Electronic voting machine fraud..is it possible?

I give for your perusal…




For those more in the know than myself. Are these guys blowing smoke or is it really possible?

If it is…oh my god.

I have no idea about the credibility of that site, but as far as I know, no voting machine company has released their encryption or authentication technology for public scrutiny. Based on my experience with security technology, any system which is not peer-reviewed by cryptographic experts is de facto vulnerable.

But that’s just my opinion.

The site are just mirror sites. The main site was overloaded.

There are so many spots to compromise electronic voting systems.

The voting terminals themselves can be jiggered.
Assuming the terminals at a polling place are aggregated for transmission, the server they’re connected to can be tampered with.
The data sent to the central server at the elections department can be intercepted and changed
The central server(s) can be messed with.

How will you know that the voting terminals were’t programmed to report every third vote for Candidate B as one for Candidate A? Sure, the thing may print a receipt showing you voted for B, but do you really know it transmitted B?

I could go on, but won’t - just not enough time right now.

Security will come in the form of a mix of old-fashioned physical security and high-tech encryption and validation techniques. And a whole lot of trust.

Being in the information security business, I’m not convinced we’re ready for electronic voting.

What gets me is there is no paper trail.

That’s scary.

Back when I lived in New Mexico we used mechanical voting machines. They did not provide a paper trail either.

Slashdot posted today a reference to a New Zealand article concerning potential voting machine fraud.


Pretty scary.

Further linkage - a meta article for the link above:


In principle it is possible to design a system which is secure but it can get pretty technical

The concept of blind digital signatures would come in handy as well as other concepts like observers and agents.


Yes, it is possible for voter A to cast a vote and encrypt it. then have the observers for different parties sign it digitally to validate it and then have a program be able to count the votes for each candidate and not be able to connect each vote with each voter.

It works in a similar way for untraceable digital ash.

So what y’all are saying is that in any district using electronic voting the elections can be suspect?

They are used in 30 states and more are going to them.

It’s worth a look to see who owns the various companies that make these machines.

Did you read my post? I said exactly the opposite.

Do any of the systems actually implemented use the algorithms you cite? Almost all of the systems I’ve seen have not been open for review which, as friedo points out, means that they should be assumed insecure. I’ve seen a few which published specs but not source code so there’s no way to know if they meet their own specs. I haven’t seen any which even claim to use blind signatures. Mathematics is all fine and good, and I certainly trust Chaum’s work, but there’s a huge difference between a well-designed algorithm and a secure implementation ready for the real world.

I haven’t done anything like a complete survey of the industry, but given what I have seen, I think Reeder’s assumption that all the systems currently installed are suspect is a safe bet. Certainly safer than assuming the opposite. At the very least, any citizen in a precinct using these systems needs to push for full disclosure and qualified review.

I do not have any capacity to judge the implementations but I think that, even if we had all the information, we would not be capable of serious analysis here so my trust would come more from the political parties and independent observers agreeing they are safe.

The fact that they are not open for review is indeed troubling but then I do not see why all parties would accept them.

Why not just use pencil and paper, like Canada did in its last federal election?

Isn’t the CEO of one currently serving a term in the House of Representatives for some sparsely-populated state?


Interesting site…


I’ll only critique the tech-ish parts, since this is somehow in GQ (though being steered out of it).

The detailed reports in her scenario won’t balance to the summary reports, unless she modifies both copies of the ledger. So this is not “untraceable”.

Plus the whole thing is predicated on a complete lack of security to the database tables. For instance, what’s the point of an audit table if you can delete rows directly from it by editing the tables? That doesn’t ring true to me.

Also, not sure about this bit:

What’s so bad about multiple sets of books, as long as they are both public? You can compare them for discrepancies.

LordVor, I believe you are talking about Sen. Chuck Hagel from Nebraska, who won his last election with something like 83% of the vote. Tell me those aren’t fishy numbers…

Right ** Shoeless**, didn’t he beat a popular incombant as well? And the voting machines that his company made were in use in much of the state, and his software never went through public review? Granted, I think I’m talking from what I remember of an old Newsweek piece…

It looks like it may have already happened. I found this some time ago.