Why would elections have to involve machines, nevermind computers?
I have studied, worked with and spent free time with computers a lot, for many decades, and I think I know quite a lot more about them than the average parliament member or other representatives. I have also worked as a volunteer at a voting place so I know at least partially how voting works, and which safeguard processes it includes.
I do not find computers useful for the voting process. I find them very detrimental to trust, and practically impossible to safeguard for voting. I strongly oppose using computers in anything in the critical path related to voting.
Paper ballots are just as easy to manipulate. Computers+blockchain should be the future of voting. Verifiable votes are something that paper ballots will always lack, and the computers could bring that to the table. However, this would make vote buying so much easier, so it probably wouldn't work for most developing countries.
Paper votes are difficult to manipulate on a massive scale.
You can stuff some ballot boxes and turn a polling station. But to do the same across the country to rig the election? At this point your country probably has worse problems and they won't even bother counting votes, but announce wholly fabricated numbers.
With electronic voting, it becomes trivially easy for a single hacker to falsify the entire election in one fell swoop.
Usually you can't to manipulate elections "on a massive" scale to win, regardless of the format of the ballot. If the polls are 50/30 and the 30 ends up winning the elections, it will always be too obvious. Elections are usually stolen on the margins, look at most apparently-rigged-but-not-obviously elections in history.
>At this point your country probably has worse problems and they won't even bother counting ballots, but announce wholly fabricated numbers.
And yes, usually, when an election rigging scandal comes up, the country has more serious problems than vote manipulation.
>With electronic voting, it becomes trivially easy for a single hacker to falsify the entire election in one fell swoop.
But yes, I wouldn't say "trivially easy", but yeah, a lone wolf would never be able to falsify paper vote elections.
The CCC (Chaos Computer Club) did analyse voting machines. I have only found the original german version:
https://www.ccc.de/system/uploads/105/original/nedapReport54...
The gist is: voting machines suck.
And blockchain is useless, if anonymity is necessary.
I don't want my vote to be recorded on a blockchain. Nobody shall be allowed to track down how I voted.
There is nothing simpler than voting with a pen. Everybody understands how it works and everybody is able to do it anonymously. There is no risk of exposure and massive scale manipulations. Every computer system that aims to guarantee the same, is massively complicated.
Random-sample verified paper balloting is probably the hardest to hack system there is, and is super simple which matters in an election -- not only must the election be secure but everyone needs to trust that it is.
How would you make votes verifiable and still have them be anonymous? The anonymous voting made possible with paper ballots is a killer feature from my point of view.
Once you go to the voting booth you get assigned a random private/public key pair. To ensure that the key pair is actually random you could let the voter create a seed.
This way, only you know the public key, and you can check that your vote did indeed end up with the candidate you voted for. You may disclose your public key if you wish to do so.
I'm not sure why the article has such a strong focus on voting machines given that German elections stopped using them completely (it was barely used anyway) in 2009 after a decision of the Federal Constitutional Court in favor of paper ballots.
God, that headline ("The Hackers Russia-Proofing Germany’s Elections"). Has it been ever conclusively proven that Russia hacked any election? Or is it just repeating unwarranted accusations in a form as if they were already facts?
The fact that Reality Leigh Winner is being charged with leaking classified information on the Russian government's phishing-attack on computers at an American voting machine company confirms that leak was valid. Then last week a DHS official said the Russian government was targeting voting systems in 21 states. And these two things happened just this month. The evidence has been mounting for over a year now.
At this point even Vladimir Putin and Donald Trump concede Russia attacked America, they're only trying to muddy attribution as to who ordered it and why.
The only people who don't believe it at this point usually have some motivation beyond honest inquiry.
It is still too early to tell, and nobody should be jumping to conclusions at this stage in the investigation.
Either you have faith in the law-enforcement machine, or you don't. Let them finish their investigation, publish a report, and then make your own conclusions.
(You know, kind of how it all went down with 9/11: same deal. No jumping to conclusions, kids ..)
> Either you have faith in the law-enforcement machine
Law enforcement has said Russia interfered [1]. The ODNI conducted an investigation and published its report [2]. Whether it flipped the outcome is difficult to determine, and in my view a wholly-separate issue.
Nobody should be jumping to conclusions at the point the Senate intel committee has said they're sure during committee hearings and NSA/FBI/CIA have issued a joint report?
What do you consider a reasonable standard if the intel community saying their findings isn't it?
No. You might be thinking of three people who resigned from CNN after an article retraction related to news of a POTUS ally having connections to a Russian investment firm which is under investigation (That investigation is separate from the election interference one).
Thats a video released by O'Keefe and Project Veritas who are confirmed frauds. They've altered context of statements in videos before, and lost out in court when confronted about it.
They're simply not credible. Besides, that guy doesn't produce in the same department as the journalists working on the Russia story. He's a supervising producer for CNN Health.
To me it seems disingenuous to call that "election hacking".
"Election hacking" conjures images of manipulating voting machines, but what Russia did based on that link you provided was simply find unsavory things the DNC has done in order to bring negative PR to the party.
I think it would be more appropriate to say that Russian influence socially engineered the 2016 election rather than outright hacked the election.
One other thing to consider: US elections are by definition secure from a wholesale hacking on account of the election being run on a patchwork of systems that differ from state to state (and sometimes county to county or even precinct to precinct). However, this same design and subsequent long list of vulnerabilities found in election machines and their software means that it would be possible to tip crucial precincts and districts in surgical, spear-phishing style attacks that may not attract all that much attention.
Isn't there some question over whether Russia supplied illegally obtained data, such as emails or voter registration details (or metadata generated from said data), to the Trump campaign? That's more than social engineering. It's potentially hacking and collusion.
EDIT: Wow, quick to downvote. I thought we were in favor of waiting until the investigation concludes to say decisively whether or not collusion happened.
The strange thing is I've not heard any substantial allegations of "hacking" in the UK's recent snap election. Possibly it was called with too short notice for any to be organised. The other possible conclusion is that the British government is doing too good a job at weakening itself for the Russians to risk interfering...
The article is very interesting but seemed to stop short of finishing off the journalism that was started. Interestingly no link between Saudi money and the DUP was actually established at all. Not that there probably isn't hidden connections.
Unfortunately, the headline with "Russia" in it distracts everyone. I almost didn't click through to the article, and was pleasantly surprised that it is not at all about Russia or election hacking, but about the Chaos Computer Club and its standing in society and the institutions.
I mean, unless they are really only focussing on attacks by Russia.
What I think helps a lot is awareness and preventing human error (taking the phishing bait).
But it is helpful for voter targeting, especially when you pass that information onto republicans who offer to buy it. Also helpful is targeting swing state databases and deleting the voter registrations of people who you think would vote against your candidate.
Even the Russians started using typewritters on sensitive stuff. Even they know complicated computers aren't the solution. Then, the German folks have it all figured out: just use complicated computers with extra complications. Hand-checked, scan sheets are better route so far.
Interestingly, Germany has at least three, security-focused microkernels, two defense contractors making high-security devices (eg TEMPEST) that I know of, and maybe one fab. Funny how little they're utilizing this German talent for protecting German votes.
I have studied, worked with and spent free time with computers a lot, for many decades, and I think I know quite a lot more about them than the average parliament member or other representatives. I have also worked as a volunteer at a voting place so I know at least partially how voting works, and which safeguard processes it includes.
I do not find computers useful for the voting process. I find them very detrimental to trust, and practically impossible to safeguard for voting. I strongly oppose using computers in anything in the critical path related to voting.