Patterico's Pontifications

10/6/2010

Professor Hacks D.C.’s Internet Voting Machine Pilot System

Filed under: General — Patterico @ 10:33 pm



Via Bradblog (you heard me right!) comes the link to a story that should make everyone nervous, no matter which side of the aisle you sit on. Namely, a professor says that during an open public testing period for electronic voting machines in the District of Columbia, he and his team hacked the system, which “gave us almost total control of the server software, including the ability to change votes and reveal voters’ secret ballots.”

First, understand that the professor did this in an aboveboard manner — not hacking an actual election, but making his point during a test period:

The District of Columbia is conducting a pilot project to allow overseas and military voters to download and return absentee ballots over the Internet. Before opening the system to real voters, D.C. has been holding a test period in which they’ve invited the public to evaluate the system’s security and usability.

This is exactly the kind of open, public testing that many of us in the e-voting security community — including me — have been encouraging vendors and municipalities to conduct. So I was glad to participate, even though the test was launched with only three days’ notice. I assembled a team from the University of Michigan, including my PhD students, Eric Wustrow and Scott Wolchok, and Dawn Isabel, a member of the University of Michigan technical staff.

Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software, including the ability to change votes and reveal voters’ secret ballots.

What he accomplished is . . . frightening:

D.C. launched the public testbed server on Tuesday, September 28. On Wednesday afternoon, we began to exploit the problem we found to demonstrate a number of attacks:

* We collected crucial secret data stored on the server, including the database username and password as well as the public key used to encrypt the ballots.
* We modified all the ballots that had already been cast to contain write-in votes for candidates we selected. (Although the system encrypts voted ballots, we simply discarded the encrypted files and replaced them with different ones that we encrypted using the same key.) We also rigged the system to replace future votes in the same way.
* We installed a back door that let us view any ballots that voters cast after our attack. This modification recorded the votes, in unencrypted form, together with the names of the voters who cast them, violating ballot secrecy.
* To show that we had control of the server, we left a “calling card” on the system’s confirmation screen, which voters see after voting. After 15 seconds, the page plays the University of Michigan fight song.

But surely it’s a one-time thing, right?

The specific vulnerability that we exploited is simple to fix, but it will be vastly more difficult to make the system secure. We’ve found a number of other problems in the system, and everything we’ve seen suggests that the design is brittle: one small mistake can completely compromise its security. I described above how a small error in file-extension handling left the system open to exploitation. If this particular problem had not existed, I’m confident that we would have found another way to attack the system.

None of this will come as a surprise to Internet security experts, who are familiar with the many kinds of attacks that major web sites suffer from on a daily basis. It may someday be possible to build a secure method for submitting ballots over the Internet, but in the meantime, such systems should be presumed to be vulnerable based on the limitations of today’s security technology.

I have said in the past that I don’t think that concerns over electronic voting machines should be a partisan issue:

Fair voting should be a nonpartisan issue. Marc “Armed Liberal” Danziger has been writing about a couple of aspects of fair voting, and I agree with him on both issues.

The first issue is voting machines. Here in California, Secretary of State Debra Bowen has decertified e-voting machines from several companies, including Diebold. Marc cheers this development, and so do I. Diebold machines have numerous security problems, including the fact that (at least in September 2006) they could be opened with a hotel minibar key. This sort of thing is a recipe for disaster — and we should all be able to agree on that, regardless of which side we’re on.

In an Examiner piece, Marc writes:

[O]ur voting systems need to be robust enough that we’re not left in bitter dispute after an election on who voted and how. We don’t need voting technology less secure than airport poker machines in Vegas and less auditable than Enron’s books. This isn’t a partisan issue.

Indeed it isn’t.

Or, at least, it shouldn’t be. Yet I notice that, for whatever reason, it often is. In fact, I rather expect many of the commenters here to raise arguments that this is no big deal.

I disagree. What this professor did is scary. It creates the ability to affect elections on a huge scale, without detection.

Our democracy cannot permit this sort of risk.

50 Responses to “Professor Hacks D.C.’s Internet Voting Machine Pilot System”

  1. Wow! Makes me wonder about the security of my bank site.

    Tanny O'Haley (12193c) 10/6/2010 @ 11:00 pm

  2. We spend a lot of money on crap. Spending it on ensuring our elections are true and credible is not crap.

    I believe we should slow these elections down. If it takes days to get a count, then it takes days. Absentee or mail ballot should be very rare, and require some kind of in person contact at some point. Paper ballots should be used, and any error should result in the ballot being canceled. We should use Iraq style ink to mark those who voted. We should check state ID before voting.

    Anyone caught filing a fraudulent vote or voter registration should be prosecuted. Any election judge who fails to enforce election day regulations should face a stiff fine. The polls should not be opened until all rosters (such as those who have already voted) are delivered to election judges, and the judges sign an agreement to screen all voters according to the law. Undercover officers should attempt to vote under names that should be screened out, to ensure no one can vote twice.

    Each vote should be assigned a serial number and posted online, after counting the manual ballot. You should be able to refer to your actual vote receipt and see how you voted, similar to checking your grade on a university exam chart.

    I don’t think these measures are unreasonable and I think they would lead to much more accurate elections.

    Dustin (b54cdc) 10/6/2010 @ 11:19 pm

  3. Dustin,

    systems can be made secure, cheaply as well, I can only imagine that the DC elections are handled with at LEAST as much efficiency as the education department

    Making it the absolute death penalty to deliberately manipulate an election would possibly put a damper on such attempts

    Of couse I’m really serious but the point is that we need to have elections by internet by national RFID card swiped anywhere – we need to eliminate the need for the aparatus that has lead to heavily contested elections

    there are more weaknessess in a ballot system than in an internet system

    EricPWJohnson (5895a8) 10/6/2010 @ 11:47 pm

  4. i’ve never understood why anyone would want to move away from paper ballots, except that they are harder to cheat with.

    redc1c4 (fb8750) 10/7/2010 @ 12:21 am

  5. redc1c4

    See Washingtons 2004 election

    See Al Franken

    and many many others

    EricPWJohnson (5895a8) 10/7/2010 @ 12:25 am

  6. i said “harder”, not “impossible”.

    obviously certain parties would like to avoid all the physical labor involved in cheating that way, especially since they could most likely be caught if anyone ever cared to actually investigate such things.

    redc1c4 (fb8750) 10/7/2010 @ 12:42 am

  7. EPWJ, no doubt, an electronic system CAN be made secure. The possibility exists.

    But paper ballots can be made secure. And they are harder to screw with. I am not confident electronic machines would ever get to a secure stage and remain there, all over the country.

    I’ve seen machines screw up at polling stations. this can lead to polling stations being kept open late (which can have effects on elections). I could go on and on about the problems that come up and how they can be manipulated.

    My alternative: a paper ballot with a receipt you tear off. Both sides have a serial number. The counter of votes enters the serial number and the votes onto a public spreadsheet with totals at the bottom. Anyone can see that their vote was counted accurately by referring to their receipt.

    At this point, there are two problems left in an secure election: making sure people vote once, and making sure no one adds in fake votes.

    As to this ‘absolute death penalty’, that kind of solution is different from my penalty idea. That kind of penalty just won’t stick to the election judge who fails to uphold the law. It probably won’t stick to many active fraudsters who use ACORN’s ‘we were just trying to make a buck’ defense. That’s why I say election officials should be fined if they fail to, for example, utilize voter rosters (I have personally witnessed this being a problem, BTW) to deny people a second vote. There are several things an election judge needs to do, and if they fail I don’t want to have to prove intent. Some would say this will scare away good volunteers. If they are scared of a fine for not ensuring integrity, I am happy to see them kept away from elections.

    I would be happy if you got what you wanted too: a severe penalty for those who are proven to have tried to cheat an election. Can’t be death under US Law, but I think it should be severe.

    Dustin (b54cdc) 10/7/2010 @ 12:58 am

  8. Paper ballots are in fact extremely easy to cheat with. When all balloting was paper, vote fraud was far more rampant than it is now. Note the system hacked was for “online voting” – NOT voting machines or systems. Obviously the potential for fraud in online voting is very great, even if the systems can be made secure against hacking.

    Adjoran (ec6a4b) 10/7/2010 @ 1:51 am

  9. Paper ballots are used in many other countries, some of them quite civilized, and the elections tend to be rather fair – much fairer at any rate than your usual US election. It’s a testimony to the hypocrisy of both parties that while they never stop fixing or trying fixing secondary laws or non-consequential aspects of the Constitution, they carefully avoid to fix what needs most to be fixed: our voting system.

    Triumph, in constructive mode (0692b1) 10/7/2010 @ 1:55 am

  10. System and application security certification is one of the primary areas I work with. At this point in time there is no way I would ever trust a computerized voting machine.
    For example to make what is called a “multi-security” platform that is rated at the highest assurance profile standard will run about 50 thousand per computer or more.
    Software is a business and the best products don’t always get the bids from state/federal/municipal agencies who manage the voting machines. Unlike the DoD a regular scan/patch strategy is not likely to be included or budgeted for, leaving lots of potential holes.

    Bill Gates wanted to look good and impress everyone with his success.

    He decided to measure the accomplishments of Microsoft against General Motors.

    The comparison went like this:

    If automotive technology had kept pace with computer technology over the past few decades, you would now be driving a V-32 instead of a V-8, and it would have a top speed of 10,000 miles per hour. Or you could have an economy car that weighs 30 pounds and gets a thousand miles to a gallon of gas. In either case the sticker price of a new car would be less than $50.

    In response to all this goading, GM responds:

    “Yes, but would you really want to drive a car that crashes twice a day?”

    Competition is normally good for consumers but not necessarily for voters who want a secure, verifiable and reliable machine to process their vote. Manual counts can be illegally manipulated but that happens on a precint by precint case. Buggy software puts all the precints at equal risk.

    VOR2 (b5e7e7) 10/7/2010 @ 1:56 am

  11. When did he have time to do this, the only time the system is online is when you download to the main servers, at head quarters

    ian cormac (6709ab) 10/7/2010 @ 4:23 am

  12. Ok. I’m convinced Friedman is evil, he spent the early part of last decade, undermining the legitimacy of Republican congressional victories
    by spreading the ‘black box’ garbage, now he’s attacking the military ballots, and he sticks up for known frauds like ACORN

    ian cormac (6709ab) 10/7/2010 @ 4:40 am

  13. First you have to have honest people. Then you can have honest elections. And Democracy.

    glenn (0af9f1) 10/7/2010 @ 5:26 am

  14. Ian Cormac –

    When did he have time to do this, the only time the system is online is when you download to the main servers, at head quarters

    From the first blockquote Patterico posted:

    Within 36 hours of the system going live, our team had found and exploited a vulnerability that gave us almost total control of the server software

    They didn’t have to hack the machines themselves, they hacked the servers that would be receiving the data. At that point it’s ballgame, you have complete control over the results.

    Robin Munn (1bfeda) 10/7/2010 @ 6:28 am

  15. I’m curious as to how many of you who argue against internet voting also use the internet for financial transactions – credit card purchases, bank account access, paypal and so on. I expect you mostly do and that tells me that secure software can be had and that you do trust it already.

    A vote ought to be like a bank balance, in a numbered account so as to keep the secret ballot. Then you can go online after the election and see if somebody changed your vote. Why have elections? Why not be able to change your support any time? When congressman Putz goes native in Washington, give him the black ball.

    Why can’t voter rolls be online so citizens can challenge old Charlie being there, on account of he’s dead?

    Like the Instapundit says, disintermediation via internet is the coming thing.

    Fred Z (c1782b) 10/7/2010 @ 7:12 am

  16. Comment by Fred Z — 10/7/2010 @ 7:12 am

    http://www.shift4.com/CC_security.cfm

    has a long description of what credit card companies must do to be compliant. Significant fines result if they don’t follow the rules. Even with these protections breaches still occur and millions of records get exposed or stolen.

    Since the state/local authorities are responsible for the way the ballots are presented/tallied I doubt they could come close to matching the types of standards in the link above. You would almost have to create a Voting Agency to manage something like that. The number of state/local issues, initiatives, positions, etc. would make the database itself an extremely complicated and expensive project. At this point in time it would still be hacked at some time or another.

    Until a national ID card that is verified by a master server controlled by the feds and supported by the states, identification verification is a tough nut to crack. This is a separate requirement needed before you could stand up some kind of internet voting. First authenticate user, then manage their vote.

    VOR2 (8e6b90) 10/7/2010 @ 7:44 am

  17. The integrity of our voting process should be a non-partisan manner but too often turns in partisan conspiracy theories such as after the 2000 election.

    I have long opposed electronic voting systems that have security and verification issues.

    SPQR (26be8b) 10/7/2010 @ 7:45 am

  18. If it were up to me, networked electronic voting machines would be banned absolutely – the software engineer in me tells me there’s no way to make them secure. ATMS are secure, but they don’t have secrecy, and the required secrecy of the ballot makes security next to impossible.

    California is better than most places in that (a) every machine must have a voter verified paper trail, which is used for recounts, and (b) Debra Bowen has taken an aggressive stance on the issue.

    [That aggressive stance was the reason I voted for her in 2006 instead of Bruce McPherson, whom I generally really like (he used to be my assemblyman).]

    But even here … the fundamental problem with any of these networked machines is that they can be hijacked undetectably. Sure, there’s a random verification of some precincts against the voter verified paper trail, which is much harder to game; but that’s a thin line of defense.

    Crucially, though, in California, even in precincts which have these machines, you have a legal right to request a paper ballot.

    Precinct workers are instructed not to tell you this, because the elections departments really want you to use the machines (easier / faster to count, less work for them) … but every polling place in the state has a stock of paper ballots and they’re required by law to let you use them.

    [I know this because I worked as a polling place officer in every election between 1992 and 2008; I’ve received the exact same training on the issue that today’s poll workers received.]

    aphrael (9802d6) 10/7/2010 @ 7:51 am

  19. Dustin,

    this can lead to polling stations being kept open late (which can have effects on elections)

    I’ve never understood this.

    The system in use in California is: anyone in line at 8 gets to vote. Anyone not in line at 8 is told to go away. The precinct board is expected to station someone at the end of the line, note who is in line, and ward off latecomers.

    I’ve done this.

    This way your ability to vote is based on whether you got there within the deadline, and the worst thing that happens is you have to wait half an hour for the one cranky voting machine to become available.

    aphrael (9802d6) 10/7/2010 @ 7:55 am

  20. Then you can go online after the election and see if somebody changed your vote.

    And someone other than you can also check it, with your permission, and reward you for voting a particular way.

    That kind of system makes buying and selling votes a possibility in a way that it isn’t possible now (because nobody can verify that you voted the way you said you would). It thereby defeats one of the points to a secret ballot.

    aphrael (9802d6) 10/7/2010 @ 7:56 am

  21. as for voter verification and preventing multiple votes, lets go real high tech.

    i’m sure Iraq would be happy to tell us where they get the purple ink they dip voter’s fingers in.

    redc1c4 (fb8750) 10/7/2010 @ 8:46 am

  22. I don’t understand what all the fuss is about. It’s not like someone would take the names of people who voted the wrong way and harass them or threaten their lively hood. This must be a Republican conspiracy and they want to steal votes like they did in Florida, if people would just trust Acorn to conduct a true and honest vote like they have in so many previous elections everything would be fine. Think about it, no pressure … where’s my red button!

    sarc_dan (431719) 10/7/2010 @ 9:55 am

  23. So shouldn’t Republicans be telling their voters to vote in person?

    That way their vote has the best chance of actually counting.

    I think a high percentage of Republicans vote by mail when given the chance.

    madawaskan (565543) 10/7/2010 @ 10:09 am

  24. The system in use in California is: anyone in line at 8 gets to vote. Anyone not in line at 8 is told to go away.

    This law is routinely abrogated by Dem partisans who find a willing hack judge to extend the deadline when it suits their purposes. Witness the outrageous actions via the Carnahan election not that long ago in MO.

    Dmac (84da91) 10/7/2010 @ 10:10 am

  25. Let me also add this.

    Back in 2006 I went to a republican county meeting and guess what they wanted most-

    volunteers to go into the precincts of Las Vegas and simply check to make sure that the voting machines were zeroed out in the morning…

    madawaskan (565543) 10/7/2010 @ 10:13 am

  26. I seem to recall a post somewhere that this hack was so successful, so fast, that DC cancelled the test session, so that the techs could try to figure out where they went wrong.

    Hint: they tried to replace a successful system (paper ballots) with an unsuccessful one, in the interest of speed and ease of supervision.

    Note to election officials:
    Your comfort is not important to us, the voters –
    The security and validity of our votes is!
    Keep those not authorized to vote from voting, and secure the ballots of those who are;
    then you’ll be doing your job in a satisfactory manner.

    AD-RtR/OS! (a18d8e) 10/7/2010 @ 11:07 am

  27. And someone other than you can also check it, with your permission, and reward you for voting a particular way.

    That kind of system makes buying and selling votes a possibility in a way that it isn’t possible now (because nobody can verify that you voted the way you said you would). It thereby defeats one of the points to a secret ballot.

    Comment by aphrae

    I expected this. I don’t consider this a serious problem, and this practice of reward is already relatively feasible with absentee voting as well as simply driving people to polls and assuming they vote how you want.

    It doesn’t defeat the point of a secret ballot because no one can tell who cast which ballot unless they want you to know who they voted for. If you want to keep your vote a secret, you can. You can, of course, take a cell phone picture of your vote at the end of the electronic voting process, or take a picture of the paper ballot you filled out, for your payoff. In other words, this problem is impossible to completely avoid.

    The fact that you can now verify your vote was actually tabulated correctly solves a major problem. I guess it’s a matter of priorities.

    Dustin (b54cdc) 10/7/2010 @ 11:23 am

  28. Aphrael, as far as closing deadlines, as long as the rules are the same at every polling place, and we know everyone gets no more than one vote, I have no problem with late polls.

    The problem is that sometimes these rules are not enforced well, and in particular differently for locations favoring democrats. And, of course, keeping a poll station open late often has coincided with ‘we just found a box of ballots!’

    It’s not acceptable to me when the same sorts of places have the same sorts of problems, inviting potential fraud. Paper ballots and election officials who actually abide by the rules (again, I have seen problems with this) leads to smoother elections. They just take a long time and expense to tabulate.

    Dustin (b54cdc) 10/7/2010 @ 11:27 am

  29. Considering who is likely to be supported by veteran votes, I can’t help but doubt the purpose
    of this exercise

    ian cormac (6709ab) 10/7/2010 @ 11:48 am

  30. ian, it is absolutely infuriating sometimes, how our troops (who are not legally veterans yet until they are separated from the service) are second class voters. If they are lucky.

    But online voting is not secure. Units have to be careful. When I was a soldier, I was the B.O.S.S. rep (look after barracks housed troops). I tried to ensure everyone was registered to vote and make sure they all knew when to vote. It caused a lot of people to get very uncomfortable.

    But I think our services should take steps to make sure troops can register, know when to vote, and that these votes are always counted. That last part is not possible with the current Attorney General. And if you can’t vote them out, WTF do you do about it? This drives me nuts.

    Election officials should face fines for screwing up, we should be able to see that our votes were counted correctly, ID should be checked for any voter. The GOP let this issue slide from 2000 to 2006.

    Dustin (b54cdc) 10/7/2010 @ 11:57 am

  31. shouldn’t Republicans be telling their voters to vote in person?

    Not necessarily.

    In places that have in-precinct touch-screen machines, the paper ballots used as absentees are more likely to be counted accurately (less likely to be compromised) than in-precinct ballots.

    My preference is in person on paper; if I can’t have paper in person, I’ll vote absentee.

    aphrael (e0cdc9) 10/7/2010 @ 12:05 pm

  32. Dmac, at 24:

    This law is routinely abrogated by Dem partisans who find a willing hack judge to extend the deadline when it suits their purposes. Witness the outrageous actions via the Carnahan election not that long ago in MO.

    Dmac, I was speaking of the rules in California. To my knowledge, the only time these have been abrogated was a few years ago when there was a nasty set of fires on election day, and the governor ordered polling hours in certain communities extended until 10pm because of it (and embargoed release of results from everywhere else until they closed in those precincts).

    Can you point to a case where this has been abused in California?

    aphrael (e0cdc9) 10/7/2010 @ 12:08 pm

  33. this practice of reward is already relatively feasible with absentee voting

    which is one of the reasons I’m uncomfortable with widespread absentee voting.

    aphrael (e0cdc9) 10/7/2010 @ 12:08 pm

  34. The problem is that sometimes these rules are not enforced well, and in particular differently for locations favoring democrats

    At the end of the day, responsibility for enforcement lies with the precinct boards.

    I stopped working as a polling officer because, between work and school (and needing vacation days for school-related reasons and therefore not getting enough actual vacation time), I just couldn’t manage it any more. I intend to resume after I graduate, presuming my employer is amenable to the inflexible time off.

    I would strongly encourage everyone who is concerned about the integrity of polling place rules to take the time to serve.

    The system only works if we make it work.

    aphrael (e0cdc9) 10/7/2010 @ 12:10 pm

  35. I don’t have any examples that come to mind regarding CA, Aphrael. I was just discussing one case that made a particular impression on me.

    I guess discussing the strange goings – on during Senators Murray and Franken’s election – day votes will have to wait for another day.

    Dmac (84da91) 10/7/2010 @ 1:22 pm

  36. I spent about a decade working elections in the Thousand Oaks area of California. Amusingly, on the first election I worked, I got promoted through two levels to “inspector” if I recall the title correctly, meaning I ran the precinct, before the election.

    It turned out that I was overqualified in that I could count.

    One time, a woman showed up claiming to be delivering absentee ballots from a nursing home at the precinct ( you could do that in Calif back then ) with a huge stack of ballot cards in hand. No signed envelopes enclosing them, no envelopes at all just about 100 ballot cards. All voted the exact same way. Crude attempt at ballot stuffing. The rest of the precinct workers, who all had years of “experience”, could not believe that I would not just put them in the ballot box despite being illegal votes.

    SPQR (26be8b) 10/7/2010 @ 1:49 pm

  37. SPQR – aye, I also got promoted to inspector very quickly.

    The worst story I experienced:

    San Mateo County frequently colocates multiple precincts in the same physical room.

    One year, I was working at such a colocated place in the city of San Mateo. There was a hotly contested city council election with a write-in candidate; the write-in campaign was organized around electing a candidate to overturn an unpopular decision (to authorize the tear down of bay meadows and its replacement with high density housing).

    The inspector for the other polling place had put up flyers for the write-in candidate inside the voting booths. I told her she had to stop; she didn’t believe me. She challenged me to call the county elections office. I did. They told her to stop.

    After the polls close, we had to count the ballots to make sure they matched the number of signatures in the book, sort the provisionals and absentees into particular destinations, void the unvoted ballots, etc. It was November; it was cold.

    The other inspector closed the doors.

    I reopened them: this process must be open to the public. Even though I know nobody’s going to come and witness, we have to be open in case anyone does.

    She argued with me.

    I called the elections office.

    They told her the doors had to remain open.

    She glowered at me the rest of the night.

    aphrael (e0cdc9) 10/7/2010 @ 3:25 pm

  38. Inspector is the lowest level, moving up to assistant and then actually clerk, you should remember this, aphrael

    ian cormac (6709ab) 10/7/2010 @ 3:40 pm

  39. ian – it must vary from jurisdiction.

    in both santa cruz and san mateo counties, clerk was the base level, and the inspector was the final authority on the board (and actually had the responsibility of picking up the ballots, sealed, the day before the election, signing for them, and then delivering them, still sealed, to the polling place).

    aphrael (e0cdc9) 10/7/2010 @ 3:45 pm

  40. When I was doing it, ian …which would have been early ’90’s and is dependant on my memory quality … “inspector” was two promotions up. I remember because after the first training session I got three consecutive letters from the elections office. The first appointing me and two promoting me, each of which moved me to a different precinct. And as aphrael mentioned, I picked up the equipment and ballots and delivered them ( and also signed for the keys to the auditorium ) for each of the four or five elections I worked on before leaving California.

    aphrael, I remember the first election, at the end of the day I followed the procedure, which had each of the three older women working with me counting a subset of the ballots, twice. Couldn’t balance. Then I just counted everything myself with them watching. Balanced. ** sigh **

    SPQR (26be8b) 10/7/2010 @ 8:25 pm

  41. The way you vote in this system is to upload a PDF? Did they hire a couple of high school kids to design this? That is the dumbest thing I have ever heard of.

    Vatar (3899d0) 10/8/2010 @ 2:06 am

  42. Debra Bowen totally screws up the bell curve on California Democrats.

    She actually does her job well, with a care toward doing right by the public.

    God, I hate that.

    papertiger (7f6b56) 10/9/2010 @ 4:12 am

  43. After Alvin Greene won the Democrat nomination for Senator in SC, many Democrats alleged fraud.

    I downloaded a lot of results from the SC primary. What a mess! There were discrepancies in dozens of counties and precincts between the count of ballots cast and the total of votes. In most counties, the total vote for governor was less than the ballots cast, which is plausible, as some voters might skip that office. But the difference was 2% or less in 22 counties, and 8% to 19% in 7 counties. There were two counties where the vote total for governor exceeded the ballots cast. Similar discrepancies appear at the precinct level.

    There was absolutely no pattern in the discrepancies. They appeared everywhere: in every race (including races that had only one real candidate), in races for both parties, and in areas dominated by either party and by rival factions in each party, and did not appear to correlate with heavy voting for any candidates. Most of them were small – but still too large to be tolerable.

    Rich Rostrom (f7aeae) 10/9/2010 @ 10:27 am

  44. Stick with paper. Scantron ballots, where you fill in a bubble. Recounts can still be done by had, and the ballots are scanned prior to being collected in the box for over/under voting or other spoilage.

    As far as vote rolls go: purge them all, and make everyone go in and get registered. Issue new cards witht he voter’s picture. Yes, a huge and costly hassle, but it is the only way to be sure that the rolls are clean.

    Pitch it to the Dems as We don’t want any zombies voting for Zombie Reagan.

    I R A Darth Aggie (9e9ecf) 10/11/2010 @ 11:12 am

  45. One thing I read that was not mentioned in this article is that while they were in the system hackers from China and Russia were also trying to get in! They changed the 4 Letter ! psddword to a more complex one to block the other attacks!

    K.E.Grace (d07f31) 10/25/2010 @ 5:56 pm

  46. Sorry… hat should have been password!

    K.E.Grace (d07f31) 10/25/2010 @ 5:57 pm

  47. That is not really accurate, no?l There is nothing to suggest the hackers were from china, only that an IP may have resolve to there. Given hackers and anonymizers, and lack of any type of verification of the claim, this seems a bit dubious, and convenient.

    JD (c8c1d2) 10/25/2010 @ 6:01 pm

  48. Exactly, JD, that was extremely inaccurate. I tried to explain this to bradblog before I was warned not to spread ‘knowing disinformation’ (aka point to their own link and show they are wrong).

    The hacking attempts were not targeted. Anyone can download Peerblock and every now and then, they will get probes from China or Saudi Arabia or wherever. The ‘hack’ didn’t occur, isn’t possible (due to the mentioned password change from default), and had nothing to do with the system’s electoral purpose. This is yet another example of misinformation.

    Thousands of fake voter registrations, making voter fraud much easier (And actually occurring) is brushed aside as not an issue, while BS issues are brought up. No doubt, internet and electronic voting are not my preference at all. But this is a smokescreen.

    The right owns the issue of accurate elections, and Soros and those he funds want to pretend that’s not the case.

    Dustin (b54cdc) 10/25/2010 @ 6:06 pm

  49. Don’t forget that bombers and drug smugglers are really concerned about this as well.

    JD (c8c1d2) 10/25/2010 @ 6:13 pm

  50. And when I say they get probes from wherever, those are just rooted botnet computers. The actual ‘hacker’ is not actually at those computers. They are usually Windows machines that aren’t updated, but are on the internet, so countries that have more software piracy will be overrepresented.

    The way Bradblog headlined it, it looked like China was trying to hack our elections, even though this is completely untrue. Of course, Bradblog = Brett Kimberlin and Velvet Underground, as JD notes. Con Artists, hired to pretend the issue here isn’t democrats flooding voter registrations, illegal votes, racist enforcement of voting rights, and more.

    Dustin (b54cdc) 10/25/2010 @ 6:19 pm


Powered by WordPress.

Page loaded in: 0.0887 secs.