I keep seeing comments about how Canada avoided a similar fate because of its strict use of paper ballots; the US must have changed its system to include these electronic and possibly not airgapped machines.
I keep seeing comments about how Canada avoided a similar fate because of its strict use of paper ballots; the US must have changed its system to include these electronic and possibly not airgapped machines.
1st off, “The US” didn’t, individual Counties did. 2nd there are several different companies that offer different machines and methodologies, all that need to conform to various Federal, State, and County laws. 3rd all devices, digital and analog need to pass a strick verification process carried out by one of two companies run at the behest of the USG.
If your Ballot System contains source code, the source code is researched and code reviewed, and then complied by the company and the verification agency. Both checksums must match. Only the verified source code compilation is used in an election, verified before and after the election. This is for every-single-device workstation and server.
All tabulation, adjudication and verification systems are on an airgapped network, and ALL CAT cabling must be visible, usually above your head in open racks. All servers and stations must also be visible as well, servers usually secured behind bulletproof glass enclosures. All USB ports are disabled under a locked BIOS and physically blocked/locked as well. Everything is way passed triple checked.
NO ONE works by themselves. Election officials work in groups of two or four, eight, and more for volunteers. Everything and everyone is on camera except for the restrooms, but approach and egress are on camera. Different sized counties have different budgets, so setups vary, but all must conform to all the laws from every level.
Vote By Mail ballots are constricted in a way so that they are layered, are all opened in a single room, under Elections Officials supervision and definitely on camera. A dozen to several dozen people would IMMEDIATELY know if you are tampering with a ballot, it would be that obvious.
Some small counties count by hand, while large counties can use high-speed industrial scanners such as IBML to feed the ballots to the Tabulation Server.
Then you have specialized hardware such as a Voting Machine, and Definitely Abled Voting machines, with the ability for a Caretaker to assist without revealing the Assisted’s ballot casts.
All of these go through a highly vetted verification process that must be signed off on by all stakeholders. All are verified before and after.
Most (I say this because I am not 100% sure) have a physical papertrail that must be stored along with the digital results for however many years the State and Counties laws call for.
In most counties you are able to go down to the Elections office to get a verification copy of YOUR ballot if you fear you have been exploited, within the timeframe the law allows for cast ballot storage.
The shortest timeframe that I know of for cast ballot storage is two years, the longest I know of is ten.
I’ve probably missed a couple salient points but I think you get the drift.
Stealing an election isn’t as easy as one might imagine. The people working your elections are dedicated professionals. “Don’t care who you vote for, just care that you vote”
However a zero vote count for the Dog Catcher would be highly suspicious, let alone a presidential run.
Source: I’ve built and secured elections.
Unironically, I think elections are one of the few scenarios where blockchain technology could actually be useful.
A lot of this hinges on partisan officials choosing (often) black box software and private verification companies. But that’s not even the main problem.
It all falls apart exactly here. With digital voting, all other security is as performative as the TSA. It doesn’t even matter if either party in this step is malicious or if the source is open/closed.
A code review can never make any guarantees. And if there is a bad actor, checksums are not bullet proof. Especially when we’re talking about state actors, who have access to supply chain attacks and unknowable cryptographic abilities.
And all of this uncertainty extends just as far with the hardware. Even if a voter knew what a machine should have in it, they’ll never get the access to verify it themselves.
Even checking a ballot print isn’t foolproof. In a secret ballot system there’s nothing tying a print to your actual tallied vote other than your faith in the process.
Stealing an election doesn’t have to be easy, it has to be possible with a minimal circle of secrecy. And digital voting/tallying makes that possible.
As others have said in this thread, the most important thing is the ability for any voter to understand and personally audit the process. That’s just not possible without paper ballots and simple counting.
I think the lawsuits throwing out mail in ballots for blue counties were far more harmful than “voting machine fraud”
That’s a really cool reply. Thanks for sharing!