A billion "hacks" per day seems a bit far fetched. At that point, it's either a visible act of war (if external to the US) or the FBI would be much more involved (if internal). Both of those would be much larger news.
Paper ballots, no machines and especially no machines connected to the internet...if we were able to get that crazy bug into Iranian nuclear reactors without direct transfer from Internet, then you can bet North Korea, Russia, Israel, and China will pour billions to do the same thing.
Voting ID cards too, though I admit I don’t know enough about that. Even if it costs billions to get it done, confidence in fair and free elections is the cornerstone of our democracy.
I’m not sure why ID cards are necessary. If we wanted to do that we would need to make them very easy and free for everybody to get, including getting them on the day of the election. Otherwise it becomes too much of a tool to deny part of the population the ability to vote. (Which is sadly how it’s been used so far in the USA as far as I can tell.)
What is needed is verification against double voting. You must enroll, and so long as you’re enrolled, your name and zip code are on the roll. You go to one of the polling booths for your area. Your name gets ticked off when you vote. If it’s already ticked off then you cry fowl and an investigation must begin why. This seems to work on most of the world not sure why it wouldn’t work here.
In my locale, you mark a paper ballot by hand, and it goes into a somewhat antiquated electronic scanner. The scanner is attached to a locked box that stores the ballots. That seems like a reasonable approach.
When I was a kid, I remember going with my mom when she voted. The mechanical voting machine created this roll of paper with everybody's vote marked on it. After the poll closed, they took out the rolls and laid them out down the hallway of the school where the polling occurred. Anybody was welcome to stay and watch while the poll workers checked the tallies.
You need to distinguish between two very different things. In vote result manipulation, a single actor can modify votes wholesale. In voter fraud, an individual who shouldn't vote does, or pretends to be other people and votes multiple times.
The risk of the former is huge and hard to detect. The latter, despite claims the contrary from certain news outlets and Presidents, is actually extraordinarily rare.
Voter ID cards are claimed to address the second issue, even though they actually alienate far more legitimate voter than fraudulent votes.
The election integrity gold standard is paper ballots cast at poll sites tabulated on site when the polls close. Aka the Australian Ballot (private voting, public counting).
Any deviation from that lessens election integrity. Which may be okay, because maybe the trade off makes it worthwhile. For instance, absentee ballots and early voting enfranchises people. But the there is no free lunch with voting systems and these decisions must be measured.
No need to carry an ID card if you can look up each voter's face.
Electronic voting systems were supposedly created to prevent the hanging chad problem. But all we actually needed was a way to properly punch the cards instead of relying upon people to do it manually.
Card punch machines have been around forever. Open source software running on a PC with a card punch attached is all we really needed. And you can count the votes to double check the count of the cards. But you don't have to stop relying on the physical cards.
You could even have machines at the polling place that voters could use to verify that their ballot was properly encoded before they turn it in. A PC with a punch card reader running open source software.
National ID cards is better. Requiring and ID to vote is open to actual fraud as it can be granted or denied on political basis.
A mandatory national ID card is politics free. It is used to register your weapon, to get health care, to vote, to register your kids in school, etc. It helps that everybody is counted as a citizen. Instead of just removing the people that you don't like (https://www.scpr.org/news/2016/12/22/67481/you-say-you-re-an...).
Sorry to say this, but the US has bigger systemic problems to fix. Voting is a small one compared to the 2-party system. The US always boasts about how it is so democratic; while in reality there isn't much democracy. In fact, the 2-party system looks suspiciously a lot on the 1-party system in existence in many other countries. Sure, you have a choice, but what value is that choice?
The first is a good idea, but the second is not. Voter ID cards are historically used to make it harder to vote and thus compromise elections. In person fraud is very uncommon, and it would be very difficult for a foreign government to pull off a large scale interference without being detected.
After all, we struggle to get people to show up to vote once already! The idea of mass ballot fraud seems difficult to countenance without literally paying masses of people to vote (which I believe is extremely illegal).
I am a bit sceptic that paper ballots were as good as we want them to be. I remember every elections the bunch of dead people voting reported on the news, and that must be the tip of the iceberg.
For comparison, in the payment world we have the paper cheques and credit card, and though credit card fraud is strong in the mind of the public, most entities accepting payment gave up on paper cheques a while ago because of how hard it was to secure and everything that was involved in processing them.
If it didn't work for money, I can't imagine it's a good idea to keep for voting.
Let's not forget about how the Bushs burned a few thousand votes in Florida to win the 2000 election over Gore.
It's hard to believe voting machines aren't hacked on the regular with how they're almost built to be insecure. But maybe they've never been hacked. I don't know.
Either way, that doesn't make all technological solutions bad by default. A technological solution /could/ be better than a paper solution.
I think the crypto bubble is very overhyped, but I'm pretty sure some form of a distributed voter database /could/ make it nearly impossible to forge a single vote, let alone forging votes at scale.
If there is no online voting, why is the system even connected to the Internet? What exactly are the attacks against? The voter registration site? The election results site?
From what I understand the greatest vulnerability is modification of voter registration data. If you show up to vote and they don't have you in that district's voter rolls because your address was changed to another state, your vote has just been taken away.
So much this, yes i'm sure people were attempting to scan it up but I guarantee you could show the same for almost every network out there. I understand the fear mongering to a degree but its projecting things in the wrong place and it's almost like crying wolf.
Sadly I smell FUD virtually every time a security engineer opens his mouth. Yes there are some great ones, but I’ve never worked with one directly.
Part of my skepticism is rooted in the prevalent ignorance of basic computing theory. If you can’t define the operational semantics of a system then you can’t rigorously convince yourself or anyone else that it is “secure.”
That number is insanely high. Are they talking about all voting machines being connected to the internet? Or is it some back office set of systems?
For the life I me I don’t know why voting machines and voting systems need to be connected to the internet. It’s just a flat out unnecessary risk.
That’s not to say that they shouldn’t be built so secure you could connect them to the internet. But nothing is perfect and unnecessary risks should be avoided with such an important system.
Which is probably why we should be using paper ballots and scanners with results called in from the regional counting centers. And manual count available then as much as needed or desired post election night for verification. This rush to electronic voting boggles my mind.
I encourage all citizens who typically do not vote, to vote your conscience, and then lie. Already no one expects you to vote anyway, so just lie per their expectations and say you didn't vote. That way you don't have to justify or argue your choice any differently than you have in the past.
Yes it's a bit chicken s* but so f'n what? You don't actually owe anyone an explanation anyway, but you're entitled to vote. So just get on with it, and lie. Everyone is lying about something or other anyway and this kind of lie is pretty benign. And it's in the public good that you vote even if you don't like arguing about why you voted the way you did.
Is there any reason for a voting system to ever be connected to the internet? (I assume this system is, because I can't think of any other attack vectors that enable the reported volume of "hacking attempts".)
to put this in perspective, this is one-quarter of Google's global search traffic, in hack attempts. 'hack attempts' are always bullshit but this is especially impressive
Google isn't going to count port scanning and other such malicious activity in their global search traffic metrics. It's very possible that such traffic is more prevalent than legitimate search traffic by orders of magnitude. I have personally operationally managed sites which are only very moderately high profile and yet still receive a constant stream of malicious requests from foreign IPs pretty much 24/7 even with aggressive, proactive & reactive firewalling in place. The costs to execute such tasks are negligible for a nation-state. To be honest I'd be more inclined to believe the numbers are real and that you're posting this comment as an agent of a belligerent nation-state trying to spread mininformation than the other way around (though I sincerely do hope you are posting in good faith and are just naive).
"1B hacking attempts" is, of course, incredibly vague. It could be 100 sophisticated groups using their 1B 0-days, or one dude running a script on repeat.
Depends what you mean by "voting system". Individual voting machines rarely are - they're usually air-gapped, read the ballot from a physical memory card transported by sneakernet from administrative offices, and write vote totals back to those cards for sneakernet transmission to same offices.
However, those central locations use a lot of internet-connected machines, mostly to communicate their numbers to outside systems. The computers that program the ballot descriptions pre-election (a vector for attacking voting machines) are also usually internet-connected - they're plain old desktop workstations of some elections official.
Air-gapping those systems is probably doable, at a minor loss of convenience, but there is a reason they're internet-connected.
It is an interesting data point, and it makes me wonder if we can use this as a side channel attack to figure out who the hackers "like" and who they "don't like" running for office. Might give us more insight into the hacker's goals.
[+] [-] Blackstone4|7 years ago|reply
Are they including SSH port scanning and attempts on port 22?
[+] [-] civility|7 years ago|reply
A billion "hacks" per day seems a bit far fetched. At that point, it's either a visible act of war (if external to the US) or the FBI would be much more involved (if internal). Both of those would be much larger news.
[+] [-] raverbashing|7 years ago|reply
(you get those regardless of the technology on the backend, a lot of malicious vuln. scanners around test for that)
[+] [-] tzahola|7 years ago|reply
[+] [-] propman|7 years ago|reply
Voting ID cards too, though I admit I don’t know enough about that. Even if it costs billions to get it done, confidence in fair and free elections is the cornerstone of our democracy.
[+] [-] erentz|7 years ago|reply
What is needed is verification against double voting. You must enroll, and so long as you’re enrolled, your name and zip code are on the roll. You go to one of the polling booths for your area. Your name gets ticked off when you vote. If it’s already ticked off then you cry fowl and an investigation must begin why. This seems to work on most of the world not sure why it wouldn’t work here.
[+] [-] analog31|7 years ago|reply
When I was a kid, I remember going with my mom when she voted. The mechanical voting machine created this roll of paper with everybody's vote marked on it. After the poll closed, they took out the rolls and laid them out down the hallway of the school where the polling occurred. Anybody was welcome to stay and watch while the poll workers checked the tallies.
[+] [-] tasty_freeze|7 years ago|reply
The risk of the former is huge and hard to detect. The latter, despite claims the contrary from certain news outlets and Presidents, is actually extraordinarily rare.
Voter ID cards are claimed to address the second issue, even though they actually alienate far more legitimate voter than fraudulent votes.
[+] [-] specialist|7 years ago|reply
Any deviation from that lessens election integrity. Which may be okay, because maybe the trade off makes it worthwhile. For instance, absentee ballots and early voting enfranchises people. But the there is no free lunch with voting systems and these decisions must be measured.
[+] [-] stretchwithme|7 years ago|reply
Electronic voting systems were supposedly created to prevent the hanging chad problem. But all we actually needed was a way to properly punch the cards instead of relying upon people to do it manually.
Card punch machines have been around forever. Open source software running on a PC with a card punch attached is all we really needed. And you can count the votes to double check the count of the cards. But you don't have to stop relying on the physical cards.
You could even have machines at the polling place that voters could use to verify that their ballot was properly encoded before they turn it in. A PC with a punch card reader running open source software.
http://blog.reinventdemocracy.org/2004/10/about-electronic-v...
[+] [-] Avshalom|7 years ago|reply
step two: https://www.nytimes.com/2018/07/04/us/drivers-license-tennes... take them away from poor people.
[+] [-] kartan|7 years ago|reply
National ID cards is better. Requiring and ID to vote is open to actual fraud as it can be granted or denied on political basis.
A mandatory national ID card is politics free. It is used to register your weapon, to get health care, to vote, to register your kids in school, etc. It helps that everybody is counted as a citizen. Instead of just removing the people that you don't like (https://www.scpr.org/news/2016/12/22/67481/you-say-you-re-an...).
[+] [-] chiefalchemist|7 years ago|reply
Interesting. Only one of those four have proper elections. That is, three can't have their elections hacked.
[+] [-] unknown|7 years ago|reply
[deleted]
[+] [-] amaccuish|7 years ago|reply
[+] [-] sharpercoder|7 years ago|reply
[+] [-] madhadron|7 years ago|reply
[+] [-] jadedhacker|7 years ago|reply
After all, we struggle to get people to show up to vote once already! The idea of mass ballot fraud seems difficult to countenance without literally paying masses of people to vote (which I believe is extremely illegal).
EDIT: https://www.law.cornell.edu/uscode/text/18/597
EDIT 2: If you want to see real foreign interference, check out that time that Bill Clinton publicly aided the election of Boris Yeltsin.
https://www.nytimes.com/1996/02/23/world/russia-and-imf-agre...
[+] [-] tzakrajs|7 years ago|reply
[+] [-] hrktb|7 years ago|reply
For comparison, in the payment world we have the paper cheques and credit card, and though credit card fraud is strong in the mind of the public, most entities accepting payment gave up on paper cheques a while ago because of how hard it was to secure and everything that was involved in processing them.
If it didn't work for money, I can't imagine it's a good idea to keep for voting.
[+] [-] onlyrealcuzzo|7 years ago|reply
It's hard to believe voting machines aren't hacked on the regular with how they're almost built to be insecure. But maybe they've never been hacked. I don't know.
Either way, that doesn't make all technological solutions bad by default. A technological solution /could/ be better than a paper solution.
I think the crypto bubble is very overhyped, but I'm pretty sure some form of a distributed voter database /could/ make it nearly impossible to forge a single vote, let alone forging votes at scale.
[+] [-] jlmorton|7 years ago|reply
[+] [-] bschilke|7 years ago|reply
[+] [-] foota|7 years ago|reply
[+] [-] 086421357909764|7 years ago|reply
[+] [-] xeeeeeeeeeeenu|7 years ago|reply
[+] [-] rasz|7 years ago|reply
Edit: holy crap Zone Alarm still does this, I guess scaring clueless clients still works as a sales tactic https://support.zonealarm.com/hc/en-us/articles/115001808551...
[+] [-] User23|7 years ago|reply
Part of my skepticism is rooted in the prevalent ignorance of basic computing theory. If you can’t define the operational semantics of a system then you can’t rigorously convince yourself or anyone else that it is “secure.”
[+] [-] erentz|7 years ago|reply
For the life I me I don’t know why voting machines and voting systems need to be connected to the internet. It’s just a flat out unnecessary risk.
That’s not to say that they shouldn’t be built so secure you could connect them to the internet. But nothing is perfect and unnecessary risks should be avoided with such an important system.
Which is probably why we should be using paper ballots and scanners with results called in from the regional counting centers. And manual count available then as much as needed or desired post election night for verification. This rush to electronic voting boggles my mind.
[+] [-] cmurf|7 years ago|reply
Yes it's a bit chicken s* but so f'n what? You don't actually owe anyone an explanation anyway, but you're entitled to vote. So just get on with it, and lie. Everyone is lying about something or other anyway and this kind of lie is pretty benign. And it's in the public good that you vote even if you don't like arguing about why you voted the way you did.
[+] [-] tedunangst|7 years ago|reply
[+] [-] TomK32|7 years ago|reply
[+] [-] perlgeek|7 years ago|reply
What's the lowest error rate you have ever seen in a practical security product?
[+] [-] amelius|7 years ago|reply
[+] [-] masonic|7 years ago|reply
[+] [-] ddingus|7 years ago|reply
Autoregister on State ID or Drivers License.
Online party management.
Signature validation, collected at registration.
Voters can mail it, use a drop, or vote in person at an elections office.
My favorite is voting parties. Everyone brings ballots, talk abot the options, vote, eat, smoke, drink, done.
[+] [-] krrrh|7 years ago|reply
[+] [-] fooker|7 years ago|reply
[+] [-] pietroglyph|7 years ago|reply
[+] [-] zemnmez|7 years ago|reply
[+] [-] not_kurt_godel|7 years ago|reply
[+] [-] tlrobinson|7 years ago|reply
[+] [-] ilovetux|7 years ago|reply
There is absolutely no reason that these systems are exposed to the internet.
[+] [-] g0dg0d|7 years ago|reply
[+] [-] azernik|7 years ago|reply
However, those central locations use a lot of internet-connected machines, mostly to communicate their numbers to outside systems. The computers that program the ballot descriptions pre-election (a vector for attacking voting machines) are also usually internet-connected - they're plain old desktop workstations of some elections official.
Air-gapping those systems is probably doable, at a minor loss of convenience, but there is a reason they're internet-connected.
[+] [-] chiefalchemist|7 years ago|reply
[+] [-] woogley|7 years ago|reply
[+] [-] ChuckMcM|7 years ago|reply
[+] [-] _bxg1|7 years ago|reply
[+] [-] prolikewh0a|7 years ago|reply