Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Thursday November 15 2018, @12:00PM   Printer-friendly
from the ¯\_(ツ)_/¯ dept.

I Bought Used Voting Machines on eBay for $100 Apiece. What I Found Was Alarming

In 2016, I bought two voting machines online for less than $100 apiece. I didn't even have to search the dark web. I found them on eBay.

Surely, I thought, these machines would have strict guidelines for lifecycle control like other sensitive equipment, like medical devices. I was wrong. I was able to purchase a pair of direct-recording electronic voting machines and have them delivered to my home in just a few days. I did this again just a few months ago. Alarmingly, they are still available to buy online.

If getting voting machines delivered to my door was shockingly easy, getting inside them proved to be simpler still. The tamper-proof screws didn't work, all the computing equipment was still intact, and the hard drives had not been wiped. The information I found on the drives, including candidates, precincts, and the number of votes cast on the machine, were not encrypted. Worse, the "Property Of" government labels were still attached, meaning someone had sold government property filled with voter information and location data online, at a low cost, with no consequences. It would be the equivalent of buying a surplus police car with the logos still on it.

[...] I reverse-engineered the machines to understand how they could be manipulated. After removing the internal hard drive, I was able to access the file structure and operating system. Since the machines were not wiped after they were used in the 2012 presidential election, I got a great deal of insight into how the machines store the votes that were cast on them. Within hours, I was able to change the candidates' names to be that of anyone I wanted. When the machine printed out the official record for the votes that were cast, it showed that the candidate's name I invented had received the most votes on that particular machine.

This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines—those that were used in the 2016 election—are running Windows CE and have USB ports, along with other components, that make them even easier to exploit than the older ones. Our voting machines, billed as "next generation," and still in use today, are worse than they were before—dispersed, disorganized, and susceptible to manipulation.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Insightful) by VLM on Thursday November 15 2018, @01:12PM (23 children)

    by VLM (445) Subscriber Badge on Thursday November 15 2018, @01:12PM (#762145)

    Replacing handwriting analysis humans with "fill in the dot" machines is basically the optical scan machines I mentioned. My ballot goes in the box at the end of the scanner and humans later use the physical ballots to audit the machines, although the machines historically are never wrong and machine counts can be reported a couple minutes after polls close.

    There's no real need for manual counting as long as you can audit the machines result using paper ballots, and the machines historically have proven very accurate.

    In this election cycle the corruption seems to be days after the election "finding" ballots suspiciously just enough to tip the election, and the machines must be good enough or they'd tamper the machines instead of "finding" ballots.

    Starting Score:    1  point
    Moderation   0  
       Flamebait=1, Insightful=1, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 3, Insightful) by Blymie on Thursday November 15 2018, @01:51PM (13 children)

    by Blymie (4020) on Thursday November 15 2018, @01:51PM (#762152)

    The point is, every single count should be manually verified anyhow.

    And manual counting is *simplistic*. All parties present and involved, all you have to do per polling station is count a few thousand votes. It's child's play. Simple. There's no, zero, nada, no reason ever ever to use anything but pen and paper. Ever. Never ever.

    Also I did mention never? ;P

    But seriously, there's no call for it. There's no reason. It makes zero sense.

    • (Score: -1, Redundant) by Anonymous Coward on Thursday November 15 2018, @04:23PM (2 children)

      by Anonymous Coward on Thursday November 15 2018, @04:23PM (#762215)

      Wow. Do you really mean never [wikipedia.org]?

      • (Score: 2) by Blymie on Thursday November 15 2018, @09:21PM (1 child)

        by Blymie (4020) on Thursday November 15 2018, @09:21PM (#762350)

        Yes. I fail to see what your wikipedia link has to do, with not using paper ballots and pen. The issue had to do with "found" ballots, which will NOT happen if an election is run and managed properly.

        • (Score: 0) by Anonymous Coward on Friday November 16 2018, @10:59AM

          by Anonymous Coward on Friday November 16 2018, @10:59AM (#762643)

          Elections are not run and managed properly. By design.

    • (Score: 2) by number11 on Thursday November 15 2018, @05:13PM (7 children)

      by number11 (1170) Subscriber Badge on Thursday November 15 2018, @05:13PM (#762242)

      And manual counting is *simplistic*. All parties present and involved, all you have to do per polling station is count a few thousand votes.

      Must have been a boring election where you are, or your workers can count really fast. My ballot had: US Senate, US House, State Senate, State House, Governor, Secretary of State, State Auditor, State Atty General, County Commissioner, County Sheriff, County Atty, City Charter Amendment, 2 School Board seats, 2 school bond issues, and 30 judges (ok, all but three of those judge "races" were uncontested). Yes, it was a big piece of paper, both sides. So "all you have to do" is count a few thousand votes 45 times.

      We do have paper ballots and scanners (which will complain if they see voter screwups that they can identify, so the voter will have the opportunity to void their ballot and do it again). A small random percentage of precincts are check-recounted by hand to hopefully catch systemic machine screwups.

      • (Score: 3, Insightful) by fritsd on Thursday November 15 2018, @05:28PM

        by fritsd (4586) on Thursday November 15 2018, @05:28PM (#762251) Journal

        0. What's the hurry? You're going to have those new electees for four years or so, a day or two more for counting does no harm.

        My ballot had: US Senate, US House, State Senate, State House, Governor, Secretary of State, State Auditor, State Atty General, County Commissioner, County Sheriff, County Atty, City Charter Amendment, 2 School Board seats, 2 school bond issues, and 30 judges

        1. Why? It sounds complicated. Why do you make something very important, more complicated?

      • (Score: 2) by Blymie on Thursday November 15 2018, @09:28PM (2 children)

        by Blymie (4020) on Thursday November 15 2018, @09:28PM (#762356)

        Interesting. We just vote for the party rep here.

        From our viewpoint, you're hiring the person to manage / run the government. Their job, is to become intimately familiar with "many things", and vote/decide those things.

        People don't have time to investigate and decide on 100 people, in depth, per election. It's hard enough to read a complete policy / stance from a few candidates, to listen to their speeches, and so on.

        So .. spend time concentration on election the *right person* (note I didn't say party) to do the job, and they can handle all the little things.

        Regardless, there are loads of ways to handle this. One way, is to have separate ballots (which go into separate sealed boxes), which are then counted by different groups of party representatives. Make it easy to have a separate set of individuals count, whilst still maintaining an auditable trail.

        It really isn't hard. You work out a system to count efficiently and fast, and then you use that same system -- forever, with minor improvements here an there.

        Election counting isn't "sexy". It doesn't need to be "revamped" or "modernized". It needs to be effective, simple, and something that anyone can understand.

        Counting machines are black boxes. They should be disallowed.

        • (Score: 2) by number11 on Saturday November 17 2018, @02:36AM (1 child)

          by number11 (1170) Subscriber Badge on Saturday November 17 2018, @02:36AM (#762926)

          Interesting. We just vote for the party rep here.

          Yeah, that's how much of the world does it. But not the US, here the voters micromanage that stuff. Party power is way more fragmented, which can be good or bad, depending on the circumstances. And details vary wildly over 50 states, some jobs may be elected (sometimes "nonpartisan", without any party identification or endorsement), sometimes they're appointed. And you're right that voters often don't know much about more than a handful of the candidates/offices being filled.

          Regardless, there are loads of ways to handle this. One way, is to have separate ballots (which go into separate sealed boxes), which are then counted by different groups of party representatives.

          That won't work if you're having 45 simultaneous elections. You can't give a voter 45 ballots and expect stuff to get into the correct sealed box, and there aren't enough party reps to oversee the counting. But, OCR ballots solve a lot of that, and maintains an audit trail. 10 years ago, we had a statewide election that required a hand recount. Out of a total of about 3M votes, the hand count was within about 500 votes of the machine count (some of that was due not to miscounting, but disputes about whether particular ballots were valid).

          We don't really need to know results immediately (it'll be months before any of the candidates takes office, and at least weeks before the results are certified), but the demand for instant gratification is strong.

          • (Score: 2) by Blymie on Saturday November 17 2018, @04:23AM

            by Blymie (4020) on Saturday November 17 2018, @04:23AM (#762955)

            Instant gratification is helpful in this case, I think.

            I didn't mean separate ballots for each. You can have 3 ballots. Whatever is required to split up counting, and make it easier.

            I recently posted a link to the Florida recount, by hand, and done in a few hours.... showing how easily it can be done.

      • (Score: 2) by Runaway1956 on Friday November 16 2018, @02:36AM (1 child)

        by Runaway1956 (2926) Subscriber Badge on Friday November 16 2018, @02:36AM (#762478) Journal

        If every one of those elections is hotly contested, then it will be a rather large task to settle each one. But, that being the case would indicate that your local election officials may be doing something wrong.

        In all likelihood, one or two of the results would be contested, and have to be recounted. The more contested counts, the more likely that your officials are corrupt.

        • (Score: 2) by number11 on Saturday November 17 2018, @02:12AM

          by number11 (1170) Subscriber Badge on Saturday November 17 2018, @02:12AM (#762923)

          If every one of those elections is hotly contested, then it will be a rather large task to settle each one. But, that being the case would indicate that your local election officials may be doing something wrong.

          I assume you mean, the results are contested after the election. That's fairly rare. None of the races on my ballot this year, though if they all had to be hand counted that would be a massive headache. Occasionally one or two races will be close enough (within 0.5%) to require a recount.

          In all likelihood, one or two of the results would be contested, and have to be recounted. The more contested counts, the more likely that your officials are corrupt.

          Yes, that would indicate some systemic problem, whether corruption or massive incompetence. Elections are pretty clean where I am, at least the mechanics of their administration (as opposed to the advertising and occasional threats). (Disclaimer: I am an extremely minor election "official", that is, one of the people who staffs the polls.)

    • (Score: 2) by darkfeline on Thursday November 15 2018, @11:12PM (1 child)

      by darkfeline (1030) on Thursday November 15 2018, @11:12PM (#762403) Homepage

      >And manual counting is *simplistic*

      It is also slow and expensive, subject to human error, and subject to its own security issues. Say polling station A we can assume truly did count X votes correctly, how do you get that X number to a centralized location to be merged with other polling stations, and prevent someone from voting at multiple polling stations?

      --
      Join the SDF Public Access UNIX System today!
      • (Score: 3, Informative) by Blymie on Friday November 16 2018, @04:21AM

        by Blymie (4020) on Friday November 16 2018, @04:21AM (#762530)

        These sorts of things were worked out a century ago. For example here?

        You may only vote at your assigned voting station. You get informed before the election... a card comes that says "You are registered at this address!". If you don't receive a card, you call.. ads are in papers, everywhere to do so.

        If you call, you can change your address, your polling station, whatever.

        But you get ONE polling station. Why do you need to vote 1000 miles away? Advanced polling is available for those traveling during the day.

        Really.. it's all been worked out. Every contingent. And in terms of expensive? Come on! This is *one night*, and this is *democracy* we're talking about. You do *not* *ever* cut corners!!

        For example, each party has representatives monitoring and observing the count. And methods to count efficiently by hand have been used for centuries.

        You're acting like counting by hand is *new*. No! Counting by hand is the tried and true method! The method that has worked, that has been fine tuned and honed!

        Here? The polls close, and 2 hours after they are counted. Really.

        One thing we have is sealed, official ballot boxes. Those boxes are transported under guard to the counting area. Again with party reps if desired, monitoring. And each box is tamper proof, on and on and on.

        So the count starts while people are still voting! It's not like everyone votes 5 minutes before the polls close.

         

  • (Score: 5, Insightful) by datapharmer on Thursday November 15 2018, @02:57PM (1 child)

    by datapharmer (2702) on Thursday November 15 2018, @02:57PM (#762177)

    Can you please point me to a reputable source that shows they are "finding" votes? This seems to be totally false information - provisional ballots that were simply not counted initially is not "finding" anything. Provisional ballots are never counted on election night. "A provisional ballot is voted the same as a regular ballot; however, after the voter marks his or her selections, the ballot is sealed in a certificate envelope instead of being fed into the tabulating machine... A voter may also present written evidence of eligibility to the Supervisor of Elections by 5 PM on the second day after the election... After the period has passed for voters to provide supporting documentation, the provisional ballot certificates are individually examined to determine the voter's eligibility. The county canvassing board reviews voter eligibility status and determines whether the provisional ballot should be counted. The vote totals from the ballots that are determined to be eligible to be counted are then obtained and added to the totals from election night. Ballots that are determined to be ineligible to be counted remain sealed in their certificate envelopes, and the envelopes are marked "rejected." Source: https://www.votebrevard.com/election-information/provisional-ballots [votebrevard.com]

    You simply see more provisional ballots in areas with higher poverty and immigration as statistically these people are less likely to have a current valid government id for various reasons (but doesn't mean they are ineligible to vote) and there are more in heavily populated areas (even if the overall percentages are the same) which can create the appearance of more sway than there actually is statistically. This has only been a problem recently as voter ID laws have been added to deter minority voting (knowing they are less likely to carry valid ID, especially when the definition of valid ID keeps changing). See North Dakota example (surely nobody thinks that Native Americans are illegal immigrants trying to vote... right) Example: http://www.wbur.org/hereandnow/2018/10/23/north-dakota-voter-id-law-native-americans [wbur.org] it is a clear case of voter suppression - add ID requirement, voters get ID, change address requirement, voters must get different addresses and new IDs, rinse, repeat.

  • (Score: 3, Interesting) by Immerman on Thursday November 15 2018, @03:57PM (6 children)

    by Immerman (3985) on Thursday November 15 2018, @03:57PM (#762203)

    >There's no real need for manual counting as long as you can audit the machines result using paper ballots, and the machines historically have proven very accurate.

    Correction - so long as you *do* audit the machines - a machine that can be audited, but isn't, still can't be trusted. Doesn't matter what the historical record is - only whether they were hacked *this time*.

    Now, they could have all the software on ROM so that it couldn't be easily hacked (or updated of course, but counting scantron sheets isn't exactly the sort of job that needs updates), then you only need to ensure that the config file guiding the tally process works properly. That's the only way I could see them being realistically auditable though, unless you audited every machine, every time. And even then it would be iffy.

    Otherwise, if I had hacked the tallying machines and was trying to compromise an election without being detected, I'd only compromise the tally if:
    - at least 70% of the expected votes had been cast (dodge quick-n-easy audits, though it wouldn't work unless you knew which district the machine would be used in, or all/most potential the districts had similar numbers)
    - the date and time was correct, and hadn't been changed recently
    - the tallying process had lasted about as long as expected (e.g. you have to either wait until the end of the voting day to start tallying, or your audit has to run all day long as well.)
    - there's no suspicious patterns in the voting sheets (i.e. the audit can't just run the same 100 sheets through many times in different orders)

    I can think of several more, but those are some trivial ones, and they would be sufficient to make sure an audit by anyone but security experts would have a vanishingly small chance of detecting that it had been compromised.

    • (Score: 2) by edIII on Thursday November 15 2018, @09:08PM (4 children)

      by edIII (791) on Thursday November 15 2018, @09:08PM (#762343)

      I'll mention it again here, but you don't need scantron machines either. It could be aluminum punch outs. Insert a blank aluminum sheet into the machine, choose your votes, then watch it be printed onto the aluminum, punch outs created, and then ejected back to the voter for their own verification. That's who should be verifying it anyways, the voter. Once verified, they slip it back into the machine, and it gets cut into notched squares, which can still be verified all over again.

      Once you have your aluminum squares, it could be a physical stacking of them. Just like those toys for toddlers that only allow the right block into the right hole, only the correctly voted square can fit onto a candidates stack. That should be work that anybody can do at a polling location. It's worth mentioning how anybody around the stack can visually inspect it for accuracy, and vote tampering would be a hilariously laborious affair.

      It's all recyclable, just like paper.

      --
      Technically, lunchtime is at any moment. It's just a wave function.
      • (Score: 2) by Immerman on Friday November 16 2018, @02:51AM (3 children)

        by Immerman (3985) on Friday November 16 2018, @02:51AM (#762487)

        Surely. Sounds a bit expensive, but there's lots of ways to implement the ballot-casting process if counting speed is considered important for some reason. Just stay away from computers, the security technology is still nowhere near mature enough to be trusted for something so tempting to corrupt.

        • (Score: 2) by VLM on Friday November 16 2018, @12:36PM (2 children)

          by VLM (445) Subscriber Badge on Friday November 16 2018, @12:36PM (#762665)

          Just stay away from computers

          A scantron, aside from the light sensor magic, is little more computationally advanced than 1930s unit record equipment.

          • (Score: 2) by Immerman on Friday November 16 2018, @02:57PM (1 child)

            by Immerman (3985) on Friday November 16 2018, @02:57PM (#762705)

            Are you certain about that? I'm sure they originally were, but these days programmable computers/SOCs have gotten so cheap that they've pretty much replaced anything that would otherwise require purpose-built electronics.

            • (Score: 2) by VLM on Friday November 16 2018, @09:45PM

              by VLM (445) Subscriber Badge on Friday November 16 2018, @09:45PM (#762857)

              Strange but interesting thought experiment... mandate elections use 1930s unit record equipment or new models. Not the craziest idea ever.

    • (Score: 0) by Anonymous Coward on Friday November 16 2018, @02:46AM

      by Anonymous Coward on Friday November 16 2018, @02:46AM (#762485)

      You OS can be as secure as you wish. I'm going to do an end run around that security, and tamper with the input/output devices. The scanner is only going to see the marks that I want it to see.