[ale] OT: man in the middle on diebold machines

Michael H. Warfield mhw at WittsEnd.com
Wed Sep 28 23:04:52 EDT 2011


On Wed, 2011-09-28 at 22:40 -0400, Michael H. Warfield wrote: 
> On Wed, 2011-09-28 at 21:57 -0400, Jim Kinney wrote: 
> > I like recycling the existing machines to paper print a ballot that is
> > office = name legible and a machine name and timestamp stub for the voter to
> > take home and display proudly.
> 
> Concur...  Paper trails are always good.  Two independent channels...
> Very good.  Best of both possible worlds.  Tougher than nails to subvert
> both.
> 
> > We know enough tech to be able to optically scan those ballots and can hand
> > count them for verification.
> > I can't begin to express the horror I feel at online voting proposals.
> 
> Oh CRAP!  Now you've got me started and it's IN MY HEAD and I CAN'T GET
> IT OUT!  It was the mid 1970's and I swear I think it was the "Fantasy

WOW...  Reviewing some of the old "dead trees editions" I have left and
I may have been way off on the timeline.  For some reason, I didn't
remember still having that subscription as late as the mid 1990's.  It's
not there in the ones from early 1995 and must have been earlier.  But
that spans a good 2 and a half decades plus now since I first subscribed
in the mid to late 60's...  Sigh...

> and Science Fiction" magazine that ran a scifi story on this very thing
> of high tech visitors (not invaders - we come in peace and friendship
> sorts) that brought high speed networks to a backward low tech planet
> and society.  In classical literature terminology it's what's called a
> "tragedy".  The characters fight against the fates to the end but the
> audience sees the train wreck as it builds to an apocalyptic disaster.
> In the end of this story, the protagonist sees the chaos and
> devastation this will have on their society is imploring his friend that
> the aliens are not their friends and this will instant voting thing will
> destroy their entire culture.  His friend turns to a screen in their hut
> that has a ballot on it saying "Shall we accept the gifts that are
> offered by our visitors"...  Yes or No...  They argue but the end is
> obvious and the fight has been futile in the end.
> 
> AND NOW I CAN'T FIND THAT GODS BE DAMNED STORY.  GRRRRRRRRRRRR......
> It's one of those things, like John Brunner's Shock Wave Rider (I am
> one), that drove me into this bloody crazy profession in the first
> place.
> 
> Regards,
> Mike
> 
> > On Sep 28, 2011 9:42 PM, "planas" <jslozier at gmail.com> wrote:
> > > Hi
> > >
> > >
> > > On Wed, 2011-09-28 at 21:00 -0400, Drifter wrote:
> > >
> > >> Some random thoughts on voter fraud with paper ballots:
> > >>
> > >> I actually spend nearly 30 years living in rural communities in Virginia
> > >> and voting on paper ballots was the only option.
> > >>
> > >> The primary difference between fraud with paper ballots and fraud with
> > any
> > >> sort of machine, whether mechanical or electronic, is the difference
> > >> between retail and wholesale. With paper ballots the effective maximum
> > >> size of a precinct is 500 actual voters -- so maybe 600 or so on the
> > >> rolls. Why? Because counting paper ballots is extremely time consuming.
> > >> At the end of the count if the tally sheets do not agree, then the judges
> > 
> > >> have to count the ballots all over again. Ouch!
> > >> If one or more of the election judges is able to tamper with the tally,
> > >> then the best they can do is compromise the voting of that one precinct.
> > >> And the only way to tamper with the tally is to tamper with the
> > individual
> > >> ballots, which also takes time. (That's why I always marked my ballot
> > with
> > >> a pen and not the provided pencil.)
> > >>
> > >> Once voting machines are in use the fraud game changes radically. The
> > >> precincts are larger -- much larger: 3,000 on the rolls is common. The
> > >> much larger population of voters makes the fraud much harder to detect:
> > >> Election judges no longer know every one by sight;
> > >> which means it is easier to vote the graveyard, and for those so
> > >> inclined to vote several times.
> > >
> > > When one registers to vote you must provide ID, which can forged. The
> > > problem is that very rarely does the deputy registrar personally know
> > > the person in any suburban or urban area. With the appropriate IDs and
> > > little time, one could be registered in multiple precincts. Stuffing the
> > > ballot box by this method has been done but requires many people to be
> > > in on the fraud and only takes one to sing. Manipulating an electronic
> > > file requires far few people maybe as few as 2 or 3. This would make the
> > > fraud much harder to detect.
> > >
> > >> The shifting ratio of election judges to voters makes it easier to hide
> > >> the fraud;
> > >> The vote totals are larger making the fraud more likely to affect the
> > >> election.
> > >> Tampering with a few machines takes far less time than tampering with
> > >> hundreds of paper ballots.
> > >>
> > >> So, yes; returning to paper ballots would significantly reduce the chance
> > 
> > >> of an election being stolen through fraud. Are paper ballots going to
> > >> reappear in urban areas? Nope.
> > >>
> > >> Electronic voting frightens me because for the first time voter fraud can
> > 
> > >> now change the tally for an entire county or city. And the knowledge and
> > >> skills of Michael Warfield or Bob Toxen are not needed. Any reasonably
> > >> intelligent staffer in the Registrar's Office can be taught how to do it.
> > 
> > >> Five minutes alone at the right terminal should be more than enough time.
> > >> The only way to prevent this kind of fraud is, as Michael suggests, to
> > >> require end-to-end verification and auditing confirmation.
> > >>
> > >> Sean
> > >>
> > >> -------------------------------------------------------
> > >>
> > >>
> > >> On Wednesday, September 28, 2011 04:59:51 pm Michael H. Warfield wrote:
> > >> > On Wed, 2011-09-28 at 15:38 -0400, Cameron Kilgore wrote:
> > >> > > I still wonder the need to complicate and put at risk the reliability
> > >> > > of our one measure of democracy. Paper ballots seem more reliable
> > >> > > and less prone to a politician's whim.
> > >> >
> > >> > On that, we may have to agree to disagree.
> > >> >
> > >> > On one hand, there have certainly been sufficient examples of "hanging
> > >> > chads" and misplaced bags of ballots and ballot count mismatches to
> > >> > argue that paper ballots are neither reliable nor less prone to a
> > >> > politician's will.
> > >> >
> > >> > OTOH, there have been proposals for voting protocols down through the
> > >> > years which can insure authenticity and authorization while preserving
> > >> > anonymity while still providing end to end verification and auditing
> > >> > confirmation. I've seen some such proposed at security conferences
> > >> > such as NDSS, Usenix Security Symposium, and RSA over the last decade
> > >> > or so. We know how to do it right.
> > >> >
> > >> > The problem is that these protocols are "open" and, as such, can not be
> > >> > held for ransom by companies wanting to leverage the maximum number of
> > >> > tax dollars out of pockets for their proprietary solutions and they are
> > >> > too good for those people who don't want something that good...
> > >> >
> > >> > We can agree that the current field of voting machines are an abysmal
> > >> > and embarrassing lot of junk that should have been rejected out of hand
> > >> > by anyone with any respect for the institution. Trouble is, that's not
> > >> > those with the vested interests.
> > >> >
> > >> > Regards,
> > >> > Mike
> > >> >
> > >> > > --Cameron <http://ghostfreeman.net>
> > >> > >
> > >> > >
> > >> > > On Wed, Sep 28, 2011 at 3:34 PM, Geoffrey Myers
> > >> > > <lists at serioustechnology.com
> > >> > >
> > >> > > > wrote:
> > >> > > >
> > >> > > > Anyone else catch this?
> > >> > > >
> > >> > > >
> > >> > > > http://hardware.slashdot.org/story/11/09/28/0241201/man-in-the-midd
> > >> > > > le-remote-attack-on-diebold-voting-machines
> > >> > > >
> > >> > > > --
> > >> > > > Later, Geoffrey
> > >> > > > Sent from my iPhone
> > >> > > > _______________________________________________
> > >> > > > Ale mailing list
> > >> > > > Ale at ale.org
> > >> > > > http://mail.ale.org/mailman/listinfo/ale
> > >> > > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > >> > > > http://mail.ale.org/mailman/listinfo
> > >> > >
> > >> > > _______________________________________________
> > >> > > Ale mailing list
> > >> > > Ale at ale.org
> > >> > > http://mail.ale.org/mailman/listinfo/ale
> > >> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > >> > > http://mail.ale.org/mailman/listinfo
> > >> _______________________________________________
> > >> Ale mailing list
> > >> Ale at ale.org
> > >> http://mail.ale.org/mailman/listinfo/ale
> > >> See JOBS, ANNOUNCE and SCHOOLS lists at
> > >> http://mail.ale.org/mailman/listinfo
> > >
> > >
> > >
> > > --
> > > Jay Lozier
> > > jslozier at gmail.com
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110928/55eb16da/attachment.bin 


More information about the Ale mailing list