Smart Voting

Capt'n Midnight

B0jangles wrote: »

Are the very best minds in IT security working on building E-voting machines?

No.

We used the same machines as the Dutch the Nedap ES3B.

The password for maintenance mode on their ones was GEHEIM.
Which is Dutch (and German) for ... "SECRET" :rolleyes:

I wish I was joking.

Capt'n Midnight

B0jangles wrote: »

Are the very best minds in IT security working on building E-voting machines?

Here is how far the evoting industry progressed in the decade since we got rid of the evoting machines.

Again, I wish I was joking.



In a 2015 review of the WINVote voting machine running Windows XP they found ..

WiFi password "abcde"
Administrator password "admin"

Not that it mattered because WiFi used WEP which is so trivial to crack it was replaced by WPA a decade earlier.

Loads of ports were open so they could gain drive access with the "admin" password. Then the Access database password was cracked in 10 seconds. And all the databases used it.

B0jangles

Ok, I was expecting it to be a bit bad, but that's equal parts pathetic, laughable and terrifying

GreeBo

Capt'n Midnight wrote: »

Here is how far the evoting industry progressed in the decade since we got rid of the evoting machines.

Again, I wish I was joking.



In a 2015 review of the WINVote voting machine running Windows XP they found ..

WiFi password "abcde"
Administrator password "admin"

Not that it mattered because WiFi used WEP which is so trivial to crack it was replaced by WPA a decade earlier.

Loads of ports were open so they could gain drive access with the "admin" password. Then the Access database password was cracked in 10 seconds. And all the databases used it.

You might as well say that no locks are secure because you saw one that someone had left the key in.

swampgas wrote: »

One of the great advantages of the current system is that it is observable by anyone. No knowledge of IT, software, blockchain, yadda yadda is needed. It's just paper and pencil and completely transparent. Whatever the result, nobody is lying awake wondering if the voting machines were hacked.

I work in IT Security and I know I would be extremely reluctant to move away from the current system to anything electronic or based on software.

No-one can observe the current process as no-one can confirm every single vote or thr chain of custody. You are relying on thr ballot boxes arriving intact.

B0jangles wrote: »

As someone with no background in IT security or election management, it appears to me that recording each vote by means of a mark on a paper ballot which is then physically counted is fundamentally harder to interfere with than any kind of electronic voting for the simple reason that a person who wants to interfere with enough ballot papers to change an election result has to have unobserved physical access to enough of them; has to either secretly replace them with other ballots or somehow separate out and remove the unwanted ballots without anyone noticing what they are doing.

Unless you are a dictator who already has control of the whole voting system and is happy to openly interfere with the process, this seems almost impossible to achieve.

Whereas with e-voting, there is no physical object needed for the count - interfering with the votes is only prevented by the quality of the security, and that security is only as good as the people who wrote it. Are the very best minds in IT security working on building E-voting machines?

You don't need to interfere with millions of votes to inspect the election.
You don't want FF elected?
Throw a few extra/ duplicate votes into abox and the whole box will be likely invalidated. Do that to a few voting centers in South diving and tell me you haven't influenced the result.

Capt'n Midnight wrote: »

No.

We used the same machines as the Dutch the Nedap ES3B.

The password for maintenance mode on their ones was GEHEIM.
Which is Dutch (and German) for ... "SECRET" :rolleyes:

I wish I was joking.

Again I'm not sure what that had to do with the security of the machine?
If the keys were left inn the ban transferring ballot boxes would you deem the current system insecure?

Capt'n Midnight

GreeBo wrote: »

Again I'm not sure what that had to do with the security of the machine?
If the keys were left inn the ban transferring ballot boxes would you deem the current system insecure?

OK, I get it.

You have shares in an evoting company ?


Seriously , how can you defend an industry that actually used "SECRET" as a password is, in any way, shape or form competent in IT security, or Design Review ?


This is EXACTLY like the "world's first smart fingerprint padlock"
You can hack it via Bluetooth, or you can trick the App, but that's techie stuff.
Or you can get a Philips screwdriver and just unscrew it, having opposable thumbs makes it easier :rolleyes:
https://www.theregister.co.uk/2018/06/15/taplock_broken_screwdriver/





You are completely ignoring the point that it's the handwriting on the papers that makes each vote unique, we know how many papers went in, and humans are very good at pattern recognition.

AndrewJRenko

GreeBo wrote: »

No-one can observe the current process as no-one can confirm every single vote or thr chain of custody. You are relying on thr ballot boxes arriving intact.

Actually, you can. You can see exactly what happens in the polling station. You can see the boxes being sealed, and you can check the total vote numbers at that stage. If you like, you can follow the car that transports the votes to the count centre. You can see the boxes being stored at the count centre. You can see the seals on the boxes being broken in public view at the count centres. You can see the boxes being opened and votes emptied. You can see each vote being turned over in front of the tallymen/women. You can see each disputed vote with the returning officer and argue over the intent of the voter.



So tell me again exactly how you're going to scam this system?

GreeBo wrote: »

You don't need to interfere with millions of votes to inspect the election.
You don't want FF elected?
Throw a few extra/ duplicate votes into abox and the whole box will be likely invalidated. Do that to a few voting centers in South diving and tell me you haven't influenced the result.

How exactly did you work out that 'the whole box will be likely invalidated'?

Or did you just make this up?


Do you think that perhaps dodgy votes being found a few different boxes might result in a different outcome? Or at very least, it might involve questionable votes being examined very closely by an independent judge or similar.


https://www.irishexaminer.com/election2016/election2016-news-and-analysis/judge-to-adjudicate-on-disputed-votes-in-tralee-381233.html


If it was that easy, don't you think that many others would have done this?

GreeBo

Capt'n Midnight wrote: »

OK, I get it.

You have shares in an evoting company ?

Erm, no?

Seriously , how can you defend an industry that actually used "SECRET" as a password is, in any way, shape or form competent in IT security, or Design Review ?


This is EXACTLY like the "world's first smart fingerprint padlock"
You can hack it via Bluetooth, or you can trick the App, but that's techie stuff.
Or you can get a Philips screwdriver and just unscrew it, having opposable thumbs makes it easier :rolleyes:
https://www.theregister.co.uk/2018/06/15/taplock_broken_screwdriver/

Yes, its EXACTLY like that....apart from ways its different, which is all of the ways.

You are completely ignoring the point that it's the handwriting on the papers that makes each vote unique, we know how many papers went in, and humans are very good at pattern recognition.

You are completely ignoring the fact that once someone gets an additional ballot into the box, all the ballots in the box are effectively corrupted. Which one do you remove, which is the fake one?

I'm not sure why you are talking about handwriting and human pattern recognition tbh, but fine, lets go with that.
Are you trying to tell us that a pool of super humans are used to pick out the duplicate vote, by comparing "X"s or at most single digits? Pull the other one chief, its got a hanging chad on it.

How about something fiendish like the extra vote is a spoiled vote with no writing on it...now what do you do, how do your humans help you then?

Meanwhile...
https://www.scientificamerican.com/article/computers-now-recognize-patterns-better-than-humans-can/
https://www.theguardian.com/global/2015/may/13/baidu-minwa-supercomputer-better-than-humans-recognising-images

AndrewJRenko

GreeBo wrote: »

You are completely ignoring the fact that once someone gets an additional ballot into the box, all the ballots in the box are effectively corrupted. Which one do you remove, which is the fake one?

Tell me again how exactly you're going to get the additional ballot paper in the box please? And what exactly this extra paper is going to achieve for you?

Capt'n Midnight

GreeBo wrote: »

Yes, its EXACTLY like that....apart from ways its different, which is all of the ways.

The claim is that technology makes evoting is secure.
It doesn't

You are completely ignoring the fact that once someone gets an additional ballot into the box, all the ballots in the box are effectively corrupted. Which one do you remove, which is the fake one?

Hackets have prove it's possible to bypass the security on evoting, so you can't be sure of detecting any tampering, actually because it's evoting it's more likely that no one will tamper unless they can be sure of covering their tracks.

With ballot stuffing you can be reasonably sure of detecting it by a simple count. And it's only on box. So very quickly you know if it would have affected the outcome or not.

IF there is a problem then you know who voted in which box. IF there is a problem you know which pieces of paper to examine. Graphology and fingerprint analysis might prove interesting, especially if there was a criminal investigation , there are privacy concerns, but with evoting you have no way of detecting or correcting or persecuting any cheating.

I'm not sure why you are talking about handwriting and human pattern recognition tbh, but fine, lets go with that.
Are you trying to tell us that a pool of super humans are used to pick out the duplicate vote, by comparing "X"s or at most single digits? Pull the other one chief, its got a hanging chad on it.

X's ?

Here in Ireland we have proportional representation with a single transferable vote.

And hanging chad's demonstrate why pencils should be used.

B0jangles

GreeBo wrote: »

You don't need to interfere with millions of votes to inspect the election.
You don't want FF elected?
Throw a few extra/ duplicate votes into abox and the whole box will be likely invalidated. Do that to a few voting centers in South diving and tell me you haven't influenced the result.

Again, I'm no expert in election management, but surely it's fundamentally harder to illegally alter an election result when you have to physically stuff extra ballots into a box without anyone seeing you, and without knowing what the ballot box contains? I mean, wouldn't it be noticeable if if 8 boxes in an area showed a vote of 53-60% for, say, the Fine Gael candidate but one was 94% for them? Do they really throw out whole ballot boxes if they detect some dodgy-looking ballots?


But with E-voting, once you're past the security, you could alter the votes is a perfectly natual-looking way because you'd be able to see at a glance how the voting really went, and you'd be able to completely cover your tracks because there is no physical evidence to hide.

Capt'n Midnight

B0jangles wrote: »

But with E-voting, once you're past the security, you could alter the votes is a perfectly natual-looking way because you'd be able to see at a glance how the voting really went, and you'd be able to completely cover your tracks because there is no physical evidence to hide.

With evoting you can know if you need to cheat or not, so no unnecessary risks.


With evoting you can know how much you need to cheat by, so you know the risks, if it's a bridge too far then try at the next election instead. You don't kill the golden goose.

But if it's within the 3% margin of the polls who'd even notice ?

B0jangles

Capt'n Midnight wrote: »

With evoting you can know if you need to cheat or not, so no unnecessary risks.


With evoting you can know how much you need to cheat by, so you know the risks, if it's a bridge too far then try at the next election instead. You don't kill the golden goose.

But if it's within the 3% margin of the polls who'd even notice ?

That's what I'm thinking - with e-voting, once you're in, all the data would be laid out for you; easy to read and easy to alter subtly enough that it's unnoticeable.

With old-fashioned paper ballots, you simply cannot know the exact details of anything until it's officially counted, and then surely it's too late? (Unless you've already got control of the whole count process of course)

GreeBo

Capt'n Midnight wrote: »

The claim is that technology makes evoting is secure.
It doesn't



Hackets have prove it's possible to bypass the security on evoting, so you can't be sure of detecting any tampering, actually because it's evoting it's more likely that no one will tamper unless they can be sure of covering their tracks.

You say "evoting" like is s singular thing. You might as well say hijackers have proven its possible to destroy buildings... yet we still have air travel.

With ballot stuffing you can be reasonably sure of detecting it by a simple count. And it's only on box. So very quickly you know if it would have affected the outcome or not.

Great you detect it... now what?
And why is it only one box?
You repeatedly demonstrate your bias by picking three worst possible outcome for smart voting but thr best for the current system. If you are going to argue then try and be sensible about it.

IF there is a problem then you know who voted in which box. IF there is a problem you know which pieces of paper to examine. Graphology and fingerprint analysis might prove interesting, especially if there was a criminal investigation , there are privacy concerns, but with evoting you have no way of detecting or correcting or persecuting any cheating.

Ok, so you discover an issue in 5000 boxes... now what?

Fingerprint analysis? You are embarrassing yourself now.

X's ?

Here in Ireland we have proportional representation with a single transferable vote.
.

Oh really? So i guess you just bypass the old referenda then huh?

If you actually read my post you will see i said xs or single digits.

GreeBo

B0jangles wrote: »

That's what I'm thinking - with e-voting, once you're in, all the data would be laid out for you; easy to read and easy to alter subtly enough that it's unnoticeable.

With old-fashioned paper ballots, you simply cannot know the exact details of anything until it's officially counted, and then surely it's too late? (Unless you've already got control of the whole count process of course)

Is it too late though?

If i go into ff heartland and tamper with hundreds or thousand of boxes... them what... how will the result be handled?

B0jangles

GreeBo wrote: »

Is it too late though?

If i go into ff heartland and tamper with hundreds or thousand of boxes... them what... how will the result be handled?

Then there's an enormous scandal, a criminal investigation which hopefully leads to prosecutions and the election is rerun?

It would be extremely messy and obvious; which to my mind is the huge benefit of paper ballots over virtual ones.


(unless your suggesting that in a Fianna Fail heartland every single person at the count centre would be willing participants in electoral fraud, which is maybe a little bit unfair to FF party members and voters)

AndrewJRenko

GreeBo wrote: »

Is it too late though?

If i go into ff heartland and tamper with hundreds or thousand of boxes... them what... how will the result be handled?

For a start, you would need hundreds or thousands of people to make your plan happen, which is a little bit difficult to organise for a criminal enterprise. And you would need to bribe or intimidate hundreds or thousands of polling staff, which is also a little bit difficult.

And you still haven't explained how or when you are going to do your tampering.

And ultimately, the authorities or the Courts will decide what happens.

Now, contrast that with what happens when a bit of software decides to switch every second or third vote for candidate A to be a vote for candidate B. Who's going to notice or prevent this?

AndrewJRenko

B0jangles wrote: »

(Unless you've already got control of the whole count process of course)

There is no option to 'have control' over the whole count because it is done in public view.

B0jangles

AndrewJRenko wrote: »

There is no option to 'have control' over the whole count because it is done in public view.

I meant in the context of dictatorships which are still paying lip-service to the idea of 'Free and Fair' elections - as in, that's the level of control you'd presumably have to have to publically tamper with loads of ballot boxes at a count centre.

AndrewJRenko

Interesting to see a very strong consensus, almost unanimous NO to eVoting on Reddit /r/Ireland

https://www.reddit.com/r/ireland/comments/9rjyh8/do_you_think_well_ever_bring_in_online_voting_or/

Capt'n Midnight

Did you know that memory cards have their own microcontrollers ?

So you can't even be sure what you read off them is what you wrote to them, or that it won't be changed later on. I don't mean that someone with access could change the data on the card. It's the controller on the card itself could do that, perhaps when triggered by special voting sequence.

Pretty untraceable unless you have lots of checks. Assume the same for HDD and SSD controllers.




The key point here is not that memory cards can be hacked. Besides it's not like all evotings use them, and data should always be encrypted.

It's a reminder that with evoting there are lots and lots of places hidden from human view where a system can be attacked.


And you can't expect the sort of people who installed remote access software on the computers that managed the evoting machines to protect you against nation states.

GreeBo

B0jangles wrote: »

Then there's an enormous scandal, a criminal investigation which hopefully leads to prosecutions and the election is rerun?

It would be extremely messy and obvious; which to my mind is the huge benefit of paper ballots over virtual ones.


(unless your suggesting that in a Fianna Fail heartland every single person at the count centre would be willing participants in electoral fraud, which is maybe a little bit unfair to FF party members and voters)

I'm suggesting that by this means you have possibly achieved what you wanted. Not sure what a criminal investigation would do... what evidence would you have?

AndrewJRenko

GreeBo wrote: »

I'm suggesting that by this means you have possibly achieved what you wanted. Not sure what a criminal investigation would do... what evidence would you have?

So the objective of a very large and very risky criminal enterprise is to cause an election to be rerun a few weeks/months later? Does that really make any sense?


And as for evidence, that really depends on your plans for HOW/WHEN you plan to stuff the votes. Would you like to explain that please?

AndrewJRenko

If it ain't broke

https://twitter.com/r_o_farrell/status/1067019730706472962?s=19

Capt'n Midnight

Researchers find trapdoor in SwissVote election system
researchers say this could allow insiders who ran or implemented the election system to modify votes undetected.

IT security is very difficult to get right. For amateurs like the people who usually do evoting systems it's well nigh impossible.


Something like Brexit is costing billions and there's billions more to be made if you knew whether it was Deal or No Deal. Or forget the money because China , Russian , North Korea, Iran , take your pick of nation-states that would throw resources at changing an election if it suited them.