How to Hack the Vote and Steal the Election 587
divisionbyzero writes "Many people have asked for it so that the government will have to deal with it. So here it is: a guide to stealing an election that uses electronic voting machines written by Jon Stokes over at Arstechnica.
From the article:
"In all this time, I've yet to find a good way to convey to the non-technical public how well and truly screwed up we presently are, six years after the Florida recount. So now it's time to hit the panic button: In this article, I'm going to show you how to steal an election.""
Been done already (Score:4, Informative)
From the referenced url: '"Electronic voting machines also caused widespread problems in Florida, where Bush bested Kerry by 381,000 votes. When statistical experts from the University of California examined the state's official tally, they discovered a disturbing pattern: "The data show with 99.0 percent certainty that a county's use of electronic voting is associated with a disproportionate increase in votes for President Bush. Compared to counties with paper ballots, counties with electronic voting machines were significantly more likely to show increases in support for President Bush between 2000 and 2004."'
'Charles Stewart III, an MIT professor who specializes in voter behavior and methodology, was initially skeptical of the study - but was unable to find any flaw in the results. "You can't break it - I've tried," he told The Washington Post. "There's something funky in the results from the electronic-machine Democratic counties."'
Re:In two easy steps ... (Score:1, Informative)
Know Where To Look (Score:3, Informative)
Expect it to take place in places where Candidate X carries 70-75% of the vote.
That is, expect it to take place in places where Candidate X carries 75-80% of the vote.
If you don't want anyone to notice you're doing it, do it where nobody will notice; if the election is close enough (which so many of them are,) your candidate will carry the day.
Re:Premium access ? (Score:4, Informative)
Access? (Score:3, Informative)
Email this story to your representative (Score:5, Informative)
Repeat this process for http://www.senate.gov/general/contact_information
After about a thousand folks do this, a staffer might actually go print out the story and hand it to their congresscritter in a brief.
I'd also like to ask the Ars Technica people to make an exception for this story and make the PDF available to non-subscribers, as it would really help to disseminate this story to the right people. I'm not really sure how to go about contacting them.
Here's my letter (slightly munged of course by slashdot):
Re:Know Where To Look (Score:4, Informative)
Why? To win a state and the state's electoral votes (in a presidential race).
In the US, the president is elected by the Electoral College. Each state sends a certain number of "Electors" to the Electoral College to cast their vote's for that state's winning candidate. So on a state-by-state basis, it's a winner-take-all system. So you want to change outcomes in counties in order to win a whole state. Here's a way to cheat with the above system (minimizing chances of getting caught):
1. Pick a populous state with a close election like Ohio or Florida or several others.
2. Adjust the vote for your candidate up by 5 or 10% in counties where you expect him to win. This increases the overall statewide vote for your candidate. Enough, you hope, to push your candidate over the top.
3. Your candidate wins the state, gets those electors, and wins the Electoral College vote.
4. Profit.
Re:Liberal Vote Counting Procedure (Score:1, Informative)
Re:In two easy steps ... (Score:5, Informative)
If you're not convinced the election has been stolen, check out this excerpt from an article by McNeills:
You can buy them from Diebold (Score:5, Informative)
Unbelieveably, Diebold actually has an ecommerce site where you can buy all their electronic voting machine products online, including memory cards, security tape, and access keys. I'm really hoping they verify that you're an elections official before they actually ship the stuff to you:
http://www.diebold.com/nasadmk/cgi-bin/desi_cata log.pl?section=9
Here you go - buy a dozen keys, for you and your friends:
http://www.diebold.com/nasadmk/cgi-bin/desi_cata log.pl?section=9&id=163
On a funny/sad note, the front page of their election products site as a glaring coding error (%=rs("newsdate")%):
http://www.diebold.com/dieboldes/
Re:Lack of ethics (Score:3, Informative)
Well hell, if you leave personal philosophies out, there's no such thing as "wrong" at all. And if my aunt had balls, she'd be my uncle! You can argue from the lack of an absolute morality, but you certainly can't deny that personal moralities exist, and are in large part shared by societies. Most moralities are squishy enough to support inconsistencies, but any morality that not only allows, but actually supports glaring contradictions, needs to be reevaluated. Thus does gay marriage create a bigger knot than genocide across the world.
Re:But what about (Score:5, Informative)
There are many Slashdot readers who could get up to speed on how to really steal an election in about half a day (or less) using publicly available documentation. The hardware isn't that complex at all, and the vulnerabilities in Windows (for the GEMS server) and WinCE (for the machine) are very well-known.
What I've described here is very, very low-hanging fruit for anyone with real security expertise.
Let's be bold: internet democracy (Score:2, Informative)
It's easy yet disturbing. We can obtain a secure system if we remove anonymity. Then it's almost simple, distribute around the vote database and allow anybody to check the results.
In that kind of context, verification is mostly a technicality and could rely on consensus.
To regain some bit of anonymity, there can be a system of reinscription on the electoral list using a pseudo. Simple too, and while the person/pseudo relationship is private, everything else remains public and verifiable.
There are three basic stones in such a system:
* P2P servers
* electoral list
* PGP signatures
Simple, basic, strong.
I'm trying to construct such a system using Ruby on Rails, here is my project: http://leparlement.org/ [leparlement.org]
You can also come discuss security here: http://leparlement.org/security [leparlement.org]
It's a moderated forum *and* a mailing list. Please, come and test it!
Re:OTHUMOR (Score:3, Informative)
Re:Been done already (Score:3, Informative)
Actually, if you read the accounts of the Ohio election, republicans placed the majority of the e-voting machines, led by the republican secretary Blackwell who pushed hard to get Diebold machines put in voting places. That in combination to the fact republicans where the ones making the decisions to place e-voting machinge in Ohio make the 'purchased by democrats to strengthen rigging claims' tenuous there. But, even if Democrats did make the decision to use e-voting machines, linking that to a hidden agenda of wanting to blame the machines is logically an ad-hoc theory, albeit an interesting one.
However, I don't think the earlier quoted correlation studies were done in Ohio voting districts. Given the various illegal stunts pulled by Blackwell, Noe, and other republicans in addition to the placement of e-voting machines would doubtless cloud any correlation between e-voting machines and bush-leaning districts, so any kind of e-rigging claims in Ohio can't likely be substantiated.
Correlating manufacturer/party contributions with extent of likelihood of that manufacturer's machine to lean in a party's favor would really be interesting.
Re:Lack of ethics (Score:4, Informative)
Re:Self-Verified Voting (Score:2, Informative)