UConn James Posted September 14, 2006 Share Posted September 14, 2006 Link About half of the states require their election machines to produce voter-verifed paper ballots. Why isn't this the standard everywhere? Link to comment Share on other sites More sharing options...
KRC Posted September 14, 2006 Share Posted September 14, 2006 LinkWhy isn't this the standard everywhere? 772484[/snapback] Probably because they do not have the comfort-level in the current voting machines (and I don't blame them). When you cram this stuff down the throats of the counties and delivery is at the last minute, you are going to have issues. In my county, we took a $1 million hit (fines for not implimenting new voting machines by the imposed deadline) because there was not enough time to impliment the machines and get everyone trained properly. We stuck with the mechanical voting machines for the primary. No paper trail (except for write-ins). It can't be hacked. There are no security issues. It counts the votes you cast. Nothing more...nothing less. In my county, there are so many checks and balances in the system that you cannot add votes that do not exist. Link to comment Share on other sites More sharing options...
UConn James Posted September 14, 2006 Author Share Posted September 14, 2006 Commendable for them to not switch, even with the fine, b/c they couldn't ensure a smooth transition. Accuracy of vote counting is much more important. Wonder tho, that this arbitrary deadline resulted in $1M fine when TV stations that dragged their feet on the analog-->digital signal switchover got a 3-year extension from Congress. But, what does comfort level have to do with the common sense idea of having the voting machine print a receipt of the vote, the voter can verify that it is correct and then drop it in a box as a backup in case something goes wrong? Gas station pumps can do this and voting machines can't? In my town, we still use pull-down lever voting booths from the 1940s. But then, this is the Land of Steady Habits. Link to comment Share on other sites More sharing options...
KRC Posted September 14, 2006 Share Posted September 14, 2006 Wonder tho, that this arbitrary deadline resulted in $1M fine when TV stations that dragged their feet on the analog-->digital signal switchover got a 3-year extension from Congress. Because Congresscritters have more at stake with voting machines than they do with TV signals. If they did not win elections, they would have to get <gasp> real jobs and live like the rest of us. It's all about them. But, what does comfort level have to do with the common sense idea of having the voting machine print a receipt of the vote, the voter can verify that it is correct and then drop it in a box as a backup in case something goes wrong? 772509[/snapback] They can't even punch a hole in a ballot correctly. What gives you the confidence that they will properly review the receipt? I see a HELL of a lot more headaches out of that system. I am an election official in my county. There is no way in hell that system will work properly. Voting would come to a halt, which means the lines would be too long. People will get frustrated and leave without casting their votes. There will be non-stop complaints of people wanting to change their votes, the machine not casting their vote correctly (even though it did), etc. It will turn into a major clusterfvck. Link to comment Share on other sites More sharing options...
Chilly Posted September 14, 2006 Share Posted September 14, 2006 We need a company other then Diebold to design one. Link to comment Share on other sites More sharing options...
John Adams Posted September 15, 2006 Share Posted September 15, 2006 We need a company other then Diebold to design one. 773446[/snapback] Apple can do it. (Waiting for an Apple voting machine mockup.) Link to comment Share on other sites More sharing options...
UConn James Posted September 15, 2006 Author Share Posted September 15, 2006 We need a company other then Diebold to design one. 773446[/snapback] Some links just released today.... Princeton's security analysis of the Diebold machines Hack the vote? No problem. Wow. Link to comment Share on other sites More sharing options...
Crap Throwing Monkey Posted September 15, 2006 Share Posted September 15, 2006 Some links just released today.... Princeton's security analysis of the Diebold machines (Basically, it's not good). Hack the vote? No problem. 773996[/snapback] I have problems with Princeton's analysis for one simple reason: the weaknesses they found are predicated on physical access to the machine. The thing is, any voting method can be corrupted if you can get physical access to the mechanics of it. That's not a security flaw in Diebold's machine, that's a security flaw in the democratic process. In Princeton's defense, they were only looking at the technical security of the machine...which isn't much of a defense, as security is less a technical exercise than it is an administrative one (i.e. it's a question of implementation; plenty of otherwise secure systems have been made insecure by idiots applying them in the real world). If Princeton chooses to only test the technical security aspects of the machine (and even then, does so in such a way that is predicated on the physical security being breached first), they're not testing security. Link to comment Share on other sites More sharing options...
Wacka Posted September 15, 2006 Share Posted September 15, 2006 Like I said before, why did they get rid of the mechanical booths? You couldn't screw up voting for two people for the same post and it was nice and private. The only reason I could see is so the Hot Pockets media could get instant results. As I recall, they were made by a Jamestown company. Another attempt to screw WNY . Link to comment Share on other sites More sharing options...
VABills Posted September 15, 2006 Share Posted September 15, 2006 Actually they had a big article on the front of the post about this. Even though the screwing of voters would pretty much be an across the board problem, the Democrats are already putting in place their reason for losing election yet again this year. Has nothing to do with the fact that other than 1 or 2 of them most are running on the "I hate Bush" and "we aren't them ticket". Of course, not sure the other side offers too much more, but at least it isn't looking for the excuses on why they were screwed out of every election. Link to comment Share on other sites More sharing options...
blzrul Posted September 15, 2006 Share Posted September 15, 2006 We need a company other then Diebold to design one. 773446[/snapback] There is actually a wireless voting system - not made by Diebold - getting ready to put into place. We now do all paper/absentee balloting and sure 'nuff, I get a little numbered stub to tear off before I mail. How about that. Link to comment Share on other sites More sharing options...
Chilly Posted September 15, 2006 Share Posted September 15, 2006 I have problems with Princeton's analysis for one simple reason: the weaknesses they found are predicated on physical access to the machine. The thing is, any voting method can be corrupted if you can get physical access to the mechanics of it. That's not a security flaw in Diebold's machine, that's a security flaw in the democratic process. In Princeton's defense, they were only looking at the technical security of the machine...which isn't much of a defense, as security is less a technical exercise than it is an administrative one (i.e. it's a question of implementation; plenty of otherwise secure systems have been made insecure by idiots applying them in the real world). If Princeton chooses to only test the technical security aspects of the machine (and even then, does so in such a way that is predicated on the physical security being breached first), they're not testing security. 774023[/snapback] Diebold isn't exactly great with security. In order to access the results, you need a 2-digit code to manipulate the votes. 2-friggin-digit code which is entered in a keypad, and you can change every damn vote in the machine, which uses an MS Access database, and stores 3 seperate sets of votes. Yeah Tom, given enough time and resources any computer would be able to be hacked into. But the Diebold voting machines have been altered in about 5 minutes length, by removing one screw from the damn thing to get access to a memory slot. If people don't want a paper record, fine. But there needs to be *some* type of repository in these machines that can only be accessed by the chairman of the election in each area that these machines are in, and that aren't alterable very easily. Hell, you could use CD-Rs if you want. Wouldn't exactly be efficient to count the votes, but you get the idea. According to Diebold's Rebuttal, their physical security is as follows: Numbered security tape, 18 enclosure screws and numbered security tags were destroyed or missing so that the researchers could get inside the unit. Yeah... thats gonna do a lot of good when you find out that "hey, someone tampered with the machine, what do we do now?" Seeing as how theres no paper trail, genius Diebold, there is no record of what the votes actually should be. Are you going to just throw the votes out? Christ, I can see it now, in 2008 Republican or Democratic party fanatics drive into opposing territory and break the seals on voting machines. Well, can't count the votes, so there goes that election. Link to comment Share on other sites More sharing options...
Chilly Posted September 15, 2006 Share Posted September 15, 2006 There is actually a wireless voting system - not made by Diebold - getting ready to put into place. We now do all paper/absentee balloting and sure 'nuff, I get a little numbered stub to tear off before I mail. How about that. 774112[/snapback] A wireless voting system? Christ. Link to comment Share on other sites More sharing options...
Crap Throwing Monkey Posted September 15, 2006 Share Posted September 15, 2006 Yeah Tom, given enough time and resources any computer would be able to be hacked into. But the Diebold voting machines have been altered in about 5 minutes length, by removing one screw from the damn thing to get access to a memory slot. 774158[/snapback] Not my point. My point is that security is not a technical exercise, it's an administrative and usually psychological one. Case in point: my current client has a password security policy that requires you to use a minimum of 12 characters, one of which must be a number and one of which must be non-alphanumeric, passwords expire every other week, and you can't use any of your last eighteen passwords. Technically very secure...and it forces people to write down their passwords and keep them near the computer, so that in terms of actual security it's completely counter-productive. The history of IT security is replete with examples like this, straight back to Lee's Lost Order before Sharpsburg and beyond. Which does not mean that you can skimp on technical security (2-digit PIN? MS Access? ) It does mean, though, that if you focus analysis strictly on technical security, you're not analysing security at all. The real problem is that American society nowadays is programmed to automatically assumed that the answer to anything is "better technology"...which usually causes more problems than it solves. The real solution to FL's balloting problems in 2000 wasn't better voting machines, it was a better definition of "What is a vote, and how do we count them?" Link to comment Share on other sites More sharing options...
Chilly Posted September 15, 2006 Share Posted September 15, 2006 Not my point. My point is that security is not a technical exercise, it's an administrative and usually psychological one. Case in point: my current client has a password security policy that requires you to use a minimum of 12 characters, one of which must be a number and one of which must be non-alphanumeric, passwords expire every other week, and you can't use any of your last eighteen passwords. Technically very secure...and it forces people to write down their passwords and keep them near the computer, so that in terms of actual security it's completely counter-productive. The history of IT security is replete with examples like this, straight back to Lee's Lost Order before Sharpsburg and beyond. Which does not mean that you can skimp on technical security (2-digit PIN? MS Access? ) It does mean, though, that if you focus analysis strictly on technical security, you're not analysing security at all. The real problem is that American society nowadays is programmed to automatically assumed that the answer to anything is "better technology"...which usually causes more problems than it solves. The real solution to FL's balloting problems in 2000 wasn't better voting machines, it was a better definition of "What is a vote, and how do we count them?" 774238[/snapback] Strangely enough, latest advice from security experts (circa early 2006 I believe) are advising that writing down very-secure passwords is actually better then having non-written weaker passwords. Anyway, yeah, I agreed with that part of your post - which is why I ignored it and only focused on when you were talking about the physical aspects of security. My point is that while they may be hackable, the best way to insure it doesn't happen is to make it take so long that they don't have enough time to do it. Poll workers can't watch it all the time, but they sure as hell can realize something is up when a voter is taking 30 minutes in the polls. Security is a two-sided coin. You need both the technological aspects and the administrative aspects. Link to comment Share on other sites More sharing options...
blzrul Posted September 16, 2006 Share Posted September 16, 2006 A wireless voting system? Christ. 774161[/snapback] Yup. This will be an interesting election year. Link to comment Share on other sites More sharing options...
Recommended Posts