Forum Navigation
Topics
Log In
Log Out
:
Forum Search
New Today
New This Week
Advanced Search
Tree View
Forum Account
Edit Profile
Register
Forgot Password
Forum Tools
Help/Instructions
Policies
CLICK STATE TO SEE:
"WATCH LIST"
Marked with: 
"OPEN & HONEST"
Marked with: 
...
|
| (US) 3/06 - The Core Issue In Relatio... |
|
| Author |
Message |
    
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1264
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, December 2, 2005 - 10:17 am: | 
|
From my post here: http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=8&post=14664#POST14664
This is long but I think it addresses the heart of the electronic voting issue.
"The physical stuffing of ballot boxes, wholesale paper ballot destruciton and intentional miscounts were the the major reasons New York moved away from paper ballots and went to lever based mechanical voting machines 50 years ago."
And lever machines are equally effective in vote tampering--but they gave voters a sense of false security. It only meant that vote tamperers had to change their tactics.
Nowadays there are many fine examples of good procedures for handling, counting and securing paper ballots. What is lacking is the political will to 1) develop procedures according to best practice demonstrated elsewhere; and 2) implement these procedures across the country in every polling place; and 3) enforce the rules, with a legal/governmental system that is pro-active regarding election ethics rather than obstructionist.
With electronic voting as it currently is, you have many more vulnerabilities, plus non-existent procedures for meaningfully and testing equipment, plus non-existent procedures for dealing responsbly with the electronic equipment and data, plus no political will to enforce the meager regulations that do exist.
Electronics allow for more widespread corruption than the paper ballot stuffing--and it's all the more nefarious because it can be done with much greater subtlety in some cases.
So what do we gain?
Nothing--but we've effectively added to the risks. And we've made it virtually impossible to easily and quickly enable voters to do recounts. (The idea of voters looking at their thumbprints with magnifying glasses to prove to someone that this vote is really theirs is a nightmare scenario. If you looked at your own thumbprint do you have the expertise to know for sure whether or not it's really yours?)
Securing and handling data and electronic machines is much more risky than handling paper--particularly when the political will is not yet developed.
Additionally electronic voting equipment is far more expensive to develop, purchase and maintain--yet in itself it does nothing to address the fundamental problems of the current lack of willingness to develop, implement and enforce proper procedures.
Since we haven't yet succeeded in developing, implementing and enforcing proper procedures in relation to paper ballots--not because it's so difficult to do, but because there is not the political will to do so--what reasons could there possibly be for introducing electronic systems which expand exponentially the potential attack vectors, simplify the attack vectors (e.g., pay off 1 programmer or 1 tester or 1 poll worker) and yet be able to completely steal an entire election? Plus they cost the taxpayer lots more money on an ongoing basis.
Maybe if we can 1) develop the political will at a grassroots basis to develop, implement and legally enforce (that includes the justice system) secure procedures for paper ballots, and 2) institutionalize those changes throughout government, legal system and voting public, and 3) we demonstrate that we can do this well for a decade or two--maybe then we'll be in a position to responsibly develop fail-safe electronic voting systems and the enhanced oversight that such systems would require.
As it is now, we're putting the cart before the horse. People are developing electronic systems which--like paper ballots--require lots of oversight (far more oversight than paper ballots) and which require therefore even more political will to deal with them responsibly (as they are potentially far more insecure and it's also harder to spot fraud). Yet these far riskier technologies are being developed without us having developed the political will to address the serious ethical and oversight problems that exist.
It would be better to first address the societal/governmental/ethical/legal frameworka--which are corrupt as can be--before we attempt to move to an even riskier electronic system. Electronic voting doesn't have a hope of ensuring accurate elections as long as our societal/governmental/ethical/legal systems support corruption and illegality at every turn.
It is fundamentally mistaken to expect a technological solution to what are social/ethical issues. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 192
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, December 2, 2005 - 11:28 am: |
|
Treat it as a magician's trick or an accountant's trick.
Magician's trick: he can't take and hide your object if you don't give it to him. (Have your legally binding ID'ed copy of your vote in your possession when you leave your polling place!)
Accountant's trick: your accountant has been doctoring your books and shaving money for himself?
Keep your own account of your transactions and check his books with your books (the legally binding ID'ed copy of your vote that you walked away with).
We're not going to change society to where people won't ever try to cheat in elections because they've become to noble to do that, appropriate safeguards must be in place. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1267
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, December 2, 2005 - 12:17 pm: |
|
"We're not going to change society to where people won't ever try to cheat in elections because they've become to noble to do that, appropriate safeguards must be in place."
I agree. So why not use systems with simpler, more transparent safeguards, rather than systems requiring safeguards that are more complex, have more possible points of security breakdown or manipulation, and are more expensive? |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 196
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, December 5, 2005 - 8:33 am: |
|
That has been exactly my point. But if you have the voter with a legally binding copy of his vote, that has an ID number for him to trace it and is marked by him in such a way that it is incontestably his and he has the legal right to get his vote corrected (if it's been misrecorded) the counting mechanism need not be error-proof or hack proof. There can still be integrity in the vote. Nothing else I've seen here gives the voter any surety that his vote was counted as he cast it. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 197
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, December 5, 2005 - 9:39 am: |
|
One of the most transparent parts of business is that if you sell something to someone, he gets a receipt or bill of sale, saying what was sold to him, especially if you're going to hold it for him. Why are we willing to do something that's as important as voting without getting not only a receipt but a thorough receipt? |
Jose Ivey
Voting Rights Forum Participant
Username: Urbanvoyeur
Post Number: 38
Registered: 11-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, December 5, 2005 - 2:27 pm: |
|
Catherine
I agree with the premise that the system should be as simple as possible. I also agree that the system should be transparent and open to public review and audit at any time.
I don't know enough about the best of breed paper systems to say whether they can be made secure enough to overcome the many deficienciencies of past paper systems.
I do know that we can make open, secure, easily auditable electronic systems to accomplish what is essentially a very simple task: serial addition.
Your points about the lack of political will are well taken. I do believe there is discontent among voters over the quality of the process.
I don't yet see evidence of the kind of political will it would take to rapidly switch to nationwide paper ballot - even if that is secure solution, which I'm not convinced it is.
So where does that leave us?
Electronic voting, in one form or another is with us and won't go away. It will not wait 10 or 20 years for us to decide to use it; the box has been opened.
Now, I think it is up to us to gain control of it.
Look at it another way:
If we say no no no we must have paper ballots for security, the e-vote makers will trot out their dog and pony show and dazzle the audience. And every problem will have a fix in the next release.
If on the other hand, say we dictate to the e-vote makers very strict standards of openess, testing and audit before we use the machines.
If the system then succeeds in being fair, everyone wins. If after our best effort and theirs the system is still corrupt and flawed, you have proven the case that e-votes cannot be secured and we turn to paper. Total elasped time 10-20 years.
Here's a case where there are two different, valid ideas. If I argue against the other person's idea all day long; at the end of the day all we have is opinion. If on the other hand I help prove the other guy's idea, it will either work or fail twice as fast. Either way we learn. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1289
Registered: 12-2004
Best of Black Box? 
Votes: 1 (A keeper?) | | Posted on Monday, December 5, 2005 - 3:19 pm: |
|
"I don't know enough about the best of breed paper systems to say whether they can be made secure enough to overcome the many deficienciencies of past paper systems."
There have been quite a few postings at BBV about a number of good paper systems (Canada, Ireland, Italy and undoubtedly there are others).
It is easier and simpler to achieve good security and transparency (and reliability and accuracy) with paper than it is with electronic voting machine technology. Good practice exists in many places--it does not need to be reinvented.
It is a shame there is not more widespread awareness of this. The presence of effective paper systems makes it less palatable (to me) to invest many billions into trying to devise a secure electronic system.
If that secure electronic system inevitably depends on enforcement by regulatory, election and judicial bodies, then how are we any better off than we are now?
At least paper+public hand-counting can have public oversight and public counting.
Other countries have implemented effecient, transparent and cost-effective solutions. I don't see the advantage of trying to go for a solution that would cost more and have many more risks and less public oversight. It's like trying to develop a reliable Mars lander to take you to your next door neighbor's house, when you could have just walked. It's theoretically possible, but why would you want to do spend the money and effort and incur the extra risks to do it that way?
(Message edited by catherine_a on December 05, 2005) |
Jose Ivey
Voting Rights Forum Participant
Username: Urbanvoyeur
Post Number: 39
Registered: 11-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, December 5, 2005 - 4:45 pm: |
|
I will certainly read up on those. Though, as I understand it, elections in those countries are smaller - involving fewer voters and fewer candidates, and in some cases last for more than one day. And If I am not mistaken, some areas of Canada are adopting machine counts and/or hybrid systems.
I don't believe it should take billions to develop a secure electronic voting system. Australia's seems indicate a promising direction.
Nor do I believe that an electronic system is inherently less secure or inherently more difficult to oversee or audit. But that may as much a difference in philosphy as anything.
Do you think for a minute that the casinos in Vegas don't know what every single line of code and every single piece of equipment does inside their slot machines?
Those machines are secure, reliable, auditable and self report dozens of kinds of tampering. they will even take themselves off line if too many errors are generated. Same with ATM's. It didn't take billions to develop them. Or particularly honest people. Just good methodolgies and well motivated paranoia.
And if you ever want evidence of the dangers of hand counts, read up on the lengths casinos go to validate the cash count. If it was up to them, all transactions would be electronic.
I might add that the security of any voting system depends on enforcement by reguatory, election and judicial bodies. They execute the will of the people. And in this country, no matter how loud the outcry over any election, the oversight and the case for change must be made through these bodies.
"According to legend, Boss Tweed, the notoriously corrupt leader of New York City's Tammany Hall, once said that vote counters elected officials, not voters."
http://www.pbs.org/newshour/vote2004/primaries/sr_technology_history.html |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 203
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, December 6, 2005 - 5:18 am: |
|
And having the legal right as a voter to trace, verify and correct your own vote trumps the defects in any of these systems (for tampering with a genuine vote), if people would only do it.
But it wouldn't take all people doing it to put the fear of god in the people who would cheat, just enough to catch them.
Now you'd still have to stop them faking people, and the system I proposed helps with that, as well. Assurance of a democracy is going to take more effort than has previously been made, not less.
The only way to post a 'sheepdog' over our votes (the anonymous sheep) (to keep the wolves away) is for each of us to be legally entitled and empowered to each watch our own 'sheep'. The fact that the 'sheepdogs' might be rare is, I think, overmatched by the fact that the sheepdogs are nearly undetectable, which will keep most 'wolves' at bay. |
Jose Ivey
Voting Rights Forum Participant
Username: Urbanvoyeur
Post Number: 44
Registered: 11-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, December 6, 2005 - 9:34 am: |
|
Another technology comparison:
Voting is very similar to setting odds at a race track or in sports betting.
After the initial odds are set on a horse or team, the odds (election outcomes) are continuously updated based on how much money is bet (voted) on that particular horse or team (candidate). And how much money is bet against the same.
The bets (votes) are anonymous to the odds makers - they only see amounts and never who placed the bet.
Every bettor (voter) is given a numbered receipt.
Every dollar (vote) is fully accounted for. And evey hand that touches that bet (vote) is audited.
Today, odds are set almost exclusively by computer. Most bets are placed by computer as well.
Millions of voters and casinos have full confidence in these systems.
If the gambling industry can produce secure auditable systems that do essentialy the same task as elections, I see no reason to oppose computerized voting technology as less secure, less manageable or less auditable. |
Ami Silberman
Frequent Voting Rights Forum Participant
Username: Jol
Post Number: 119
Registered: 12-2004
Best of Black Box? 
Votes: 2 (A keeper?) | | Posted on Tuesday, December 13, 2005 - 12:32 pm: |
|
The gambling (as well as banking) industries are very different than elections, because in both gambling and banking (as well as stock trading) it is imperative to maintain traceability of transactions to individuals, but our current model of voting makes it equally imperative that this not be possible, in order to preserve the secrecy of the ballot. |
Jose Ivey
Voting Rights Forum Participant
Username: Urbanvoyeur
Post Number: 72
Registered: 11-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, December 13, 2005 - 12:51 pm: |
|
It is true that gambling and banking are not direct analogues of elections - otherwise we would just use one of these systems to run our elections.
Nevertherless there are key similarites, both in the way the transactions are conducted and in the need for securty and confidence. The manner in which the security needs are addressed in these industries both shows both that is *can* be done and to some extent how it *should* be done.
Of course we know that banking is not secret or anonymous, but many of the security and audit practices used by the banking industry work without tracking the identity of the individual account holder. For example: alarms that indicate when an ATM is opened.
Additionally, as I pointed out, pari-mutuel or pooled odds based betting is anonymous. Your bet and your payout is tied to your receipt. Lose that you don't get paid.
Likewise, slot machines and casino table games are all anonymous. You can play, win and leave and no one will ever ask your name (unless you will big, then the IRS will take their cut first)
Finally, stock trading systems have quite a bit to teach out about how to build dispersed secure networks |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 246
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, December 14, 2005 - 4:55 am: |
|
I believe that the secrecy of the ballot (as it is currently secured) is the main reason for its vulnerability. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 275
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, December 20, 2005 - 6:05 am: |
|
Catherine Ansbro said: "(The idea of voters looking at their thumbprints with magnifying glasses to prove to someone that this vote is really theirs is a nightmare scenario. If you looked at your own thumbprint do you have the expertise to know for sure whether or not it's really yours?)" This is an incorrect exposition of an idea I proposed. Originally the voter would thumprint both the ballot box copy and a take-away, legally-binding copy. I now think that printing a code from a thumbprint scanner that provides a numeric hash that is representative of the voter's thumb scan would be adequate. I think the voter should ink thumbprint his personal copy. |
Terry Dougherty
Voting Rights Forum Participant
Username: Tpdougherty1937
Post Number: 1
Registered: 02-2006
Best of Black Box? 
Votes: 3 (A keeper?) | | Posted on Saturday, February 25, 2006 - 6:54 pm: |
|
Hi,
I'm new to the BlackBoxVoting site and this forum. I am not certain whether this thread is the appropriate one or not (but if not--someone will surely tell me).
Here's what bothers me. I thought for a long period of time that the computer was like the hula hoop or pogo stick--a toy that eventually everyone will tire of. But I was mistaken, and six years ago I did buy my first computer and learned how to do some pretty basic tasks--though I have very little knowledge of how computers work.
The reason I am providing this information is to establish that I really am an engenue when it comes to things cyber.
Though I am pretty puzzled by much of the technology, even I, in my ignorance, know that computers can be hacked and that information can be changed from a remote devise. I am convinced that computers should NEVER under any circumstance be used to tally votes. Even if it spits out a paper trail, that doesn't mean that the information passed on to a central computer or even the information stored in the voter's computer is consistent with the information that the paper trail provides.
Surely members of the U.S. Senate and Congress are more expert than I. Every political office has one or more computers in his/her office, many of them have an official website, and I would bet computers are used in the various businesses each of these members of Congress are involved in before they were elected to public office. My point here is that there probably isn't anybody in Congress as 'dumb' about computers as I am. I can only assume that if I am aware of computer vulnerablities, they must be even more aware.
Yet, in 2002 they took $3.9 billion of the taxpayers' money to assure that there were computers in every voting precinct by 2006. This has the earmarks of a vast conspiracy to control the outcome of elections. Representative Rush Holt from the 12th Congressional District, State of New Jersey, introduced a bill to stop it from happening, but the bill was stillborn in committee and never made it to the House for a vote.
Shouldn't the basic thrust of this website and others be--not to make certain that computers are properly certified--but to eliminate them entirely? |
Lora Cove
Voting Rights Forum Participant
Username: Lora
Post Number: 59
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 25, 2006 - 9:50 pm: |
|
There are many folks here and elsewhere who believe that electronic voting machines should be eliminated entirely. I have come around to that viewpoint. However, you are fighting the party in power, the party not in power, and billions of dollars when you take that stance. Nevertheless, there is no way to make e-voting secure at this time, and I believe it should be junked. I don't think individual receipts will necessarily verify the collective vote, and there are issues that have been raised here about buying votes and demanding the receipts as proof. Also as has been pointed out in these forums (and elsewhere), it would take only a small number of altered votes - we're talking single digits - for each machine (or was it precinct?) of a swing state to potentially change the outcome of an election.
I'm not sure how successful we will be in bringing these highly vulnerable voting systems down in time (let's see what happens in CA and now Florida), although I believe we must try. A backup plan would be to insist on a printed ballot that the voter has verified (with many necessary safeguards in place here) and require them to be counted by hand in an entirely separate procedure, and compared with the machine counts. Any discrepancies must be satisfactorily explained. The paper count must take precedence in cases of discrepancies.
This would cost even more. The only good it might do is 1) get passed in places that absolutely will not give up their machines, since the idea of the requirement of a paper back-up to e-voting is gaining some momentum, and 2) probably serve to point out how piss-poor the machines actually are. With what has been discovered about how the machines operated (or were operated on), do you think there would be that many precincts in which the e-votes would actually match the paper? (This is assuming there were enough safeguards against avenues of potential fraud or manipulation of the voter-verified paper ballot, of which many were pointed out to me in another discussion.)
Lorna Chin |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 416
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 2, 2006 - 7:35 am: |
|
The way to make any voting method secure comes down to essentially the ultimate in transparency which is this: a voter should be able to see how his vote was recorded, and with adequate proof that the vote was indeed his, get it corrected if it was misrecorded. Nothing else is fully functional in its place. This should be one way traceability, by the voter, but it needs to exist. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 121
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, March 5, 2006 - 8:41 pm: |
|
quote:The way to make any voting method secure comes down to essentially the ultimate in transparency which is this: a voter should be able to see how his vote was recorded, and with adequate proof that the vote was indeed his, get it corrected if it was misrecorded. Nothing else is fully functional in its place. This should be one way traceability, by the voter, but it needs to exist.
This approach does not "make any voting method secure". Computer-based ballot-presentation devices can still defraud any voter by denying service, and can still influence the choices of voters who are undecided in the voting booth by making it more difficult to select certain candidates, by reordering the ballot, by omitting candidates from it, by making some candidates' names bolder or larger than others, and so forth. Also your approach does not prevent box stuffing. And, as we have discussed ad nauseam, it makes vote buying and coercion much easier than under secret-vote systems.
Hand-filled paper ballots, counted by the public in the places in which they are cast, under public supervision, are more secure.
-R |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 422
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 6, 2006 - 12:32 pm: |
|
Service isn't denied if you don't accept it. So don't accept bad service. If you're insistent enough, you can make them re-calibrate the machine until your vote counts. If you won't walk away from the machine until your vote displays correctly, you'll make a big enough stink to get it fixed.
And if you had to insist it be fixed, tell everybody in the precinct building and everyone you know. What are you going to do to stop schemers from getting the recount from their buddies (Blackwell's pet judges, et. al) and discovering a bunch of votes and saying they're legit. The poll books and the ballots pass out of your oversight right after the counting, someone raises the recount issue and all of a sudden the ballots don't add up the way that they did at the precinct, they're going to believe the ballots, not the previous count.
Vote buyers and coercers would be more sure of their results after they coerced someone, but much more easily caught (and more risky, just take a picture) and vote stealing would be a infinitely more risky for overturning, investigation and apprehension than it is now.
You said:"Also your approach does not prevent box stuffing." No, this approach allows it's removal, which nothing else does. Nothing can stop an election-administration-untraceable-vote from getting into the box. This is the only method that get's it out again.
The feedback of having a duplicate, legally binding voter traceable ballot that goes with you is the only foolproof safety that the ballots in the box actually have.
Hand filled paper ballots are fine, if you want to do a carbon the voter can leave with. But history doesn't show them as secure; not enough to bet our country's future on.
Get the legally binding copy of your ballot, keep it until all legal challenge time limits of the election are over. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 122
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 6, 2006 - 5:29 pm: |
|
quote:Service isn't denied if you don't accept it. So don't accept bad service. If you're insistent enough, you can make them re-calibrate the machine until your vote counts. If you won't walk away from the machine until your vote displays correctly, you'll make a big enough stink to get it fixed.
And most voters won't do this. You will, and I will, but everyone's vote has to count if we are to remain a functional republic. We cannot rely upon mechanisms that require unrealistic degrees of voter participation. In any case, effective denial-of-service attacks will simulate hardware failure, disabling one or more machines in certain precincts for the entire election. "Insist[ing]" at the polls will do nothing to fix this problem, and many voters, observing the long lines this attack is likely to create, will decide voting takes too much time and will skip it.
quote:And if you had to insist it be fixed, tell everybody in the precinct building and everyone you know.
Sure I will, for all the good it'll do. Most voters won't.
quote:What are you going to do to stop schemers from getting the recount from their buddies (Blackwell's pet judges, et. al) and discovering a bunch of votes and saying they're legit. The poll books and the ballots pass out of your oversight right after the counting, someone raises the recount issue and all of a sudden the ballots don't add up the way that they did at the precinct, they're going to believe the ballots, not the previous count.
That is indeed a problem with all counts -- including yours. Though your approach might be more resilient against vote transmutation than others (assuming that most voters verify their ballots -- an assumption I think unrealistic), it is just as susceptible to box stuffing.
quote:Vote buyers and coercers would be more sure of their results after they coerced someone, but much more easily caught (and more risky, just take a picture) and vote stealing would be a infinitely more risky for overturning, investigation and apprehension than it is now.
Please explain how. I don't see it. Instead, I see Guido calling up lots of voters and saying, "Now you'll vote for Joey, see? And you'll post your ballot number on alt.votes.verify-your-vote with your address, see? Then there'll be no trouble, see?" Joey is anonymous and makes sure that caller-id is disabled when he calls, fearful voters post their ballot numbers to a newsgroup unassociated with Joey, then Joey reads the newsgroup and checks the numbers. It'd be damned hard to catch Joey, far more difficult than if he had to visit victims in person, to, say, get their blank absentee ballots and signed envelopes.
quote:You said:"Also your approach does not prevent box stuffing." No, this approach allows it's removal, which nothing else does. Nothing can stop an election-administration-untraceable-vote from getting into the box. This is the only method that get's it out again.
And how does it do that? Don't tell me that everyone will just verify her ballot, and that the unverified pile left over is, perforce, the result of stuffing. Realistically, many (probably most) voters will not verify their ballots under your scheme, leaving no good way to tell which ballots are authentic and which resulted from stuffing.
Finally, you didn't address presentation frauds, nor did you describe the mechanics of a reasonable, effective, yet difficult-to-monkeywrench challenge procedure.
-R
(Message edited by ron_crane on March 06, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 423
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 7, 2006 - 5:41 am: |
|
You don't leave the polling booth until your ballot says what you want it to say, Ron, it's as simple as that. You don't know if it's unrealistic, it's never been allowed before. Unfortunately (and I mean that sincerely), people who won't stand up for their rights don't get them. There's no changing that.
And after Guido calls, you call the FBI and they monitor the site that Guido told you to use and they find the other victims and they find Guido, too, because Guido called all these people, too. And Guido goes to the slammer. If we can once get an honest government in, we can get enough voting machines to go around. Besides, the backup of my scheme needn't be more than ballots that you fill out 2 of and hand one in. The machines are almost incidental.
The presentation frauds are fixable with ballot legislation. All choices for the same office on the same page, same typeface and same size and proportional distance apart.
You make the places that people can bring their vote to very frequent in the district and after evidence of stuffing you do indeed ask people through all public media to come back and if they don't, their ballots don't count. It beats having to throw out an entire precinct.
Democracy really doesn't work without courage or participation. Sorry, it just doesn't. If the nation is too full of people who lack the courage to stand up and be counted, or to apathetic to make the efforts to ensure their votes are counted, it won't remain a democratic republic.
Read the challenge procedure under tech central. It's all written up, I won't reiterate it here. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 123
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 9, 2006 - 12:56 pm: |
|
quote:You don't leave the polling booth until your ballot says what you want it to say, Ron, it's as simple as that. You don't know if it's unrealistic, it's never been allowed before. Unfortunately (and I mean that sincerely), people who won't stand up for their rights don't get them. There's no changing that.
I know this procedure is unrealistic because it requires every voter's participation and does not account for the fact that some voters enter the booth undecided about how to vote. No system involving the general public ever attains 100% participation -- for example, the IRS can't even get everyone eligible for a refund to claim it. And voters who enter the booth undecided are, by that very fact, susceptible to improper influence by, among other things, presentation frauds. And these frauds, as I have noted before, are not limited simply to rearranging the ballot and manipulating the size and boldness of candidates' names. They can also include making it easier to select some candidates. Since this cheat produces no visual traces, it is very difficult to document -- and thus to deter. Similarly, a denial-of-service fraud that makes machines more likely to fail in certain precincts (thus making lines much longer there and deterring voters from voting) is very difficult to distinguish from random failure, and thus very difficult to deter.
For these and other reasons, we should ban all ballot casting machines, including DREs, DREs with VVPAT, and ballot printers.
quote:And after Guido calls, you call the FBI and they monitor the site that Guido told you to use and they find the other victims and they find Guido, too, because Guido called all these people, too. And Guido goes to the slammer.
Sometimes Guido will go to prison. And sometimes he will not. But your approach makes it much easier for Guido to operate than, for example, an all-mail ballot approach.
quote:If we can once get an honest government in, we can get enough voting machines to go around.
There's no such thing as an "honest government". Government needs constant supervision to maintain even a shadow of "honest[y]". "Once" is not enough, which is one reason why I oppose computerized ballot casting systems -- attackers are always working to subvert them, but they're defended, if at all, only during certification. Thereafter vendors are free to "patch" them to their hearts' content, and officials are free to load whatever software they want into them, and ordinary citizens (and even computer security experts) have no way to tell the difference.
quote:The presentation frauds are fixable with ballot legislation. All choices for the same office on the same page, same typeface and same size and proportional distance apart.
This is but to say that outlawing a practice prevents anyone from engaging in it. That's just false. Presentation frauds can only be deterred by adequate supervision. I have seen no good evidence that such supervision does (or can) exist for vote casting machines.
quote:You make the places that people can bring their vote to very frequent in the district and after evidence of stuffing you do indeed ask people through all public media to come back and if they don't, their ballots don't count. It beats having to throw out an entire precinct.
Again, this approach works properly only with 100% public participation. But many voters barely can get the time off work to vote in the first place. Your approach will, thus, preferentially disenfranchise these voters.
quote:Democracy really doesn't work without courage or participation. Sorry, it just doesn't. If the nation is too full of people who lack the courage to stand up and be counted, or to apathetic to make the efforts to ensure their votes are counted, it won't remain a democratic republic.
Here we agree. But, even in the healthiest republics, only a modest proportion of citizens ever show the level of "courage or participation" that your approaches require.
quote:Read the challenge procedure under tech central. It's all written up, I won't reiterate it here.
I assume you the thumprint approach you discussed in http://www.bbvforums.org/forums/messages/9707/17304.html?1141768822 . This is a real non-starter because it conclusively ties each voter to her vote. And no, ordinary citizens cannot reasonably "test the serial scanner" to ensure that the system is not storing their thumbprints, even if they know enough to be concerned about the issue. Also the hashes themselves are adequate to identify everyone whose fingerprints are already on file -- just run the raw fingerprints through the same hash algorithm with the same seed and look for matches. And a large proportion of the population (quite aside from anyone ever arrested) has prints on file, and that proportion will only increase as government and business require more widespread use of biometrics.
Further, the machines could cheat by generating incorrect hashes on the "receipt". Then, when you go to challenge a misrecording, the authorities arrest *you* for "election fraud". And "independent" thumbprint scanners don't solve the problem; crooked officials could manipulate all the scanners, or the "independent" vendors could be cooperating to cheat, or they could even be related -- say by being owned by the same parent company.
To summarize, your proposal
1. Makes vote-flipping more difficult and more likely to be discovered than with existing electronic systems -- assuming that either (a) most voters verify their ballots' recording, thus correcting vote-flipping directly (unlikely) or (b) a small number of corrections triggers a comprehensive investigation, thus deterring vote-flipping (unlikely -- see, e.g., the "investigation" into Ohio 2004);
2. Conclusively ties each ballot to a voter, and makes it possible to identify many voters by using existing fingerprint databases;
3. Makes vote buying and coercion much easier to conduct;
4. Requires essentially 100% citizen participation to head off box stuffing;
5. Does nothing to prevent denial-of-service and presentation frauds;
6. Creates a new avenue for charging innocent voters with crimes; and
7. Adds more complexity to already-too-complex electronic voting systems, making them even more difficult (really impossible) for the vast majority of ordinary citizens effectively to supervise.
-R
P.S. On further consideration, I notice that your proposal opens the door for significant monkeywrenching. Imagine that Victor knows that Audrey is going to win an election against Bob, but he dislikes Audrey intensely. Being crafty (and also crooked), he votes for Audrey, then modifies his copy of his ballot to indicate a vote for Bob. Then he challenges the official recording of his vote and alleges that officials (and/or the vendors) are cheating for Audrey. Audrey wins, but takes office under a cloud of illegitimacy. An investigation is launched, but Bob's fake is very convincing, and he get away with it. The investigation eventually attributes the problem to a "glitch", and is reported, if at all, on page 34 of the "local" section. While Victor didn't turn the election, he substantially weakened Audrey and made her re-election more difficult.
Hmm.
(Message edited by ron_crane on March 09, 2006) |
Robert Sawdey
Frequent Voting Rights Forum Participant
Username: Rsawdey
Post Number: 118
Registered: 01-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 9, 2006 - 4:24 pm: |
|
>>>And after Guido calls, you call the FBI and they monitor the site that Guido told you to use and they find the other victims and they find Guido, too, because Guido called all these people, too. And Guido goes to the slammer.<<<
Or, Guido gets promoted because he IS an FBI agent... |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 124
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 9, 2006 - 6:59 pm: |
|
quote:>>>And after Guido calls, you call the FBI and they monitor the site that Guido told you to use and they find the other victims and they find Guido, too, because Guido called all these people, too. And Guido goes to the slammer.<<<
Or, Guido gets promoted because he IS an FBI agent...
A good point. Ending ballot secrecy expands the opportunities not only for private vote coercion, but for governmental vote coercion -- that is, tyranny.
-R
(Message edited by ron_crane on March 09, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 440
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 6:00 am: |
|
Your argument on the thumbprint scanners is specious, with an adequate seed, your thumbprint can't be decoded, check the last post on how the seed is used, and your real fingerprint on your copy, signed by a pollworker is a stopper on rigged thumbprint scanners, anyway. You can use any PC tied to the thumbprint scanner to prove that all the thumbprint scanner sends is the hash.
Ron, your summary is specious on the following points:
Your 1: you don't know if it's unlikely or not, no voter has never been empowered to try.
Your 2: Is wrong for the reasons of your misinterpretation of the thumbprint scan. And that it's easily verifiable by many people, and you have your inked fingerprint on your copy that the poll worker has signed.
Your 3: Is both specious and wrong, it only makes vote buying easier to verify, but it also makes vote buying easier to prosecute.
Your 4: The vote is cast in indelible ink, use your head, for crying out loud, isn't this obvious? Then you can ruin a vote, but you can't change it.
Your 5: Specious as well. No, you may not keep all legitimate votes, because they won't all come in to have their votes verified, but you won't keep any votes that aren't from registered voters, because they won't come in to have their ballots checked, will they? No, of course they wont'. You need good voter ID, you've always needed that.
6. Also specious; the voter has the inked thumbprint that he can prove is his, what crime? As for charging innocent people with a crime, all laws have this potential.
7. Impossible my ass. Have a variety of parties and invite the public to do so as well to check the thumprint scanners, make sure that both your ballots say what you selected and check on your own vote. Hard to supervise, my ass.
And your PS? It's one vote, Ron, one vote only. And frankly, solved with indelible ink.
Robert, call the ACLU, then. Or any of a variety of organizations that you trust. Your issue is a non-starter. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 441
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 6:07 am: |
|
To stop denial of service will require honest people being elected.
To stop stuffing by fake people being registered to vote, that aren't real people (in that persona) requires good registration of voters with thorough ID checking both in original registration of voters and at the polling place.
No system of voter ballot feedback is going to cure that, nor is mine meant to. I want it cured as all honest people do, but you can't cure that inside the process of casting the ballot. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 125
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 7:50 am: |
|
quote:Your argument on the thumbprint scanners is specious, with an adequate seed, your thumbprint can't be decoded, check the last post on how the seed is used,
This is incorrect. The system can merely ignore the seed, or encode it into the ballot for later use. It solves nothing.
quote:and your real fingerprint on your copy, signed by a pollworker is a stopper on rigged thumbprint scanners, anyway. You can use any PC tied to the thumbprint scanner to prove that all the thumbprint scanner sends is the hash.
First, almost no member of the public would know to check this. Second, the scanner can be rigged to send only the hash when it's not connected to the system, while sending the full thumbprint when connected to the system [1]. Third, it doesn't need to send the unencoded thumbprint because the system can merely refrain from using the seed, or encode it into the ballot, as above.
quote:Ron, your summary is specious on the following points:
Your 1: you don't know if it's unlikely or not, no voter has never been empowered to try.
Show me *any* personally-nonvital task that gets 100% participation from the general public. [2] Then show me one that consistently gets 100% participation, year-in and year-out. That's what your approach requires. Let's see the evidence so we can judge just how likely this level of participation is. Then we can talk about "specious".
quote:Your 2: Is wrong for the reasons of your misinterpretation of the thumbprint scan. And that it's easily verifiable by many people, and you have your inked fingerprint on your copy that the poll worker has signed.
Incorrect again for the reasons I noted concerning the (non-)use of the seed.
quote:Your 3: Is both specious and wrong, it only makes vote buying easier to verify, but it also makes vote buying easier to prosecute.
Sorry, but it's far easier for Guido to operate by phone (or email) than it is for him to go door-to-door to coerce people using absentee ballots. It is also far safer for Guido, since he need not show his face, his car, or his bicycle to anyone. And, since everyone would be using this system, it enlarges the pool of potential victims beyond that available anywhere but in Oregon (which does all-postal elections). Refute that.
quote:Your 4: The vote is cast in indelible ink, use your head, for crying out loud, isn't this obvious? Then you can ruin a vote, but you can't change it.
Huh? Item 4 is about box stuffing. How is this relevant to box stuffing?
quote:Your 5: Specious as well. No, you may not keep all legitimate votes, because they won't all come in to have their votes verified, but you won't keep any votes that aren't from registered voters, because they won't come in to have their ballots checked, will they? No, of course they wont'. You need good voter ID, you've always needed that.
This seems to be in response to my item 4 about box stuffing. While indeed votes from non-registered voters will get thrown out, so will many votes from registered voters. Thus box-stuffing can serve its purpose -- skewing the election -- even if none of the stuffed ballots get counted.
quote:6. Also specious; the voter has the inked thumbprint that he can prove is his, what crime?
Did you read the paragraph beginning, 'Further, the machines could cheat by generating incorrect hashes on the "receipt". Then, when you go to challenge a misrecording, the authorities arrest *you* for "election fraud"....'? Yes, the system can generate identical incorrect hashes, one on the ballot, and one on the receipt.
quote:7. Impossible my ass. Have a variety of parties and invite the public to do so as well to check the thumprint scanners, make sure that both your ballots say what you selected and check on your own vote. Hard to supervise, my ass.
Your ass, indeed. Only a vanishingly small proportion of the public has any idea of how to supervise this equipment. Even *you* didn't realize that the system could simply refuse to use the seed, or encode it into the ballot (yeah, steganographically) for later use in matching thumbprints. And what if officials switch the equipment (or vendors "patch" it) after your "parties" but before the election? And what if one of the participants in your "party" himself does something unsavory to the system?
quote:And your PS? It's one vote, Ron, one vote only. And frankly, solved with indelible ink.
Yes, it's one vote -- at a time. Victor might have partners in crime. But if the system is perceived as very secure, his faked challenges might significantly undermine the legitimacy of those elected using it. And U.S. currency is printed with "indelible ink". That hasn't stopped many enterprising counterfeiters from nonetheless erasing it and using the paper to print higher denominations.
quote:Robert, call the ACLU, then. Or any of a variety of organizations that you trust. Your issue is a non-starter.
No, your approach is a non-starter. It opens voters not only to private vote-coercion, but to governmental vote-coercion. And, while the ACLU is a patriotic and an effective organization, it cannot solve all problems. In particular it, like everyone else, has a difficult time policing secret agencies -- like the ones your approach empowers to coerce citizens' votes.
quote:To stop denial of service will require honest people being elected....No system of voter ballot feedback is going to cure that, nor is mine meant to. I want it cured as all honest people do, but you can't cure that inside the process of casting the ballot.
Ah, now we're making progress. You most certainly can "cure that inside the process of casting the ballot". It's simple: ditch the machines and provide each polling place with a stack of paper ballots reflecting 10% more than the number of registered voters eligible to vote there. This is easy for any member of the general public to check, and, unless voters spoil their ballots at unprecedented rates, is a strong guarantee that there won't be any denials of service. And if there are (e.g., an official burns half the ballots after the public checks), it's obvious who's at fault, and the attack cannot reasonably be attributed to "a glitch in the system".
-R
[1] This works by the system sending the scanner a signal.
[2] Yeah, almost 100% of the public connects its houses to municipal water supplies. But the last time I checked, water was vital for life. The same cannot be said of voting. Though it is vital for the republic's life, it is not for any particular individual's.
(Message edited by ron_crane on March 10, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 443
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 10:00 am: |
|
Ron, your arguments are still specious. The scanner just provides the text of the hash code, viewable in a terminal emulation program, by for instance a laptop using 'Hyperterminal' . Not hard to verify at all. You can make sure it sends nothing else. If you want to verify that it used the the seed, go to another scanner and use another seed and see if you don't get a different hash. And as for your [1] this can be tested by having an extra sensing receiver in the connection that doesn't interfere and can check how the setup works as connected to the voting machine.
Your rebuttal to 1 is disengenuous, it doesn't need 100% to detect a problem. And the people that can't afford to come back to vouch for a stuffed vote, don't.
Rebuttal to 2 is taken care of above, the scanner is the most easily verified. You can verify it from a laptop or from an in-line RS232 monitors made commercially to check this or a laptop set up programmatically to work as an RS232 monitor. It's cake.
Rebuttal to 3, Guido better not be operating by e-mail or phone or his butt's going to wind up in the slammer, both are very traceable, regardless of precautions. This is still specious.
Rebuttal to 4, you have nothing for ballot stuffing in the first place, this at least allows the average voter to do something about this, as currently nothing else does. And this can be offset by having time allowed legally for correcting your vote and making places you can get it fixed numerous. Is it perfectly convenient?No. Neither is having to come back and recast your ballot or be left out of the election, or have your vote cheated out of you.
Rebuttal to 4, the fingerprint is the most binding (obviously) Ron. Done in ink.Use a flimsy ballot that won't stand up to washing like money will.
Rebuttal to 5: Certainly that's possible, but you still have a less corruptable system in this than you have right now. Basically, this works like a lot of things naturally do, if you think you're in danger of losing, do your damndest to make sure all of your voters are counted as they should be.
Rebuttal to 6: The inked thumbprint on the non-washable ballot that you have kept yourself is what prevents this.
Rebuttal to 7: This is still bilge, Ron, read the rest of this post. It's easily checkable, many people can check it without invasively damaging it or corrupting it, and it can be checked in situ.
And your PS, don't print the ballot on paper that can be washed, Ron.
Yeah, and with your approach, the opposition decides they'll spoil 30 ballots apiece and still get their votes counted, because that's not illegal, is it? |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 126
Registered: 08-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Friday, March 10, 2006 - 11:24 am: |
|
quote:Ron, your arguments are still specious. The scanner just provides the text of the hash code, viewable in a terminal emulation program, by for instance a laptop using 'Hyperterminal' . Not hard to verify at all.
Again, you refuse to address the fact that the vast majority of the public has no idea that this needs verification, and much less does it know how to verify it. You are delegating supervision of this system to a tiny technological elite -- which, ironically, is hardly different from where we are with existing machines.
quote:You can make sure it sends nothing else.
You can make sure that it sends nothing else when you test it. Oh, wait: it can still send something else wirelessly -- and undetected. And you can't know what it's doing when it's hooked up to the system unless you add Y-connectors and more complexity. Oh, wait, it can use wireless to bypass that safeguard, too.
quote:If you want to verify that it used the the seed, go to another scanner and use another seed and see if you don't get a different hash. And as for your [1] this can be tested by having an extra sensing receiver in the connection that doesn't interfere and can check how the setup works as connected to the voting machine.
Oh joy! More equipment to be hacked. Further, this still doesn't work. The scanner can simply encode the seed into the purported "hash" -- in a reversible manner. Thus, different seeds would produce different "hashes", but the insiders who rigged the system easily could separate the portion of the "hash" representing the seed from the portion representing the thumbprint's true hash.
quote:Your rebuttal to 1 is disengenuous,
Ah, now the personal attacks start.
quote:it doesn't need 100% to detect a problem. And the people that can't afford to come back to vouch for a stuffed vote, don't.
The system needs 100% participation to prevent voters from being disenfranchised by the stuffing-removal step. But you apparently don't care about that disenfranchisement, which, BTW, will fall much more heavily upon those who must work long hours and multiple jobs (chiefly the working poor) than upon others. To put it more plainly, your approach enables box-stuffers easily and systematically to disenfranchise a significant and well-dislineated portion of the electorate. That's a big problem, and one that I would not hesitate to challenge as a violation of the 14th Amendment's equal protection clause.
quote:Rebuttal to 3, Guido better not be operating by e-mail or phone or his butt's going to wind up in the slammer, both are very traceable, regardless of precautions. This is still specious.
You assert that it's "specious", but don't show how. I've shown clearly how your approach makes it easier and safer for Guido to intimidate a much larger pool of voters than with postal ballots, and you've done nothing to refute that showing. Better try again.
quote:Rebuttal to 4, you have nothing for ballot stuffing in the first place, this at least allows the average voter to do something about this, as currently nothing else does.
My solution is to have citizens supervise the ballot boxes from poll opening, through the election, and on through the tabulation and the posting of results. Citizen supervision of the ballots afterward (e.g., until all recount periods have run) is indeed more difficult, but I think it's manageable. Safe-deposit boxes are pretty secure, and aren't even under public supervision. Isolated storage and video surveillance would make post-count stuffing substantially more difficult.
quote:Rebuttal to 4, the fingerprint is the most binding (obviously) Ron. Done in ink.Use a flimsy ballot that won't stand up to washing like money will.
Huh?
quote:Rebuttal to 5: Certainly that's possible, but you still have a less corruptable system in this than you have right now....
No, you just have different kinds of corruption, like disenfranchising a big chunk of the working poor by stuffing the ballot box.
quote:Rebuttal to 6: The inked thumbprint on the non-washable ballot that you have kept yourself is what prevents this.
This doesn't address the attack, which is for the machine to cheat by flipping your vote, then printing a FALSE hash -- one that does not match your thumbprint and seed -- on both the ballot and the copy. Then, when you go to challenge your misrecorded vote, and scan your thumb and input your seed again, the hash that comes out won't match the one on the ballot. You will swear that you voted differently than what the machine recorded, but the officials will say, "You're cheating! The machines are secure. Brant Lamb told us they were, and even had a 'machine checking party' just before the election to verify it. Sorry. And if you don't go away right now, we're going to charge you with election fraud -- and hacking."
quote:Rebuttal to 7: This is still bilge, Ron, read the rest of this post. It's easily checkable, many people can check it without invasively damaging it or corrupting it, and it can be checked in situ.
Ah yes, "bilge". The fact is that very few members of the public would even know that any of this needs checking, let alone what to check or how to do so. Even you don't know all the attack vectors, as you've shown by your refusal to recognize that the hashes can be used conclusively to attribute ballots to voters.
quote:And your PS, don't print the ballot on paper that can be washed, Ron.
Then ballot counterfeiters will just steal (or counterfeit) the paper and print their own ballots.
quote:Yeah, and with your approach, the opposition decides they'll spoil 30 ballots apiece and still get their votes counted, because that's not illegal, is it?
Actually I think every state limits the number of ballots a voter can spoil. In California, for example, a voter gets 3 chances including her original ballot. Cal. Elections Code s.14288. As a practical matter, even if a state had no explicit spoilage limit, pollworkers would be likely to ask the police to arrest someone who tried to spoil 30 ballots in a row, probably for an offense like "disorderly conduct" or "interfering with an election". It would be even more difficult for more than one person to pull this off at any one polling place.
It's far more difficult to deny service with hand-filled paper ballots than with machines. Further, with paper ballots denial must be orchestrated locally. With machines, a few vendors can selectively deny service nationwide.
-R
(Message edited by ron_crane on March 10, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 445
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 12:48 pm: |
|
I don't concede any of these poorly reasoned points, Ron, I'm just sick of arguing with you.
After you've established any pattern of storage of the ballots after counting them at the precinct, it's only going to take one person or group to get at them then. You just can't put possession of these items into the hands of (essentially) any person or group of persons for the good of all the rest of us.
That stealing the paper and counterfeiting the ballots is great, Ron, but how do they get the poll person's signature? And how do they get signatures in the poll books? All of that would have to be opened up in any investigation. You're not postulating corruption in some areas, you're depending on corruption in nearly all areas to make your arguments.
Your grasping at straws for something to arrest someone for spoiling ballots for. Get real.
I, for one, have never said that you had to use a machine to vote, but if you want any security for the ballots, if you don't give the voter a usable proof that he gets to keep of how he voted, a way to show undeniably that this ballot proof belongs to him and that he has the right to get it corrected to what that proof shows, the ballots are a stalking-goat looking for a lion. Sometimes, if you're especially alert and have dotted all your i's and crossed all your t's you get the lion, but it nearly always turns out badly for the goat. As will this paper ballot that we all watch strategy; only when you're done we're all the goats.
And the hashes can't be used conclusively to attribute them to the voters. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1873
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 1:42 pm: |
|
Brant,
Ron's arguments seem well-reasoned to me. Your comments to Ron border on insulting, which is not welcome on these fora.
I find your points, Brant, to be unconvincing and unrealistic, regardless of how passionately you feel about them. You've presented the same ideas on various threads here. Others here have pointed out serious problems with your proposed approach, which you then ignore.
Passion is a fine thing, but it needs to be married with common sense--or at least some data, such as could be obtained by carrying out a few surveys or a trial run.
Have you spoken to any election officials about your ideas?
More importantly, have you taken a survey of voters to ask how they would feel about a voting system that required non-computer-users to come to a polling/posting station for a second time on different day?
Carrying out such a poll would be a relatively simple thing to do, compared to doing a full-blown trial run. It could alert you to any public resistance or lack thereof or other potential issues.
Have you spoken to a good sample of voters about how they would feel about having to confirm that multiple layers of electronic equipment were provably functioning as designed?
You could describe your system to voters and ask them to rate how well they understand it.
You might also ask voters without professional ICT expertise to rate their confidence in their own ability to observe such a system and make well-informed assessments as to whether or not it was accurate, reliable and secure, or as to whether or not any election results had been tampered with at any stage.
Until you do some of these things, speaking for only myself, I wish you would post elsewhere relating to your voting system proposals.
If you carry out some surveys or experiments that support your idea as being practical, reliable, and likely to be accepted by voters and election officials, then report the results. Some experimental data is required as a next step to back up your oft-repeated assertions of the benefits of your proposed solution. This is what is needed if you intend to move your idea forward.
I will be extremely surprised if your complex, overly technologically-dependent system finds favour with a wide sample of voters, for reasons I have mentioned in the past. But if it does I'll be among the first to reconsider my opinion. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 127
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 10, 2006 - 1:50 pm: |
|
quote:I don't concede any of these poorly reasoned points, Ron, I'm just sick of arguing with you.
In other words, you have nothing to counter some critical points I've raised. For others' benefit, these are:
1. Your approach can be used to match citizens to their votes using their thumbprints, either by directly storing the thumbprints or by storing the thumbprint "hashes" and seeds for later use, such as by encoding them into the "hashes" printed on the ballots. Your countermeasures do nothing to prevent this, since they can be sidestepped by the use of wireless devices to send the complete thumbprints, or by encoding the seeds themselves into the "hash" in such a way that they can easily be stripped off and used to decode the printed "hashes" into raw thumbprint hashes. The resulting complete prints or hashes can then be compared against fingerprint databases to irrefutably link ballots to voters.
2. Your approach dramatically increases the ease and safety of both private and public vote coercion over, for example, absentee ballots. It also greatly increases the pool of potential victims, except in states that already use all-absentee systems. Merely asserting that Guido the Coercer will "go to prison" does not make it so.
3. Your approach cannot effectively be supervised by the vast majority of the public.
4. Your approach provides box-stuffers with an easy way to disenfranchise a significant portion of the electorate -- those whose jobs make it difficult for them to reverify their ballots. It also creates the potential for reverification frauds, where officials just "fail to record" the fact that a voter reverified her ballot, and then purge it from the results as if it had been "stuffed".
5. Your approach makes it possible for the machines to flip votes and then print false hashes on both copies of the ballots, thus making it difficult or impossible for voters to correct the flips and possibly subjecting the voters to (false) criminal charges for "falsifying" their ballots.
6. Your approach adds a false patina of "security" to ballot casting machines while leaving major security holes, like denial-of-service attacks and presentation frauds, unaddressed. It thus helps perpetuate the myth that machines are sufficiently secure.
quote:After you've established any pattern of storage of the ballots after counting them at the precinct, it's only going to take one person or group to get at them then. You just can't put possession of these items into the hands of (essentially) any person or group of persons for the good of all the rest of us.
Your system puts our privacy and our votes in the hands of the tiny minority of the population that deeply understands computer security. It permits a few vendors to falsify votes nationwide. My approach (precinct-based hand-counted paper) effectively eliminates global frauds and forces officials to physically tamper with ballots. With adequate public supervision, this is difficult. There is, admittedly, a problem with ballot storage in the time between the initial counts' conclusion and the end of the recount period. As I already noted, fraud during that period can be discouraged by the use of videotaping. Placing the ballot boxes in a big locked container in the town square would also help.
quote:That stealing the paper and counterfeiting the ballots is great, Ron, but how do they get the poll person's signature?
They forge it.
quote:And how do they get signatures in the poll books?
I suppose you're talking about box stuffing here. They don't need to see the pollbooks, though, of course, officials have ready access to them. All they need to do is to fake some ballots and corresponding hashes, then forge a pollworker's signature. As you noted, no one will reverify these ballots, so the stuffing won't succeed in adding votes. It will, however, succeed in disenfranchising the many voters who are unable to reverify their ballots, and possibly others cheated by reverification frauds.
quote:Your grasping at straws for something to arrest someone for spoiling ballots for. Get real.
Get real yourself. As I noted, most (if not all) states limit the number of spoiled ballots per voter. Further, few pollworkers are going to let multiple voters spoil 30 ballots without calling officials or the police.
quote:I, for one, have never said that you had to use a machine to vote,
The procedure you've described depends upon machines at every step.
quote:but if you want any security for the ballots, if you don't give the voter a usable proof that he gets to keep of how he voted, a way to show undeniably that this ballot proof belongs to him and that he has the right to get it corrected to what that proof shows, the ballots are a stalking-goat looking for a lion. Sometimes, if you're especially alert and have dotted all your i's and crossed all your t's you get the lion, but it nearly always turns out badly for the goat. As will this paper ballot that we all watch strategy; only when you're done we're all the goats.
Careful public supervision of hand-filled, hand-counted paper ballots improves security significantly, and, though not perfect, it does prevent global frauds and make local ones more difficult to perpetrate. And, as I've already noted, your approach requires very careful supervision -- and only a tiny minority of the population has any idea of how to provide it.
quote:And the hashes can't be used conclusively to attribute them to the voters.
I don't know how many times I and others have to correct this misperception. To do it again: once the authorities have a hash of your thumbprint, they can apply the same hash algorithm to a database of fingerprints and look for a match. If the hash algorithm is robust, a match indicates a high likelihood that the prints are the same. I also described repeatedly, even in this very note, how a crooked vendor can bypass your "seed" countermeasure to gain access to either the raw thumbprint hash or to the raw thumbprint bitmap itself. Denying this security hole's existence won't make it go away, and certainly won't improve your approach's credibility.
-R
(Message edited by ron_crane on March 12, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 448
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 13, 2006 - 5:54 am: |
|
Your methods for a crooked vendor to bypass the seed are specious as I've given you-off-the-shelf methods for their detection. If you're worried about the seed being embedded in the hash, you need only make the seed longer than the resultant hash.
And if your want to, have the scanner print the hash on the ballot, in text. Use carboned ballots, so that you fill out both at exactly the same time.
And Catherine, unproven arguments don't convince me of anything. I haven't heard a valid argument out of Ron yet. Chuck Gladu had a point about recreating hashes if you had the bitmap already, and that required a seed to overcome it. That was the last I saw of valid arguments, and I found a way to meet that one. The rest have been chaff. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1891
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 13, 2006 - 6:17 am: |
|
"unproven arguments"?
I suggested you get some verification of your procedure via survey(s) as a starting point.
What's the point of a complex system if
1) people can't understand it (people here don't seem to have an easy time with it, anyways)
2) people don't want to use it (so far lots of negative response which you ignore because you believe you have intellectual answers)
3) the transparency is undermined because it involves technology beyond the scope of the general public to oversee without specialized knowledge or training (you seem to think the average joe knows how to check a scanner and presumably ensure that seeds, hash, etc. are functioning properly and that no tampering has occurred)
4) potential attack vectors are increased (all the different stages of pre-vote and later verification involve multiple technologies and problems such as presentation errors, distribution problems, etc.)
5) attempting to get a change made to how one's vote is recorded may be even less likely to succeed than the likelihood of enforcing current election regulations (you believe that introducing more stages where one would have to prove that something did or didn't go wrong with the technology, isn't an issue)
I've left off the potential to link voter to their vote, since I don't thave the expertise to evaluate the various arguments.
You don't believe any of these are valid issues. I do.
Some of these concerns might be answered by a well-crafted survey using neutral language and an appropriately selected statistically valid pool of respondents. Why not have a go, to at least rule your system out or in without requiring expensive technical development?
This is a classic case of mismanaged R&D thinking. The person developing something gets so wrapped up with the technical solution they've been developing, that they never stop and ask whether anyone wants this particular solution.
You could also ask to what extent their understanding of a system would make it more or less likely they would use it. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 131
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 13, 2006 - 11:47 am: |
|
quote:Your methods for a crooked vendor to bypass the seed are specious as I've given you-off-the-shelf methods for their detection.
And I've already shown that they don't work. As long as the ballot printer's vendor has any control over the thumbprint scanner connected to its ballot printer, or any access to the unencypted thumbprint or unencrypted thumbprint hash, it can use them to link ballots to voters. It can, for example, make the scanner wirelessly send the entire thumbprint, or a hash computed without using the seed, or a hash computed using the seed plus the seed itself, to the ballot printer, then record them steganographically on the ballot for later use in matching voters to ballots. Continuously auditing the output of the thumbprint scanner "using Hyperterminal" and a Y connector, as you proposed, will not catch this cheat.
If instead you require the ballot printer to work with an off-the-shelf thumbprint scanner, you have the same problem, since the scanner still has to send the raw thumbprint hash to the ballot printer, which then must accept the voter's seed.
You might require a special-purpose thumbprint scanner that also has a keypad to enter the seed, and which then encrypts the thumbprint hash with the seed and sends the result to the ballot printer. The idea is to prevent the ballot printer from gaining access to the unencrypted thumbprint hash or anything else that could be used to compare thumbprints from a fingerprint database with the data collected by the system, and thus to identify voters. [1] But this isn't an off-the-shelf device. And even if it were, voters would have no good way to verify that it wasn't using weak encryption (e.g., XORing the hash with only a few bits from the seed). And, while at the time of "certification" the company that produces the scanner might be unrelated to the vendor (and thus assumedly not in collusion with it), nothing prevents that from changing afterward. Companies routinely acquire other companies, or become siblings through acquisitions. Over the long term -- which is what concerns us when considering election security -- we cannot assume lack of relationship or lack of collusion between the voting system vendor and the scanner vendor. Indeed, we must assume the opposite, then devise a protocol that's secure anyway. Can you do that?
quote: If you're worried about the seed being embedded in the hash, you need only make the seed longer than the resultant hash.
That doesn't help, since the ballot printer can steganographically encode the seed somewhere in the remainder of the ballot. Along these lines, some (probably all) color printer manufacturers steganographically encode their devices' serial numbers on every page they print (http://www.pcworld.com/news/article/0,aid,118664,00.asp ) -- supposedly to permit the tracking of counterfeiters.
Also, requiring the use of long seeds will make voters more likely to forget them, and thus will make it more difficult for voters effectively to challenge vote flipping.
quote:And if your want to, have the scanner print the hash on the ballot, in text. Use carboned ballots, so that you fill out both at exactly the same time.
What problem is this intended to solve?
quote:And Catherine, unproven arguments don't convince me of anything. I haven't heard a valid argument out of Ron yet. Chuck Gladu had a point about recreating hashes if you had the bitmap already, and that required a seed to overcome it. That was the last I saw of valid arguments, and I found a way to meet that one. The rest have been chaff.
The rest you simply have refused to meet, including the greatly increased likelihood of vote buying and coercion, the disenfranchisement of large swaths of the electorate who cannot reverify their ballots, reverification frauds [2], denial-of-service and presentation frauds, and lack of effective supervisability by all but a tiny sliver of the population.
-R
[1] Also, of course, many voters -- not understanding computer security -- will use seeds like "1234", which provide essentially no protection. Others will use their Social Security numbers or drivers license numbers, which actually will help identify them. Yeah, you wouldn't do that, and I wouldn't do that, but -- again -- most of the general public has no idea why it shouldn't. This is another reason that the system is inappropriate for public use.
[2] E.g., what prevents crooked officials from flipping votes by "correcting" ballots whose casters didn't reverify them? This should be quite safe, since, by not reverifying, the victims have shown that they're not watching what the officials are doing. And what prevents crooked officials from falsely claiming that a voter didn't correct her ballot when reverification showed her votes to be incorrectly recorded?
(Message edited by ron_crane on March 13, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 449
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 14, 2006 - 5:19 am: |
|
Several people here do understand it, and want something like it, Catherine. You don't seem to understand it. I've had a fair bit of positive response as well. Most of it lately.
By using the same standards as you discourage this, you don't (in the bulk of the public) have great response for handcounted paper ballots, either. Why doesn't this stop you? Because you think it's the right thing to do.
This is the best I can think of, so far. I firmly believe that you are going to need something to allow the individual to check and correct his ballot and you are also going to have to have a way for the individual to vouch for, and prove that a vote is his.
By the way, Ron, wireless takes an antenna somewhere connected to the device, this is reasonably easy to check.
If you're printing a form ballot (as I've said from the start) and only printing the fill-ins, where do they do the steganographic printing, Ron? Why is there a reason to use other than monochrome printers, Ron? There isn't.
[1] People do understand security, they are often too lazy to follow it. Can you beat that? No, do you really need to? Are people going to go on complete speculation to find prints? I really doubt that, Ron. And, starting with a random ballot and trying to figure out a security code that may be the birth date, 1234 or whatever of a random voter, Ron? Because, remember, the reason that you're trying to crack this is because you don't know who he is. So the obvious password thing is spurious, other than the 1234 thing and you can warn people about that just like the banks do. And people do know why that's a bad idea, they've heard it from their banks. If you know who he is to try the things that would be obvious about him, you already know who he is.
[2]By the scheme I set out, you look for your number by eye-scanning the list, not typing in your number, how do they know whether you've verified your vote or not? They don't. And you can only get it corrected to what the ink-thumbprinted, poll worker signed ballot says. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1897
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 14, 2006 - 7:29 am: |
|
"By using the same standards as you discourage this, you don't (in the bulk of the public) have great response for handcounted paper ballots, either."
What is your basis for this? I see increasing calls for HCPB right across the country. There are organizations dedicated to it. Many people, once informed of the relative risks of paper vs. no paper and machine-counted vs. hand-counted, and of the practical and economic advantages of HCPB, are open to consider this.
In contrast, I see few if any readers who have been convinced by your arguments.
You didn't answer my question about why not consider a survey. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 132
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 14, 2006 - 8:55 am: |
|
quote:By the way, Ron, wireless takes an antenna somewhere connected to the device, this is reasonably easy to check.
It is? Find the antenna in your laptop, or the one in your Airport base station. Yeah, I thought so: it's inside, isn't it? Where no one can see. Further, since the scanner will be within a few feet of the ballot printer during elections, the antennas can be very small and easily hidden -- a trace on a circuit board would do nicely. Also there are infrared communications, and one can easily send small amounts of data over short distances using the power lines. The general public has no way to supervise this kind of communication, and the vast majority of people don't know how it works (wireless, infrared) or even that it's possible (communication over the power lines).
quote:If you're printing a form ballot (as I've said from the start) and only printing the fill-ins, where do they do the steganographic printing, Ron?
They print a tiny dot here and a tiny dot there over the entire form, perhaps adding an extra dot in the fill-ins or in the circles that outline the fill-ins. Individual dots are very small and, even if noticed, are easily disregarded as typical random nonuniformity in the paper or ballot printing. One easily can contrive a steganographic coding sufficient to encode the 36-ish bits of data in the seed onto a ballot page [1]. For example, encode the dots along the outer edges of the fill-ins. A dot positioned somewhere between 0 degrees to 90 degrees encodes "00", a dot positioned between 90 to 180 degrees encodes "01", etc. Thus you could encode the entire seed using only 18 fill-ins, and maybe 36 with very robust error correction. Of course you could also encode bits around the characters in the candidates' names, in any logos or watermarks, or in the blank areas.
quote:Why is there a reason to use other than monochrome printers, Ron? There isn't.
You've just shown -- again -- why your system is incapable of adequate public supervision by showing that you can't effectively supervise it. Steganography is hardly limited to color printers. The color printer example was only an example, not exhaustive of the art. It was meant to illustrate a contemporary use of steganography that hid a huge privacy violation from millions of people -- in plain sight. Perhaps you should learn more about steganography before belittling my concerns about its use.
quote:[1] People do understand security,
Hmm, that must be why phishing died out so quickly, and why so few people buy stuff from spammers that spam has ceased to be a problem. Oh, wait....
quote:they are often too lazy to follow it.
Agreed.
quote:Are people going to go on complete speculation to find prints? I really doubt that, Ron. And, starting with a random ballot and trying to figure out a security code that may be the birth date, 1234 or whatever of a random voter, Ron? Because, remember, the reason that you're trying to crack this is because you don't know who he is. So the obvious password thing is spurious, other than the 1234 thing and you can warn people about that just like the banks do. And people do know why that's a bad idea, they've heard it from their banks....
A determined adversary will most certainly scan the seeds for clues to identity (e.g., numbers in the form of drivers license numbers and Social Security numbers) as well as spend some very cheap and easily-available computer power cracking poorly-chosen seeds. But, of course, this is necessary only if the prints don't appear in a database (most everyone's will in a decade or so) or if the adversary doesn't have access to the seed (but, of course, a crooked vendor will send the seed from the scanner to the ballot printer by wireless or infrared or over the power lines). So this is really a secondary consideration as long as a crooked vendor can get her hands on the seed.
quote:[2]By the scheme I set out, you look for your number by eye-scanning the list, not typing in your number, how do they know whether you've verified your vote or not? They don't.
Then your anti-box-stuffing scheme doesn't work, since officials don't know which ballots have been reverified and thus cannot remove the fake ones.
quote:And you can only get it corrected to what the ink-thumbprinted, poll worker signed ballot says.
Not quite. Because every voter must reverify her own vote to remedy box stuffing, crooked officials can simply wait until the reverification period has passed, then flip votes on some of the non-reverified ballots instead of throwing them away.
-R
[1] I get 36 bits by assuming 6 characters that can contain upper- and lower-case alphabetic characters and 10 numerals.
(Message edited by ron_crane on March 14, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 452
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 5:57 am: |
|
No, wireless cards for PCs have antennae, Ron! And no, a circuit board trace won't work. An antennae has to be away from ambient noise, you're just embarrassing yourself with this one. You need an electrical conductor that is prependicular to the source-generation of your noise. All digital equipment generates a lot of RF noise. That's why so much of it is in metal boxes.
The anti-stuffing only comes into effect due to detection of something that starts the verification process. Then you go down and reverify. I will grant you that there needs to be honest people to keep crookedness at the end of this from having an effect, but you have no chance at all of removing the stuffed votes without this.
If you're that concerned about it, run them on batteries (as I said before, apparently you didn't read that) and put them in a faraday box, not even a cage (which should probably be done for anti-tamperability, anyway)and only the cable comes out! Also all you need for one-way serial is 2 pins, so that the scanner can transmit and can't receive anything. You cut the other pins off, or keep them from being installed in the first place. No power line, no RF tranmission, no escape of unrandomized light for IR. You have the hash come out as plain text. Nothing outside but the keyboard and that should have a cowling, as well, for privacy. It's very simple, Ron. The prevention of the seed going anywhere other than where it's supposed to is actually pretty easy.
So how do they fake the reverification logs, Ron? The override for matching a print should take a couple of witnesses, at least.
It's 48 bits.
Your [1] actually, you know it would allow a far larger value of the seed if this were 6 hexadecimal digits. You can verify what comes out to the printer very easily, Have the fill ins be X'ed in text, it isn't hard to clean this up.
I don't really care whether you use a PC for this or not, what I do think is going to be necessary is that a voter get a ballot copy that he can prove is his, that he can verify the recording of his vote with, and be able to prove (and force) that his legitimate vote is counted.
Basically, you're starting to convince me that Lynn Landes is right, you're probably going to have to do away with the anonymous vote if you're going to have clean elections. Because the voter-unverifiable vote is the crux of many of the problems.
You need to stop fake voters of all flavors as well, I don't contest that. Strong, free voter ID (and that you actually vett that at sign up and in an ongoing manner) is vital, too. You also need to prevent any form of voter discrimination or discouragement, as well.
But this idea of "let's put a bunch of unprovable ballots in a box for many hours and try to protect it well enough that no one can corrupt it, even though a crowd is moving around it and they can come in close proximity to it and even though we may need the ballots to remain uncorrupted we'll put them in the custody of someone who went looking for the job" is always going to be vulnerable to cheating. You can't beat the poor mechanics of it. You've got to short circuit the ability of someone to come between the voter's original intent and the ability to be sure you've counted it fairly. And this has to be good for all the legal time of challenge. And the only motivation that you can trust in this is the voter's. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 453
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 6:20 am: |
|
No, wireless cards for PCs have antennae, Ron! And no, a circuit board trace won't work. An antennae has to be away from ambient noise, you need an electrical conductor that is prependicular to the source-generation plane of your noise. All digital equipment generates a lot of RF noise. That's why so much of it is in metal boxes.
The anti-stuffing only comes into effect due to detection of something that starts the reverification process. Then you go down and reverify. I will grant you that there needs to be honest people to keep crookedness at the end of this from having an effect, but you have no chance at all of removing the stuffed votes without this.
If you're that concerned about it, run them on batteries (as I said before, apparently you didn't read that) and put them in a faraday box, not even a cage but a box (which should probably be done for anti-tamperability, anyway)and only the cable, the keyboard and it's shroud come out! Also all you need for one-way serial is 2 pins, so that the scanner can transmit and can't receive anything. You cut the other pins off, or keep them from being installed in the first place. No power line, no RF tranmission, no escape of unrandomized light for IR. You have the hash come out as plain text. Nothing outside but the keyboard and that should have a cowling, as well, for privacy. It's very simple, Ron. The prevention of the seed going anywhere other than where it's supposed to is actually pretty easy.
So how do they fake the reverification logs, Ron? The override for matching a print should take a couple of witnesses, at least.
It's 48 bits.
Your [1] actually, you know it would allow a far larger value of the seed if this were 6 hexadecimal digits. You can verify what comes out to the printer very easily, Have the fill ins be X'ed in text, it isn't hard check on this and avoid the problem.
I don't really care whether you use a PC for this or not, what I do think is going to be necessary is that a voter get a ballot copy that he can prove is his, that he can verify the recording of his vote with, and be able to prove (and force) that his legitimate vote is counted.
Basically, you're starting to convince me that Lynn Landes is right, you're probably going to have to do away with the anonymous vote if you're going to have clean elections. Because the voter-unverifiable vote is the crux of many of the problems.
You need to stop fake voters of all flavors as well, I don't contest that. Strong, free voter ID (and that you actually vett that at sign up and in an ongoing manner) is vital, too. You also need to prevent any form of voter discrimination or discouragement, as well.
But this idea of "let's put a bunch of unprovable ballots in a box for many hours and try to protect it well enough that no one can corrupt it, even though a crowd is moving around it and they can come in close proximity to it and even though we may need the ballots to remain uncorrupted we'll put them in the custody of someone who went looking for the job" is always going to be vulnerable to cheating. You can't beat the poor mechanics of it. You've got to short circuit the ability of someone to come between the voter's original intent and the ability to be sure you've counted it fairly. And this has to be good for all the legal time of challenge. And the only motivation that you can trust in this is the voter's. |
Kathleen Wynne
Moderator
Username: Admin_ii
Post Number: 217
Registered: 08-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 7:10 am: |
|
Brant,
I have to disagree with your assessement that Ron's arguments have been "specious". I think he has brought out very valid points as to why he disagrees with your system. Also, I have to ask you to refrain from insulting Ron in responding to his arguments. That is simply not acceptable on the BBV forums. Everyone's point of view is respected, whether we agree with them or not.
Also, with all due respect, I think Catherine is right. You have been posting for some time on various forums about your idea. We respect your passion. But, as Catherine suggested, it would make sense to conduct an honest and objective survey to find out what citizens and election officials think about your idea.
Anyone who is as convinced as you are that your idea is THE solution, would have already done so, in order to bolster your arguments for your system. More importanly, it would show that you are more interested in taking every step possible to ensure the security and reliability of your system and less about being right. From only one vantage point -- your own -- it's more difficult to see all the potential flaws that may still exist in how your system works. It's not always wise to only be open to those who agree with you, but when developing a much more complex system than the earlier software programmers realized initially, it might help you develop a better product, by being even more open to those who find anomolies with your system. IMO, it is through this process a person does their best work.
The present manufacturers of these voting systems rushed into the development of their software and ended up with a terribly flawed architecture, which makes it next to impossible to mitigate. By taking this rushed approach, without thinking through all the angles, we are now faced with what may well be insurmountable security problems that cannot be solved with the present system (not to mention the billions of wasted taxpayer's money). I'm sure there will be even more discoveries of devastating security problems that exist within these machines, as we continue to dig deeper. The realization of this makes it imperative for us to change course, if we are ever going to find our way out of this quagmire.
In response to this overwhelming and growing problem, I, like Ron and Catherine, believe that such a change in course requires our going back to the basics with hand counted paper ballots at the precinct level, combined with citizen oversight and participation, along with strategically located video cameras.
You might take a moment to read Pat Vesely's post over in the "1 on 1 Consulting" forum, in response to Jo Anne Karasek's request for suggestions on we should handle absentee ballots, which are even more subject to tampering, due to the chain of custody issue, when they are "in transit".
His reasoning for how paper ballots should be handled is brilliant in its simplicity because it contains a realistic common sense approach in his analysis on how the security of the ballots can be achieved. Of course, is it is not a "perfect" solution, as we all know, that's not possible. Nonetheless, the common sense approach is usually underestimated and dismissed. And all too often, it is common sense that is missing in a technical solution and we should take heed and learn from that mistake.
Kathleen
(Message edited by admin_ii on March 15, 2006)
(Message edited by admin_ii on March 15, 2006)
* * * * * *
* * * * * *
* * * * * *
* * * * * *
TRIPLE PROTECTION FOR ELECTION 2006 - STARTING NOW:
(1) Use Freedom of Information, public records requests ("All American Paper Chase")
(2) Try Dumpster Diving for Democracy
(3) Candid America Project - Don't leave home without your camcorder
HOW TO DO IT: http://www.bbvforums.org/forums/messages/6/6.html
|
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 456
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 12:15 pm: |
|
Disagree all you want, Kathleen. Your entitled to your opinion. And frankly, when concerns have been raised, I've come up with solutions. The seed, the faraday box. Text-only based printing.
Your group seems to object to a voter really being able to verify his ballot. It isn't really verifying your ballot unless you can verify that it was counted as you cast it.
I find that the problem with the idea that your going to 'tightly control' the availability of ballots is that anybody's only estimating how many people are going to vote in an election. If you've erred on the side of not disenfranchising anyone, then you may well (and likely have) printed excess ballots, potentially a lot of them. If not, then there may be no ballots for some people. And I'd have to say that pretty much sucks, too.
Frankly, I was hoping to enlist some help in finding an intransitive way for people to trace their ballot and verify it, as this is one real hedge against two of the three ways to defraud an election (switch real votes, stop/lose votes, make fake votes).
I find that the things that I read here are insufficient to give me any real confidence that switching, stealing or adding ballots will be stopped to a degree that will preserve the majority voters' intent. The only thing that I see as a possibility is that a voter can trace and correct (if necessary ) his ballot. Nobody can be sure that ballots aren't added somewhere in the process.
Where are you going to get Pat's vaults (that can be clearly viewed by the public?) for ballots, and who are the 2 people (or more) that you're going to trust with this stuff? Bank vaults sure aren't built like that. Elections are, unfortunately, a sitting duck. And unfortunately the people who have worked to get into positions of affecting them are also the people that have the greatest interest in affecting them. People can plan ahead, and all protections likely to stop these plans that get around the protections are improvisational.
I have read what's written on much of this site (although I will grant you, not all, I just read Pat's post) and I haven't seen anything that comforts me enough these fears. I believe that Murphy's Law is right. I don't think you've taken Murphy nearly far enough here and I strongly doubt that you will in time.
Our current administration is walking off the cliff so blithely in so many ways it makes my head spin. That they're racheting up poisoning the environment instead of racing in the other direction, that they're convincing the world that as a country we're willing to do monstrous things to other countries and that they're muzzling the media to avoid any whiff of the truth has me nearly paralyzed.
There's no way, just on the face of the evidence that was seen before Ohio '04 was ratified, that it should have been allowed to stand, but it was. Florida '00 shouldn't have been either, but it was.
I don't think what you intend (even if you can get it implemented) is going to be enough. And I think for the most part, votes are being switched, not genned from scratch, because that leaves less of a trail. And if your "two or more people who have keys to where they store the ballots" are in collusion, you're just as screwed. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 457
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 12:22 pm: |
|
Disagree all you want, Kathleen. Your entitled to your opinion. And frankly, when concerns have been raised, I've come up with solutions. The seed, the faraday box. Text-only based printing.
Your group seems to object to a voter really being able to verify his ballot. It isn't really verifying your ballot unless you can verify that it was counted as you cast it.
I find that the problem with the idea that your going to 'tightly control' the availability of ballots is that anybody's only estimating how many people are going to vote in an election. If you've erred on the side of not disenfranchising anyone, then you may well (and likely have) printed excess ballots, potentially a lot of them. If not, then there may be no ballots for some people. And I'd have to say that pretty much sucks, too.
Frankly, I was hoping to enlist some help in finding an intransitive way for people to trace their ballot and verify it, as this is one real hedge against two of the three ways to defraud an election (switch real votes, stop/lose votes, make fake votes).
I find that the things that I read here are insufficient to give me any real confidence that switching, stealing or adding ballots will be stopped to a degree that will preserve the majority voters' intent. The only thing that I see as a possibility is that a voter can trace and correct (if necessary ) his ballot. Nobody can be sure that ballots aren't added somewhere in the process.
Where are you going to get Pat's vaults (that can be clearly viewed by the public?) for ballots, and who are the 2 people (or more) that you're going to trust with this stuff? Bank vaults sure aren't built like that. Elections are, unfortunately, a sitting duck. And unfortunately the people who have worked to get into positions of affecting them are also the people that have the greatest interest in affecting them. People can plan ahead, and all protections likely to stop these plans that get around the protections are improvisational.
I have read what's written on much of this site (although I will grant you, not all, I just read Pat's post) and I haven't seen anything that comforts me enough these fears. I believe that Murphy's Law is right. I don't think you've taken Murphy nearly far enough here and I strongly doubt that you will in time.
Our current administration is walking off the cliff so blithely in so many ways it makes my head spin. That they're racheting up poisoning the environment instead of racing in the other direction, that they're convincing the world that as a country we're willing to do monstrous things to other countries and that they're muzzling the media to avoid any whiff of the truth has me nearly paralyzed.
There's no way, just on the face of the evidence that was seen before Ohio '04 was ratified, that it should have been allowed to stand, but it was. Florida '00 shouldn't have been either, but it was.
I don't think what you intend (even if you can get it implemented) is going to be enough. And I think for the most part, votes are being switched, not genned from scratch, because that leaves less of a trail. And if your "two or more people who have keys to where they store the ballots" are in collusion, you're just as screwed. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 133
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 1:36 pm: |
|
quote:No, wireless cards for PCs have antennae, Ron!
Your laptop has wireless, yes? Where's the antenna? It's hidden, probably in the verticals alongside the LCD, though it could be anywhere in the case. Where's the antenna in Apple's Airport Extreme? Inside. Hidden. Just like the malicious vendor will hide antennas inside its thumbprint reader. Or perhaps it'll hide an IrDA port. Or perhaps it'll just use the power lines to communicate with the ballot printer. Or perhaps it'll eschew all that and use a microphone and acoustic cryptanalysis to use the sounds emitted by the scanner's keypad to determine what the voter typed. This approach even lets a crooked vendor determine voters' seeds typed on keypads supplied by other (unrelated) businesses.
The general public cannot supervise this stuff. And I don't think you can, either.
quote:And no, a circuit board trace won't work.
Wrong again. On this site a hobbyist dissects an Apple Airport Express. Look toward the bottom right where the author says, "I have encircled the actual antenna of the Express, which is nothing more than a fat solder trace on the PCB."
quote:An antennae has to be away from ambient noise, you need an electrical conductor that is prependicular to the source-generation plane of your noise....
This is just incorrect, and shows once more how even you cannot supervise the system you've told us is, IIRC, "very simple" for the general public to supervise.
quote:The anti-stuffing only comes into effect due to detection of something that starts the reverification process. Then you go down and reverify. I will grant you that there needs to be honest people to keep crookedness at the end of this from having an effect, but you have no chance at all of removing the stuffed votes without this.
Exactly. With your approach we have two choices: (1) give up any immunity to box stuffing beyond that available with any other paper ballot system; or (2) gain the ability to remove stuffed ballots, but at the costs of (a) permitting crooked officials safely to "flip" votes on ballots that weren't reverified; and (b) disenfranchising voters who cannot reverify.
On the other hand, with publicly-supervised hand-filled paper ballots, the public can verify that the ballot box is empty when the polls open, is not tampered with during polling [1], is emptied properly, that the ballots are counted properly, and that the totals are computed and posted properly. By then placing the ballots in a big locked box in the town square and training a video camera on it, we can also reduce the possibility that someone will tamper with the ballots in the period between the initial count and the expiration of the rights to all recounts.
quote:If you're that concerned about it, run them on batteries (as I said before, apparently you didn't read that) and put them in a faraday box, not even a cage but a box (which should probably be done for anti-tamperability, anyway)and only the cable, the keyboard and it's shroud come out! Also all you need for one-way serial is 2 pins, so that the scanner can transmit and can't receive anything. You cut the other pins off....
The keyboard probably has big enough gaps to leak signals sufficient to communicate 36 (or 48 -- whatever) bits over a few minutes -- which is all that is necessary to leak the seed. Also the general public has no way to supervise the devices' construction to ensure that the Faraday box is properly constructed. Finally, the thumbprint scanner can simply superimpose a signal transmitting the seed on the same serial lines it uses to transmit the hash, just as Broadband-over-Powerline multiplexes dozens of homes' internet communications over a single set of utility lines.
quote:...It's very simple, Ron. The prevention of the seed going anywhere other than where it's supposed to is actually pretty easy.
Then why can't you design a system that does it?
quote:So how do they fake the reverification logs, Ron? The override for matching a print should take a couple of witnesses, at least.
It should, but will it? Is this open to effective supervision by the general public, or is it hidden, like the software that runs all this?
quote:It's 48 bits.
Wrong again [2], though it doesn't matter, since it's just as practical steganographically to encode 48 bits on a 4x8 ballot as it is to encode 36 bits.
quote:Your [1] actually, you know it would allow a far larger value of the seed if this were 6 hexadecimal digits.
Is that so? Again you've shown that you cannot effectively supervise your own system. A hex digit represents 4 bits (e.g., the hex digit "f" represents decimal 15, or binary 1111). Therefore 6 hex digits represent 6*4=24 bits, which is less than the 36 bits provided by 6 alphanumeric characters.
quote:You can verify what comes out to the printer very easily, Have the fill ins be X'ed in text, it isn't hard check on this and avoid the problem.
To what does this pertain?
quote:I don't really care whether you use a PC for this or not, what I do think is going to be necessary is that a voter get a ballot copy that he can prove is his, that he can verify the recording of his vote with, and be able to prove (and force) that his legitimate vote is counted.
Your approach uses computers from beginning to end, whether or not they're called "PC[s]". You might propose a carbon-copy manual system which still allows voters to keep copies of their ballots. While such an approach eliminates many of the computer-based cheats I've been hammering on (e.g., matching ballots to voters, denial-of-service and presentation frauds), it still widens the opportunities for vote-buying and -coercion.
quote:Basically, you're starting to convince me that Lynn Landes is right, you're probably going to have to do away with the anonymous vote if you're going to have clean elections. Because the voter-unverifiable vote is the crux of many of the problems.
It does create many challenges -- most of which can be met without sacrificing anonymity by continuous public supervision of the ballots.
quote:But this idea of "let's put a bunch of unprovable ballots in a box for many hours and try to protect it well enough that no one can corrupt it, even though a crowd is moving around it and they can come in close proximity to it and even though we may need the ballots to remain uncorrupted we'll put them in the custody of someone who went looking for the job" is always going to be vulnerable to cheating. You can't beat the poor mechanics of it. You've got to short circuit the ability of someone to come between the voter's original intent and the ability to be sure you've counted it fairly. And this has to be good for all the legal time of challenge. And the only motivation that you can trust in this is the voter's.
You cannot eliminate all cheating everywhere. You can limit it. By eliminating computers, we drastically reduce the possibility of global frauds. By using a system that any average member of the general public can fully understand and fully supervise, we also cut down on local frauds, and without promoting vote-buying or -coercion.
-R
[1] Though a voter might try to slip in two ballots instead of one. No system prevents all fraud.
[2] As I showed earlier, 36 bits comes from 6 characters, where each character can be an upper- or lower-case alphabetic (26*2) or one of 10 numerals. The total is 62, which can be represented in 6 bits (2^6=64).
(Message edited by ron_crane on March 15, 2006) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1903
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 1:44 pm: |
|
Brant, first of all this isn't anybody's "group". There is a motley number of individuals, most or all of whom have not been convinced by your particular solution, for differing reasons.
Why not prove for yourself that it works or that it doesn't?
And what about the places where paper ballots do have proper oversight? Do you believe there is nowhere in the world that is using paper ballots effectively?
I'd rather have all the ballots counted with public oversight, and with voter secrecy preserved, than your solution which aims to have a voter check only their single personal ballot. Just my preference.
But really--why not do something more to advance your idea, instead of only talking about it? |
Kathleen Wynne
Moderator
Username: Admin_ii
Post Number: 218
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 15, 2006 - 2:24 pm: |
|
Brant,
You're entitled to your opinion too. Your response was only that.
It's clear that you are really not interested in being open to other ideas. All you want is for everyone to agree with you. If they don't, you immediately accuse them of not knowing what they're talking a about.
I don't have a "group" as you call it. BBV is filled with intelligent, passionate people who are looking for real discussions about real solutions. Not endless and redundant rhetoric. That accomplishes nothing.
If you aren't willing to test your idea with other citizens outside of this group, as Catherine suggested, in order to find out whether or not they would accept this method of voting and, more particularly, how election officials feel about it, then you are not in a position to criticize anyone's assessment of your idea.
As we see it, your idea is still only that "an idea", unless and until it has been tested within the boundaries of a universally accepted, scientific protocol.
Like I said, if you are so certain your idea has covered all the bases and is ready for prime time, then put it to the test and stop talking about it.
I'm sure I speak for us all when I say we would be very interested in the results.
Kathleen
* * * * * *
* * * * * *
* * * * * *
* * * * * *
TRIPLE PROTECTION FOR ELECTION 2006 - STARTING NOW:
(1) Use Freedom of Information, public records requests ("All American Paper Chase")
(2) Try Dumpster Diving for Democracy
(3) Candid America Project - Don't leave home without your camcorder
HOW TO DO IT: http://www.bbvforums.org/forums/messages/6/6.html
|
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 116
Registered: 02-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Thursday, March 16, 2006 - 1:01 am: |
|
Hi Brant, I've been following this thread with great interest, not so much for the technological aspects that you and others have proposed, but for the process that people here have been undergoing in trying to devise a 'fool proof' system.
It's been said that "You can never make anything truly fool proof because you'll never meet all of the fools". In my lifetime, I've seen that sentiment proved over and over again. In my research on election systems, I've found it to be somewhat of a universal truth. I have yet to find a system designed to replace paper ballots that has proved to be better than them in the long run.
Before one may attempt to replace any system with an improved version, one must first fully understand what the original system was meant to do, and why it came into being in the first place.
Voting systems are nothing more than a measurement system designed to measure public sentiment. Prior to the introduction of paper ballots, voting was done by a simple 'yea or neigh' voice vote, or by a public show of hands. It was discovered as far back as during the Roman Empire that such open declarations exposed voters to certain risks. Voters who voted against a popular candidate could find themselves suffering retribution from that candidate, or from their supporters. They were often threatened with such retribution before the vote took place in order to ensure a candidate's victory at the polls. Fear has a great tendency to motivate many people.
Voters were also often bribed to vote a particular way for a candidate or on an issue up for vote. People who lack a full understanding of the importance of their vote, or how it effects them personally, are often more than willing to accept something a bit more tangible to their immediate circumstances in exchange for it.
Roman law took these forms of fraud very seriously, but rather than punish the voter who had been coerced or bribed, the laws often focused on those who made the threats or offered the bribes. The penalties for engaging in such actions were often harsh, up to and including death for the offenders. Despite such harsh penalties, these practices continued. (ambitus and largitiones)
In the year 139 BCE, the tribune Aulus Gabinius introduced legislation (Lex Gabinius) to substitute a ballot at electoral assemblies of the Comitia, rather than by voting by open declaration. This was designed to protect the individual voter from retribution, and to remove the appeal of bribery, since those who paid for the votes could never be sure that they got what they paid for. This proved wildly popular with people, so popular in fact, that it has remained a central tenant of election systems for over two millennia. That is also why for ages absentee ballots were forbidden, or their use restricted to only those who could prove a genuine need to cast their vote in such a fashion. Over time, people seem to have forgotten why the 'secret' ballot was introduced, since vote buying all but ceased due to the anonymity offered by the balloting process.
This is one factor that, in my opinion, renders your system doomed to failure. There will always be those who are willing to sell their votes, and those who are willing to buy them. They have always been among us and always will be. You will never get a system that offers official proof of how your vote was counted accepted by the majority of people, simply because the risks of such a system historically have outweighed the benefits.
This is also one area of risk that must be addressed by the growing number of municipalities that are rushing to embrace absentee and all mail in voting. There is nothing stopping people from getting a mail in ballot, signing the envelope attesting to their eligibility to vote, and then SELLING THEIR INCOMPLETE BALLOT TO THE HIGHEST BIDDER! All someone has to do is vote the ballots that they've bought the way they want them to be voted and mail them back in. No one would ever be the wiser. My crystal ball tells me that vote buying is poised to make a major comeback in the near future.
I've seen literally dozens of news stories about the same incident where it was alleged that party workers had reportedly offered beer, cigarettes, and a ride to the polls to poor and homeless voters with no real guarantee of how they voted, but nary a one about the possibilities that abound with unchecked use of mail in ballots. I suspect it's only a matter of time before someone gets busted for doing this. Just imagine the firestorm of criticism of mail in ballots when they do.
There is also the very real possibility that if receipts were issued to voters that showed how they voted, people could be threatened with anything from losing their job to being evicted from their homes, or perhaps worse, if they didn't prove that they had voted a certain way.
Like I said, knowing the original reason that paper ballots replaced open declaration of one's intent is vital to developing a better system to replace them. If you only focus on the problems that their current use pose, you risk re-introducing the very problems that their introduction solved over 2000 years ago.
This remains true of any system that you wish to "improve". Try to think in terms of looking at the 'cost / benefit ratio' of the improvements, keeping in mind that the 'costs' are not necessarily all financial. If the 'cost' of adding security comes at the expense of sacrificing the 'transparency' of any part of the system, is it really worth it to all of the users of the system?
Just remember that even the least intelligent voter who is capable of understanding how to fill in a ballot choice, and can observe the ballot boxes in their precinct, can also understand how the ballots are counted, and they can feel confident that the canvass of the votes was done legitimately. Any supposed improvement for the sake of security of the system that comes at the cost of removing that kind of transparency from it, is not really an improvement in my book.
But that's just me. 
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 459
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 16, 2006 - 6:03 am: |
|
Pat, I know about the history of voting, with all due respect, you're preaching to the choir. You all also seem to think that I haven't given this a lot of thought, and I have.
While people probably are willing to sell or give away their mail-in ballot, I also think that the people who would are also going to talk about it, and it will come out. Ironically, the only suggestion I've seen that seems that it would work is a guy sending his mail-in ballot by registered mail. What I think is more likely (as seems to be the case in Detroit) was ballots were requested for people (or even mailed out whether they were asked for or not) so that someone could get ahold of them and fill them out as they pleased. I suspect many weren't asked for.
You guys keep calling this open declaration of intent or words to that effect, I don't think it is; I fully believe that with decent management, this can be untraceable except by the voter. Whether you do or don't believe that, help me find a way that a voter can prove his intent that doesn't have (what you consider) to be the drawbacks of this system, but that lets him prove (without having to count on the elections machinery to support it in a way he can't check) as it is delivered to him, as he votes.
None of you have answered the problems presented by a box full of unknown ballots. Nobody's answered the question: what do you do if something happens to make everybody leave the room in the middle of the election (fire, bomb threat, power outage, your-worst-election-day-nghtmare-here)? The fact that no one can testify as to what those ballots said, with proof and the legal right to assert that proof is a major vulnerability. Would you know you'd been cheated? Sure! Would you be able to prove it in court? Not in a million years, and certainly not soon enough to challenge an election. If you don't have a way for each voter to check/challenge the recording of his ballot, I (at least), just don't think that you have enough protection in this.
So, while the voter can "feel confident", should he be? Most of us (who read the real news that was immediate out of Ohio, much slower out of many other states) weren't confident of the counting and how much difference did that make? In Ohio, the paper evidence that did exist (poll books) were snatched out of people's hands! All the proof is still in the election officials' hands.
More importantly, how much will it make the next time? Picture this: all is done as recommended here, you have a tight vote that triggers a recount,(you even film the ballots coming out of the box) they drag the votes out of storage and you suddenly have a different count. What do you do? I don't think under those circumstances, that they're going to go with anything other than what those votes have been counted up to the last time. How can they be adequately protected in storage? I haven't heard any answer on this site that keeps me comfortable with this and I have a job, I can't go watch the storage for the legal challenge period and I suspect, neither can you.
You all seem to think that vote extortion or buying will be the biggest problem. I currently think that vote switching is the biggest problem, less witnesses, more efficient, less challenge possible. You think people will sell their votes, I think it's much more likely that someone else sold their votes.
But that's just me. |
Mike Myhre
Voting Rights Forum Participant
Username: Mike_myhre
Post Number: 13
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 16, 2006 - 8:38 am: |
|
We will always have problems of some sort with voting. I used to firmly believe that it was better to give up anonymity of the vote for auditability, but recently have changed my opinion to believe we need both. The Bush administration locked up protesters at "little guantanamo" violating their rights because they thought they might protest at the Republican convention. We can guess what this administration would do if they got your finger print or even the hash for a finger print. Those that voted against the encumbants would most likely be black listed by the government.
As for buying the vote. This can be reduced by locking people up for the felony of vote tampering. I think being able to audit your vote is important enough that we must live with the coersion factor. As it is today, our vote is being stolen, not paid for. If a homeless person is given food and friendship on voting day at least he is receiving something for his vote. It is the better of the two evils and I think with time we can reduce that problem, but first we need to fix the wide spread theft of votes with a voter auditing method. |
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 119
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 16, 2006 - 2:17 pm: |
|
Brant, If I might try to impart a little hard learned wisdom, please try to refrain from over analyzing the motives that people here have for posting what information they do, and instead focus on the information presented. Although I addressed you directly in my post above, it was written mindful of the fact that many more people read these forums than post to them. I'm fully aware of your status as a 'choir member' and the history I presented was aimed at all who are reading this and not you personally. Much of what I post is done so in an effort to 'flesh out' ideas for the book I'm working on so try not to waste any time ascribing motives as to why I post it.
Anyone who has been reading your posts knows full well that you have been putting quite a lot of thought into this, but you seem to take any criticism of your ideas, or alternate suggestions as to how to solve the problems as personal attacks. You will be much more effective in your presentation if you just stick to arguing your position based on the facts you present and responding to the facts that are presented to you, rather than making assumptions about what any of us are thinking. We're all just bozos on this bus with differing attitudes and opinions we've formed based on our own personal knowledge and experiences. I find it a bit humorous that you keep referring to us as "you guys" when, from where I sit, you're one of us! If we didn't value your insight and contributions I suspect that no one here would bother to respond to your posts, and it is quite evident that many of us have chosen to engage you in a dialog about your ideas.
By all means try to avoid the trap of paying so much attention to the minutia of one part of the puzzle that it comes at the expense of the bigger picture. I know that trap well. I've spent so much of my time in it that I was forced to sign a lease. I'm in a much better place now but I can't help going back there on occasion to visit.
I'll stop back later to address the rest of your post but I have some urgent business to attend to that needs my attention right now. Never Give Up!
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 124
Registered: 02-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, March 16, 2006 - 11:21 pm: |
|
Okay, I'm back. Let me start by addressing this,
quote:"help me find a way that a voter can prove his intent that doesn't have (what you consider) to be the drawbacks of this system, but that lets him prove (without having to count on the elections machinery to support it in a way he can't check) as it is delivered to him, as he votes."
I've long advocated that each ballot either be photographed or scanned as it enters the ballot box. If a system was devised that wasn't made to count the ballots, merely photograph and store them, you could design it to automatically generate a .tiff or .jpeg file and create a checksum value from it that is displayed to the voter on a simple LED or LCD display. The voter could then copy down the checksum value if they so choose and use it to search for their ballot image in the database after the election. The image files and their associated checksums could be burned directly to a hard drive or memory card and 2 CD burners simultaneously. One copy of the CD database from each machine would be sent to the county and posted on their web site and the second copy would be sent to the State and posted on the Secretary of State's web site.
Simple open source pattern recognition software such as the VotOScope software developed by Harri Hursti could be made freely available for anyone to download and run to count the votes. Anyone could also just open the database and manually count the votes on each ballot to check against the hand count or machine tally.
The paper ballots would be removed from the double locked ballot boxes and counted in public. The results of the official public hand count could then be checked by anyone with access to a computer and a set of eyes that wishes to do so.
Protect the hand count first, then use the technology to make it more transparent.
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 134
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 17, 2006 - 7:51 am: |
|
quote:I've long advocated that each ballot either be photographed or scanned as it enters the ballot box. If a system was devised that wasn't made to count the ballots, merely photograph and store them, you could design it to automatically generate a .tiff or .jpeg file and create a checksum value from it that is displayed to the voter on a simple LED or LCD display. The voter could then copy down the checksum value if they so choose and use it to search for their ballot image in the database after the election.
While I support taking photos of each ballot as it goes into the box as a means of public supervision, giving the voter a checksum (hash) creates similar vote-buying and -coercion problems as giving her an official copy of her ballot. That is, Guido the Coercer can require her to disclose her hash, then search the database for the ballot that hashes to the same value. Alternatively the machine can lie when computing the hash, making it difficult for the voter to find her ballot unless she specially marks it somehow.
Such a system could be very helpful in using public scrutiny to discourage the modification, removal, or stuffing of ballots. But it should not be used to encourage voters to identify their own ballots.
-R |
Mike Myhre
Voting Rights Forum Participant
Username: Mike_myhre
Post Number: 15
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 17, 2006 - 8:25 am: |
|
There is nothing to stop the person responsible for the camera images to replace the ballots and images with their own and no one would be the wiser. That is why we need a way for the voter to verify the final ballot.
I believe there are ways to reduce or eliminate the coersion problem. The voter needs a way to see the full ballot (all voting choices) at the county elections office. Third party groups should also be able to see these ballots (but not know which voter they are attached to) and do their own totaling.
I also think it would be helpful to have the precinct number on the ballot. This would allow us to group the ballots by precinct and stuffing would be more apparent. Add a ballot sequence number for each precinct and the voter could use that precinct-sequence number to identify their ballot on the county elections computer. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 463
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 17, 2006 - 10:19 am: |
|
I don't think that I imputed motive to you, Pat. With all respect (as I appreciate the respect you've shown me, thanks) show me a sentence where I implied your motive. I may have stated or mistated what you mean, but I don't believe I said anything about anybody's motives.
With all due respect, Ron, I think Ken B. the vote switcher is more our problem than Guido.
Mike and I are on the same page. You and I, Pat believe that the factual support for the voter must be gotten as the vote is cast.
The problem I have is with leaving all the proof and provability with the elections people. If you have the checksum and look up your ballot, Pat, and it's been changed, what can you now do? Now you wish for the proof, but you don't have it, you know it's wrong, but you can't prove or do much of anything at all, except complain.
Mike, if you list the ballots sequence numbers (both at the precinct and on the internet) under the ballot choices in ballot sequence number order (you don't enter the number, you scan the lists) no one can tell if you checked your number or not, just how may pages you viewed, so if they're recording who looked at what, your viewing of the pages makes it less likely for them to steal any vote on all of those pages.
I believe that this feedback must be immediate because in the current system, when we've finally gathered together to fight this stuff, we've already run out of time! Look what we have now, we have elections people being indicted 2 years after the crime! And I think that the people that benefitted from this election fraud banked on it turning out exactly like this!
The Congress thought that by the time that anybody had enough factual evidence Bushleague would either be out of office or nearly so, or that everybody would say that it's old news. Hell, that worked in Britain for the Downing Street memos. And it seems to me that the British electorate (on average) are paying a hell of a lot more attention than US citizens. We've got to make this much more responsive, and I think the only way to do that is if you can legally and with proof, verify your ballot and then get it corrected if it's wrong.
The only hope I currently hold is that if the US electorate actually can verify that they've been screwed in an election and prove it, they'll actually rise up and object to this treatment strenuously enough to eradicate this crap. I think several thousand witnesses in a state, right after the election, all with proof, may be adequate. This is the only way I can think of that we'll get them. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 135
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 17, 2006 - 10:48 am: |
|
quote:With all due respect, Ron, I think Ken B. the vote switcher is more our problem than Guido.
This incorrectly implies that I am unconcerned about vote switching and related forms of fraud. I am here in the first place because I see that voting machines, especially computer-based ones, can be used to commit widespread vote fraud. That is one of two main reasons that I oppose your system. It also happens that your system, while potentially reducing some forms of vote switching, dramatically increases the potential for vote-buying and -coercion, which is the other main reason that I oppose it.
Please be more careful about how you represent others' viewpoints.
-R
(Message edited by ron_crane on March 17, 2006) |
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 125
Registered: 02-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Friday, March 17, 2006 - 3:43 pm: |
|
Our elections have become the mess that they have because our politicians have become masters of the art of deflection and distraction. Every time we try to make a point about one area where they are failing, our officials are right there to distract attention with an answer about some other area that needs attention. When we scream about hundreds or thousands of voters being disenfranchised by their incompetence, they are ready with a distraction crying "VOTER FRAUD!" and point to a handful of ballots cast by felons or deceased voters. If we point out machines that add or lose thousands of votes with no paper backup, they scream "STUFFED BALLOT BOXES!" or "BALLOT BOXES FOUND FLOATING IN THE BAY!". They have become polished at deflecting attention away from the fact that it was their responsibility to keep the felons off the voter rolls and to purge the dead voters in the first place. They deflect attention from the fact that it was their responsibility to keep the ballot boxes from being stuffed and from disappearing in the first place.
I see the same kind of 'deflection and distraction' causing us to be less efficient in discussing how to best fix the problems occurring right in this thread. Although I'm sure it's not intentional, the results are the same.
Perhaps we all need to take a step back and gaze at the big picture for a moment and decide on a framework and process to help us devise an election system that offers a maximum potential for acceptance by the general public, while also offering maximum transparency and security of our elections.
I suggest we create a separate forum specifically for this purpose (an "Improving Our Elections" forum) so we can compartmentalize the issues in such a way as to eliminate the distractions that shift time and attention away from the goals we're all trying to achieve. It's difficult at best to discuss an area like storage of completed ballots when someone shifts attention to 'what if' situations like "what if you don't even receive a ballot because....?". It's annoying and time consuming to have to address personal comments directed at one another rather than focusing on the ideas and information we each present. We should all try our best to discuss the message and not the messenger. With this in mind, I'd like to propose some ideas for such a forum and get some feedback on what others might think about it.
For lack of a better name, let's suppose that we start a forum called "Improving our Elections". When you enter that forum you can choose between two sub topics,
1) Theoretical Improvements (Disregarding all discussion of current practices and developing an Ideal Election System and the Laws, Processes and Procedures governing it from scratch.)
2) Actual Improvements (Analyzing current systems and suggesting modifications to them for Increasing their Transparency and Security)
In each of these two topic areas I suggest breaking the election process down into at least three main areas of discussion,
1) Establishing Eligibility (Registration Issues)
2) Voting (Distribution, Marking, Collection, Storage and Security of the Ballots)
3) Canvassing (Counting, Reporting, and Auditing of the Ballots)
By focusing the discussion in separate threads dedicated to specific issues, we can cut down on the distractions that plague more general discussions of the issues and use our time more wisely. We can also add other areas of concern such as Campaign Finance Reforms or Truth in Campaigning as people see fit. The Voting section could also be further sub divided into sections that individually address paper, electronic, mechanical, and hybrid voting systems.
Does anyone else think this might be a good idea? We can always import specific ideas from other forums elsewhere on the site but I believe that having a specific forum with defined areas of discussion might keep the discussions more focused and make it easier for people to find information relevant to the areas that they are interested in.
Anyone? Anyone? Bueller? Anyone?
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1919
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Friday, March 17, 2006 - 4:32 pm: |
|
Great idea, Pat.
AND--the burning issue that first jumped out at me on reading your suggestion, was--
ACCOUNTABILITY (as in individuals being held responsible for their actions/inactions)
The next thing that jumped out at me was
ENFORCEMENT (No point having rules/laws if they're broken with impunity)
These 2 themes which apply to virtually all the categories that you proposed. You might want to consider where these over-arching issues would best fit in.
They are relevant for both "ideal" and "real-world" discussions. |
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 126
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 17, 2006 - 5:08 pm: |
|
That's the elephant on the coffee table! No matter what else we address it's pretty much pointless if there is nothing in place to enforce it.
Good catch! It just goes to show that no matter how much attention to detail that any one person puts into something there's always one angle that someone else will see.
Thanks Catherine! Happy St. Patrick's Day! Here's a little Irish number for you that I recorded live, performed by the Empire Brass Quintet out of Boston called Kesh Jig. I think of you every time I hear it.
Enjoy!
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 465
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 17, 2006 - 8:46 pm: |
|
Ron, you said:"This incorrectly implies that I am unconcerned about vote switching and related forms of fraud." as a response to my statement:"With all due respect, Ron, I think Ken B. the vote switcher is more our problem than Guido." It implies nothing of the kind, for I would have to have implied that, and I didn't. You inferred it. I meant by it exactly what it says, that I think that this is the greater danger, nothing more, nor less. I made no representation as to your motives or viewpoints. I regret you took it that way, but I didn't mean it that way!
Pat, I've got no problem with the subdivisions you've suggested as long as you keep in mind that whatever you do, all of these things are mutually dependant.
One of the things that I think we've all seen is the impact partisan politics in managing elections does to the impartiality left in executing/managing the elections. I think that we (at least I) would like to have a topic area on how to restructure election management and mechanics to take it out of the politicos hands.
I begin to think that we need a 'draft' of ordinary citizens to be legally empowered to act as elections watchdogs with legal enforcement powers as well. Whether you answer the call would have to be voluntary (at least it seems to me it would) but this would give us fresh blood that would be difficult to bribe (reliably) and would greatly change the dynamic of party insiders (for good or bad) completely controlling our elections.
The elephant on the coffee table.... In Ohio the laws that are in place were pushed out of the way by Blackwell, he had poll books taken right out of legally designated recounters' hands, against the law. Board of elections personnel decided what to have in the recount before it was started (they even pre-sorted the ballots!), there wasn't anything random about it. That's illegal, too. Noodling out new law on this isn't bad, because you may find a cop or DA or sheriff with a conscience, but what if you can't? You get Ohio like it was in '04.
Somehow, you have to get the power of the vote reliably back in the hands of the people, instead of the elections superstructure. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1920
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, March 18, 2006 - 3:13 am: |
|
Brant: "One of the things that I think we've all seen is the impact partisan politics in managing elections does to the impartiality left in executing/managing the elections. I think that we (at least I) would like to have a topic area on how to restructure election management and mechanics to take it out of the politicos hands."
That is definitely another essential issue. |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 31
Registered: 03-2006
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Sunday, March 19, 2006 - 10:31 pm: |
|
fascinating thread.
one...ok two things
consider the "blue hair rule."
there is a polling place across the hall from my apartment. it's run by two frail somewhat whispy elderly women. every election i cross the hall as much to offer some tea as assure myself they're both well. while ruminating on the manifold subtletys and profunditys of this thread my mind conjured their being presented with the idea of turning a thumbprint into hash.
rumor has it that there is a turing machine through which this would require but one step either left or right. and i suspect these fine ladies would probably remember turing as that nice, enigmatic young man who won the war.
but brant the only hash they're gonna cook goes with eggs. i don't think that either has ever seen much less used a laptop.
so i'm suggesting adoption of the "blue hair rule" admittedly an unfair worst case. but i look foreward to their slightly dusty blue hair being around for a few more years. so if they can't use it. count me out too.
best regards
ed |
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 127
Registered: 02-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, March 19, 2006 - 11:32 pm: |
|
"The blue hair rule", Ed, I'd love to quote you on that! Do you mind? I can't think of a better way to put it.
From a 'psy-ops, perception management' perspective, it's perfect!
"the only hash they're gonna cook goes with eggs", LOL! Priceless! There's no better way to sum up the problem. Thanks, I just can't stop laughing.
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 466
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 20, 2006 - 5:03 am: |
|
Ed, regarding the blue hair rule: how will you get any improvement in voting methods if we say that we can only use the methods in voting that the most constrained by habit will allow? How well do you think the 'blue hair' ladies are doing in the vigilance department? While I think that you indicate much of what the problem is with elections in general, I don't think it represents a guideline that will help get us any closer to where we need to be. Isn't that a box we don't want to stay in? Isn't it fair to state that as: 'People don't understand this yet, so we can't push improvement in this way?'
And as far as it goes to testing and understanding the scanner, if they can't understand or complete the following, with training (and written instructions):
1)Connect the scanner to the laptop (from written instructions),
2) Start a program on the laptop (from written instructions),
3) Enter a number on the scanner's keypad and thumb the scanner (from written instructions),
4) Try it again with a different number (from written instructions),
5) See that they got different results, and notify their superiors and law enforement if they don't (from written instructions),
6) Try scanners multiple times and try all scanners (from written instructions),
then I think we need to get other, mor competant people to watch our elections, because I'll bet you these ladies are missing other things that they should be catching as well.
Don't get me wrong, I'm not saying that this isn't a problem, but I am saying that if you would have the problem to the degree you're stating it to be, then I believe that we're screwed anyway. I am inferring (I infer, you imply) that you're saying that these people just can't or won't do this; to that I have to say that while the directions should be set in the best I'm-assuming-you-don't-know-any-of-this-so-I'll-tell-you-in-painstaking-detail-e xactly-what-you-have-to-do detail, if people couldn't follow these (at least the way I would write them), then I don't think we want them checking our ballot boxes anyway.
On the other hand, Ed, there's nothing to say that you can't help jump those 2 blue hairs into the 21st century. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 467
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 20, 2006 - 5:24 am: |
|
By the way, Ron, a Faraday box can and should be flat, solid metal, the scanner should be run on battery power and have a 2 wire RS232 interface, and no, you can't piggyback a second signal on RS232 that won't screw it up. That trace around the outside of the Airport express has been isolated from the rest of the board (it's very apparant), it isn't nest among the other traces. And in a Faraday box it won't do squat. |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 32
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 20, 2006 - 9:42 am: |
|
hi brant
i used to do exhibit work for the boston computer museum. it was a career highpoint for me to see four people at one i'd done the bouncing A,B,C and D computers design and animation for, two little kids playing it like a video game and two network professionals in heated discussion regarding what network model it presented. the kids when finally dragged away had a working understanding of network protocol.
my experiance tells me those ladies would not have. and i am very good brant at distilling a pallatable drink from complexity.
but fight on. i've been wrong before.
real world barriers exist despite beliefs to the contrary. brant, build a javascript demo and post a sales pitch asking for user opinions. it'd be more convincing than posing voluminous arguments here.
best regards
ed
and ya, "steal this post".
(Message edited by ed hill on March 20, 2006)
(Message edited by ed_hill on March 20, 2006) |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 136
Registered: 08-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 11:37 am: |
|
quote:By the way, Ron, a Faraday box can and should be flat, solid metal, the scanner should be run on battery power and have a 2 wire RS232 interface, and no, you can't piggyback a second signal on RS232 that won't screw it up.
I am sorry that you believe, contrary to all practice (e.g., DSL over phone lines used concurrently for voice, broadband over power lines), that multiple signals cannot be transmitted on the same wire without "screw[ing] it up". This and other incorrect assertions about electronics do not help your argument, but instead show that you do not have the ability to supervise the system you propose. And if you can't supervise it, neither can the general public.
quote:That trace around the outside of the Airport express has been isolated from the rest of the board (it's very apparant), it isn't nest among the other traces.
Feel free to burn this strawman, but realize that you're also torching your own credibility.
quote:And in a Faraday box it won't do squat.
Already addressed.
-R |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 33
Registered: 03-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 11:42 am: |
|
brant
i brought my 14th amendment and utilities arguments to this place after time spent honing them down in various "chat" boards. i felt that they were ready to move beyond discussion.
it appears to me that this space is aboit action. discussion after a certain point becomes diversion despite good intent.
been part of many developments brant. there's a time to stop "hand waving" and "do the demo".
to my limited view you're well past that piont.
do the demo brant. there's other uses these minds here might be set to.
the hand waving's pointless.
do the demo.
ed |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 137
Registered: 08-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 12:14 pm: |
|
quote:And as far as it goes to testing and understanding the scanner, if they can't understand or complete the following, with training (and written instructions):
1)Connect the scanner to the laptop (from written instructions),
2) Start a program on the laptop (from written instructions),
3) Enter a number on the scanner's keypad and thumb the scanner (from written instructions),
4) Try it again with a different number (from written instructions),
5) See that they got different results, and notify their superiors and law enforement if they don't (from written instructions),
6) Try scanners multiple times and try all scanners (from written instructions),
then I think we need to get other, mor competant people to watch our elections, because I'll bet you these ladies are missing other things that they should be catching as well.
As I have already shown multiple times, this doesn't work against a crooked vendor who will:
1a. Use WiFi, IrDA, or a signal superimposed on the RS232 lines to send the thumbprint, its raw hash, or its encrypted hash along with the key (seed) to the ballot printer or
1b. Encode the "number" (seed) into the hash so that it easily can be separated later, and send that to the ballot printer.
2. Use the ballot printer steganographically to encode this identifying information into the ballot, thus linking a specific (but yet unidentified) voter to the ballot.
3. Scan the appropriate database (e.g., California's driver's license database, which contains every driver's right thumbprint) for a matching thumbprint or thumbprint hash to identify the voter. [1]
The supervision you propose works against only the most rudimentary frauds. To imply otherwise, after all the arguments here, is to spread misinformation wilfully.
quote:then I think we need to get other, mor competant people to watch our elections, because I'll bet you these ladies are missing other things that they should be catching as well.
On the contrary, we need an elections procedure that these ladies, using only their common sense and minimal training, can supervise effectively.
-R
[1] The crooked vendor might obtain the ballot scans that it needs to do the matching by asking election officials to send them directly (some jurisdictions already do this) or by obtaining them from the public records (much as we do when we're trying to root out fraud with the Votoscope).
(Message edited by ron_crane on March 20, 2006) |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 34
Registered: 03-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 1:41 pm: |
|
those redoubtable young ladies have as much or more place in the process as you or i.
so brant, how's the javascript going? or are you a python man?
ed |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 35
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 20, 2006 - 2:03 pm: |
|
hi ron
just a tech bit. re; sandwiching concurrent signals along with DSL,ADSL is by design concurrent signals each layered narrow bands sandwiched within the available spectrum.
it's already concurrent message transfer by design.
that is unless i'm mistaken.
best
ed |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 139
Registered: 08-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 3:00 pm: |
|
quote:just a tech bit. re; sandwiching concurrent signals along with DSL,ADSL is by design concurrent signals each layered narrow bands sandwiched within the available spectrum.
it's already concurrent message transfer by design.
that is unless i'm mistaken.
That's approximately correct. In a POTS ("plain old telephone system"), voice occupies the spectrum below about 3.3kHz, and DSL uses the spectrum between about 4Khz and 2MHz. Discrete filters (those things that you plug into your phone line) prevent POTS equipment (e.g., telephones, fax machines) from muddying the DSL spectrum with their huge reactances, and the DSL modems contain their own filters to remove signals in the voice spectrum.
You can do exactly the same thing to superimpose, say, a 5MHz carrier on a wire carrying RS-232 signals. Then you could, say, lazily amplitude modulate that carrier to send the few bits of the seed from the thumbprint scanner to the ballot printer. Recall that RS-232's slew rate is limited to 30V/usec and that it typically uses +-5V. The signal thus slews roughly 20V per cycle (from 0 to +5, from +5 to 0, from 0 to -5, from -5 to 0), giving a maximum frequency of about (30V/usec)/(20V/cycle) = 1.5 cycles/usec = 1.5MHz. That would coexist very comfortably with the 5MHz cheating carrier.
-R
(Message edited by ron_crane on March 20, 2006) |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 36
Registered: 03-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 4:05 pm: |
|
sort of.
because digital requires just up or down several different such signals are multiplexed within that 2Khz and 4Mhz lots of space there to multiplex several carrier wave like frequencys.
but that's got us burrowing down past a level of understanding required for this discussion.
suffice it to say as you already have that further multiplexing is easy even at a fairly rudimentry level of technocal proficiency.
i suspect that the kids picking away at machine language hacking games and software keys could do it pre-highschool.
this subject, absent a proof of concept demo seems pretty dead to me.
ed |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 140
Registered: 08-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 4:30 pm: |
|
quote:because digital requires just up or down several different such signals are multiplexed within that 2Khz and 4Mhz lots of space there to multiplex several carrier wave like frequencys.
Well yes, but Fourier's Theorem tells us that every waveform (including a square wave) is merely a composition of one or more sine waves. The bandwidth of the channel (e.g., that it allows frequencies between 2kHz and 4MHz) describes the frequencies of those sine waves that the channel can (or is allowed to) transmit with acceptable quality. Thus, my analysis of slew rate, above, concerned the highest-frequency sine-wave component of the square wave used by the RS-232 protocol.
quote:this subject, absent a proof of concept demo seems pretty dead to me.
I'm not sure what a proof of concept would entail. It seems to me that the idea is a non-starter because it (1) Makes it easy for a crooked vendor to link ballots to voters; (2) Dramatically increases the ease and safety of both private and public vote coercion over, for example, absentee ballots, and greatly increases the pool of potential victims; (3) Provides box-stuffers with an easy way to disenfranchise a significant portion of the electorate -- those whose obligations make it difficult for them to reverify their ballots; (4) Adds a false patina of "security" to ballot casting machines while leaving major security holes, like denial-of-service attacks and presentation frauds, unaddressed; and -- most relevant to recent conversations here -- (5) Cannot effectively be supervised by the vast majority of the public.
-R |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 37
Registered: 03-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, March 20, 2006 - 5:56 pm: |
|
what i am relatively certain of is that your purpose here mr.lamb is wasting others time.
if serious you'll be back AFTER postimg a demo.
i look foreward to its appearence
goodbye
sheeps clothing huh?
not you ron.
(Message edited by ed_hill on March 20, 2006) |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 38
Registered: 03-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, March 20, 2006 - 6:18 pm: |
|
back to business.
pull down the es+s site. i dod.
full service vendor they are.
off the shelf flash cards and election day programming services. no kidding. right on election day. off the shelf dev toolkit too.
full service election fraud one stop shopping.
ed |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 39
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 20, 2006 - 6:26 pm: |
|
i suggest we all head out downloading vendors web sites for later use.
the best evidence and argument against them is their own sales pitch.
best regards
ed |
Kathleen Wynne
Moderator
Username: Admin_ii
Post Number: 220
Registered: 08-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, March 20, 2006 - 6:38 pm: |
|
ed,
You have presented excellent points with a touch of wisdom in all. Thanks for joining this discussion and giving us your insights. They are indeed welcome.
I, like Pat, particularly appreciated your reference to "the blue hair rule"! I say this because, as I am getting older (early 50's) in years, I definitely feel more invested in the election process than I ever did in my early 20's and very much appreciated your pointing out to Brant that these "blue hair" old ladies deserved his respect.
I, like you, am ready for Brant to stop talking about his idea and "do" something about it.
Actions always speak louder than words.
Kathleen
* * * * * *
* * * * * *
* * * * * *
* * * * * *
TRIPLE PROTECTION FOR ELECTION 2006 - STARTING NOW:
(1) Use Freedom of Information, public records requests ("All American Paper Chase")
(2) Try Dumpster Diving for Democracy
(3) Candid America Project - Don't leave home without your camcorder
HOW TO DO IT: http://www.bbvforums.org/forums/messages/6/6.html
|
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 41
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, March 20, 2006 - 9:33 pm: |
|
the dieboldly site claims them capable of reporting totals on 4,000,000 votes in minutes. and they call their vote collection units terminals. "terminal" is a networking term.
networks are communications systems. the entire telephone system is a network.
i guess my focus should now be learning from lynn landes example and getting about the business of following it.
ed |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 468
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 21, 2006 - 5:30 am: |
|
Sorry folks, but the cable only goes to an RS232 port, your understanding of RS232 is in error if you think your going to compound another signal on it and have an RS232 port understand it. The cable only travels from the RS232 port to the scanner.
You guys are talking about acoustic line parameters and bandwidth, not a digital serial port. And RS232 is digital, not acoustic until you've added a modem into it. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 141
Registered: 08-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, March 21, 2006 - 10:31 am: |
|
quote:Sorry folks, but the cable only goes to an RS232 port,
That's what the crooked vendor tells you. What it does is another matter entirely, and one of which the blue-haired ladies will have not the slightest inkling.
quote:your understanding of RS232 is in error if you think your going to compound another signal on it and have an RS232 port understand it.
Please provide citations to reliable sources (e.g., electronics textbooks) that support this idea.
Then, when you can't find anything, consider the fact that the RS232 spec. allows any voltage between +3V and +25V to represent a "0" and any voltage between -3V and -25V to represent a "1". Now consider what happens if the nominal voltages are +-5V, and I superimpose a +-1V signal on the lines. Yep, RS232 still thinks that a "0" (now ranging from -4V to -6V, perfectly within spec) is a "0", and that a "1" (now ranging from +4V to +6V, perfectly within spec) is a "1". But I've transmitted additional information that appropriate circuitry, added by a crooked vendor and undetectable by blue-haired ladies, easily can decode.
quote:The cable only travels from the RS232 port to the scanner.
You guys are talking about acoustic line parameters and bandwidth, not a digital serial port. And RS232 is digital, not acoustic until you've added a modem into it.
Apparently you're using the term "acoustic" to mean "analog". But every "digital" signal is nothing more than a specially formatted analog signal (usually a square wave). It is, thus, subject to exactly the same physical (and electrical) laws as any other analog signal, including those relating to bandwidth, superposition, filtering and tuning, and so forth.
Have you ever heard the expression, "When you're in a hole, stop digging"?
-R |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 43
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 21, 2006 - 10:33 am: |
|
sooo baaaa baaaa
bug off freeper |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 44
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 21, 2006 - 10:44 am: |
|
ron
his only goal is your response.
he lacks the courage to actually face what's happenning to our country. so he just tries to silence those who'd disrupt that comforting ignorance.
he's just a little freeper.
worthy follower of anyone who wears a flag.
not worth further comment really.
ed |
Pat Vesely
Frequent Voting Rights Forum Participant
Username: Pat_vesely
Post Number: 133
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 21, 2006 - 11:57 am: |
|
Ed, please refrain from personal attacks, we simply don't allow them on this forum. It's obvious that this discussion has become non productive and has strayed well beyond what the original topic intended.
Brant, I'm going to ask that this thread be locked. Please feel free to continue this in the 'Tech Central' forum under any one of your other posts there, should anyone wish to continue this discussion. Thanks.
Pat A. Vesely ;-)
Paper ballots are the 'Currency of Democracy'. They've been helping to curb election fraud since 139 BCE!
|
Bev Harris
Board Administrator
Username: Admin
Post Number: 3848
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 21, 2006 - 12:03 pm: |
|
Locking. Feeling so under the weather that, believe it or not, I don't have the energy to read. But I'm gonna lock this down, and read it tomorrow or as soon as I can muster the energy.
Love ya all, and we'll take a look at this and resume whatever needs to be resumed, cool off what needs a cooling off period.
Bev |
|
|
