Yet Another E-voting Machine Vulnerability Found

from the because-of-course dept

We’ve been talking about the ridiculousness of e-voting machines for well over a decade. If a machine doesn’t include a paper trail for backup, it’s suspect. That’s been the case since e-voting machines have been on the market, and many of us have been pointing this out all along. And the big e-voting companies have a long history of not really caring, even as their machines are shown to be vulnerable in a variety of ways. So it come as little to no surprise to find out that security firm Cylance has announced that it’s found yet another set of e-voting vulnerabilities in the Sequoia AVC Edge Mk1 voting machine. Sequoia especially has a long history of buggy, faulty machines.

Of course, with all the talk of “rigged” voting this year, the fact that some machines are hackable is very, very bad. Mainly because it just enables conspiracy theory talk to seem much more believable. It remains true (for somewhat ridiculous reasons) that while these vulnerabilities do exist, a widespread hack would be quite difficult. The real problem is at the margin, where low level vote changing could occur. As Ed Snowden rightly notes, the hacking may not be difficult, but using that to rig an election is much more difficult, and would almost certainly be caught.

That said, this remains ridiculous. Even the appearance of potential vote hacking is a problem in actually getting the public to trust the results of an election. I can pretty much guarantee that no matter who wins tomorrow, someone will allege e-voting machine hacking, and point to this (or perhaps other) vulnerability disclosures in the days leading up to the election. And that’s bad. For over a decade we’ve been sounding the alarm that it’s ridiculous to use such electronic voting machines, and it would be a damn good idea to fix things. Would have been nice if someone listened.

Filed Under: , , , ,
Companies: sequoia

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Yet Another E-voting Machine Vulnerability Found”

Subscribe: RSS Leave a comment
27 Comments
art guerrilla (profile) says:

Re: Re:

don’t be daft, punk: NEITHER of the two hydra heads of the one and only Korporate Money Party want to ‘fix’ the electoral college and the broken election systems we suffer under… (it is already fixed to their liking)
the absolute proof : IF they really were interested in election integrity, WHAT/WHO has been stopping them lo these countless decades ? ? ?
no, the ONLY rational conclusion is that The They WANT a broken systrm they control behind the curtains…

Anonymous Coward says:

Re: Re:

He’s not wrong, though. I mean if the Democrats had a hue and cry about Bush and the “hanging chads” in 2000, Trump voters have every right to challenge the results of easily one of the most contentious elections in modern history — and one where the opponent has a history of corruption going all the way back to, of all things, Watergate.

Not to mention good ol’ Palpatine Soros has his crooked fingers in the company that owns a significant number of these machines. Dominion is its name, I believe. If you thought Bush having a stake in Diebold was bad, well, considering the depths of pure, unencumbered, psychopathic evil that Soros and his puppet whøre are capable of, you might as well call this round Diebold with a Vengeance.

My vote at this point goes to Kim Jong Un 2016: Make America Glow Again.

Ehud Gavron (profile) says:

Re: Re: Re:

Hillary’s only connection to Watergate is she was on the team investigating it. She wasn’t fired from it and there was no unethical behavior. The only people saying otherwise are Rush Limbaugh and Donald Trump. See https://www.reference.com/history/hillary-clinton-s-connection-watergate-bd95ec761bddda24

Your vote goes to Kim Jung Un because you didn’t bother to familiarize yourself with the US Constitution, Article II, Section 1 which clearly states one has to be born in the United States to qualify.

You sir, epitomize this:
https://www.youtube.com/watch?v=LQCU36pkH7c

E

TripMN says:

I’m having a hard time finding any of the articles on it because of the noise that is the internet (especially with the last year of politics being what it has been), but wasn’t their cries of alarm during the Democratic primaries because of post-vote statistical analysis saying their was something screwy happening in the primaries?

If that was so quickly swept under the rug and forgotten, what’s to say that cries of the same after the main election will be any different?

I am losing trust that our democracy is in any way democratic… and that any ones cares.

Thad (user link) says:

Re: Re:

Are we talking about exit polls, or something else?

Because there’s a pretty good explanation for why exit polls disproportionately favored Sanders ( http://www.nytimes.com/2016/06/28/upshot/exit-polls-and-why-the-primary-was-not-stolen-from-bernie-sanders.html ); tl;dr younger voters are likelier to participate in them than younger ones.

Jim says:

But:

Snowden forgot the data in the count. Not everyone votes on each issue. Some skip to what is important on that ballot, to them. Issues on the ballot, local taxes, that initive, etc. So there may be a o in any spot. There may be many interested parties to hack the system or create a false trail. That’s why a verify able has to be created. It’s not just the bad person who wants your missed vote.

Anonymous Coward says:

Re: Re: Re:

I do not subscribe to this.

If you are nor prepared to stand up for your vote, maybe you should not have one?

I think it would be just as easy to prove that someone is trying to harass you over your vote.

Most people are registered to a party and if you talk to them more than a couple hours a day you can likely find out how they vote.

Anonymous Coward says:

Re: Re: Re: Re:

Well, that is possible, but having a presidential candidate making veiled threats about using weapons and having a history of going legal on people that critizise him, it is not impossible.

But a much more likely way to use such information is the mexican way where people get payed for voting a certain way. While money talks and bullshit walks, I don’t see the balance between the parties remaining forever in those circumstances as the economic support relies on picking the winner and getting the advantages it brings…

R.H. (profile) says:

Re: Re: Re:

I’d been somewhat worried about the same outcome (although not to the extent that it had caused me to believe that end-to-end verification was a bad thing). However, I’ve seen a bit of information about using homomorphic encryption to allow a person to verify their vote without it also being specifically verifiable to a third party.

The specifics of the system are quite interesting in that any member of the public is able to verify the identities of the people who voted and encrypted versions of their votes, as well as the total vote tallies but, there isn’t any way to figure out who voted for whom once a voter completes the process and leaves the voting booth with their encrypted ballot copy. That is a part of the system that the video explains better than the paper does.

TRX (profile) says:

As a former security wonk, I’m all for the fat laundry marker and cardboard ballot system.

My local electors, alas, have gone the Diebold terminal route. Because it’s important that national news services get their figures as soon as the polls close, as opposed to a couple of hours for the blue-haired old ladies to count the paper ballots in the open, on cafeteria tables.

Hugo S Cunningham (profile) says:

Massachusetts-- OCR cards instantly tabulated, hand-recountable

One complaint, though minor compared to other instant systems:

Sometimes officials are tempted to alter OCR cards so that the machine can read what it looks like the voter intended. It would be safer if such cards were left unchanged, for tabulation only in the official hand recount. Any markings made on them by officials should be in a different-colored ink from the voter’s.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...