Yet Another E-voting Machine Vulnerability Found
from the because-of-course dept
We've been talking about the ridiculousness of e-voting machines for well over a decade. If a machine doesn't include a paper trail for backup, it's suspect. That's been the case since e-voting machines have been on the market, and many of us have been pointing this out all along. And the big e-voting companies have a long history of not really caring, even as their machines are shown to be vulnerable in a variety of ways. So it come as little to no surprise to find out that security firm Cylance has announced that it's found yet another set of e-voting vulnerabilities in the Sequoia AVC Edge Mk1 voting machine. Sequoia especially has a long history of buggy, faulty machines.Of course, with all the talk of "rigged" voting this year, the fact that some machines are hackable is very, very bad. Mainly because it just enables conspiracy theory talk to seem much more believable. It remains true (for somewhat ridiculous reasons) that while these vulnerabilities do exist, a widespread hack would be quite difficult. The real problem is at the margin, where low level vote changing could occur. As Ed Snowden rightly notes, the hacking may not be difficult, but using that to rig an election is much more difficult, and would almost certainly be caught.
Hacking voting machines: not that difficult. Hiding a secret deviation in votes from after-the-fact statistical analysis: nearly impossible.
— Edward Snowden (@Snowden) November 7, 2016
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: e-voting, evoting, paper trail, vote rigging, vulnerability
Companies: sequoia
Reader Comments
Subscribe: RSS
View by: Time | Thread
There is a candidate who won't believe the result if he loses, and this will just be more ammunition in his attempts to overturn such a result.
[ link to this | view in chronology ]
Re:
the absolute proof : IF they really were interested in election integrity, WHAT/WHO has been stopping them lo these countless decades ? ? ?
no, the ONLY rational conclusion is that The They WANT a broken systrm they control behind the curtains...
[ link to this | view in chronology ]
Re:
Not to mention good ol' Palpatine Soros has his crooked fingers in the company that owns a significant number of these machines. Dominion is its name, I believe. If you thought Bush having a stake in Diebold was bad, well, considering the depths of pure, unencumbered, psychopathic evil that Soros and his puppet whøre are capable of, you might as well call this round *Diebold with a Vengeance.*
My vote at this point goes to Kim Jong Un 2016: Make America Glow Again.
[ link to this | view in chronology ]
Re: Re:
Your vote goes to Kim Jung Un because you didn't bother to familiarize yourself with the US Constitution, Article II, Section 1 which clearly states one has to be born in the United States to qualify.
You sir, epitomize this:
https://www.youtube.com/watch?v=LQCU36pkH7c
E
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
That's not very comforting, knowing that those deviations have been found in at least three recent elections. After-the-fact statistical analysis only produces trivia if the results are ignored.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
If that was so quickly swept under the rug and forgotten, what's to say that cries of the same after the main election will be any different?
I am losing trust that our democracy is in any way democratic... and that any ones cares.
[ link to this | view in chronology ]
Re:
Are we talking about exit polls, or something else?
Because there's a pretty good explanation for why exit polls disproportionately favored Sanders ( http://www.nytimes.com/2016/06/28/upshot/exit-polls-and-why-the-primary-was-not-stolen-from-bernie-s anders.html ); tl;dr younger voters are likelier to participate in them than younger ones.
[ link to this | view in chronology ]
Re: Re:
What about the older ones then?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
No Hacking Here!
[ link to this | view in chronology ]
But:
[ link to this | view in chronology ]
I dunno. Sounds good in my head, but I don't know if it could really be done.
[ link to this | view in chronology ]
Re:
The major issue with end-to-end verification is doing in such a way that the voter is still not individually identifiable. We've all seen "anonymized" data become identifiable.
[ link to this | view in chronology ]
Re: Re:
If you are nor prepared to stand up for your vote, maybe you should not have one?
I think it would be just as easy to prove that someone is trying to harass you over your vote.
Most people are registered to a party and if you talk to them more than a couple hours a day you can likely find out how they vote.
[ link to this | view in chronology ]
Re: Re: Re:
But a much more likely way to use such information is the mexican way where people get payed for voting a certain way. While money talks and bullshit walks, I don't see the balance between the parties remaining forever in those circumstances as the economic support relies on picking the winner and getting the advantages it brings...
[ link to this | view in chronology ]
Re: Re:
I'd been somewhat worried about the same outcome (although not to the extent that it had caused me to believe that end-to-end verification was a bad thing). However, I've seen a bit of information about using homomorphic encryption to allow a person to verify their vote without it also being specifically verifiable to a third party.
The specifics of the system are quite interesting in that any member of the public is able to verify the identities of the people who voted and encrypted versions of their votes, as well as the total vote tallies but, there isn't any way to figure out who voted for whom once a voter completes the process and leaves the voting booth with their encrypted ballot copy. That is a part of the system that the video explains better than the paper does.
[ link to this | view in chronology ]
Rotten Tomatoes
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Pee Wee Herman 2016.
[ link to this | view in chronology ]
My local electors, alas, have gone the Diebold terminal route. Because it's important that national news services get their figures as soon as the polls close, as opposed to a couple of hours for the blue-haired old ladies to count the paper ballots in the open, on cafeteria tables.
[ link to this | view in chronology ]
Massachusetts-- OCR cards instantly tabulated, hand-recountable
Sometimes officials are tempted to alter OCR cards so that the machine can read what it looks like the voter intended. It would be safer if such cards were left unchanged, for tabulation only in the official hand recount. Any markings made on them by officials should be in a different-colored ink from the voter's.
[ link to this | view in chronology ]