* This password list has been public for a long time, and is easy to access: hidden excel column on a public spreadsheet.
* BIOS access means the intruder can change boot devices, boot their own OS, infect the BIOS with a virus, change boot devices back, compromise the vote host OS.
* Keycard security isn't tight security. Any amature physical penetration tester would just use a primitive attack on the door to get around it. E.g.: Grab the handle from under the door with a wire. Youtube has a ton of examples.
* This could have been done months ago, and over a long period of time.
* The intruder could clean up logs and any other traces of their actions.
Where am I technically wrong here? I'm sure I'm missing something obvious. It sounds like what you would do with BIOS passwords if you wanted to do something nasty. I haven't seen these questions addressed anywhere.
I hear some people say "but we use paper ballots". Then why do you have a BIOS password? If it's all paper where does the computer fit in? All of this is honest curiosity, I'm not sure how the voting system works.
>I hear some people say "but we use paper ballots". Then why do you have a BIOS password? If it's all paper where does the computer fit in? All of this is honest curiosity, I'm not sure how the voting system works.
Not sure about Colorado specifically, but in many jurisdictions voters mark paper ballots, which go into a machine to be tabulated, and are finally deposited into a box for safe keeping/future recounts.
I voted early in person in Colorado a few days ago. Use a machine to entry my votes. Votes were printed onto a piece of paper. I checked to make sure the marks on the paper matched what I entered into
the machine and then dropped it into the ballot box (not a machine just a box that collected the ballots). It was pretty sane and didn't seem like there was a lot to worry over related to the electronic entry system.
As to how the votes on the ballots are tallied - if those machines are compromised seems like a definite problem -- though there is at least the option to hand count the ballots to compare against ...
FTA: “Colorado voter votes on a paper ballot, which is then audited during the Risk Limiting Audit to verify that ballots were counted according to voter intent.”
> Where am I technically wrong here? I'm sure I'm missing something obvious.
As I understand that article, BIOS access requires two passwords, and the list only provides one of the two passwords. So, instead of "password list" I would say "partial-password list".
The list also misses "There is 24/7 video camera recording on all election equipment." Of course, you can raise concerns and failure modes about video recordings, but that all brings up the question "Were those recordings compromised?" You should not assume that they were.
CO mails paper ballots to everyone* about a month before election day. You can choose to vote in person, or mail in/drop off your paper ballot anytime prior to election night.
My understanding is what while the ballots are paper, many (all?) are tabulated digitally. It certainly appears to be laid out in a way that benefits digital reading, and i believe that is what the machines in question are responsible for.
I’m an overseas Colorado voter. They lump me in with the military voters so my voting process is super easy (I’m sure certain groups would love to make this harder, but not for the troops). I get an email that my ballot is ready, I go to the CO website, authenticate with my SSN (fucking yikes), fill out my ballot online, print a copy to pdf, slap a digital signature on there, and email it back to the SOS who presumably prints it out and throws it in with the rest, and then get an email saying my vote has been counted.
It’s amazing how easy voting can be when we want it to be.
In texas you pick your items on computer and it spits out a paper ballot that you can look at to verify it's what you voted for. The info is also included in a qr code like form for a reader. In the event that something looks off it can be verified by humans. I figured something similar was done all over.
This is not the case everywhere in Texas. In many places, you fill in a paper ballot at a booth and feed it into a machine at the end with nothing printed afterwards.
It is important that the voting system have credibility for everyone - regardless of party. Has anyone done a ground up exercise of rethinking the process and the involved technologies from a cybersecurity standpoint? It would be great to offer voters verification of their votes while maintaining secrecy.
But right now I feel like we are stuck, with one half the country having doubts about the process and the other half insisting that it is absolutely perfect. It isn’t enough for the process to be either correct or trustworthy. It has to be both.
> But right now I feel like we are stuck, with one half the country having doubts about the process and the other half insisting that it is absolutely perfect.
It's not correct that one half of the US insists that the election process is absolutely perfect. There have been countless investigations, inquiries etc. and the process is being continuously reviewed. One half of the US insists that the process shouldn't be changed to the detriment of minority groups without any actual evidence that problems exist (as the investigations etc. did not result in such evidence), yet the other half still insists that the problems occur and the evidence is just hidden too well, and the process must be changed without ensuring that minority groups aren't affected more than other groups.
Paper ballots are standard and the majority of states require ID to vote.
There was someone using the Michigan voter file (which has a line in it for each change to the voters record, so repeats voters) to claim that someone was voting dozens of times. They weren't airing a legitimate concern about the voting system, they were sowing discord by lying about how it works.
Your framing of the situation is reductive and cartoonish.
It's only interesting when you oversimplify the two situations for the express purpose of sowing distrust.
The only reason you've left out the details that Tina Peters actually facilitated physical access to voting machines with both required passwords, while this current leak was not even sufficient for someone to repeat Peters' actions, is that it would be absolutely devastating to your entire argument.
Computers anywhere in the vote casting process introduce new, additional failure modes. These modes may be intentional (hacking) or unintentional (misconfiguring the paper size of the ballots). They may be mundane (power failure, out of ink) or esoteric (logic error). Even computerized counting has a nonzero error rate (so does human counting, but that can be challenged by human observers).
Computers add cost for acquiring the computers and training the staff. Computers add complexity and complexity usually reduces the reliability of a process. In a process like voting, that also reduces confidence in the process. This and the cost alone make it unclear why anyone would want to spend the money to electronicize vote casting and counting.
People have been voting without benefit of electronics for thousands of years.
In the vast majority of countries where paper ballots are used and counted by hand, the count is almost invariably completed the day of the election.
Conversely, in the US, where we spend lots of money to acquire, maintain and operate computers to “assist” in voting and vote counting, now we have many jurisdictions who say that they cannot complete counting on Election Day.
It boggles my mind that anyone still supports involving computers in vote casting and counting.
It's important to recognize that the US system involves many more races and questions on the ballot than in other (especially parliamentary) systems. Electronic-free counting in many states would significantly extend counting times; many voters have 20+ choices to make, and each of these choices would have to be counted and tracked, which introduces failure modes of their own.
Counting by hand makes sense when each ballot paper has one race; when each ballot has 25 items, using robust optical scan systems common in testing makes sense. Electronic systems also open new options for improved accessibility, as long as all systems produce a physical record, ideally that is counted as itself, rather than a receipt for an electronic count.
- Counting machines should print on each ballot the running count for each race at the point that it counted that ballot. This would allow for manual sampling of N pairs of consecutive ballots to check that the counts never differ by more than one, and never by less than zero.
- Counting machines should be dead simple, and should be one per ballot style. We should go back to precinct-only voting and forget county-wide voting.
- Reconciliation is an absolute must -- as it's always been, but we seem to have stopped doing it in many places.
- Every day of early voting should be treated like election day: with results published for each day. This would reduce the risk of ballot stuffing after hours because one the ballots are counted for the day there are no ballot boxes to stuff.
I would suggest that the solution is less voting. Ballots are insanely complicated and there’s absolutely zero knowledge the average person has about whether any of the people are good candidates. So then they turn to their favorite voting guides which just shifts the power to unaccountable political groups instead of making the single representative you elect responsible for figuring it out. And there’s too many elections - non presidential year elections give the power to a motivated and vocal minority which is not what you want because it lets shit stirrers seize control when no one is paying attention.
Parliamentary systems are the only democratic systems I’m aware of that ever features more than 2 parties in a FPTP system as well.
Seriously. The amount of suspicion for computerized scanning and counting systems here is surprising.
I realize state of the art, modern, high-performance systems are incredibly complex... but that doesn't mean all systems have to be incredibly complex.
Simple computerized systems are incredibly accurate and reliable, easily moreso than humans.
And critically, it's feasible to perform attestation on electronic systems: something that's completely impossible with humans. You have no idea if Joe or Sally are randomly slipping in a few miscounts (or the people auditing them, or the people auditing them). If you're careful, you can be sure that only specific code is executing.
I'd be fascinated to get a breakdown of trust in computerized voting systems, from programming professionals, by programming speciality. I have a suspicion you'd get different answers from firmware/RT folks vs js front-end, to pick a couple of examples.
With encryption/hashing, maybe requiring some of that "process encrypted data without decrypting the data" fancy papers from a year or two ago that I never understood, can't we do some basic anti-fraud measures?
Sure, we use a computer to produce a paper ballot (computers DON'T count or keep counts). The voter has a voting id that is hashed/encrypted/processed in such a way that the number is verifiable as a valid ballot hash (maybe using some sort of public/private key pair) so hashes can't simply be randomly generated.
So the computer UI produces the ballot. The voter is told to check their ballot reflects what they wanted to vote for. The ballot is scanned with a scantron.
Not sure if this is a "thing" or if there's a problem with it, but why not live-stream video of every vote being counted so the entire population could validate at least the counting portion of voting.
so then the attack becomes introducing enough error at critical counts such that it affects the result without being regarded as having been tampered with
I think all US folks reading this should volunteer at their county's Registrar of Voters (or equivalent agency for their county). Spend one election working at a polling place, and another election working at the RoV HQ. See what it's like to go through the training, and what things are like on Election Day, and in the days leading up (for places that allow early voting, drop-off, etc.).
Virginia purged 1600 non-citizens from their voter rolls and a Chinese student actually voted in Michigan. Clearly requiring citizenship to register as a voter is not sufficient. Poll volunteers should be verifying citizenship.
And which is this mythical group of people that will be disenfranchised if the rule of showing photo id is implemented? How many US citizens don't have any form of valid id?
I worked a total of eleven elections, from primarily elections to general elections. I even worked a special recall election where the recall was the only thing on the ballot. I was a volunteer for all of them. I worked as a "Polling Place Inspector", which means I was 'in charge' of a single polling place: I did the setup & teardown, reached out to the other polling place's poll workers to confirm they'll be there, and scheduled breaks etc..
I worked in Orange County, California, which is the county between Los Angeles and San Diego. At the time, it was very right-leaning. It may be so today, but that doesn't matter for this post.
Fun fact: In Orange County, poll workers are the only people who are allowed to question (or "challenge") a person's right to vote. The general public are not. How do I know that? Because it's one of the things I was taught during training. You can see it mentioned in [2], on page 11, under "What Are Observers NOT Allowed To Do?". (In the document, "precinct board" means "the poll workers".)
Now, three situational "pop quizzes" related to the situation from the article. In all three, you are a poll worker. Note that I will refer to procedures that were in place in Orange County, CA, not Fairfax County, VA:
Pop Quiz #1: Someone has arrived to vote, and you do not believe they are eligible to vote, what do you do?
Answer #1: You are challenging a voter. You have the voter vote provisionally. Their ballot would be sealed in the envelope, and their information (plus an explanation of why you're having them vote provisionally) would be on the envelope. The challenged voter would take a receipt with them, giving them a phone number to call, should they want to check up on the status of their vote after the election.
Fun Fact: Challenging a voter without probable cause is a felony in the State of California. How do I know that? Because it's in the instructional handbook that every poll worker gets, when they go through training. You can find Orange County's handbook for the 2018 election at [1].
Pop Quiz #2: Someone at the polling place, who is not a poll worker, is challenging peoples' right to vote. What do you do?
Answer #2: Call the dedicated polling place helpdesk, letting them know about the incident. Depending on the person's behavior, you may ask them to leave, or you may skip directly to calling the police. Your polling place inspector would have already looked up the phone number of the nearest police station, or you could just call 911.
Fun Fact: As part of polling place supplies, I received a county mobile phone. I was specifically instructed to charge it up in advance of election day. They were always chunky Nokia phones, which felt like they could be used as a weapon in an emergency.
Finally, to address your question…
Pop Quiz #3: Another poll worker is challenging a voter, and you believe the challenge is unlawful. What do you do?
Answer #3: If you are not able to dissuade the poll worker into allowing the voter to vote normally, then you have them vote provisionally. The most important thing is to get the voter through the process, and their provisional envelope into the box. Once that is done, you reach out to the polling place helpdesk, letting them know who did what.
Indeed, quoting from the article you linked, "After the [polling place] manager intervened, Burrell-Aldana was allowed to vote." The article does not say, but I expect the polling place manager was already planning on how to communicate the incident back to headquarters, and was keeping an eye on that poll worker.
If you had volunteered for this election, and you happened to be in the situation from this article, then you would have known what to do. :-)
Except non-citizens have voted. And the Democrats found Virgina over removing confirmed non-citizens from the voter rolls. Why would anyone support keeping illegible voters on the rolls? We all know why.
This is a very good suggestion. The internet discourse gets further and further from reality in a lot of areas. Engaging in the actual reality of the voting system is an excellent 'touch grass' opportunity for people passionate about the election.
>The internet discourse gets further and further from reality in a lot of areas
This is an intended feature, and it's exclusively a feature of one political party. The elections are always rigged, this one is rigged, the voting process is rigged, just don't ask me to present evidence in a court of law...
That seems like a massive waste of time and energy compared to just implementing mail in voting for everyone like Washington and Oregon have for so many years.
I disagree. I believe there are people who want results sooner rather than later. The greater the delay, the more annoyed folks become. Recording votes in _both_ paper and electronic form allows for the auditability of paper and the speed of electronic calculations.
(Side note: I also believe that hand-counting of ballots can be tedious, and humans performing tedious, repetitive tasks are prone to error. See [1].)
> I believe there are people who want results sooner rather than later
In Denmark all ballots are hand-counted. It takes about 6 hours from polls close to every precinct reporting a preliminary result. Wanting it faster isn't really necessary, other than to feed the 24/7 news machine.
Why should you compromise on security because you're impatient? Have the voter vote on paper; since it's only two candidates, this can be postcard-sized. Scan the postcards for the fast results, check and double check by hand (or visual if there's a picture taken by the scanner).
You can scan paper to make the count faster. The benefit of using paper is you can even use multiple scanners from different companies even.
Hand counts are actually not all that time-consuming for large groups. Voting districts are already broken down enough whete each polling station only has a few thousand ballots.
You mean people that had to line up for hours can not wait a little longer for results?
Paper ballot have the advantage of being robust against e.g. power failures. They are also trivially to scale up - just need small secluded space for people to fill them and an additional pen - much shorter waiting lines. There is not BIOS, there is no software to be rolled out or computer to be procured, installed, secured and finally put in secure storage or securely disposed.
People can want it fasted and people can become annoyed, but that's their choice. An election can be counted and verified only so quickly, it doesn't matter if people want it faster or not.
Mail-in ballots are worst of all, and the people who advocate for their expansion will regret it when they see entire church memberships filling out their ballots together, checking each other to make sure they voted correctly, and shunning, expelling, or firing people who don't participate.
There are currently many heads of household voting for their entire families, and even aside from mail-in ballots, there are people watching and photographing other family members voting within polling places, and uploading the photographs to social media with parental pride. In many places, this is not even criminal anymore.
Paper ballots, with voters having no method to prove who they voted for (no-receipt), in a private booth.
Strongly disagree. As would any voter who had their vote suppressed in Florida in 2000 due to confusing analog voting machines, dangling chads, or “partially” filled bubbles.
It does not make sense to paint paper ballots as something that is inherently better.. Paper ballots have many potential vector attacks many of which are stupidly easy or even unintentional (e.g. hanging chads)
Hanging chads, which are anyway still a problem introduced by machine-counting, not hand counting, are much less problematic than hacking a voting machine. There is no tie between your vote choice and the probability of a hanging chad, so this doesn't bias the election against any particular candidate. A hacked voting machine does have intentional bias.
Hanging chads were caused by a dumb idea to make ballots automatically countable. The solution is to make ballots easier to hand-count, by having separate ballot papers for each position (or at least the most important ones) and counting them by hand.
Computer security (computer system quality in general) can't really be turned into a metric, which means it can't be understood by bureaucracies, which means it can't be valued and upheld by large public or private organizations, which means it's in shambles everywhere that well-intentioned engineers aren't upholding it out of their own personal (usually unrewarded) integrity
The Indian Voting Machines are the answer.
No operating system, no passwords, no connections, no bruteforcing anything, system on a chip, so widely distributed devices that hacking even a few of them is challenging, etc.
The US voting machines are just waiting to be hacked, just a matter of when, not if.
You need to present an election system that will convince Joe Q. Public, who is almost certainly not as tech-literate as this forum, is probably not even white-collar or university educated, and likely also suspicious of globalisation. "Tamper-proof Indian system-on-a-chip" does not have that property. Otherwise you get increasingly unhinged arguments over the election results until something breaks.
A high speed electronic ballot reader with a mechanical counter display. So you can stand there and watch it count. Then run it through a duplicate machine. It should say the same thing.
Appropriately documenting these occurrences should not be hard. Appropriately archiving them would be moderately difficult but would serve as the evidence of the final tally. The final tally of all precincts could then be calculated by any number of independent organizations.
There can't be any hard to understand computer voodoo, deleteable audit logs, or single vendor reporting the final tally. No one should trust that anyways.
Ironically in the US the current nonsense about election fraud might push electronic ballots further. If you're going to cry wolf over paper ballots then you might as well do whatever you want, literally nothing will ever satisfy them. There's no sense even trying to appease.
I think random, serialized paper ballots are the way to go. When the polls close you know the serial numbers of every vote cast, so no new serial numbers should be added to that unless a very good reason. Keep them or destroy them afterwards is another issue, but it's a step in the right direction.
I have some distrust in the American voting system, first with the computerized systems, but also that federal elections are run at the state level. With so many states and jurisdictions, I can't help but feel that fraud is happening. If the federal elections process was truly federalized, and funded if it is not already, managed and controlled by the federal government, then I think there could be greater control and security.
What do you do when duplicate serial numbers start showing up? I'm assuming you won't know who was issued which serial number, and if it's truly randomized you wouldn't even know where they were sent.
The last thing we need is to Federalize voting. Our system is robust BECAUSE it is local. The last thing I'd want is a Federal system under a President's influence.
Can you think of a reason why the people who wrote the rules we have now would want to avoid putting federal elected officials in charge or running federal elections?
When I was a kid living in Louisiana (a state well-known for political shenanigans), they had big mechanical voting machines for elections. The machines were very large and heavy and were stored in warehouses. Probably not much fun for the workers who had to move them to/from storage to polling places (they did have wheels though).
Anyways, you would walk into it and throw a big mechanical lever that would close a privacy curtain behind you. Then you would have to manually turn an individual mechanical switch for each choice. When finished voting, you would throw the big mechanical lever back to the original position. Moving the lever back would cause all of your votes to be counted, reset all voting switches, and open the privacy curtains. There were mechanical counters for all possible voting options. Then, when the polls closed the votes would be read off the counters (and presumably verified by multiple individuals) and then reported to the whoever they reported the results to.
This was before the internet, but the same machines could (and should) be used in the internet age. There's nothing to hack into electronically as the voting machines contain no electronics (at least for communications, for sure).
The only big downside is that the machines have to be stored somewhere and they take up a sizable space. Also, they incur expenses to be moved from storage to polling places (and back).
Someone will bring up voters with disabilities, but there were voters with disabilities back then too. I'm sure there was a protocol for accommodating voter disabilities.
All in all, I think it's a sensible and pragmatic solution to thwart hacking and hopefully garner more confidence in voting integrity.
Mechanical punch-card voting machines fell out of use after the 2000 election showed that they're more error-prone than either electronic voting machines or paper ballots.
Curious to know more. Is there a good source of information on the security of the hardware and software used for elections India.
As an Indian citizen I see the casual lack of security mindset in large swathe of things implemented by both public and private actors. Many things get better only though iterative failures and corresponding reactive fixes.
What type of failures and improvements have happened here, or instances of demonstrated hardness against those with motivation and access to machinery.
Regarding Indian voting machines, there is also randomization involved at various levels during distribution making it difficult to game the system but still I always wonder if there is any way to hack the system. I hope people in charge have a process to continuously evaluate the security procedures and improve it.
I never understood the desire to have any kind of machine at all. Paper ballots are a perfectly efficient and scalable system used for many large elections. Even if complicated machines are theoretically safe against malfeasance, keeping it simple increases public confidence.
> The US voting machines are just waiting to be hacked, just a matter of when, not if.
The US election system is very distributed and fragmented - there is virtually no standardization.
Even in the tightest margins for something like President you'd need to have seriously good data to figure out which random municipality voting system(s) you'd need to target to actually affect the outcome.
> to figure out which random municipality voting system(s) you'd need to target to actually affect the outcome.
As you said, no standardization, which means all precincts reports on wildly different time intervals, if you can interfere with just tallying during or after the fact, and you can get the information on other precincts before any other outlets, you could easily take advantage of this.
It's essentially the Superman II version of interfering with an election. Just put your thumb on the scale a little bit everywhere on late precincts all at once.
The fact that so many states let a simple majority of their state take _all_ electors actually makes this possible. If more states removed the Unit Rule and went like Nebraska and Maine this would be far less effective.
Are paper ballots and hand counting such a big problem? To me there is something special with the pageantry and ceremony of physically going to a central location to vote, filling out a ballot, physically placing it in a collection box, and then having another human count it. All that pageantry trumps whatever efficiency you get from automating this process with computers, and mobile phones and databases and internets.
There are two other nascent problems in Colorado this year:
Ballots printed by Fort Orange Press are failing through the scan reader. This is annoying, and small counties appear not to have rehearsed the combinations of paper and scanner. There will be a lot of hand counting, which requires party-appointed poll workers.
A notable but insignificant number of ballots in Mesa county failed to authenticate signatures and when contacted, those voters said hadn’t voted yet. Once the signature matches, the ballot becomes part of a large box, indistinguishably. This describes something like 3 ballots.
Readit News
* This password list has been public for a long time, and is easy to access: hidden excel column on a public spreadsheet.
* BIOS access means the intruder can change boot devices, boot their own OS, infect the BIOS with a virus, change boot devices back, compromise the vote host OS.
* Keycard security isn't tight security. Any amature physical penetration tester would just use a primitive attack on the door to get around it. E.g.: Grab the handle from under the door with a wire. Youtube has a ton of examples.
* This could have been done months ago, and over a long period of time.
* The intruder could clean up logs and any other traces of their actions.
Where am I technically wrong here? I'm sure I'm missing something obvious. It sounds like what you would do with BIOS passwords if you wanted to do something nasty. I haven't seen these questions addressed anywhere.
I hear some people say "but we use paper ballots". Then why do you have a BIOS password? If it's all paper where does the computer fit in? All of this is honest curiosity, I'm not sure how the voting system works.
Not sure about Colorado specifically, but in many jurisdictions voters mark paper ballots, which go into a machine to be tabulated, and are finally deposited into a box for safe keeping/future recounts.
As to how the votes on the ballots are tallied - if those machines are compromised seems like a definite problem -- though there is at least the option to hand count the ballots to compare against ...
As I understand that article, BIOS access requires two passwords, and the list only provides one of the two passwords. So, instead of "password list" I would say "partial-password list".
The list also misses "There is 24/7 video camera recording on all election equipment." Of course, you can raise concerns and failure modes about video recordings, but that all brings up the question "Were those recordings compromised?" You should not assume that they were.
CO mails paper ballots to everyone* about a month before election day. You can choose to vote in person, or mail in/drop off your paper ballot anytime prior to election night.
My understanding is what while the ballots are paper, many (all?) are tabulated digitally. It certainly appears to be laid out in a way that benefits digital reading, and i believe that is what the machines in question are responsible for.
* for some definition of "everyone"
I’m an overseas Colorado voter. They lump me in with the military voters so my voting process is super easy (I’m sure certain groups would love to make this harder, but not for the troops). I get an email that my ballot is ready, I go to the CO website, authenticate with my SSN (fucking yikes), fill out my ballot online, print a copy to pdf, slap a digital signature on there, and email it back to the SOS who presumably prints it out and throws it in with the rest, and then get an email saying my vote has been counted.
It’s amazing how easy voting can be when we want it to be.
Dead Comment
Deleted Comment
https://vimeo.com/842943160
It has a surprisingly(?) low view count for how riled up everyone is about all this.
If you want more insight into this system, here is a test plan from August of this year on the Election Assistance Commission's website:
https://www.eac.gov/sites/default/files/2024-08/ClearVote%20...
It also has a list of bug fixes like:
> Changed the ClearCount API to require authentication before uploading files (such as ballot images and tabulation results) to the server.
And software details like:
- MySQL 8
- Ubuntu 20
- Windows 10 IoT Enterprise LTSC 2021
- Windows Enterprise IoT 21H2 release
- Python 3
- CIS SCAP Ubuntu 20.04 revision 1.1.0
Here is a summary of an audit done on a previous version last year:
https://elections.ny.gov/system/files/documents/2023/10/clea...
But right now I feel like we are stuck, with one half the country having doubts about the process and the other half insisting that it is absolutely perfect. It isn’t enough for the process to be either correct or trustworthy. It has to be both.
It's not correct that one half of the US insists that the election process is absolutely perfect. There have been countless investigations, inquiries etc. and the process is being continuously reviewed. One half of the US insists that the process shouldn't be changed to the detriment of minority groups without any actual evidence that problems exist (as the investigations etc. did not result in such evidence), yet the other half still insists that the problems occur and the evidence is just hidden too well, and the process must be changed without ensuring that minority groups aren't affected more than other groups.
This is not a situation with two equal sides.
There was someone using the Michigan voter file (which has a line in it for each change to the voters record, so repeats voters) to claim that someone was voting dozens of times. They weren't airing a legitimate concern about the voting system, they were sowing discord by lying about how it works.
Your framing of the situation is reductive and cartoonish.
Chesterton’s fence.
It’s interesting that she made excuses for herself but previously had no quarter for someone who landed in similar position.
The only reason you've left out the details that Tina Peters actually facilitated physical access to voting machines with both required passwords, while this current leak was not even sufficient for someone to repeat Peters' actions, is that it would be absolutely devastating to your entire argument.
Dead Comment
Computers add cost for acquiring the computers and training the staff. Computers add complexity and complexity usually reduces the reliability of a process. In a process like voting, that also reduces confidence in the process. This and the cost alone make it unclear why anyone would want to spend the money to electronicize vote casting and counting.
People have been voting without benefit of electronics for thousands of years.
In the vast majority of countries where paper ballots are used and counted by hand, the count is almost invariably completed the day of the election.
Conversely, in the US, where we spend lots of money to acquire, maintain and operate computers to “assist” in voting and vote counting, now we have many jurisdictions who say that they cannot complete counting on Election Day.
It boggles my mind that anyone still supports involving computers in vote casting and counting.
Counting by hand makes sense when each ballot paper has one race; when each ballot has 25 items, using robust optical scan systems common in testing makes sense. Electronic systems also open new options for improved accessibility, as long as all systems produce a physical record, ideally that is counted as itself, rather than a receipt for an electronic count.
- Counting machines should be dead simple, and should be one per ballot style. We should go back to precinct-only voting and forget county-wide voting.
- Reconciliation is an absolute must -- as it's always been, but we seem to have stopped doing it in many places.
- Every day of early voting should be treated like election day: with results published for each day. This would reduce the risk of ballot stuffing after hours because one the ballots are counted for the day there are no ballot boxes to stuff.
Parliamentary systems are the only democratic systems I’m aware of that ever features more than 2 parties in a FPTP system as well.
I realize state of the art, modern, high-performance systems are incredibly complex... but that doesn't mean all systems have to be incredibly complex.
Simple computerized systems are incredibly accurate and reliable, easily moreso than humans.
And critically, it's feasible to perform attestation on electronic systems: something that's completely impossible with humans. You have no idea if Joe or Sally are randomly slipping in a few miscounts (or the people auditing them, or the people auditing them). If you're careful, you can be sure that only specific code is executing.
I'd be fascinated to get a breakdown of trust in computerized voting systems, from programming professionals, by programming speciality. I have a suspicion you'd get different answers from firmware/RT folks vs js front-end, to pick a couple of examples.
Sure, we use a computer to produce a paper ballot (computers DON'T count or keep counts). The voter has a voting id that is hashed/encrypted/processed in such a way that the number is verifiable as a valid ballot hash (maybe using some sort of public/private key pair) so hashes can't simply be randomly generated.
So the computer UI produces the ballot. The voter is told to check their ballot reflects what they wanted to vote for. The ballot is scanned with a scantron.
pretty easy if your company produced the machines
I’d say this was a fluke if the GOP hadn’t spent the last umpteen months pushing all this non-citizen voting nonsense.
https://wapo.st/3AsIvnf
You'll know what to do.
I worked a total of eleven elections, from primarily elections to general elections. I even worked a special recall election where the recall was the only thing on the ballot. I was a volunteer for all of them. I worked as a "Polling Place Inspector", which means I was 'in charge' of a single polling place: I did the setup & teardown, reached out to the other polling place's poll workers to confirm they'll be there, and scheduled breaks etc..
I worked in Orange County, California, which is the county between Los Angeles and San Diego. At the time, it was very right-leaning. It may be so today, but that doesn't matter for this post.
Fun fact: In Orange County, poll workers are the only people who are allowed to question (or "challenge") a person's right to vote. The general public are not. How do I know that? Because it's one of the things I was taught during training. You can see it mentioned in [2], on page 11, under "What Are Observers NOT Allowed To Do?". (In the document, "precinct board" means "the poll workers".)
Now, three situational "pop quizzes" related to the situation from the article. In all three, you are a poll worker. Note that I will refer to procedures that were in place in Orange County, CA, not Fairfax County, VA:
Pop Quiz #1: Someone has arrived to vote, and you do not believe they are eligible to vote, what do you do?
Answer #1: You are challenging a voter. You have the voter vote provisionally. Their ballot would be sealed in the envelope, and their information (plus an explanation of why you're having them vote provisionally) would be on the envelope. The challenged voter would take a receipt with them, giving them a phone number to call, should they want to check up on the status of their vote after the election.
Fun Fact: Challenging a voter without probable cause is a felony in the State of California. How do I know that? Because it's in the instructional handbook that every poll worker gets, when they go through training. You can find Orange County's handbook for the 2018 election at [1].
Pop Quiz #2: Someone at the polling place, who is not a poll worker, is challenging peoples' right to vote. What do you do?
Answer #2: Call the dedicated polling place helpdesk, letting them know about the incident. Depending on the person's behavior, you may ask them to leave, or you may skip directly to calling the police. Your polling place inspector would have already looked up the phone number of the nearest police station, or you could just call 911.
Fun Fact: As part of polling place supplies, I received a county mobile phone. I was specifically instructed to charge it up in advance of election day. They were always chunky Nokia phones, which felt like they could be used as a weapon in an emergency.
Finally, to address your question…
Pop Quiz #3: Another poll worker is challenging a voter, and you believe the challenge is unlawful. What do you do?
Answer #3: If you are not able to dissuade the poll worker into allowing the voter to vote normally, then you have them vote provisionally. The most important thing is to get the voter through the process, and their provisional envelope into the box. Once that is done, you reach out to the polling place helpdesk, letting them know who did what.
Indeed, quoting from the article you linked, "After the [polling place] manager intervened, Burrell-Aldana was allowed to vote." The article does not say, but I expect the polling place manager was already planning on how to communicate the incident back to headquarters, and was keeping an eye on that poll worker.
If you had volunteered for this election, and you happened to be in the situation from this article, then you would have known what to do. :-)
[1]: https://ocvote.gov/fileadmin/user_upload/elections/gen2018/T...
[2]: https://ocvote.gov/election-library/docs/Election%20Observat...
This is an intended feature, and it's exclusively a feature of one political party. The elections are always rigged, this one is rigged, the voting process is rigged, just don't ask me to present evidence in a court of law...
When you see a system more complex than paper ballots, know that the additions are not there on your behalf.
(Side note: I also believe that hand-counting of ballots can be tedious, and humans performing tedious, repetitive tasks are prone to error. See [1].)
[1]: https://www.brennancenter.org/our-work/research-reports/hand...
In Denmark all ballots are hand-counted. It takes about 6 hours from polls close to every precinct reporting a preliminary result. Wanting it faster isn't really necessary, other than to feed the 24/7 news machine.
Hand counts are actually not all that time-consuming for large groups. Voting districts are already broken down enough whete each polling station only has a few thousand ballots.
Where's the problem with waiting? This is not some customer service to optimize for profit, there's no harm in waiting a bit.
Paper ballot have the advantage of being robust against e.g. power failures. They are also trivially to scale up - just need small secluded space for people to fill them and an additional pen - much shorter waiting lines. There is not BIOS, there is no software to be rolled out or computer to be procured, installed, secured and finally put in secure storage or securely disposed.
There are currently many heads of household voting for their entire families, and even aside from mail-in ballots, there are people watching and photographing other family members voting within polling places, and uploading the photographs to social media with parental pride. In many places, this is not even criminal anymore.
Paper ballots, with voters having no method to prove who they voted for (no-receipt), in a private booth.
Tale as old as time
The US voting machines are just waiting to be hacked, just a matter of when, not if.
You need to present an election system that will convince Joe Q. Public, who is almost certainly not as tech-literate as this forum, is probably not even white-collar or university educated, and likely also suspicious of globalisation. "Tamper-proof Indian system-on-a-chip" does not have that property. Otherwise you get increasingly unhinged arguments over the election results until something breaks.
Appropriately documenting these occurrences should not be hard. Appropriately archiving them would be moderately difficult but would serve as the evidence of the final tally. The final tally of all precincts could then be calculated by any number of independent organizations.
There can't be any hard to understand computer voodoo, deleteable audit logs, or single vendor reporting the final tally. No one should trust that anyways.
Ref.: https://www.brennancenter.org/our-work/research-reports/hand...
I have some distrust in the American voting system, first with the computerized systems, but also that federal elections are run at the state level. With so many states and jurisdictions, I can't help but feel that fraud is happening. If the federal elections process was truly federalized, and funded if it is not already, managed and controlled by the federal government, then I think there could be greater control and security.
Colorado ballot envelopes already have a bar code - essentially your "serial number".
I feel like I'm taking crazy pills because everyone who thinks there's widespread election fraud seems to not know anything about how elections work.
Anyways, you would walk into it and throw a big mechanical lever that would close a privacy curtain behind you. Then you would have to manually turn an individual mechanical switch for each choice. When finished voting, you would throw the big mechanical lever back to the original position. Moving the lever back would cause all of your votes to be counted, reset all voting switches, and open the privacy curtains. There were mechanical counters for all possible voting options. Then, when the polls closed the votes would be read off the counters (and presumably verified by multiple individuals) and then reported to the whoever they reported the results to.
This was before the internet, but the same machines could (and should) be used in the internet age. There's nothing to hack into electronically as the voting machines contain no electronics (at least for communications, for sure).
The only big downside is that the machines have to be stored somewhere and they take up a sizable space. Also, they incur expenses to be moved from storage to polling places (and back).
Someone will bring up voters with disabilities, but there were voters with disabilities back then too. I'm sure there was a protocol for accommodating voter disabilities.
All in all, I think it's a sensible and pragmatic solution to thwart hacking and hopefully garner more confidence in voting integrity.
As an Indian citizen I see the casual lack of security mindset in large swathe of things implemented by both public and private actors. Many things get better only though iterative failures and corresponding reactive fixes.
What type of failures and improvements have happened here, or instances of demonstrated hardness against those with motivation and access to machinery.
The Electronic Voting Machines (EVMs) do simple counting of key presses and keep tally of the totals.
The machines are not reprogrammable, run on alkaline batteries and have no WiFi/Bluetooth, USB or ethernet.
There was an interview with one of the Profs who designed the EVMs here.
Deleted Comment
The US election system is very distributed and fragmented - there is virtually no standardization.
Even in the tightest margins for something like President you'd need to have seriously good data to figure out which random municipality voting system(s) you'd need to target to actually affect the outcome.
As you said, no standardization, which means all precincts reports on wildly different time intervals, if you can interfere with just tallying during or after the fact, and you can get the information on other precincts before any other outlets, you could easily take advantage of this.
It's essentially the Superman II version of interfering with an election. Just put your thumb on the scale a little bit everywhere on late precincts all at once.
The fact that so many states let a simple majority of their state take _all_ electors actually makes this possible. If more states removed the Unit Rule and went like Nebraska and Maine this would be far less effective.
Dead Comment
Ballots printed by Fort Orange Press are failing through the scan reader. This is annoying, and small counties appear not to have rehearsed the combinations of paper and scanner. There will be a lot of hand counting, which requires party-appointed poll workers.
A notable but insignificant number of ballots in Mesa county failed to authenticate signatures and when contacted, those voters said hadn’t voted yet. Once the signature matches, the ballot becomes part of a large box, indistinguishably. This describes something like 3 ballots.