SoylentNews is people
SoylentNews
from the Replace-or-not-to-replace?-Have-the-people-vote-on-it! dept.
The project Protect Democracy is suing the state of South Carolina because its insecure, unreliable voting systems are effectively denying people the right to vote. The project has filed a 45-page lawsuit pointing out the inherent lack of security and inauditability of these systems and concludes that "by failing to provide S.C. voters with a system that can record their votes reliably," South Carolinians have been deprived of their constitutional right to vote. Late last year, Def Con 25's Voting Village reported on the ongoing, egregious, and fraudulent state of electronic voting in the US, a situation which has been getting steadily worse since at least 2000. The elephant in the room is that these machines are built from the ground up on Microsoft products, which is protected with a cult-like vigor standing in the way of rolling back to the only known secure method, hand counted paper ballots.
Bruce Schneier is an advisor to Protect Democracy
Earlier on SN:
Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States (2018)
Want to Hack a Voting Machine? Hack the Voting Machine Vendor First (2018)
Georgia Election Server Wiped after Lawsuit Filed (2017)
It Took DEF CON Hackers Minutes to Pwn These US Voting Machines (2017)
Russian Hackers [sic] Penetrated US Electoral Systems and Tried to Delete Voter Registration Data (2017)
5 Ways to Improve Voting Security in the U.S. (2016)
FBI Says Foreign Hackers Penetrated State Election Systems (2016)
and so on ...
(Score: 5, Funny) by archfeld on Sunday July 22 2018, @12:45AM (7 children)
Diebold can make secure machines, just look to the ATM's they put forth. They make voting machines with holes you can drive mining trucks through because that is really what the purchasers want. What we need is an OSS system that can be verified clean by the local jurisdiction, and receipt system that leaves the voter with an ID number and voter tally to verify at a later date what their votes were and how they were counted.
For the NSA : Explosives, guns, assassination, conspiracy, primers, detonators, initiators, main charge, nuclear charge
(Score: 3, Informative) by Anonymous Coward on Sunday July 22 2018, @03:11AM (2 children)
> Diebold can make secure machines, just look to the ATM's they put forth.
OK, I looked.
Security researchers hack ATM to make it spew cash [cnet.com]
(Score: 3, Interesting) by archfeld on Sunday July 22 2018, @06:33AM (1 child)
They only included USB at the request of some very LAZY and CHEAP banks that wanted quick access at the expense of ease of use. Admittedly it has been a while since I worked there but I was in a former life a tech at the R&D DC of a large financial institution and we had ATMS locked down VERY securely. Sadly the security required too much onsite intervention and the brainless idiots in management dreamed up an idea of remote access and centralized management that would cut the number of employees required to maintain the network of ATM's. Thus they introduced insecure network protocols and ports such as USB to allow for quick and dirty access, which results in the state of the ATM's today.
For the NSA : Explosives, guns, assassination, conspiracy, primers, detonators, initiators, main charge, nuclear charge
(Score: 0) by Anonymous Coward on Sunday July 22 2018, @05:12PM
So you're saying they make ATMs with holes you can drive mining trucks through because that is really what the purchasers want?
(Score: 2) by Runaway1956 on Sunday July 22 2018, @06:19AM (1 child)
I'm not so sure about that. Mind you, I'm not a coder, I've never programmed anything that was even worth laughing at. But, I've read plenty of stories over the years about programmer's experiences with customers. I'm convinced that the customer doesn't know what he wants, and he's not even smart enough to go about figuring out what it is that he needs. The customer offers you, the programmer, some poorly thought out wish-list of things that the program should do. You make some tentative offers, the customer immediately balks at anything that requires a learning curve. You make less demanding offers, and the customer still balks at anything that isn't easy-peasy. Of course, there are communications problems involved. Generally, the customer is unable to even tell you what it is about your proposals that he doesn't like.
Ultimately, the customer gets some Microsoft-like GUI that is pleasing to the eye, simple enough for any idiot, and sorta almost gets the job done. Then, when he gets the software installed on his own machine, he disables any features that get in his way.
(Score: 3, Insightful) by VanessaE on Sunday July 22 2018, @10:57PM
I am a programmer, or I was (though not professionally), but speaking as a user...
Because customers have more important things to think about, plain and simple.
It's the computer's job to handle the complicated stuff.
In most cases, if security appears complicated to the customer or end user, or just results in a bad UI, the programmer did something wrong, plain and simple.
We're talking voting machines for crying out loud. For a voter, there should be nothing to do besides press some buttons on-screen.
For the volunteers who manage the machines, do like my state does: require the volunteer to escort the voter to the machine, and for her to insert a small access key device to enable it (I don't know what this device consists of, though).
For those who handle offloading the voting data, I see no reason why it has to be any more complicated than them inserting and turning a key (just to trip an internal switch), triggering a pop-up message "To close-out voting on this machine, enter volunteer SSN and plug in your offload device now", where such a device would contain crypto hardware, and either a small amount of non-volatile storage to receive the voting data, or wireless hardware or a plain old modem, and tamper-evident seals over the seams.
Offloading the data should automatically wipe the machine's memory and any temporary storage, reset the machine to as close to "factory-fresh" as possible, make an appropriate mark on the receipt, and mark the voting data as "closed" on the offload device (if it's storage-based), on success. In other words, the result should be functionally identical to closing-up and sealing a box of cast ballots, and opening up a fresh box.
For those who service the machines, I don't see a reason why anyone should be allowed to do anything more than swap a defective machine for a good one, and tag-out the defective machine so that it can be returned to the manufacturer the next day, without any outside person so much as looking at the fancy security screws (that should surely be there) holding the case together. If the defective machine has voting data that needs offloaded, do so before returning it. If the offload can't be completed, then pull the official receipt and use that. If the official receipt is unusable, pull the backup receipt and use that one (there ARE two receipt recorders being driven independently, right?). If all of that fails, then I guess the votes would be lost. :-(
A returned machine should be evaluated and investigated, then destroyed in full if the defect requires opening the machine to the point of potentially allowing motherboard or hard drive access.
Of course, I recognize the underlying OS or hardware can complicate things at the code level, and customers can have totally unrealistic expectations, and physical access to a machine guarantees that it'll eventually be cracked/hacked, and people can be just plain stupid with how they manage their hardware, but there's rarely a reason for good security to result in a shitty UI.
(Score: 0) by Anonymous Coward on Sunday July 22 2018, @05:26PM (1 child)
Good idea, that way I can make sure my employees vote the way I tell them to.
(Score: 2) by archfeld on Sunday July 22 2018, @06:33PM
Or I could just anonymously report my employer as attempting voter intimidation and fail to reveal how I voted. More than a couple of reports would surely trigger an investigation. I personally could also see mailing the receipt to myself thus having recourse while failing to keep a receipt that could be taken from me. There is always going to be a weak spot, but the ability to perform an outside audit makes that the lesser of the evils I think. YMMV of course...
For the NSA : Explosives, guns, assassination, conspiracy, primers, detonators, initiators, main charge, nuclear charge