SoylentNews is people
SoylentNews
For years security professionals and election integrity activists have been pushing voting machine vendors to build more secure and verifiable election systems, so voters and candidates can be assured election outcomes haven’t been manipulated.
Now they might finally get this thanks to a new $10 million contract the Defense Department’s Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking.
The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with experience in designing secure and verifiable systems. The system will use fully open source voting software, instead of the closed, proprietary software currently used in the vast majority of voting machines, which no one outside of voting machine testing labs can examine. More importantly, it will be built on secure open source hardware, made from special secure designs and techniques developed over the last year as part of a special program at DARPA. The voting system will also be designed to create fully verifiable and transparent results so that voters don’t have to blindly trust that the machines and election officials delivered correct results.
The systems Galois designs won’t be available for sale. But the prototypes it creates will be available for existing voting machine vendors or others to freely adopt and customize without costly licensing fees or the millions of dollars it would take to research and develop a secure system from scratch.
“We will not have a voting system that we can deploy. That’s not what we do,” said Salmon. “We will show a methodology that could be used by others to build a voting system that is completely secure.”
Kiniy said Galois will design two basic voting machine types. The first will be a ballot-marking device that uses a touch-screen for voters to make their selections. That system won’t tabulate votes. Instead it will print out a paper ballot marked with the voter’s choices, so voters can review them before depositing them into an optical-scan machine that tabulates the votes. Galois will bring this system to Def Con this year.
The optical-scan system will print a receipt with a cryptographic representation of the voter’s choices. After the election, the cryptographic values for all ballots will be published on a web site, where voters can verify that their ballot and votes are among them.
“That receipt does not permit you to prove anything about how you voted, but does permit you to prove that the system accurately captured your intent and your vote is in the final tally,” Kiniry said.
(Score: 2) by hopp on Saturday March 16 2019, @03:07AM (1 child)
DKIM for your vote?
(Score: 1, Offtopic) by MichaelDavidCrawford on Saturday March 16 2019, @03:58AM
"D'Kim," she shyly replied but even so accepted my offer of a handshake.
"D'Kim Securitas."
"Michael David Crawford. Call me 'Mischa' - that Americans daughters name their daughters "Misha [gorby.ru]" and "Sasha [ushmm.org]" causes no end of confusion to the Slavic Peoples."
While in my actual experience, every woman in a non-professional setting is overjoyed that I - largely unknown among men these days - kiss their hands, I never do so upon first meeting the shy ones.
"Are you Byelorussian?"
"White Russian", but in a very traditionally Communist-Bureaucratic way, shortly after the Fall Of Communism Byelorussia renamed itself to Belarus. That would make quite a good brand name for, say, HVAC appliances.
"No. But I studied Russian at Caltech [pasadenastarnews.com]."
"You went to Caltech?" - smiling broadly now. Hot Damn, This Is Gonna Be Good.
"To study Literature, actually [warplife.com]. "I'm a Novelist." [guacamoleroad.com] While I mostly write as a Public Service to the community [warplife.com], as I am of very modest means I have resolved to self-publish Guacamole Road [guacamoleroad.com]."
"I enjoy the study of Aztec art."
"Then we must be friends!" I smiled broadly as she gave me her card, but: "That I really am of vert modest means requires that my own Calling-Card be written on a napkin. Please forgive me while I fetch one from the bin."
Hot Damn, I reflected on my way to the Cream, Sugar and Stirring Stick Counter, This Is Gonna Be Good.
Yes I Have No Bananas. [gofundme.com]
(Score: 2, Flamebait) by MichaelDavidCrawford on Saturday March 16 2019, @03:32AM (2 children)
Simply to point this out to them would go a long ways towards, for example, leading Cheeto to hesitate on yesterday's threat to have the Military, the Police and the Bikers commit acts of violence against the left.
But what I'd like to see is FIPS Standard that abstracts this design, then for the Federal Elections Commission to require _Federal_ voting to be done on standards compliant machines.
Just Federal, so as to avoid states rights whinging.
Most local elections won't want to deal with separate equipment for state and local elections, so the problem will be largely solved.
As for those who continue to claim that "No one ever got fired for buying Diebold?"
They'll get the strictly _local_ government that they deserve.
Yes I Have No Bananas. [gofundme.com]
(Score: 1, Interesting) by Anonymous Coward on Saturday March 16 2019, @03:57AM
MDC voted for the side of beef!
(Score: 2, Interesting) by realDonaldTrump on Saturday March 16 2019, @04:35AM
Write to your Senators -- or send them a video. You have 2. Unless you're dumb enough to live in Porto Rico. Or D.C. We used to have the Washington Senators in baseball, that one was a little joke. But, ask your Senators to stop the dangerous & disasterous Omni Bus Bill. Known as HR1. VERY COSTLY for our Taxpayers. Because it creates a special day when our government workers don't work. But, they still get paid. It's called a holiday. I gave them more than a month of holidays -- Shutdown. And they got very greedy, they went to their Representatives, made some very big donations. And got the horrible HR1 through our House. We must stop it in the Senate. And if that doesn't happen -- VETO. Mixed up way to say "vote." VETO is a lot of fun, I had a ball on Friday afternoon (I think of as, today). But it's something I want to do as little as possible.
We don't need HR1. We don't want HR1. Mitch calls it a Dem "power grab." He's so right. So right. All the things that are supposed to be great about it, we can do with this very special Voting Machine. High tech Voting Machine, it stops foreign governments from interfering in our Elections. Because, they can't see it. They can be standing right next to that one and not see it. It's called Stealth. China doesn't have it, Russia doesn't have it, our foe the E.U. doesn't have it. This is the same technology that Lockheed put in our incredible F-35. Now we put it in Voting Machine. And our Elections will never be stolen again!!! senate.gov/general/contacting.htm [senate.gov]
(Score: 5, Insightful) by MadTinfoilHatter on Saturday March 16 2019, @04:21AM (4 children)
There is no such thing as a secure voting system that involves computers. Computers are oustanding at election fraud, which is why they should be kept as far away from actual elections as possible. Here is a secure voting system for you that costs a whole lot less than $10 million: Pen and paper. Also obligatory xkcd. [xkcd.com]
(Score: 5, Informative) by The Mighty Buzzard on Saturday March 16 2019, @04:35AM
Having coded online billing systems since it was a thing, I tend to agree. Unless anyone who wants to can audit any machine at any time, you're having to put trust into a machine that may or may not even be running anything remotely resembling the code it's supposed to be running. Given the hardware rootkits in all major CPUs that could make even auditing at will pointless, I'm disinclined to think anything with silicon more complex than a transistor should ever touch voting data or records.
My rights don't end where your fear begins.
(Score: 2) by richtopia on Saturday March 16 2019, @05:02AM
But... bu... b... Blockchain!
(Score: 0) by Anonymous Coward on Saturday March 16 2019, @08:50AM
There's one area where pen and paper ballot is weak to tampering and that is counting.
It could be a good idea to have a machine tallying votes from physical tokens so that the officials can just phone home the totals.
Phoning home something is inevitable even if using pen and paper but if it's just the totals, it's way less data to secure.
The tally machine doesn't need to be connected to anything, or to even have any outside interface. Just a slot for the tokens or slips and a reset button behind a locked panel. Heck it could even be mechanical. Something like a coin slot machine with a slot for each candidate (the slots are just numbered, candidates get assigned a slot randomly by the voting area personel). With a mechanism preventing from casting until the personel sees you exit the stall and pushes a lever.
Anyway making the mchines open source but not using that and telling companies to make cosed source based on it is just kicking dead whales down the beach.
(Score: 3, Insightful) by jmorris on Saturday March 16 2019, @03:14PM
I saw the headline and was ready to repeat my long stated objection to machines involved with voting. But this one looks like they have at least addressed the major issues. The only jobs the voter facing machine is doing is presenting the choices with a better UI and adding the cryptographic receipt. You can still clearly see your selections on the printed ballot and they could be hand recounted. The receipt acts to prevent discarding of votes, which is one big factor in vote fraud by corrupt officials. The other machine is just an optical counter built around open hardware and software to make it easier to audit for correctness. Still problematic in that no actual voter can perform an audit without risking compromise of the machine, a catch22.
So a step forward, but I'd still feel safer with elections run like the ones the U.S. Army ran in Iraq. Even without the crypto.
Settle voter registration well ahead of time, issue good solid photo ID. All voting in person on election day, no exceptions. Poll watchers from all parties permitted to witness from begin to end. Begin with a clear plastic tub on an unadorned table with a slit cut in the lid. Voters are checked against the registration lists, mark a paper ballot and dip their finger in the infamous purple ink as they drop the ballot into the box. When the polling station closes the box is opened on the spot and counted before the witnesses. The count is called in to the central authority and unalterable from that point. The election is done, everyone goes home.
(Score: 2) by choose another one on Saturday March 16 2019, @12:42PM
So, let's get this straight, apart from possibly defeating the entire purpose of secret ballots by "capturing your intent", there is no proof that your intent was accurately transferred to your vote in the final tally?
"Voter, you will be able to prove that you did your patriotic duty by referencing this website, do not fear, any votes that were entered wrong will be automatically corrected, if you made mistake your local education officer will visit you shortly to explain how to use the machines properly.
The Voter-Colonel"
Nope, can't see any issues with that at all...
(Score: 0) by Anonymous Coward on Saturday March 16 2019, @05:53PM
So another data acquisition scheme for DNA, iris pattern, phone number and fingerprints, marketed with buzzwords like security, verifiability and maybe blockchain and 2FA?