Tuesday, August 14, 2018

More on Voting Machine hacks

ASM826's post from yesterday is a quick starting point, but there's a lot of interesting discussion (well, interesting to me; your mileage may vary) out there.

As you'd expect, The Register is all over this story with a lot of background.  If this story interests you, you should spend some time here.

But the situation is complex, and even security experts disagree on just how significant this is.  Bruce Schneier links to a funny XKCD comic on the subject and says (in a brevity is the soul of wit manner) that it's true.  But Robert Graham disagrees, in an interesting manner.  His post slides into what really is a discussion of system robustness - the ability of the system to function properly even when under attack.  I think he's on to something here, particularly the idea that the voting machine print out a paper ballot that the voter can check to make sure is correct.  The paper ballot is then filed for situations where you think you might want a recount.

For robustness, you should probably require recounts of paper ballots anytime the margin of victory is below a particular threshold, say 5% or so.

3 comments:

Beans said...

Yesterday, SiGreyBeard stated that where he votes, voters fill out a scan-tron form which is inserted into a reader and the form is saved, thus having both an electronic and a physical way of voting. The county I am in also uses the same system. And he was right that this system is basically hard to crack, only by adding in a pile of pre-filled out forms into the mix, which requires collusion by election officials, which, unless you live in the Miami-Dade area, most places have some protection against.

What does scare me are the places that are electronic only, no paper backup available. That is whack.

Overall our election system needs to be tweeked. Not trashed, just tweeked. And we're mostly better than many places in that we actually mostly have multiple candidates to choose from. Now what we really need is better voter education and vetting, but that would require adult behavior from one side of the political spectrum where apparently temper tantrums is the best we can expect.

Borepatch said...

Beans, electronic-only is a disaster waiting to happen. And it's a disaster that will undermine the public's faith in the fairness of elections.

Beans said...

Borepatch, you mean like those voting machines in Texas that even when punching in a republican candidate, it registered the democrat?

I'd prefer hard copies only, and anyone caught coon-fingering the results should be shot on site. But that's me.