Sequoia voting systems

[Caligirl]

Well, I agree. I never personally thought the ballots were bad before, what kind of idiot can't punch a card.

I am guesssing the people that raise a stank were a vocal minority and the rest of us just ignored them as wingnuts and it wouldn't matter in the end. It should be easy to make a secure electronic system.

There have been probably 8 - 10 or more demonstrated hacks on different machines from all the major vendors - all of which can be accomplished in seconds, few of which can be detected. They flip votes, drop votes, jam up, and the lack of a paper trail is just asinine. The Government Accountability Office and other groups have said that our elections are not secure.

I ignored the hanging chad and butterfly ballot thing, and I personally thought the electronic thing would be not rocket science. It looks like the manufacturers are either incompetent or corrupt.

 

[DiveCon]

Well, I agree. I never personally thought the ballots were bad before, what kind of idiot can't punch a card.

I am guesssing the people that raise a stank were a vocal minority and the rest of us just ignored them as wingnuts and it wouldn't matter in the end. It should be easy to make a secure electronic system.

There have been probably 8 - 10 or more demonstrated hacks on different machines from all the major vendors - all of which can be accomplished in seconds, few of which can be detected. They flip votes, drop votes, jam up, and the lack of a paper trail is just asinine. The Government Accountability Office and other groups have said that our elections are not secure.

I ignored the hanging chad and butterfly ballot thing, and I personally thought the electronic thing would be not rocket science. It looks like the manufacturers are either incompetent or corrupt.

secure is a misnomer
there are levels of security
nothing is perfect
the problem pointed out here is in the software itself and not a security issue
the diebold machines have several layers of security that most of these "exposes" you see on tv dont show you
you need to first have the KEY that opens the door to the flash card, then you also need the password
and even if you have BOTH of those, someone would SEE it if you tried it
they are NOT networked on a public interface so there is no risk of being hacked from outside

most of the crap i see thrown around is chicken little BS
oh, and the biggest group for that is the troofer numbnuts

 

[DiveCon]

btw, every method of voting is subject to fraud
look at king county WA back a few years ago
they had 5000 paper ballots show up out of thin air

and they just happened to tilt the election to the favor of the democrat and pushed king county turn out over the 100% mark
funny how that is

 

[Caligirl]

btw, every method of voting is subject to fraud
look at king county WA back a few years ago
they had 5000 paper ballots show up out of thin air

and they just happened to tilt the election to the favor of the democrat and pushed king county turn out over the 100% mark
funny how that is

Well ya I agree there too.

But saying that no system is perfect is not a good reason to accept a machine that can be hacked. It's pathetic that the manufacturer has code that drops votes. I mean we are talking about POTUS. Pretty sure either side would be pissed if the wrong guy won unfairly.

We're allowed to try to improve the system.

 

[Dr Grump]

Why not just get paper ballots and tick them???

 

[Caligirl]

I think the original thinking about switching was to help americans with disabilities. Some disabilities (poor vision) are supposed to have an easier time with touch screen (you can change the font size, for example).....

 

[DiveCon]

Well ya I agree there too.

But saying that no system is perfect is not a good reason to accept a machine that can be hacked. It's pathetic that the manufacturer has code that drops votes. I mean we are talking about POTUS. Pretty sure either side would be pissed if the wrong guy won unfairly.

We're allowed to try to improve the system.

again, the hack possibility is remote due to the fact of the several LAYERS it takes to get to them
they are NOT on any kind of a public network that would make them vulnerable
and if someone has both the key and the password, then someone isnt doing their job because the passwords were supposed to be changed on a regular basis

so then you are left with someone on the INSIDE doing the hacking, and then, what difference would it make if they hacked the machine or produced fake paper ballots

 

[Caligirl]

so then you are left with someone on the INSIDE doing the hacking, and then, what difference would it make if they hacked the machine or produced fake paper ballots

The hack described in the OP can affect all machines countywide without a trace, which means the number of flipped votes is potentially much greater with an electronic sytem, and hacking an electronic system is harder to detect after the fact.

You can write a virus that makes sure the vote totals and all that remain correct - the virus can do all the math for you. If you are throwing an election in a punch-card district OTOH, getting the numbers of ballots right will be hard, the logistics are harder, and the time required to do it is much greater.

I'll take the old fashioned way.

The security key to get into some of these machines is a minibar key, and some people have made homemade keys that work on the machines, just using a picture on the internet.

Jimmy Daniels Blog Archive Homemade Key Opens Diebold AccuVote-TS Electronic Voting Machines

Basically every security measure that is supposed to be in place is easy to get past. And, the GAO even says the machines are fatally flawed.

Schneier on Security: GAO Report on Electronic Voting

(there's probably more recent reports than that one though. )

 

[DiveCon]

The hack described in the OP can affect all machines countywide without a trace, which means the number of flipped votes is potentially much greater with an electronic sytem, and hacking an electronic system is harder to detect after the fact.

You can write a virus that makes sure the vote totals and all that remain correct - the virus can do all the math for you. If you are throwing an election in a punch-card district OTOH, getting the numbers of ballots right will be hard, the logistics are harder, and the time required to do it is much greater.

I'll take the old fashioned way.

The security key to get into some of these machines is a minibar key, and some people have made homemade keys that work on the machines, just using a picture on the internet.

Jimmy Daniels Blog Archive Homemade Key Opens Diebold AccuVote-TS Electronic Voting Machines

Basically every security measure that is supposed to be in place is easy to get past. And, the GAO even says the machines are fatally flawed.

Schneier on Security: GAO Report on Electronic Voting

(there's probably more recent reports than that one though. )

did you just miss the fact that you need more than the key to do it?
and again, they are NOT linked on a network so you would have to infect each machine separately

 

[sealybobo]

I'm sure some people can still screw that up.

randi rhodes said seek out the exit pollers to let them know who you voted for. if it is overwhelming and obvious who won, they can't lie.

seems like this palin pick was a bad pick. I heard stuff about her husband, doing government stuff from her office. Wasn't he a member of the alaska independence party that wants to leave america?

should have vetted her better.

 

[Caligirl]

I agree, you're probably right that it would have to be an inside job (but never say never), and I didn't miss the part about multiple layers but I was trying to point out that every layer fails.

The OP hack affects every machine in the county, and it is not true that you would have to have access to each machine. In this case, access to the county machine (I didn't know there was a county machine?) is where the hack takes place.

the hack of Sequoia voting system being prepared for use in an entire county, is done in approximately 3 seconds, by a single person with simple insider access and a $10 USB thumb drive. Every machine used in the county, in such a case, would be effected. Moreover, the viral hack would not be discovered by pre-election "Logic and Accuracy" testing --- in cases were election officials actually bother to perform such tests prior to elections --- nor would it likely be discovered even in the event of a complete, 100% post-election audit of the touch-screen "paper-trail" records.

There are reports of failures at every level, for every machine. It's too tedious to post all the links especially since I doubt anyone would actually follow them. But if you start at Bradblog or Black box voting or even just google news with the appropriate key words, or maybe even wikipedia, you should be able to see what a failure the systems are.

It seems like something that everyone would care about. I don't want my guy to win unfairly, and I sure as HELL don't want your guy to win unfairly.

Electronic voting - Wikipedia, the free encyclopedia

You can ignore the following, it is from the wiki for anyone that doesn't want to click and surf. It's probably not complete but is a start. I did bold the last sentence because it is another example that the machines are networked.

A number of problems with voting systems in Florida since the 2000 Presidential election.[25]

Fairfax County, Virginia, November 4, 2003. Machines quit, jammed the modems in voting systems when 953 voting machines called in simultaneously to report results, leading to a denial of service incident on the election. 50% of precincts were unable to report results until the following day. Also, some voters complained that they would cast their vote for a particular candidate and the indicator of that vote would go off shortly after. Had they not noticed, their vote for that candidate would have remained uncounted; an unknown number of voters were affected by this.[26]

Premier Election Solutions (formerly Diebold Election Systems) TSx voting system disenfranchised many voters in Alameda and San Diego Counties during the March 2, 2004 California presidential primary due to non-functional voter card encoders.[27] On April 30 California's secretary of state Kevin Shelley decertified all touch-screen machines and recommended criminal prosecution of Diebold Election Systems.[28] The California Attorney-General decided against criminal prosecution, but subsequently joined a lawsuit against Diebold for fraudulent claims made to election officials. Diebold settled that lawsuit by paying $2.6 million. [29] On February 17, 2006 the California Secretary of State Bruce McPherson then recertified Diebold Election Systems DRE and Optical Scan Voting System. [30]

Napa County, California, March 2, 2004, an improperly calibrated marksense scanner overlooked 6,692 absentee ballot votes. [5]
After the 2004 U.S. presidential election there were allegations of data irregularities and systematic flaws which may have affected the outcome of both the presidential and local elections.

On October 30, 2006 the Dutch minister of Home affairs withdrew the license of 1187 voting machines from manufacturer Sdu NV, about 10% of the total number to be used, because it was proven by the Dutch National Intelligence Service that one could "listen out" the voting from up to 40 meters using Van Eck phreaking. National elections are to be held 24 days after this decision. The decision was forced by a Dutch grass roots organisation called wijvertrouwenstemcomputersniet which translates to "we don't trust voting computers".[31]

Problems in the United States general elections, 2006:
During early voting in Miami, Hollywood and Fort Lauderdale, Florida in October 2006 three votes intended to be recorded for Democratic candidates were displaying as cast for Republican. Election officials attributed it to calibration errors in the touch screen of the voting system.[32]

In Pennsylvania, a computer programming error forced some to cast paper ballots. In Indiana, 175 precincts also resorted to paper. Counties in those states also extended poll hours to make up for delays.[33]

A file of about 1000 first and second hand incident reports made to a non-partisan hotline that operated the day of the November 7 midterm elections as well as news reports.[34]

Instances of faulty technology and security issues surrounding these machines were documented on August 1, 2001 in the Brennan Center at New York University Law School. NY University Law School released a report with more than 60 examples of e-voting machine failures in 26 states in 2004 and 2006. Examples included Spanish language ballots that were cast by voters but not counted in Sacramento in 2004.

California Secretary of State Top to Bottom Review of voting systems:
In May 2007, California Secretary of State Debra Bowen, engaged computer security experts including University of California to perform security evaluations of voting system source code as well as "red teams" running "worst case" Election Day scenarios attempting to identify vulnerabilities to tampering or error. The TTBR also included a comprehensive review of manufacturer documentation as well as a review of accessibility features and alternative language requirements.

The end results of the tests was released in the four detailed Secretary of State August 3, 2007 resolutions (for Diebold Election Systems, Hart InterCivic, Sequoia Voting Systems and Elections Systems and Software, Inc.) and updated October 25, 2007 revised resolutions for Diebold and Sequoia voting systems.[35]

On August 3, 2007 Bowen decertified machines that were tested in her top to bottom view including the ES&S InkaVote machine, which was not included in the review because the company submitted it past the deadline for testing. The report issued July 27, 2007 was conducted by the expert "red team" attempting to detect the levels of technological vulnerability. Another report on August 2, 2007 was conducted by a source code review team to detect flaws in voting system source code. Both reports found that three of the tested systems fell far short of the minimum requirements specified in the 2005 Voluntary Voting System Guidelines (VVSG). Some of the systems tested were conditionally recertified with new stringed security requirements imposed.[36] The companies in question have until the February 2008 California Presidential Primaries to fix their security issues and insure that election results can be closely audited.

The Premier Election Solutions (formerly Diebold Election Systems) AccuVote-TSx voting system was studied by a group of Princeton University computer scientists in 2006. Their results showed that the AccuVote-TSx could be "installed with vote-stealing software in under a minute." The scientists also said that machines can transmit computer viruses from one to another "during normal pre- and post-election activity."[37]

 

[DiveCon]

randi rhodes said seek out the exit pollers to let them know who you voted for. if it is overwhelming and obvious who won, they can't lie.

seems like this palin pick was a bad pick. I heard stuff about her husband, doing government stuff from her office. Wasn't he a member of the alaska independence party that wants to leave america?

should have vetted her better.

you realize, that will skew the results, right?

the whole basis they use for the exit polls is a random sample
if you actively seek them out, dont be surprised if they tell you no thanks

 

[Baruch Menachem]

Were you not around in 2000 ? Floridians couldn't figure out the punch cards.

I still don't believe that.

I was living in Washington County, Oregon at the time. We used the same brand of ballots they used in Palm Beach, but we didn't have the nice easy to ready ballot pages like they did there. Since Oregon votes by mail, we got the ballot and a 8X10 paper that had all the candidates and issues on it, with the corresponding number on the ballot. You had to punch the chad, then put the thing into two envelopes, and mail it in on time.

Oregon was pretty close too, but no one made any funny about our ballots. And those numbers on the ballots were hard to read too.

 

[CA95380]

Why not just get paper ballots and tick them???

Why not just go back to paper ballots and dip your finger in dye? ....

.... probably the smartest idea in the act of voting, and it comes from Iraq!

One vote - one dip in the the dye vat. And if you use the right finger you could make 2 statements at once.

1. I have voted today, have you?
2. Take this, and flip off the candidate you voted against.

Pretty straight forward way of voting to me!

 

[Caligirl]

Here's an interesting op-ed talking about some dirty tricks on the republican side.

Please feel free to add any dirty tricks currently reported on the democratic side.

These illegal actions by the McCain campaign have already started. You might recall that in the elections of 2000 and 2004, for the first time in history, the exit polling results in certain battleground states did not match the final election results. It´s curious that over 95% of the time, the final results that did NOT agree with the exit polls, were when the exit polls said that the running Democrat had the most votes…? And it´s also interesting that the only places that this occurred were in those districts where they used electronic voting machines that did not provide a paper trail. This was also only occurring where the same electronic machines were also used to do any requested re-counts and to count the absentee ballots.

Don´t forget, that the Republican´s were the ones that decided to allow private companies to build the voting machines, program the voting machines and in some cases, actually "count the election ballots". For almost 30 years, election oversight has little by little been taken away from the American voters. In many places and in the GOP "target" locations, they are always susceptible to these classic "Rovian" dirty election tactics.

These, now classic GOP "tricks", have already started showing up in Wisconsin and other areas around the country. Just this week there were dozens of complaints from voters that had recently moved. They are now complaining that they have received unsolicited absentee ballot applications sent to their new addresses from the McCain campaign. However, the applications have as the "return address" of the county clerk of their "FORMER" address, which would make their vote totally invalid.

Voters from Florida and North Carolina have also called to report that they had received these same applications from the McCain campaign. A number have said that they were not registered Democrats, but had donated to Obama. So, it appears that the public donor lists were the McCain campaign's source of the names. This information then had to have been cross-checked with change-of-address info that is available from a number of public sources. The McCain campaign is currently saying that the "return address problem" was just a "mistake or mis-print". However, they have already sent out over 1 million "mistake" applications to potential Obama voters.

This "dirty trick" actually serves a dual purpose. First, the votes wouldn´t be counted. Second, and equally distressing, the inaccurate returned applications will be used by Republican state legislators to claim fraud by the Democrats. The republicans will then work to push through laws with harsh voter ID provisions. This would make it much harder for the poorer local voters to comply with the registration rules. In addition, this would obviously suppress the votes in future elections. And don´t forget that the GOP always has a better chance to win when fewer people actually vote.

Continues:

American Chronicle | ONCE AGAIN, THE GOP OPENS UP THE <em>"KARL ROVE BOOK OF DIRTY TRICKS"</em>

 

[MalibuMan]

There are equal number of democrats and republicans in my counties board of elections office who are in charge of counting votes. I wouldn't think anybody could get away with the fraud bullshit.

 

[Caligirl]

Some of the hacks can be done before the machines are at the polling place, such as the hack described in the OP. THese do not leave any trace, there is no indication that they have been done in the standard machine testing that happens before actual voting, and it matters not at all if there are equal numbers of dems/repubs because no one would spot the hack.

It doesn't leave any trace to speak of. We have no safeguards to detect it. There are several demonstrated hacks that fall into this category.