[ale] OT: man in the middle on diebold machines

planas jslozier at gmail.com
Wed Sep 28 21:40:23 EDT 2011


Hi


On Wed, 2011-09-28 at 21:00 -0400, Drifter wrote: 

> Some random thoughts on voter fraud with paper ballots:
> 
> I actually spend nearly 30 years living in rural communities in Virginia 
> and voting on paper ballots was the only option.
> 
> The primary difference between fraud with paper ballots and fraud with any 
> sort of machine, whether mechanical or electronic, is the difference 
> between retail and wholesale.  With paper ballots the effective maximum 
> size of a precinct is 500 actual voters -- so maybe 600 or so on the 
> rolls. Why?  Because counting paper ballots is extremely time consuming.  
> At the end of the count if the tally sheets do not agree, then the judges 
> have to count the ballots all over again. Ouch!
> If one or more of the election judges is able to tamper with the tally, 
> then the best they can do is compromise the voting of that one precinct. 
> And the only way to tamper with the tally is to tamper with the individual 
> ballots, which also takes time. (That's why I always marked my ballot with 
> a pen and not the provided pencil.)
> 
> Once voting machines are in use the fraud game changes radically. The 
> precincts are larger -- much larger: 3,000 on the rolls is common.  The 
> much larger population of voters makes the fraud much harder to detect:
> Election judges no longer know every one by sight;
>     which means it is easier to vote the graveyard, and for those so
>      inclined to vote several times.

When one registers to vote you must provide ID, which can forged. The
problem is that very rarely does the deputy registrar personally know
the person in any suburban or urban area. With the appropriate IDs and
little time, one could be registered in multiple precincts. Stuffing the
ballot box by this method has been done but requires many people to be
in on the fraud and only takes one to sing. Manipulating an electronic
file requires far few people maybe as few as 2 or 3. This would make the
fraud much harder to detect. 

> The shifting ratio of election judges to voters makes it easier to hide
>    the fraud;
> The vote totals are larger making the fraud more likely to affect the
>    election.
> Tampering with a few machines takes far less time than tampering with
>    hundreds of paper ballots.
> 
> So, yes; returning to paper ballots would significantly reduce the chance 
> of an election being stolen through fraud. Are paper ballots going to 
> reappear in urban areas?  Nope.
> 
> Electronic voting frightens me because for the first time voter fraud can 
> now change the tally for an entire county or city.  And the knowledge and 
> skills of Michael Warfield or Bob Toxen are not needed. Any reasonably 
> intelligent staffer in the Registrar's Office can be taught how to do it. 
> Five minutes alone at the right terminal should be more than enough time.
> The only way to prevent this kind of fraud is, as Michael suggests, to 
> require end-to-end verification and auditing confirmation.
> 
> Sean
> 
> -------------------------------------------------------
> 
> 
> On Wednesday, September 28, 2011 04:59:51 pm Michael H. Warfield wrote:
> > On Wed, 2011-09-28 at 15:38 -0400, Cameron Kilgore wrote:
> > > I still wonder the need to complicate and put at risk the reliability
> > > of our one measure of democracy. Paper ballots seem more reliable
> > > and less prone to a politician's whim.
> > 
> > On that, we may have to agree to disagree.
> > 
> > On one hand, there have certainly been sufficient examples of "hanging
> > chads" and misplaced bags of ballots and ballot count mismatches to
> > argue that paper ballots are neither reliable nor less prone to a
> > politician's will.
> > 
> > OTOH, there have been proposals for voting protocols down through the
> > years which can insure authenticity and authorization while preserving
> > anonymity while still providing end to end verification and auditing
> > confirmation.  I've seen some such proposed at security conferences
> > such as NDSS, Usenix Security Symposium, and RSA over the last decade
> > or so. We know how to do it right.
> > 
> > The problem is that these protocols are "open" and, as such, can not be
> > held for ransom by companies wanting to leverage the maximum number of
> > tax dollars out of pockets for their proprietary solutions and they are
> > too good for those people who don't want something that good...
> > 
> > We can agree that the current field of voting machines are an abysmal
> > and embarrassing lot of junk that should have been rejected out of hand
> > by anyone with any respect for the institution.  Trouble is, that's not
> > those with the vested interests.
> > 
> > Regards,
> > Mike
> > 
> > > --Cameron <http://ghostfreeman.net>
> > > 
> > > 
> > > On Wed, Sep 28, 2011 at 3:34 PM, Geoffrey Myers
> > > <lists at serioustechnology.com
> > > 
> > > > wrote:
> > > > 
> > > > Anyone else catch this?
> > > > 
> > > > 
> > > > http://hardware.slashdot.org/story/11/09/28/0241201/man-in-the-midd
> > > > le-remote-attack-on-diebold-voting-machines
> > > > 
> > > > --
> > > > Later, Geoffrey
> > > > Sent from my iPhone
> > > > _______________________________________________
> > > > Ale mailing list
> > > > Ale at ale.org
> > > > http://mail.ale.org/mailman/listinfo/ale
> > > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > > http://mail.ale.org/mailman/listinfo
> > > 
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://mail.ale.org/mailman/listinfo/ale
> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > http://mail.ale.org/mailman/listinfo
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo



-- 
Jay Lozier
jslozier at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20110928/81faa58d/attachment.html 


More information about the Ale mailing list