Here’s a Pennsylvania voting machine that repeatedly tried to record an Obama vote as a vote for Romney.
[QUOTE=MaxTheVool]
That’s a pretty condescending and obnoxious attitude, given that I started a thread for the sole and precise purpose of challenging and questioning my own position.
[/QUOTE]
Well, that wasn’t my intention. However, you are not posting this in some sort of vacuum…this subject has been discussed seemingly endlessly here on the 'dope, and you could view the myriad threads on it from the past. Basically, it breaks down along partisan lines generally, with Democrats being concerned, leftwingers being frantic, and Republicans generally not being very concerned, and rightwingers thinking the whole thing is a leftwing conspiracy. My own take is more from a technical perspective, as support for voting, at least in New Mexico, is one of my jobs.
[QUOTE=Carmady]
Everything I have read from computer scientists (the people that actually know what they are talking about on this issue) says the opposite.
[/QUOTE]
So, your criteria for this is people with computer science degrees and who have an opinion. Let’s see, let’s see…ruffles through degrees…ah, yes, here it is. I just so happen to have as one of my degrees that says ‘computer science’ on it. Fancy that. And, hm…well, my job actually is to support voting in one of the states. Interesting.
I’m sure ‘they’ do say that. I’ve seen no actual evidence that the machines WERE hacked to any large degree, and I’d be the last person to say don’t worry about hackers and what they can do (in our case, the machines themselves aren’t connected to a network, so it’s moot…but the poll workers laptops ARE connected to a network, and the data they are accessing is certainly available to hacking or modification…or denial of service type attacks if someone wanted to disrupt things. Of course, that would go for paper OR electronic ballots, so…). Interestingly enough, at least in a lot of the county systems I’ve seen, the hacking of the voting machines would be the least of your worries. A lot of the servers being used with the voting records that are used when you go in to vote (whether paper ballot or electronically) by the poll workers is pretty easy to get at. Passwords are often written down or saved to laptops, VPN access is the same, and in a lot of cases the firewalls being used are rudimentary or certainly not optimized for security.
But, of course, none of that gets on the radar because people are so focused on the machines and their code to understand that there are more fundamental problems with our voting system (or, in some of the states, counties or districts voting systems) that are larger factors than the machines themselves.
Or, you could ask those ‘computer scientists’, many of who actually have zero practical experience with, you know, actually voting, and who are speaking much more theoretically and removed from the big picture.
Your argument seems to be that we shouldn’t worry about electronic voting machines because (1) other parts of our voting system suck just as bad and (2) regardless of how easy it is to hack, we don’t know if they have actually been hacked.
Questions - have you personally done a security audit on any electronic voting machines? Have you been responsible for any independent groups doing such an audit? Generally speaking, how much (if any) security testing goes on with regards to voting machines? How much of the source code do you have access to?
[QUOTE=BlackKnight]
Your argument seems to be that we shouldn’t worry about electronic voting machines because (1) other parts of our voting system suck just as bad and (2) regardless of how easy it is to hack, we don’t know if they have actually been hacked.
[/QUOTE]
To me it’s equivalent of worrying about your teeth being yellow from smoking while in stage 4 lung cancer. I have no doubts that there are shenanigans happening with the voting machines…but then, I have seen evidence that there were similar things with the older voting machines as well (which some of our counties still use btw…as some of them use hybrid paper ballots fed into a reader, or all electronic ones).
No…I’m the infrastructure guys, so my job is to ensure that our voting sites and remote voting sites have connectivity. Also, I’ve been involved in some of the voting data server deployments, so I know a lot about how those systems are deployed…and what their vulnerabilities are. I doubt ANYONE has done audits as you are suggesting here, as they would cost money, and the public is always shy about spending more money on stuff like this. Which is why security is hardly an issue (from the elected officials or administration of counties perspective)…at least until someone DOES get hacked. Then all hell will break loose. Frankly, I wish it would happen and would love to see real, actual proof of such an event, because it’s the only way things would change.
As to the source code, let me let you in on a little secret…we don’t have the source code for most of our systems. Many of the counties financial systems, for instance, are proprietary…and the developers refuse to even do APIs, let alone give out the source code. The vendors have absolute control over all the records and data for most departments in most of the counties I know about. Probably your county too. And, guess what…voting information is also in there. Those folks you saw when you went to vote? That’s where they get their info from. Your property records? Financial records? Tax records? The information that your Public Works uses? The information your police and fire department uses? the information your Assessor and Treasurer uses? All that and more is in a most likely poorly protected and secured proprietary database somewhere…and one where the vendor is in complete control, to the point where they can in many cases jump into the internal system, put in ‘mystery code’ whenever they want, and if they break something…well, they will fix it eventually. Hope it’s what you needed, and that they can be trusted…
That’s the reality, and why this subject tends to make me roll my eyes. Folks are worrying about whether they tooth paste is taking the tobacco stains off their teeth while smoking 3 packs a day. And most people don’t know or seemingly care about most of the above…until, of course, something bad happens. Then all I can say is those county, city, state or district IT departments better have white papers written and emails sent laying out their concerns about security.
I’m a little more worried about the very foundations of democracy than whether my tax records get hacked. I’d say I’m worried about lung cancer while you’re pointing out I also have bad breath.
An ideal voting system should be:
-
**Transparent **-- Voters can clearly understand how the system works, how results are tabulated, and how safeguards against fraud are implemented. A transparent system creates confidence in the justness of the outcome.
-
**Efficient **-- Results should be tabulated quickly so that we know the winner of the election as quickly as possible. And, of course, it should be as cheap as possible to implement.
-
**Robust **-- The system should hold up under a variety of different failure modes. How much is the system disrupted by the normal glitchiness of any large-scale operation? How easy is it to determine voter intent if the normal tabulation process goes awry? How vulnerable is the system to user error?
Electronic voting systems are great at #2 and somewhat good at #3. They tabulate results quickly with a minimum of effort. And clearly displaying choices on a touch screen is less prone to user error than some alternative systems. (Remember the “butterfly ballot”?)
However … the clear UI is offset by a lack of robustness other steps in the process. Voting and tabulation can be easily disrupted by power failures, communication failures, and software glitches. And worse, because of the complexity of electronic voting systems, it can be very difficult to recover from these faults. Electronic voting systems don’t fail gracefully. They’re brittle.
And where they really drop the ball is #1. Sure, there no evidence that the machines are hacked. But we shouldn’t be using a voting system where that’s even a question. We should be using a voting system where every step creates an unambiguous audit trail that can be doubled-checked if there’s even a whiff of shenanigans. What’s particularly horrible about electronic voting machines is that they undermine confidence in the validity of elections, regardless of whether or not actual fraud has occurred.
Any real-world voting system requires striking a balance between 1, 2 & 3. Personally, I’d like to see all voting done with paper ballots that are easy for humans to read. You do a first count with scanners, and then a careful hand count with observers from both sides if there’s any question of the outcome.
Yeah, that’s a school of thought, one that I’ve belonged to in the past . “Who would be stupid enough to announce their bias/intentions? If they were really up to no good, they’d be more surreptitious.” Now think back to, oh, just about everything that’s happened the past 12 years or so, and you’ll remember that no one hides anything anymore, and still, nothing is done. Do what you want, lie about it, and enough people will want to believe it that nothing will come of it. We’re in a post-consequence world for the rich and powerful - though I might wonder if they ever did have to worry about consequences.
Suit yourself. If you want to believe that the major threat to the republic is from hacked voting machines, and that my points are the cosmetic problems but the REAL problem is those machines, that’s your affair. We’ll see how casual you are about things if your ‘tax records’ (which include little things like your home address, social security information, etc etc) get hacked sometime…or if the voting server used by those poll workers gets hacked or a denial of service attack is launched at your counties network.
shades of Homer Simpson voting in 2008, it switches votes to the Republican. plus a poll worker filling in Republican candidates where people left paper ballot sections blank.
MSNBC is reporting the machine in question was removed from use and re-calibrated. Apparently it is now back in service and operating properly.
I would obviously prefer that my tax records not get hacked. Saying “x is worse than y” does not imply that y is not bad. If I had to choose between the two (which I obviously don’t, which is why your posts in this thread are absurd), I would still choose that over hacked voting machines changing an election.
Anyone who can hack voting machines can eventually get whatever tax information they want, but at that point why would they bother? Do you honestly believe that the paltry thousands of dollars someone could steal from me by having my tax information stolen is more enticing than the ability to control taxes themselves? The ability to throw government expenditures towards friends’ businesses? The ability to write (or enforce) laws regarding how tax information must be stored? The ability to write (or enforce) laws regarding punishment for stealing tax information? Which is more powerful?
I feel like I’m saying, “I’d rather have a broken window than a giant crack in my foundation” 'and you’re saying, “You wouldn’t say that if you had a broken window.” Actually, I would.
[QUOTE=BlackKnight]
Anyone who can hack voting machines can eventually get whatever tax information they want, but at that point why would they bother? Do you honestly believe that the paltry thousands of dollars someone could steal from me by having my tax information stolen is more enticing than the ability to control taxes themselves? The ability to throw government expenditures towards friends’ businesses? The ability to write (or enforce) laws regarding how tax information must be stored? The ability to write (or enforce) laws regarding punishment for stealing tax information? Which is more powerful?
[/QUOTE]
You sound exactly like my administration and the elected officials. I guess if you don’t feel like your social security number and information, your property records, and all the other personal and financial data that the state has on you is unimportant then there is no way for me to explain why it is.
The main point is that hacking a voting machine is a small scale problem…even if somehow you could hack all the machines at a single voting site (something that wouldn’t be very easy), you are talking maybe a couple hundred or maybe a couple thousand votes…and, if you were obvious about hacking them (i.e. if you hacked them in such a way that all or even a large percentage of them gave the votes to one party or the other), then there are going to be all sorts of red flags. The CODE might be completely opaque, but the poll workers and party oversight is going to be keeping track of things, broadly speaking, and anything that looks unusual is going to bring in closer scrutiny. Again, you have to understand the voting process in the context of the actual voting procedure for a given city, county or district, to understand the differences in scale here. That’s why I’m fairly unconcerned about the worry of the OP…hacking voting machines is pretty small potatoes. If someone REALLY wanted to mess with the system, there are much better and more effective ways, and those ways would work whether we are talking about the feared paperless voting machines or the old style mechanical ones (New Mexico mostly uses the oval fill in paper ballots that are read in electronically, which I think is one of the better systems).
But what you are ACTUALLY saying is ‘I feel like this chipped paint on the house is a major issue and will cause the entire house to collapse!’ while I’m saying ‘yeah, that chipped paint is an issue, but the fact that your foundation is crumbling probably should be a bigger concern to you at the moment’.
I think one problem is that it’s hard to hand count multiple elections simultaneously. That is, on my California ballot there were something like 20 or 25 simultaneous elections. From president and senator down through many propositions. If a person were doing the counting by hand he might get all those counts mixed up. A machine, if properly programmed, would always keep those counts separate and correct.
Why would one person have to do that. In India, they get teams of clerks from banks, accounting companies, etc., to engage in large-scale team counting.
You are a dishonest individual. I said the exact opposite of what you are claiming my position is. As such, this will be my last response to you on this matter.
What’s wrong with having a machine count paper ballots, rather than voting directly on a machine?
Optically scanned hand-marked paper ballots are used in a lot of places.
Of course, the old mechanical voting machines were also subject to manipulation. The votes were tallied on rotating counters, not unlike a mechanical odometer. These were concealed behind a panel which had to be unscrewed and removed in order to read the results.
In theory, the machines were zeroed out and sealed before the election. In precincts controlled by the local political machine, the machines would often be delivered to the polling place with several hundred or several thousand votes already tallied.
I voted today with an optical scan ballot, which really does seem to be the best way to ensure both efficiency and accountability.
:rolleyes:
You said this:
That seems to be hand waving the seriousness of the data away from where I’m sitting. You can take your ‘You are a dishonest individual’ horseshit and shove it sideways up your ass.
And that is MY last response to you on this. I attempted to give you my honest take on things, and you say this sort of shit? Well, fine by me.
It only happens in fiction (the only place where a politician might act honestly)