[ale] OT: man in the middle on diebold machines

Drifter drifter at oppositelock.org
Wed Sep 28 21:00:45 EDT 2011


Some random thoughts on voter fraud with paper ballots:

I actually spend nearly 30 years living in rural communities in Virginia 
and voting on paper ballots was the only option.

The primary difference between fraud with paper ballots and fraud with any 
sort of machine, whether mechanical or electronic, is the difference 
between retail and wholesale.  With paper ballots the effective maximum 
size of a precinct is 500 actual voters -- so maybe 600 or so on the 
rolls. Why?  Because counting paper ballots is extremely time consuming.  
At the end of the count if the tally sheets do not agree, then the judges 
have to count the ballots all over again. Ouch!
If one or more of the election judges is able to tamper with the tally, 
then the best they can do is compromise the voting of that one precinct. 
And the only way to tamper with the tally is to tamper with the individual 
ballots, which also takes time. (That's why I always marked my ballot with 
a pen and not the provided pencil.)

Once voting machines are in use the fraud game changes radically. The 
precincts are larger -- much larger: 3,000 on the rolls is common.  The 
much larger population of voters makes the fraud much harder to detect:
Election judges no longer know every one by sight;
    which means it is easier to vote the graveyard, and for those so
     inclined to vote several times.
The shifting ratio of election judges to voters makes it easier to hide
   the fraud;
The vote totals are larger making the fraud more likely to affect the
   election.
Tampering with a few machines takes far less time than tampering with
   hundreds of paper ballots.

So, yes; returning to paper ballots would significantly reduce the chance 
of an election being stolen through fraud. Are paper ballots going to 
reappear in urban areas?  Nope.

Electronic voting frightens me because for the first time voter fraud can 
now change the tally for an entire county or city.  And the knowledge and 
skills of Michael Warfield or Bob Toxen are not needed. Any reasonably 
intelligent staffer in the Registrar's Office can be taught how to do it. 
Five minutes alone at the right terminal should be more than enough time.
The only way to prevent this kind of fraud is, as Michael suggests, to 
require end-to-end verification and auditing confirmation.

Sean

-------------------------------------------------------


On Wednesday, September 28, 2011 04:59:51 pm Michael H. Warfield wrote:
> On Wed, 2011-09-28 at 15:38 -0400, Cameron Kilgore wrote:
> > I still wonder the need to complicate and put at risk the reliability
> > of our one measure of democracy. Paper ballots seem more reliable
> > and less prone to a politician's whim.
> 
> On that, we may have to agree to disagree.
> 
> On one hand, there have certainly been sufficient examples of "hanging
> chads" and misplaced bags of ballots and ballot count mismatches to
> argue that paper ballots are neither reliable nor less prone to a
> politician's will.
> 
> OTOH, there have been proposals for voting protocols down through the
> years which can insure authenticity and authorization while preserving
> anonymity while still providing end to end verification and auditing
> confirmation.  I've seen some such proposed at security conferences
> such as NDSS, Usenix Security Symposium, and RSA over the last decade
> or so. We know how to do it right.
> 
> The problem is that these protocols are "open" and, as such, can not be
> held for ransom by companies wanting to leverage the maximum number of
> tax dollars out of pockets for their proprietary solutions and they are
> too good for those people who don't want something that good...
> 
> We can agree that the current field of voting machines are an abysmal
> and embarrassing lot of junk that should have been rejected out of hand
> by anyone with any respect for the institution.  Trouble is, that's not
> those with the vested interests.
> 
> Regards,
> Mike
> 
> > --Cameron <http://ghostfreeman.net>
> > 
> > 
> > On Wed, Sep 28, 2011 at 3:34 PM, Geoffrey Myers
> > <lists at serioustechnology.com
> > 
> > > wrote:
> > > 
> > > Anyone else catch this?
> > > 
> > > 
> > > http://hardware.slashdot.org/story/11/09/28/0241201/man-in-the-midd
> > > le-remote-attack-on-diebold-voting-machines
> > > 
> > > --
> > > Later, Geoffrey
> > > Sent from my iPhone
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://mail.ale.org/mailman/listinfo/ale
> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > http://mail.ale.org/mailman/listinfo
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo


More information about the Ale mailing list