

echoDecember 5, 2017 9:28 PM

British elections at risk from perfect storm of threats, says watchdog

https://www.theguardian.com/politics/2017/dec/05/british-elections-at-risk-from-perfect-storm-of-threats-says-watchdog

Some hgihlights include: Fraudulant ballots are one concern. Declaring sponsorship interest and greater expense scrutiny to combat evasion of rules. Photo id excluding already marginalised voters is usefully raised especially in light of election issues in the US. New methods of voting should be considered while remaining circumspect of online voting.

Clive RobinsonDecember 6, 2017 3:38 AM

@ Matt,

If you are reading this one typo made it in "Nome"...

@ All,

One question that has puzzled me about US voting systems is "Why the technology?" There appears to be an implicit assumption that "optical readers" are the bottom line, and that manual counting is a no-no.

As a rough rule of thumb the simpler a system is, the easier it is to understand thus find any problems or issues.

One of the problems with technical systems of any kind is their non transparency, thus a bureaucratic mind falls to the defensive position of "Standardized Tests" to verify correct functioning. As most here should now know "Standardized Tests" can be detected by a Device Under Test (DUT) which then produces the required not real results. Thus the only thing "Standardized Tests" actually test is the "Honesty of the vendor", which we know from the likes of Volkswagen is not something that should be counted upon. As the old joke about the CIA has it "In God we trust, every one else we test" (and even they fail at it).

One issue that tends not to get discussed is the issue of a "Two Party System". The reality is that only one vote actually counts, and with the advertising process given free reign you would expect the votes to be quite close. Thus statistical tests for fraud to be ineffective, unless the fraud is blatent or localised. The use of non transparent technology alows the fraud to be both widely distributed and statistically small at any given location, thus the probability of getting away with it fairly high...

Clive RobinsonDecember 6, 2017 4:07 AM

Just an add on about faking test results in non transparent systems.

One of the assumptions behind standardized tests is that cheaters will be found out and it is in the interets of those who do find out to tell...

As we know Volkswagen were not the only cheaters, infact most of the industry knew they were cheating the tests. That is on seeing the Volkswagen test results quite a few of their competitors got hold of the cars and did their own testing to find out what the "secret sauce" was that Volkswagen had discovered. On finding out there was no "secret sauce" other manufactures kept silent. Which is typical cartel forming behaviour.

Therefor it would be stupid to think that any cheating "closed source" system is going to be outed by it's competitors. Especially when you think about it, it's actually not in their interests to do so...

So all technology used in voting systems needs to be fully transparent. Even optical readers are not transparent, so they should not be used either.

Jon (fD)December 6, 2017 8:52 AM

@ Clive Robinson on "Why the technology?"

I'd argue mostly the media, partially cost.

The 24x7 news machine needs to be incessantly fed, and any delay in counting votes is deliberately spun to make those doing the counting look incompetent if they cannot produce a definitive result "immediately"*

See also the cost of hand-counting. Machines are cheaper (at least, that's what the machine vendors incessantly reiterate). Just try to get a bigger budget for being slower.

Jon (from Denver)


* For a reasonable value of immediately. Do YOU want to be Commissioner in the LAST precinct to report your results? Or do you want to be the spiffy one who used high technology to report first? Good luck in your future career in politics!

CallMeLateForSupperDecember 6, 2017 9:35 AM

@hmm
"Why do we have so many different machine vendors and models?"

Because free enterprise. Do you have a problem with free enterprise per se? Would you prefer to have a single choice for voting machines, a single choice of a home, vehicle, university, hotel, and turkey fryer? USSR tried that approach and it was an epic fail.

"That's fragmentation by design!"

Yes, but that can be (*can* be, not always is) a strength. The current vote gathering system itself, ironically, demonstrates this: there is no single tallying modus that would, if it failed, take down an entire election. Certain features of single-source are highly attractive, even seductive, but single-source can also bite off your tender parts, sink your enterprise, and even kill persons.

"There ought to be ONE SECURE STANDARD."

I agree. So, if there were universal, secure standards, would you still lobby against multiple machine vendors and models?

Full disclosure: I spent about 13 years of my final for-profit career ferreting out and eliminating potential single points of failure in certain electronics systems (among several other responsibilities).

hmmDecember 6, 2017 9:50 AM

@Supper

Voting machines are not home appliances. The comparison is flawed.

Given a choice between 25 maybe-sorta secure voting machines and 1 thoroughly vetted one?

You would choose the crapware? Really?

HermanDecember 6, 2017 10:23 AM

Serious corruption in US politics goes back a while.

Tammany Hall (the executive committee of New York City’s Democratic Party organization) boss William Magear Tweed (1823 - 1878) who, with his “Tweed ring” cronies, systematically plundered New York City of sums estimated at between $30,000,000 and $200,000,000.:
"As long as I count the votes, what are you going to do about it?"

Clive RobinsonDecember 6, 2017 11:26 AM

@ Jon (fd),

See also the cost of hand-counting. Machines are cheaper (at least, that's what the machine vendors incessantly reiterate).

Well either they are idiots or in the US you pay the hand counters "money to be honest". Most places I know of where paper ballots are used the "Election Officers" who staff the election and do the counts are volunteers. Those who "over see" the count are generaly members of the parties of those who's names are on the ballot. They may or may not be paid for their time but if they are it would come from party not civic funds.

The tables chairs and other "office equipment" that might be used for a hand count are either going to be re-usable on a daily basis or basic stationary consumables.

The optical reader machines are however over priced generaly unreliable and used very rarely, thus would have significant storage costs.

So pardon me if I think that either people are lying through their teeth or kickbacks are involved somewhere. If the latter it's probably at the level that put the funding legislation in place...

Now call me cynical I remember a few years ago there being a bit of an outcry about voting machine manufacturers like Dibold being involved with major political party contributions...

If I was to add two and two together would I come up with something between three and five or something altogether different?

I gather there has also been past statistical analysis showing correlation between the use of such machines and the political success of a particular party. Something that might well have given rise to the legislation that provided the funding along with stories about "pregnant chads" and similar.

I realise that what I am about to say is sacrilege to some people but sometimes the solution to a problem in life is to "take a step back" rather than the more famous political statments of,

    A year ago we were standing at the edge of a precipice. Since then we have taken a large step forward.

(Effect of a too literal translation of a speech by Mao Ze Dong.)

    We have come to the edge of the abyss and now it is time for a bold step forward. There is a political view that the tougher you are, the more credible you are.

(Ed Balls, made whilst people still voted for him to be a UK politician...)


VDecember 6, 2017 4:19 PM

One thing the paper doesn't cover is the dangers in elections-by-mail. A lot of states see this as the greatest thing since stuffed ballot boxes. Voting by mail allows buying votes ("let me see you vote for Senator Slime and drop the ballot in a mailbox, then I'll give you $10.00"), coercion ("Sweetie, you better be voting for Senator Slime or you're gonna have two black eyes.") and/or vote theft (Hey look, I grabbed all the blank ballots for the block - all I need do now is forge a bunch of signatures. Senator Slime in a landslide!")

hmmDecember 6, 2017 5:07 PM

With as many different models as they have, none of them really get the full attention. There's no static compliance targets. Everything is a 1-off, every vendor and then every sub-model is an individual ecosystem of vulns. Managing that model is impossible for any organization. See Android clusterf#.

I understand having a diverse ecosystem compartmentalizes the vulns, yes that can help prevent a 1-worm pandemic - but so can good design. Vulns can be nixed 'fleetwide' instead of haphazardly per-state laissez-patched *if* that state/locality has the money/time/interest to do so, as it is now.

Why did we decide that they had to be self-contained 'machines' made as cheaply as possible in the first place? Why not have one or two moderate-cost reliable systems per polling place and have banks of cheap idiot-proof terminals? I mean there are ways to make this a lot more secure and efficient all around, it's worth spending a bit to get right rather than just shrugging and accepting hacked elections as an inevitability.

Put out bounties and really get it whittled down to robust code without much surface area to attack, build HW security features that complement the SW, have multiple layers of complementary blockchains on the backend, keep in reserve a completely-different-but-also-fully-vetted alternate front-end system ready to go, maybe 2 or 3. But not 50-500.

All of this is fully doable. What's standing in the way besides states' rights and short-sighted local misers?

CallMeLateForSupperDecember 7, 2017 8:36 AM

@hmm
"Voting machines are not home appliances. The comparison is flawed."

I made no comparison. I gave an answer to your question, which was "Why do we have so many different machine vendors and models?" I answered, "free enterprise". Then I took up what free enterprise provides to a free market, namely "choice". Notice that your question, and therefore my answer to it, did not address security/quality.

You opined, "There ought to be ONE SECURE STANDARD", and I agreed. To be clear, by "standard" I mean *written*standards*, not "standard" as just one anointed product made by only one anointed manufacturer. Because free enterprise. If only one firm is interested in the voting machine market, so be it, but I still think that diversity in design, to "one secure standard", is best.

"You would choose the crapware? Really?"
You know I never said that. Let's move on.

AnselmDecember 7, 2017 9:23 AM

The main reason why most countries don't use voting machines and the USA are so keen on them is that in the US all the votes for offices starting from municipal dog catcher, sheriff, judge, … all the way up to POTUS take place on the same day. Ballots can be complicated, people cast votes in a whole bunch of races at the same time, and counting all of that by hand is a hassle.

Here in Germany, for example, we have all of our elections (mayor, municipal parliament, state parliament, federal parliament, European parliament) on separate dates, usually in different years, so for every election there are only one or two votes to count per ballot. This makes hand counting a lot simpler. (Sometimes there are referendum-type questions thrown in, but having to count three or more separate things is really, really rare.)

Municipal-parliament elections are the outlier since depending on where you live you could have 100+ votes that you could in theory cast separately on a ballot that is one meter square or more – although most people don't do this; they pick their favourite party's precooked list. Even these votes are counted by hand; it takes days, and the number of people who do split their votes across different parties, vote multiple times for the same candidate, or strike out the candidates they don't want to vote for (all of which is legal) is so small that just counting the simple ballots first generally gives you a reasonable idea of the eventual outcome.

hmmDecember 7, 2017 7:49 PM

For the purposes of secure voting you're not really going for the cheapest mass-produced option.
Having a wide rainbow of cheap under-designed machines is the problem we have NOW.

"Free enterprise" doesn't exactly keep the best secrets or offer the most secure systems historically.

We don't NEED several dozens of styles of a simple thing like a voting machine, nobody does really. Voting is the same simple task everywhere. We don't need a ton of options or locality specific firmwares. We don't need wifi or even USB. The less to it the better. You know, an actual security paradigm.

We need one style, and we need it to work so idiot-proof reliably and provably that the public takes it for granted that it's a secure and trustworthy bastion of our form of governance.
Anything less than achieving that result and the whole idea is pointless nomatter the cost.

How we engineer and manufacture and verify that, sure the devil is in the details - but starting from simple secure best practices and limiting the unnecessary feature creep and proprietary blob weirdness from the very beginning is a crucial concern. Designing this to be a for-profit item is missing the application.

If our baseline is set at accepting the CRAP that Diebold has or other absolutely worthless machine fleets, because "they work on some level and aren't expensive and we have them now" - or "because it's West Virginia and these are made in West Virgina", then representative government as we know it is done for.

Clive RobinsonDecember 8, 2017 1:46 AM

@ hmm,

We don't NEED several dozens of styles of a simple thing like a voting machine, nobody does really.

Whilst mainly true there are "some people" who do NEED for what boils down to "Political Mantra".

If --and it's s very big if-- voting machines are needed, then logically somebody has to make them and they will require payment for materials, labour, etc, etc.

Now the thinking is "Nobody does something for nothing" and even if they did the caveat of "You get what you pay for" applies. Thus the thorny question of "Who pays the profit?" arises.

I'll leave out most of the political and free market mantra, but it boils down to the "Tax is free money" problem. Thus there is no incentive to be "efficient" or have good "productivity" which the argument says is why "Defence Procurement" has "Cost Pluss" issues, that are in effect "Taking the tax payer for a ride".

Thus the argument is that "The free market" is the way to go. Hence we had US Politico's screaming "COTS is the only way" and thus totally missing the point.

COTS works when demand is high, thus the savings of FMCE scale apply. But lets be honest the demand for voting machines is in reality "non existent" thus the whole thing is a faux market, with all that implies.

The argument that "US elections are complicated because of XXX thus we need solution YYY" is actually a false argument. Because if they are so "complicated" how the bl@@dy h3ll do you expect the voters to actually make a meaningful vote?

The reality is you are adding flashing lights bells and whistles to what is in effect a GIGO process, where the best you could hope for is a truley random output in all but one or two of the ballots...

Thus voting machines are not the solution to the problem, on that we both agree. Which leaves the question of what the solution should be?

I would say that if the voting process is to complex for the simplest (paper-n-pen ballots and tin ballot boxes) voting system, then what is realy needed is "root and branch surgery" on the voting process to eliminate the complexity at source, not disguise it behind an overly expensive totally insecure "fair ground" attraction...

But of course as you note there are "political considerations such as the purchase largess of "made in ZZZ". Which as has been seen with voting machine manufacturers already is a way for politicians to get some of that tax money into their political funds...

So pethsps the question might be "Is the US voting system delibetatly overly complex for what is in effect Corrupt Political reasons?"

As an outsider looking in I can not help but think the answer to that is "Yes"...

Oh one last thing to think on, if you do create a "faux market" for voting machines, you have created a manufacturing entity that needs to "thrive and survive"... In what is a closed and very limited market, how do you suppose the entities are going to survive and thrive? One way is to supply unreliable goods that have a continuous need to be repaired and upgraded, others are potentially criminal to the point of treason (ie sell elections is criminal and to foreign powers would be treason, but oh so profitable if you could get away with it).

hmmDecember 8, 2017 1:09 PM

" voting machines are needed, then logically somebody has to make them and they will require payment for materials, labour, etc, etc. "

Sure there's a practical necessity there, of course.

We know all about the "big check" procurement problem of government vs. private industry, where you end up with the $6000 toilet seats on submarines, etc. Valid issue.

All the big companies that provide infrastructure that makes the internet possible, all of them have special deals with the .gov. AT&T wouldn't exist, IBM wouldn't exist as we know it without those special collaborative projects that we've depended on. I'm less concerned about those companies making "too much" on those contracts as I am holding them to the 6th significant figure of compliance when it comes to the finished product.

Especially so with e-voting. It should be a protected, subsidized and partnered project like pipelines or anything else we do that's important and critical to do right.

The net profit for the project itself isn't so much the incentive, more just being "that major company" that the government depends on as their trusted contractor for this. It's a cachet that leads to further contracts and longevity. If this collaboration yields the fruit sought, in this case provably secure and stable election performance, YOU CAN'T PAY ENOUGH.

It's invaluable and necessary to our system. NOT having this, we're basically waiting for some effort that succeeds in hacking our system at scale. The cost of that, if our elections were completely disrupted and people didn't trust it, would be INCALCULABLE. So at some point we have to decide that funding out fundamental infrastructure to DO THE JOB that we need done outweighs whatever free-market dogmatic economic theory we'd like to pretend we follow, (but don't really, if you look closely at our macroeconomy..)

Of course, done wrong? It's a major boondoggle and fodder for those who would repeat the common mantra that "gubmint can't do anything right" - and they would have a point, but this is a very difficult problem to solve and KEEP solved. Still we have to make a proactive effort on it NOW, before it becomes the crisis it very well might. A fully hacked election is orders of magnitude worse than any bloated contract or appearance of picking winners and losers in the economic framework.

So I'm less concerned about the 'faux market' - frankly the entire "voting machine" industry shouldn't exist. Voting is not and should not be an for-profit endeavor, and to the extent that it is corrupted in that direction it will be gamed. You're right.

"One way is to supply unreliable goods that have a continuous need to be repaired and upgraded, others are potentially criminal to the point of treason (ie sell elections is criminal and to foreign powers would be treason, but oh so profitable if you could get away with it)."

-Yeah that's a valid concern also. Oversight in the contract needs to be airtight. This is essentially a matter of national security, like missile interceptor projects or something on that level. Leaving it to unregulated industry in the name of protecting the market niche competivity would be to miss the point of the endeavor wholly. This isn't something companies need to make money on. This is a pillar of representative government. If we don't get it right, government waste will be the least of our concerns.

book_reviewDecember 8, 2017 5:37 PM

Voting methods by state in the USA (I know next to nothing about ballotpedia)
https://ballotpedia.org/Voting_methods_and_equipment_by_state

Regarding next Tuesdays Alabama's Senate election, an Alabama voting guide
http://www.vote411.org/state_guide?state_id=Alabama

The race appears to be close. With paper ballots, should you look for voter suppression or intimidation efforts (photo ID, etc.) or something else to help elect Moore, perhaps?

https://www.realclearpolitics.com/epolls/2017/senate/al/alabama_senate_special_election_moore_vs_jones-6271.html
https://www.politico.com/story/2017/12/02/poll-alabama-senate-race-276019
http://abcnews.go.com/US/roy-moore-ahead-alabama-senate-race-poll-tied/story?id=51545569

JoshDecember 8, 2017 9:59 PM

@hmmm wrote,

So I'm less concerned about the 'faux market' - frankly the entire "voting machine" industry shouldn't exist. Voting is not and should not be an for-profit endeavor, and to the extent that it is corrupted in that direction it will be gamed. You're right.

So much has been publicized about hacking vote machines, but it isn't the only worrisome factor. In order for a vote machine to work it must allow its participants the ability to go back and independently verify his/her voting record to ensure the system did not store it incorrectly.

Next, there must be a way for all participants to verify the vote counting process to ensure correctly stored votes were not incorrectly counted. This was proven to be difficult in the paper/pen system, and is most definitely close to impossible in a digital system, unless a block-chain is utilized with no anonimity.

IMHO, anonimity of votes are exaggerated in a modern stable democratic republic like US of A. Do you really care if your boss found out you did not vote for Hillary Clinton?

hmmDecember 8, 2017 10:42 PM

" it must allow its participants the ability to go back and independently verify his/her voting record to ensure the system did not store it incorrectly. "

Complimentary quad-striped blockchains coupled with private keys maybe?

"there must be a way for all participants to verify the vote counting process to ensure correctly stored votes were not incorrectly counted."

Yep that's true, some sort of all-user accessible node counting with individual checksumming. It's complex.

The key is making sure there's only one way in -and out- for the data set storage.

"IMHO, anonimity of votes are exaggerated in a modern stable democratic republic like US of A. Do you really care if your boss found out you did not vote for Hillary Clinton?"

Again I'm with you, I think our voting record should be fully public as part of living in society.
It is our public 'say' in our governance, why should it not be public as a statement?

It should also then be illegal to discriminate against someone on the basis of their vote itself.
We are given the right, that itself should be free from persecution by 3rd parties.

What the hell are we smoking, we're talking about ideal governance.. look around, we're screwed.

The corporatocracy is upon us.

TatütataDecember 12, 2017 11:44 AM

12 December 2017

Alabama's paper ballots in today's election will be counted mechanically, and then destroyed. The issue is about applying a setting to the machines making them store the scanned ballot images, which is something they are actually capable of!

The Hill: Alabama Supreme Court stays judge's order to preserve voting records in Senate election

There is more content here:

AlterNET: Alabama Supreme Court Blocks Digital Ballot Preservation in Eleventh Hour -- The move ensures a hypothetical recount in the special Senate election will not be verified.

Alabama’s Supreme Court, where Moore served as chief justice, did not issue an explanation with its stay. However, a lengthy brief filed at the close of business Monday by state attorneys on behalf of Alabama Secretary of State John Merrill contained a list of eyebrow-raising assertions, such as Merrill had no authority to tell local election officials how to operate their voting machines. The state also said only private vendors holding contracts to program the machines could do so—and that it was too late for that.

The state also said the secretary of state, the top statewide election official and a constitutional office, has no jurisdiction over voting machines, which are essentially privatized.

Doesn't look good.

mostly harmfulDecember 13, 2017 6:59 PM

@ Josh

Next, there must be a way for all participants to verify the vote counting process to ensure correctly stored votes were not incorrectly counted. This was proven to be difficult in the paper/pen system, and is most definitely close to impossible in a digital system, unless a block-chain is utilized with no anonimity.

Anonymity and verification are not mutually exclusive: https://en.wikipedia.org/wiki/End-to-end_auditable_voting_systems

IMHO, anonimity of votes are exaggerated in a modern stable democratic republic like US of A.

I question your premises here.

  • "Modern" is a smeary word that can mean practically anything whatsoever, and hence means nothing at all. It means whatever the salesman wants it to mean, at a given point in time.
  • "Stable"? Tell that to the thousands of homeless people to be found in any US metropolis.
  • "Democratic"? Hardly. See: http://www.princeton.edu/~mgilens/Gilens%20homepage%20materials/
Do you really care if your boss found out you did not vote for Hillary Clinton?

As I was told on numerous occasions (back when I was a very nosy child curious about elections) by grown-up members of the Silent Generation[1], "Who I vote for is none of anyone's goddamn business."

1. "The Silent Generation is the demographic cohort following the G.I. Generation, roughly those born from the mid-1920s to the early-to-mid 1940s." &emdash; https://en.wikipedia.org/wiki/Silent_Generation

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.