[ale] OT: man in the middle on diebold machines

Michael H. Warfield mhw at WittsEnd.com
Wed Sep 28 22:40:51 EDT 2011


On Wed, 2011-09-28 at 21:57 -0400, Jim Kinney wrote: 
> I like recycling the existing machines to paper print a ballot that is
> office = name legible and a machine name and timestamp stub for the voter to
> take home and display proudly.

Concur...  Paper trails are always good.  Two independent channels...
Very good.  Best of both possible worlds.  Tougher than nails to subvert
both.

> We know enough tech to be able to optically scan those ballots and can hand
> count them for verification.
> I can't begin to express the horror I feel at online voting proposals.

Oh CRAP!  Now you've got me started and it's IN MY HEAD and I CAN'T GET
IT OUT!  It was the mid 1970's and I swear I think it was the "Fantasy
and Science Fiction" magazine that ran a scifi story on this very thing
of high tech visitors (not invaders - we come in peace and friendship
sorts) that brought high speed networks to a backward low tech planet
and society.  In classical literature terminology it's what's called a
"tragedy".  The characters fight against the fates to the end but the
audience sees the train wreck as it builds to an apocalyptic disaster.
In the end of this story, the protagonist sees the chaos and
devastation this will have on their society is imploring his friend that
the aliens are not their friends and this will instant voting thing will
destroy their entire culture.  His friend turns to a screen in their hut
that has a ballot on it saying "Shall we accept the gifts that are
offered by our visitors"...  Yes or No...  They argue but the end is
obvious and the fight has been futile in the end.

AND NOW I CAN'T FIND THAT GODS BE DAMNED STORY.  GRRRRRRRRRRRR......
It's one of those things, like John Brunner's Shock Wave Rider (I am
one), that drove me into this bloody crazy profession in the first
place.

Regards,
Mike

> On Sep 28, 2011 9:42 PM, "planas" <jslozier at gmail.com> wrote:
> > Hi
> >
> >
> > On Wed, 2011-09-28 at 21:00 -0400, Drifter wrote:
> >
> >> Some random thoughts on voter fraud with paper ballots:
> >>
> >> I actually spend nearly 30 years living in rural communities in Virginia
> >> and voting on paper ballots was the only option.
> >>
> >> The primary difference between fraud with paper ballots and fraud with
> any
> >> sort of machine, whether mechanical or electronic, is the difference
> >> between retail and wholesale. With paper ballots the effective maximum
> >> size of a precinct is 500 actual voters -- so maybe 600 or so on the
> >> rolls. Why? Because counting paper ballots is extremely time consuming.
> >> At the end of the count if the tally sheets do not agree, then the judges
> 
> >> have to count the ballots all over again. Ouch!
> >> If one or more of the election judges is able to tamper with the tally,
> >> then the best they can do is compromise the voting of that one precinct.
> >> And the only way to tamper with the tally is to tamper with the
> individual
> >> ballots, which also takes time. (That's why I always marked my ballot
> with
> >> a pen and not the provided pencil.)
> >>
> >> Once voting machines are in use the fraud game changes radically. The
> >> precincts are larger -- much larger: 3,000 on the rolls is common. The
> >> much larger population of voters makes the fraud much harder to detect:
> >> Election judges no longer know every one by sight;
> >> which means it is easier to vote the graveyard, and for those so
> >> inclined to vote several times.
> >
> > When one registers to vote you must provide ID, which can forged. The
> > problem is that very rarely does the deputy registrar personally know
> > the person in any suburban or urban area. With the appropriate IDs and
> > little time, one could be registered in multiple precincts. Stuffing the
> > ballot box by this method has been done but requires many people to be
> > in on the fraud and only takes one to sing. Manipulating an electronic
> > file requires far few people maybe as few as 2 or 3. This would make the
> > fraud much harder to detect.
> >
> >> The shifting ratio of election judges to voters makes it easier to hide
> >> the fraud;
> >> The vote totals are larger making the fraud more likely to affect the
> >> election.
> >> Tampering with a few machines takes far less time than tampering with
> >> hundreds of paper ballots.
> >>
> >> So, yes; returning to paper ballots would significantly reduce the chance
> 
> >> of an election being stolen through fraud. Are paper ballots going to
> >> reappear in urban areas? Nope.
> >>
> >> Electronic voting frightens me because for the first time voter fraud can
> 
> >> now change the tally for an entire county or city. And the knowledge and
> >> skills of Michael Warfield or Bob Toxen are not needed. Any reasonably
> >> intelligent staffer in the Registrar's Office can be taught how to do it.
> 
> >> Five minutes alone at the right terminal should be more than enough time.
> >> The only way to prevent this kind of fraud is, as Michael suggests, to
> >> require end-to-end verification and auditing confirmation.
> >>
> >> Sean
> >>
> >> -------------------------------------------------------
> >>
> >>
> >> On Wednesday, September 28, 2011 04:59:51 pm Michael H. Warfield wrote:
> >> > On Wed, 2011-09-28 at 15:38 -0400, Cameron Kilgore wrote:
> >> > > I still wonder the need to complicate and put at risk the reliability
> >> > > of our one measure of democracy. Paper ballots seem more reliable
> >> > > and less prone to a politician's whim.
> >> >
> >> > On that, we may have to agree to disagree.
> >> >
> >> > On one hand, there have certainly been sufficient examples of "hanging
> >> > chads" and misplaced bags of ballots and ballot count mismatches to
> >> > argue that paper ballots are neither reliable nor less prone to a
> >> > politician's will.
> >> >
> >> > OTOH, there have been proposals for voting protocols down through the
> >> > years which can insure authenticity and authorization while preserving
> >> > anonymity while still providing end to end verification and auditing
> >> > confirmation. I've seen some such proposed at security conferences
> >> > such as NDSS, Usenix Security Symposium, and RSA over the last decade
> >> > or so. We know how to do it right.
> >> >
> >> > The problem is that these protocols are "open" and, as such, can not be
> >> > held for ransom by companies wanting to leverage the maximum number of
> >> > tax dollars out of pockets for their proprietary solutions and they are
> >> > too good for those people who don't want something that good...
> >> >
> >> > We can agree that the current field of voting machines are an abysmal
> >> > and embarrassing lot of junk that should have been rejected out of hand
> >> > by anyone with any respect for the institution. Trouble is, that's not
> >> > those with the vested interests.
> >> >
> >> > Regards,
> >> > Mike
> >> >
> >> > > --Cameron <http://ghostfreeman.net>
> >> > >
> >> > >
> >> > > On Wed, Sep 28, 2011 at 3:34 PM, Geoffrey Myers
> >> > > <lists at serioustechnology.com
> >> > >
> >> > > > wrote:
> >> > > >
> >> > > > Anyone else catch this?
> >> > > >
> >> > > >
> >> > > > http://hardware.slashdot.org/story/11/09/28/0241201/man-in-the-midd
> >> > > > le-remote-attack-on-diebold-voting-machines
> >> > > >
> >> > > > --
> >> > > > Later, Geoffrey
> >> > > > Sent from my iPhone
> >> > > > _______________________________________________
> >> > > > Ale mailing list
> >> > > > Ale at ale.org
> >> > > > http://mail.ale.org/mailman/listinfo/ale
> >> > > > See JOBS, ANNOUNCE and SCHOOLS lists at
> >> > > > http://mail.ale.org/mailman/listinfo
> >> > >
> >> > > _______________________________________________
> >> > > Ale mailing list
> >> > > Ale at ale.org
> >> > > http://mail.ale.org/mailman/listinfo/ale
> >> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> >> > > http://mail.ale.org/mailman/listinfo
> >> _______________________________________________
> >> Ale mailing list
> >> Ale at ale.org
> >> http://mail.ale.org/mailman/listinfo/ale
> >> See JOBS, ANNOUNCE and SCHOOLS lists at
> >> http://mail.ale.org/mailman/listinfo
> >
> >
> >
> > --
> > Jay Lozier
> > jslozier at gmail.com
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110928/9e44ed47/attachment.bin 


More information about the Ale mailing list