Kentucky Officials "Changed Votes At Voting Machines"

The indispensible jamie found a report out of Kentucky of exactly the kind of shenanigans that voting-transparency advocates have been warning about: a circuit court judge, a county clerk, and election officials are among eight people indicted for gaming elections in 2002, 2004, and 2006. As described in the indictment (PDF), the election officials divvied up money intended to buy votes and then changed votes on the county's (popular, unverifiable) ES&S touch-screen voting systems, affecting the outcome of elections at the local, state, and federal levels.

Election Fraud

[stoolpigeon]

We never had it before electronic voting systems. And it is impossible to catch because there is no paper trail.

Re:Election Fraud

[mmontour]

From the article:

, the Election Day scheme, carried out in primary and general elections in at least 2004 and 2006, was accomplished by taking advantage of a "feature" on all DRE (usually touch-screen) voting systems and "voter unfamiliarity with new voting machines."

Essentially, they tricked voters into leaving the 'booth' after pressing the "Vote" button on the ES&S iVotronic. That button, does not actually cast the vote, as one might think (and as these voters were told), but instead, it brings up a review screen of the voter's "ballot."

So this looks like basic social engineering, not exploiting any specific flaws of the electronic machine (other than poor UI design).

Re:Election Fraud

[titten]

The flaw exploited would be the fact that the voter had no 'receipt' or evidence of what they voted. Had there been such a thing, nobody would leave without it.

Re:

[Anonymous Coward]

...and a receipt would also mean that people in positions of authority could force you to vote a certain way. "Vote for Joe Schmoe and bring me the receipt to prove you did it or you'll lose your job", that type of thing. People could also buy and sell votes, because there would be a a way that the buyer could know for certain whether or not the voter voted the buyer wanted him to (and of course refuse payment until the seller brings proof to the buyer).

Re:Election Fraud

[Anonymous Coward]

Vote for Joe Schmoe and bring me the receipt to prove you did it or you'll lose your job", that type of thing.

No, it's not a lottery ticket that you take home. The voter checks the receipt and immediately puts it in a box or something. It is an audit trail that election officials can check against the electronic count.

Re:Election Fraud

[DragonWriter]

...and a receipt would also mean that people in positions of authority could force you to vote a certain way.

Only if you could keep the reciept. Which would be the wrong way to do things, both for that reason and for the ability to validate the tabulation of the election results, since then detecting errors would requiring getting all the voters to come and turn in their ballots to compare to the tallied results. What you want to do is have the receipt -- or, more accurately, hardcopy ballot -- printed in the booth, have it reveiwed by the voter, and (assuming it is correct -- exception handling is necessary if it is not) the voter places it in a ballot box before leaving the precinct, just like they would a ballot in a non-machine election.

Then, when the automated count is complete, you do a manual tabulation of the hardcopy ballots from random (actually random, not arbitrarily-chosen by officials) selection of precincts, and if there are substantial discrepancies (an objective standard must exist to judge this), a complete recount is done based on the hardcopy ballots.

Re:Election Fraud

[CyberKnet]

This may come as a surprise to you... but if you can put the number into a webpage... so can that person in authority. Whether it's a receipt you keep with the vote readable, or a number you put into a webpage.

Any time that you can verify after you leave the polling place which way your vote was recorded ... so can someone else. And that can lead to very serious consequences. Loss of job, family, the stakes are endless.

All that is required for you to verify your vote is a human-readable paper record that will be kept separate from the electronic record, but doesn't leave the polling place. That way you can verify it after you vote electronically, and if a recount is done, the paper trail box can be unlocked and counted.

Re:Election Fraud

[ChromaticDragon]

While some sort of verification would seem necessary, there is a rather significant problem created if anyone can "leave [with] it".

If you can walk away with proof of "what" you voted, you can prove it to anyone willing to buy your vote. Or to Guido who is threatening to beat up your little ones if you don't vote a specific way.

This is a rather serious problem all the world over. So whatever we do to verify or to authenticate, it cannot involve the voter walking out with the means to show anyone how they voted.

Re:Election Fraud

[JasterBobaMereel]

Voting machines can work .... but ....

Press the button on the the screen marked "Obama" the machine prints out your vote...you check it says you have voted for Obama , you put this in the ballot box

What you put in the ballot box is not kept by you ...

It is easily machine readable so is quick to count ...

The voting machine does not need to remember who voted, how many votes etc ...it cannot be gamed

The paper voting slip is as anonymous and as verifiable as the old "place cross here" system ...

Re:

[The FNP]

Right, because this wouldn't confuse the poor bastards in KY who couldn't even follow the directions on the screen after they pushed the "Vote" button that clearly told them that they had to push the "Cast Ballot" button too.

I'm fine with not having a receipt (except for my collection of "I voted" stickers) , but my polling place has ES&S machines with the additional paper trail module, and yes, I do check the paper trail after each selection.

--The FNP

Re:

[mmontour]

The voters thought that the screen that came up after they clicked "Vote" was their confirmation that the vote had been cast. They left without thinking anything was wrong, just like the Florida voters who mis-punched their famous butterfly ballots in 2000.

No voting system is going to let you leave with a paper receipt showing how you voted. That is too vulnerable to abuse.

Re:

[Columcille]

If it is impossible to catch how did they catch these guys? Election fraud has always happened and always will, no matter what the method of voting. And some people will get caught while others get away, just like it's always been. There are reasons to oppose electronic voting - and reasons to support it. At least be a little realistic in your opposition.

Re:

[stoolpigeon]

That is the best part of the joke. The first part is a little snarky - the second part is pure comedic gold. Saying this pretty much kills it though. And I wouldn't say anything - but the point of the joke is not to oppose electronic voting and so I've got to correct that misunderstanding.

The whole thing hinges on the fact that here at the dot we regularly rail against things that are considered 'new' because there is an electronic component. Well - what happened in this case is just good old election f

Re:Election Fraud

[The FNP]

They could have been caught much sooner if the machines had been using a paper trail. My local machines print out each selection as it is made. Then if at the ballot review screen I change a vote, then it prints that on the paper trail. So if even 10% of the paper trails from a single precinct shows significant and consistent changes at the review screen, that's a huge red flag!

If the machine had a paper trail, the 2002 election could have been the only one that was affected. And the 2004 and 2006 elections would have been unaffected. As it is, it took over three election cycles to catch these guys, ***BECAUSE THERE WAS NO PAPER TRAIL***.

As for the question of how did they catch these guys, there are any number of methods, including, the wrong person talking; or an actually smart and observant voter who was waiting in line and noticed that they were given incorrect instructions and the poll workers seemed to be spending a lot of time in the booths after each voter; or a candidate being asked for bribe money; or a poll worker being approached to join the scam; etc, etc, etc, ad nauseam . . .

So the people who say that the voting machines will always reflect the will of the voter are idiots. I don't think that the machines need to be fully open source, but they need to be certifiably as secure as possible and part of that includes independent penetration testing and a paper trail ***AND PAPER TRAILS SHOULD BE REQUIRED BY FEDERAL LAW***

--The FNP

Re:Election Fraud

[imamac]

No way. Absolutely not. Secret ballot is vital to our system. It allows people to vote without ANY outside influence. People can vote their minds and not their peer pressures. Secret ballot removes outside influence on votes. There is no other way around that.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Just Some Guy]

Yeah. I can't think of a single defensible reason for such a bizarre, anti-democratic plan.

Re:

[mea37]

I'm not sure how doing away with secret ballot would help, really. You'd still have to trust somebody to audit the millions of datapoints to validate the result.

But ok... the first legitimate purpose of the secret ballot is to make it harder to sell votes. (I won't buy your vote if I can't prove you voted as instructed.) These... er... gentlemen have demonstrated that if you're close enough to the process, you can still buy and sell votes; but I, for example, cannot sell my vote to the coworker across th

Re:

[TapeCutter]

Sure you can get it retail but you need a counting machine to handle wholesale.

Re:Election Fraud

[worthawholebean]

That's not true at all. The U.S. has a long history of various forms of electoral fraud. See for example this book [amazon.com].

Re:Election Fraud

[Anonymous Coward]

a circuit court judge, a county clerk, and election officials are among eight people indicted for gaming elections in 2002, 2004, and 2006

You see, this is why I don't vote;
Those guys are much more qualified to pick a candidate than I am. Why bother?-)

Re:

[dkleinsc]

They can't have been that smart: they completely forgot to pay off the new US Attorney.

Re:

[xSauronx]

you have it backwards, since I didnt vote, I can bitch at the rest of you for picking morons.

Re:Election Fraud

[fractoid]

Easy: If you don't vote, you have no right to bitch about the people you didn't vote for screwing things up :)

If I don't vote (and I didn't, which in Australia is actually punishable, but so be it - I didn't see a candidate I could conscionably vote for) then no-one can blame me for 'choosing' the candidate who's currently fucking our country. And that's the main purpose of democracy; to say to the common man: "You voted for him so it's your fault that he's making fucktarded decisions", or "You voted against him but most people voted for him, so you're wrong".

Re:Election Fraud

[Beardo the Bearded]

All politicians are liars and crooks.

I choose the party that's going to steal for me.

Re:Election Fraud

[M1rth]

I'd trust this story a whole lot more if Slashdot had quoted the actual newspaper article [lex18.com] rather than the frothing partisan political hackblogger's "report."

Re:

[Peaceful_Patriot]

I agree the source article seems less than impartial. Here are some reputable sources for more info:

google news [google.com]

Re:Election Fraud

[Zontar The Mindless]

It's funny that you call it a 'frothing partisan political hackblogger'...

My guess is that M1rth took exception to the following paragraph in the blog post (emphasis added):

The fact is, those who know anything about computer security understand that it is the insiders who are, by far, the greatest threat to security on such systems, as even the phony, GOP-operative-created Baker/Carter National Election Reform Commission determined in its final report: "There is no reason to trust insiders in the election industry any more than in other industries."

The blogger does, upon further investigation, seem to have a tendency to... well... froth. However, we should not let this detract from the core issue here: Voting without transparency and verifiability cannot be trusted to return accurate results.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Election Fraud

[ChefInnocent]

Feeling particularly trollish? It doesn't matter what party does the fraud (I say this as someone who voted Democrat in the last election); these people should be tried and hung for treason. This cuts into the very fabric of what our country is suppose to be.

Re:Election Fraud

[CrimsonAvenger]

It doesn't matter what party does the fraud

Quite so.

But it should be pointed out that /. tends to mention the Party of a wrongdoer if the wrongdoer is Republican, and omit it if he's a Democrat.

these people should be tried and hung for treason.

Sorry, treason is explicitly defined in the Constitution. I doubt seriously the definition can be stretched to fit this.

Re:Election Fraud

[MrMarket]

But it should be pointed out that /. tends to mention the Party of a wrongdoer if the wrongdoer is Republican, and omit it if he's a Democrat.

You must be new here. /. is full of Liberation engineers and IT industry protectionists. Neither of which really have a home in the US two party system. You might confuse the trend in the last 8 years of Bush bashing with Democratic leaning, but it was actually just a low tolerance for idiocy. Rest assured, the idiots in the current majority party will also be called out.

Re:Election Fraud

[CrimsonAvenger]

You must be new here. /. is full of Liberation engineers and IT industry protectionists.

Alas, it doesn't really matter what /. is "full of". But it is true that the Party of a Republican in the news tends to be mentioned in the summary, while the Party of a Democrat in the news tends to be quietly ignored in the summary.

Note this case as an example. Nowhere does it mention that the people doing this were Democrats, though it wasn't terribly hard to determine.

Put up or shut up

[Anonymous Coward]

But it is true that the Party of a Republican in the news tends to be mentioned in the summary, while the Party of a Democrat in the news tends to be quietly ignored in the summary.

This makes two times you have said this in this thread. Instead of asserting it for a third why not prove what you claim? Or is this just another Republican "the media is liberal and always against us" whine?

Re:

[Anonymous Coward]

Or maybe the real story here is about the insecurities and perils of current electronic voting machines - the kind of topic slashdotters are interested in - and party affiliation is incidental because readers are smart enough to understand that system can be rigged by any party or any person.

Re:Election Fraud

[The FNP]

Actually, it clearly says that WW and CW were the Democrat and Republican election officials for a certain precinct. Meaning that both Democrats and Republicans were in on it.

--The FNP

Re:

[Anonymous Coward]

No no NO! How dare you bring your facts and your truth into this? Can we please go back to saying it was all Democrats? That was much more comfortable.

Re:Election Fraud

[DingerX]

You obviously didn't go through the indictment [kentucky.com] itself, where the party affiliations, when relevant is given. So the Democrat election commissioner is named in paragraph 4, and the Republican judge in paragraph 7. The #1 unfounded assumption a person makes is that the world is the way s/he thinks it is. In short, there's plenty of evidence that what you wrote is false. While the party affiliation of most people indicted is not mentioned (as it does not pertain to their job description), when mentioned, both parties come in.

Re:Election Fraud

[VShael]

But it should be pointed out that /. tends to mention the Party of a wrongdoer if the wrongdoer is Republican, and omit it if he's a Democrat.

Then what's the problem? You can clearly tell the two part, by assuming the corrupt party is a Democrat, unless explicitly stated otherwise.

Sounds like a Republican friendly set up to me, if the assumption of corruption = Dem.

Re:

[rpillala]

I agree that it doesn't matter case-by-case, but I think it's important to watch for trends. If the majority of election fraud is committed by members of the same party, it could indicate a conspiracy at a higher level of the party than whatever level the individual elections decided.

Re:Election Fraud

[erroneus]

Perhaps this AC is under the impression that the Slashdot demographic is primarily democratic? I observe that we have quite a mix here and if there is anything disproportionate from the general public, it would be a larger than normal portion of Libertarians and other alternatives.

Democrats and Republicans are both evil in their own ways. They both serve the interests of business and heavy contributors. Their games are very well established and you can't get elected through any of those parties unless you play their games and participate most fully. (Gotta get dirty with them to keep the political career going.)

(What we need is a "judge dread" to clean the system out... the system will not clean itself out.)

Re:

[stoolpigeon]

One of the things I like about slashdot, after the number of people with true expertise, is the wide representation of many view points. On a few other popular sites I visit things feel much more slanted in one direction or another. Here in discussions of politics or religion (to name a couple of the more inflammatory topics) there seems to be a good number of people from all over the spectrum. I prefer that to an echo chamber. (Yes, we are pretty bad about the FOSS thing - but I'm willing to let that s

Re:

[erroneus]

The F/OSS thing doesn't have a particularly controversial position. If you understand it, your probably support, endorse or apply it. If you don't understand it, you probably don't. I have yet to know someone who both understood F/OSS and didn't also support it or use it. My brother is a hard core Microsoft supporter but also uses F/OSS because it works... the Microsoft thing pays for his house and stuff like that though.

Re:Election Fraud

[stoolpigeon]

Well - I'd agree with you but how many people feel that way about religion and politics? Most of them. So I'd say FOSS/Closed is controversial because there are a number of people on both sides of the issue. Head on over to somewhere like stack overflow and see if you can drum up some controversy - bet you can.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Election Fraud

[Miseph]

Which I would have expected just from the tactic.

Historically, Democratic election fraud takes the form of ballot stuffing, voter fraud and otherwise directly tampering with the election system. They certainly don't have a lock on it, and there are definitely known cases of Republicans using such tactics (Palm Beach in 2000), but it is the traditional domain of Democrats. In effect, any time you see vote tampering or over-voting, there's probably a Democrat behind it.

Republicans, on the other hand, have generally done a better job of voter intimidation and lock-out. Again, Democrats have been known to send out the police to harass and scare opposition voters the day before an election, or break voter registration procedures such that it takes a lot of work for a ballot to be cast and it is likely to be discredited after the fact anyway, but this is more traditionally associated with Republicans. In effect, any time you see voter intimidation or under-voting, there's probably a Republican behind it.

Of course, down the thread it looks like this was a 50/50 job, so I guess we're both wrong... but mostly you.

Re:Election Fraud

[cthulu_mt]

Really...How is the ejection going on all those tax cheats like Rangel?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[LordKazan]

He didn't rationalize it in the least - he said it was wrong, but he said compared to other things it's not so bad.

And being a few-thousand-dollar tax cheat is nothing compared to being a war profiteering traitor who selectively censored intelligence information from the president and congress to get a war started, a war said president was all too happy to go along with because "that bad guy attacked my dad." (cheney)

being a few-thousand-dollar tax cheat is nothing compared to intentionally perpetrating a m

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Election Fraud

[The Spoonman]

It comes right after cherry-picking parts of a comment that seemingly support your case and completely ignoring the ones that don't. Such as the part where he points out that he does not believe Rangel intentionally "cheated" on his taxes since he's the one who brought it out. The comparison was made that Rangel is "evil" because of his actions (or inactions), but evil is a choice. Rangel made a mistake. There's a difference. In a "who is more evil" discussion, which this one is, ultimately...bringing out the evil committed by the opposing side is perfectly acceptable.

Beyond that, it's unrealistic to assume that someone like Rangel even DOES his own taxes. I don't make anywhere near as much as he does and even *I* don't do my own taxes. I get the advice of a tax professional, and if that professional gives me wrong advice, it's difficult for me to know that. All of the recent tax issues faced by public officials have been minor, MINOR, and easily attributable to ignorance rather than malice...as opposed to the actions of those on the other side who are criticizing these mistakes.

Re:

[bzipitidoo]

You forget another culprit: the system.

Systems are shaped by many idiocies of the moment--legislators adding convolutions designed to help or hurt some group. The tax code is so horribly complicated it's nigh impossible to do taxes right. Elections are also like this. For instance, in Texas neither R's or D's got on the ballot in time. In 2005, Texas changed the lead time from 60 days to 70 days. Why? Who knows, but it's just the sort of thing to trip up political parties. It's hard to imagine they

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[andytrevino]

Yes, because Larry Craig, Tom DeLay and their ilk are still so very much sheltered by the Republican party..

Meanwhile, Chris Dodd, Charlie Rangel, Barney Frank and the like are in the worst position for the country: rather than being prosecuted for sweetheart loans and campaign contributions from AIG, they're actually being entrusted with fixing the current mess that they largely helped create. Way to go.

Re:Election Fraud

[Gat0r30y]

Yes, he lied under oath. But then again, there was a congressional investigation into whether or not get got a BJ. That is absurd in its own right. Left or Right, what you do with your sex organs in private, with consenting adults shouldn't be the government's business.

The 4 Fascist American Presidents: Wilson, FDR, LBJ, Obama.

I don't think you know what this word [wikipedia.org] means. And your feeble attempt at fear mongering doesn't work particularly well when it is clear that you do not even know what the words you use mean.

Treason

[Just Some Guy]

Elected officials subverted the voice of the people for personal profit. Execute them. I am serious. There needs to be an example made, quickly and decisively.

Re:Treason

[Rogerborg]

Bear in mind that the people who write the laws are the winners of elections. You can see how they might be disinclined to change a system that demonstrably favours them.

Re:

[Just Some Guy]

Bear in mind that the people who write the laws are the winners of elections.

That's why it's critical that this be handled harshly. When the guardians deliberately attack their charges, the penalties must be severe.

Re:

[Rogerborg]

If they penalties aren't severe enough, perhaps you could run for election and get them upgraded?

Re:

[CrimsonAvenger]

The crimes by government against the people can not be tolerated. They are worse than mere murder (other than mass murder) because they damage us all. Likewise, massive financial crimes damage all of us.

People such as election fraudsters and Bernard Madoff should be executed (and not by silly lethal injection) in public.

You are aware that Madoff didn't work for the government, correct? He was an old-fashioned private-citizen criminal....

Re:Treason

[Kokuyo]

Even though I do not agree with a death sentence, I agree with the acting decisively part. Our countries are there for the people. The people IS the country, so to speak.

And since this directly went behind the backs of the people, treason is the proper definition here. Imagine what shenanigans will happen, if this kind of behaviour is not come down upon hard.

Re:

[Atrox666]

"Imagine what shenanigans will happen, WHEN this kind of behaviour is not come down upon hard."

There, fixed it for ya.

Re:Treason

[CrimsonAvenger]

And since this directly went behind the backs of the people, treason is the proper definition here

Article III, Section 3 of the US Constitution:

Treason against the United States, shall consist only in levying war against them, or in adhering to their enemies, giving them aid and comfort.

I trust you can demonstrate how this action fits, since you have declared that "treason is the proper definition"?

Re:

[SterlingSylver]

Executing corrupt pols is always a popular choice, but we should really consider public humiliation. Bring back the stocks. Seize all their assets, all their family's assets. Then, after a month or two of leaving them in the town square, throw them in federal PYITA prison, and let them rot for all eternity

Re:

[GMFTatsujin]

So now I'm thinking of the Battlestar Galactica in which Roslyn rigged the election. How many people who cheer her on as a strong leader are calling for charges of treason here?

Just a thought from my sociological mind. Personally, I think they should all swing.

It IS treason.

[geekmux]

Seriously. How is this not treason?

It IS treason, plain and simple. And for further proof of the pussification of America, look back 200 years and see how they would have handled this case back then.

The importance of honesty and integrity with our elected officials is not any less critical today than it was 200 years ago, so why should the punishment be?

Re:Treason

[bentcd]

Seriously. How is this not treason?

In the context of the U.S., its Founding Fathers were very reluctant to label as treason anything that could be used by a tyrant to strike down on legitimate internal opposition. Therefore, they were left with only two very specific acts that would be considered treason:

Section 3. Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. (...)"

"Conspiracy to rig an election" is just not on that list.

Re:

[Just Some Guy]

Founding Fathers were very reluctant to label as treason anything that could be used by a tyrant to strike down on legitimate internal opposition.

That was good and wise and as it should be. You don't want the ruling party to define treason to include "speeding, if my opponent is doing it".

Treason against the United States, shall consist only in levying War against them

I'm willing to accept that they staged direct attacks on their political enemies. Our own government doesn't hold that warfare must include physical action; ref.: the new Cyber Command.

Re:

[jollyreaper]

In the context of the U.S., its Founding Fathers were very reluctant to label as treason anything that could be used by a tyrant to strike down on legitimate internal opposition. Therefore, they were left with only two very specific acts that would be considered treason:

Section 3. Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. (...)"

"Conspiracy to rig an election" is just not on that list.

I understand but to my point of view the highest treason possible against a democracy is tampering with the voting process because it is faith in that process that serves as the underpinning for the entire society. If you cannot trust the vote, what can you trust? Tampering with the vote should have the same sense of shock and horror we reserve for pedophilia and necrophilia. The consequences should be drastic and dreadful so that even a Nixon wouldn't dream of incurring them. Frankly, it's the only crime I

Re:

[worthawholebean]

The US Constitution defines treason as "levying war against [the US], or in adhering to their enemies, giving them aid and comfort." This isn't it.

Re:

[Dog-Cow]

As others have posted, it's not actually treason. However, it's also true that treason is not the only crime whose punishment should be death.

Re:

[CrimsonAvenger]

Seriously. How is this not treason?

US Constitution, Article III, Section 3:

Treason against the United States, shall consist only in levying war against them, or in adhering to their enemies, giving them aid and comfort.

Well, it's not levying war against the US.

It's not adhering to the enemies of the US.

And it doesn't actually give aid and comfort to the enemies of the US.

So, basically, that's how it's not treason.

Uh, not exactly a voting machine security flaw

[Reality Master 201]

Apparently the people told voters that hitting the "Vote" button would complete their vote, when it actually just brought up a confirmation screen. It was after the voter left that the people charged went and changed the votes, then completed the vote.

So, yeah, that's definite election fraud and those involved should go to jail for a nice long stretch. But the headline leads you to believe this was somehow a voting machine flaw, rather than a social engineering attack based around shitty UI design ("Vote" means vote, not, "Confirm my Choices").

Re:

[Just Some Guy]

But the headline leads you to believe this was somehow a voting machine flaw, rather than a social engineering attack based around shitty UI design ("Vote" means vote, not, "Confirm my Choices").

In what way is that not a security flaw? If an ATM were to fail to log me out for several minutes after returning my card and money and receipt unless I know to hit a specific button, it is a problem with the ATM.

Re:

[Reality Master 201]

Perhaps not the best phrasing; it's a flaw in the design, but it's not like flaws that allow you to manipulate the vote database with impunity and without an audit trail, or manipulate the machines totals. It depends partly on shitty design, and partly on lack of education for the voters.

Interesting you should mention ATMs - I used one near my house the other day that would have allowed me to withdraw money from the previous user's account. It's one of those ones where you just swipe the card, and apparen

Re:

[Just Some Guy]

it's a flaw in the design, but it's not like flaws that allow you to manipulate the vote database with impunity and without an audit trail, or manipulate the machines totals.

Understood and agreed. It's more of a bad specification than an outright bug in that the screen works (IMHO incorrectly) as designed. Still, that and the unexpected ATM behavior you described are security issues, even if someone thought they were good ideas at one point.

Re:

[Norsefire]

There was an ATM scam a while back similar to this.

People would use matchsticks to jam the cover of the dispenser, where the money comes out, closed and then wait around a corner for someone to make a withdrawal. The machine would say "please take your money" only they couldn't as the cover wouldn't open, so they would go in to the bank to complain, meanwhile the scammer would prise the compartment cover open and take the money.

Re:Uh, not exactly a voting machine security flaw

[Just Some Guy]

Badly designed GUI + social engineering != security flaw.

It most certainly does! We've held MS to that standard for years with such things as "nakedgirl.gif.exe" tricking users into running unknown binaries, and rightfully so. Social engineering alone doesn't indicate a problem, as con men have been around since roughly the beginning of time. Software misfeatures (such as a button labeled "Vote" that doesn't actually cast your vote) that make fraud trivially easy absolutely are vulnerabilities.

Re:

[UnknowingFool]

We've held MS to that standard for years with such things as "nakedgirl.gif.exe" tricking users into running unknown binaries, and rightfully so.

No, we've been holding MS to the standard that programs should not autoexecute on download/copying, etc. And when it runs, not any program should be able to change system settings. In the Unix/Linux world, downloading a malicious file does nothing. The user has to set it to be runnable and then explicitly run it. Even then, the program is limited to what rights

Re:

[silanea]

Badly designed GUI + social engineering != security flaw.

I disagree. It does not matter which attack vector or medium is used to break intended behaviour. And the fact that a UI allows such a severe subversion of intended functionality simply by telling users bullshit just makes this flaw all the more serious and shameful than a true machine exploit. A simple "Please review your choice and confirm it to be counted. It has not been stored yet!" and a biiiiiig red button labeled "Yes, this is my choice! Cast my vote!" should have been enough to avoid exactly this k

Re:Uh, not exactly a voting machine security flaw

[ControversialMatt]

Which is interesting, because it contradicts the image many of us have of the average end user. Personally I believed that they would be programmed by now to automatically click OK on any popup without reading it.

Re:

[jrumney]

But the headline leads you to believe this was somehow a voting machine flaw, rather than a social engineering attack based around shitty UI design

A shitty UI design is a voting machine flaw!

Re:Uh, not exactly a voting machine security flaw

[An Onerous Coward]

I think the point your respondents are missing is that -- while the machines are clearly flawed -- the electronic voting machines didn't greatly magnify the officials' ability to corrupt the vote. Had one of them altered hundreds of votes using a USB stick and three minutes of "alone time" with the machines, this story would have a completely different flavor for me.

IOW, Kentucky electoral officials can't hack. What scares me is that this is probably why they got caught; there must have been a dozen people involved. I'm sure the more tech-savvy vote riggers are just getting away with it.

Life inprisonment

[Joebert]

Conviction for tampering with election results should be met with life inprisonment. The scope of things affected by gaming elections warrents nothing less.

Death would be better, but sometimes we get the wrong guy and at least with inprisonment we can let them out of jail and make sure they live well with a fat stack of cash for the rest of their life.

Re:

[Just Some Guy]

Wanna bet they were changing the votes to favour the GOP?

One million dollars please? We already know they were Democrats. But who cares? I tend to vote Republican but I'm more than ready to throw a Republican politician to the dogs for committing this crime. I trust that honest Democrats will feel the same way about these particular cretins.

new methods for perennial problems

[rodentia]

same old solution: vigilance.

Re:

[ChefInnocent]

And vigilante justice...the courts aren't going to do the right thing.

I preferred hanging chads

[olddotter]

Were any of these guys named Chad?

Seriously. I would much prefer paper voting. Be it punch card or optical scan (used where I am). Of those two it seems optical scan is easier for people to deal with at least I have heard no major problems.

Apologize Now

[Doc Ruby]

I want everyone who sneered at me in 2000 and 2004, saying "changing those electronic machine votes would require a conspiracy so vast, with nobody ever leaking, that it's impossible, you're crazy, just get over it" to apologize now.

Not just to me, though I want that now. But also to the entire country, for standing in the way of fixing this basic corruption that destroys democracy that should be ancient history by now.

Apologize. Preferably door to door. But a reply here would start to count.

RTFA now

[Shivetya]

Nothing about this article supports you.

So, quit banging your own drum when you don't even know the tune being played.

I am so tired of you "Bush stole the election freaks". Any excuse to ignore the fact that the person whose views you supported was not accepted by the majority. So how does the 2008 election get a pass? Is it only because the person you wanted to win did so?

Really, I want to know, is it only a problem when you lose?

Re:

[Doc Ruby]

The butterflies at least are paper, so there's physical evidence of both the voter's actions, and of later actions in the paper. The layout of the butterflies printed "GUI" has its own problems, as well as the consistency of mechanically marking them. But at least they are a lot harder to change without notice.

What we need is "voter verified" balloting. We should use the machines only to uniformly mark a physical ballot record. Perhaps a separate machine to read back the marked physical ballot to the voter

Doesn't surprise me

[MBGMorden]

It really doesn't surprise me about this. A lot of judges and officials really just don't "get it" IMHO for stuff like this. During this last presidential election, the lines were very long in some areas depending on where you went to vote (I waited until about 5:30 and didn't have to wait but about 30-40 minutes, so it wasn't too bad).

Now, I work in government, so the election committee was discussing turnout on the mass email the next day. One of the judges wrote, commenting about low long the lines were and how ridiculous it was, and actually suggested that perhaps just calling (by phone) a random subset of people and basing the whole election off the sample would be better than letting each and every person vote.

Sure, no possible way THAT could be abused . . .

Must...tell...president...McCain!

[Bushido Hacks]

"Hey! I only mean one of those votes for McCain!" [youtube.com]

Quote - "affecting the outcome of elections"...

[somethingwicked]

"affecting the outcome of elections at the local, state, and federal levels. "

Source please? Not saying your wrong, I just missed that detail when I RTFA.

A computer was involved!

[tsstahl]

Since the crimes were committed with a computer, why aren't there a whole heap of additional federal charges piled on? As we all know any crime with a computer element is much worse than murder. /sarcasm

Re:Standards of democracy?

[itschy]

I suspect that in elections from 2000 to 2006, the standards of democracy in the US fell to below what we would consider acceptable in emerging democracies. Where there would be monitoring from outside observers.

Actually, many international Organizations wanted to monitor the US-american elections.
They were not allowed.
Go figure...

Re:Standards of democracy?

[ScentCone]

Actually, many international Organizations wanted to monitor the US-american elections

No, many international organizations with an axe to grind thought it would make good political theater to offer to monitor them. When countries like Cuba offer their expertise in running fair, open democracies, that's not really a comment on the US, is it? It's evidence of just how dumb their propoganda machines think everyone else is. When Hugo Chavez mentions his willingness to help, though, we should take him up on it. That will give him something else to think about for a day, besides using violence and prisons to crush his own election rivals. I understand that Iran also offered to help out. It's hard to deny that allowing them to do so would make for great fun.

Re:Standards of democracy?

[CrimsonAvenger]

Not to make this more political than it will be, but do we know what direction those stolen votes went?

Well, it took some googling, but it seems the five involved were Democrats. So it's probably pretty safe to assume the stolen votes were stolen from various Republican candidates and given to various Democrat candidates.

Though why anyone should care about the Party of someone running for the local School Board is beyond me (yes, one of the elections in question was for the local School Board).

Note, by the way, that what happened was good, old-fashioned, vote-buying. With a twist, in that the people actually handed the money to buy votes in the field decided to keep the money and just change a few votes themselves.

Re:

[JustNilt]

Though why anyone should care about the Party of someone running for the local School Board is beyond me (yes, one of the elections in question was for the local School Board).

A lot of politicians got their start in similarly seemingly minor positions. In addition, the school board in many areas (I don't know about the one in question) is in charge of capital projects such as construction and purchase/sale of school real estate. That'd certainly be a good place to be if one were inclined to steal from the public.

Note, I am not suggesting that anything beyond the alleged election fraud occurred. I'm simply pointing out possible reasons (one honest and one dishonest) why a perso

Re:Hang them.

[tonyreadsnews]

It might be easier if you ask them who paid BEFORE they are swinging from the rope. Unless you plan on hanging them by their ankles.