Linked by Thom Holwerda on Sat 17th Dec 2016 12:10 UTC
Privacy, Security, Encryption

FBI director James Comey has signed on to a previously reported CIA assessment that Russian President Vladimir Putin directly intervened in the US presidential election in aid of Donald Trump, according to an internal CIA memo obtained by the Associated Press and Washington Post. The report has also been endorsed by the Office of the Director of National Intelligence, giving it the unanimous support of US intelligence agencies.

While the hack focused on the DNC and not the actual voting machines (I think Trump would've won even without the DNC hack), this is exactly the reason why The Netherlands ditched electronic voting machines roughly 15 years ago, and went back to the traditional paper ballot and red pencil. In today's world, any democracy worth its salt should ditch electronic voting.

Meanwhile, the Obama administration was aware of the hack before the elections took place, but didn't want to be seen interfering with the election process, because they thought Clinton would win. Yes.

Thread beginning with comment 638650
To read all comments associated with this story, please click here.
traditional vs electronic ballot?
by tonny on Sun 18th Dec 2016 04:39 UTC
tonny
Member since:
2011-12-22

"..this is exactly the reason why The Netherlands ditched electronic voting machines roughly 15 years ago, and went back to the traditional paper ballot and red pencil. In today's world, any democracy worth its salt should ditch electronic voting."

Paper ballot doesn't necessary better. In Indonesia, there's rumor, in 2009, that that time elected president have cheated on voting paper.

There's always a risk/ hole to be used to cheating. In traditional ballot, you can pay the people administering the ballot/ voting (often the case in traditional ballot). With electronic, you hire competent hacker to hack the result.

Reply Score: 1

allanregistos Member since:
2011-02-10


There's always a risk/ hole to be used to cheating. In traditional ballot, you can pay the people administering the ballot/ voting (often the case in traditional ballot). With electronic, you hire competent hacker to hack the result.


First, with a properly designed voting software, that is impossible, since a window for the hacker to exploit the vulnerability of a secure voting system is too small and is not worth the effort. Voting machines are not connected to the public network.

Second, even if the hacker will penetrate the result, he must go at the top(the last count) for the hacker to be successfully rigged the result.

Third, with a successfully rigged result, it must be consistent with other parallel counts created, present in a secure voting software, because a parallel count is required for a properly designed secure voting software. And that will raise a lot of red flags when one result is inconsistent with other results given that they have been feed with the same raw election data.

Fourth, all of these counts(by precints, regions, by provinces etc.) are digitally signed, so tampering all of them is next to impossible, even if the tamper is successful in one or two, that will invalidate the results and will trigger a recount = manually.

5th, the hacker is hopeless and the politician will resort to fake news and black propaganda.

Reply Parent Score: 2

Alfman Member since:
2011-01-28

allanregistos,

I agree with you that there's a lot we can and should be doing to make electronic safer from hacking. But nothing is 100% guarantied.


First, with a properly designed voting software, that is impossible, since a window for the hacker to exploit the vulnerability of a secure voting system is too small and is not worth the effort. Voting machines are not connected to the public network.


Don't say it's impossible...a sufficiently resourceful hacker with intent to commit fraud and with physical access to the machine will always have a way. The goal needs to be minimizing the risk and maximizing the detection of fraud. Certainly the fact they aren't networked helps contain a successful attack.


Second, even if the hacker will penetrate the result, he must go at the top(the last count) for the hacker to be successfully rigged the result.


You shouldn't assume that. He could change any of the individual votes. Or cause some votes to be eliminated. It's very hard to prove that the vote being counted is the vote the same as the voter intended.

Third, with a successfully rigged result, it must be consistent with other parallel counts created, present in a secure voting software, because a parallel count is required for a properly designed secure voting software. And that will raise a lot of red flags when one result is inconsistent with other results given that they have been feed with the same raw election data.


Sure, that's important, but it won't help if the hacker found a way to tamper the data before being aggregated.

Fourth, all of these counts(by precints, regions, by provinces etc.) are digitally signed, so tampering all of them is next to impossible, even if the tamper is successful in one or two, that will invalidate the results and will trigger a recount = manually.


Fraudulent votes can be digitally signed too, especially if the hacker has an exploit and manages to get his code running on the voting machine. When unauthorized code is running, anything is possible - including manipulating the voter's screen and input.

An administrator with physical access to the machine could modify the machine with something like a Raspberry Pi to control the actual display + touch screen while emulating fake touchscreen inputs into the authentic voting machine software. The algorithms would sign the fraudulent votes and the users would be non-the-wiser that votes were altered.

These kinds of attacks where the administrators are involved are unlikely, but plausible and difficult to prevent absolutely.


I like acobar's suggestions earlier, however it goes against one of the requirements that voters must not be able to prove who they voted for after the fact. It would open up the possibility of voters being pressured into voting a specific way in exchange for money (or blackmail or employment or whatever). This is the reason almost all jurisdictions prohibit voters from recording their own votes using cameras.

Reply Parent Score: 3

puenktchen Member since:
2007-07-27

There's always a risk/ hole to be used to cheating. In traditional ballot, you can pay the people administering the ballot/ voting (often the case in traditional ballot). With electronic, you hire competent hacker to hack the result.


Its not that paper voting is immune to cheating, its that it is easier to observe and verify and prevent cheating that way.

Reply Parent Score: 2