I want to be clear when I say I have no idea whatsoever of the pitfalls involved with online voting. All I'm saying is that if it could be as secure and fraud-resistant as waiting in line, it would be a good thing and would increase voter turnout while decreasing disenfranchisement through shitty voter ID laws.
Yeah, I'd agree, but if there's one thing that's become clear in recent years it's that nothing online is ever going to be secure. I'd think an election for a major superpower would be nearly as big a target as celebrity boobs and my credit card number, and I'm pretty certain we will never secure it sufficiently.
How has security been for the Healthcare marketplace? I know user experience was poor for quite a bit but that is easily managed with proper people at the helm.
How has security been for the Healthcare marketplace? I know user experience was poor for quite a bit but that is easily managed with proper people at the helm.
Don't HIPPA requirements lead to a lot of medical data residing either on paper or on devices and systems that are not connected to the Internet? Legit question, not rhetorical. But I thought this was the case.
Edit: which is to say that the insurance purchasing system may not be the one to look at to draw an analogy to election security.
for the most part the Healthcare exchanges don't carry much in the way of real medical data. that's still handled by the insurance companies themselves.
I'm sure that's true and there are easier ways to get to it.
Yeah, which is why it's not a useful comparison. We don't need that server to be anything but "harder" than the next one, because the information is all compromised anyway. We just need deniability.
Whereas an election? That's like saying that somewhere, on a single server, there's a nude JLaw selfie...with all of Bill Gates's banking info written in sharpie on her boobs.
That will get compromised, or people will burn the whole Internet down trying.
I'm not quite as sanguine on vote-by-mail as the rest of the thread.
From one of the links I provided Willie upthread, via news21:
“It makes much more sense if you are trying to steal an election by either manipulating results on the back end through election official misconduct or to use absentee ballots which are easier to control and to maintain,” said Hasen, the UC, Irvine, professor of political science.
The News21 analysis shows 185 election fraud cases linked to campaign officials or politicians involving absentee or mail-in ballots.
In 2003, the Indiana Supreme Court invalidated East Chicago Democratic Mayor Rob Pastrick’s primary victory because of massive fraud. Pastrick, an eight-term incumbent, lost in a 2004 repeat election.
Forty-six people, mainly city workers, were found guilty in a wide-ranging conspiracy to purchase votes through the use of absentee ballots.
John Fortier, a political scientist at the Bipartisan Policy Center, a Washington, D.C., think tank, said there are “more direct problems” with absentee ballots because the person casting the ballot can be pressured or coerced.
Keesha Gaskins, senior counsel at the Brennan Center for Justice at the New York University School of Law, a public policy group that opposed many of the voting-law changes nationally, recognizes that absentee-ballot fraud occurs more than other election fraud, but still doesn’t consider it a threat.
There have been significant cases of major mail-in ballot fraud in the UK.
I recognize that it is possible to harden mail-in voting, but I don't believe that it is intrinsically better than in-person voting for the majority of voters.
I would disagree. Not that mail in balloting would require hardening or is immune from electoral fraud, though it seems like there should be a good number of ways to ensure the outcome is authentic through audits, statistical regression, Benford's Law, &c. in order to catch it at least as often as current electoral fraud with a more varied approach to balloting. (Plus it isn't like in person voting at various county offices would be outlawed, it'd just be a less prominent option to be elected.) But I would say that giving everyone a ballot, rather than requiring everyone show up to get a ballot, is intrinsically better for the majority of voters. Not that I'm terribly well versed in the subject, but of the handful of studies that I've seen at worst switching elections to mail in doesn't have an impact on voter participation for general elections, but does actually increase turnout for special and off year election that get held. Elections which traditionally have horrendously low turnout. And that's at worst. At best there is a marginal increase in overall participation mostly led by increases in turnout from women, minorities, and the elderly.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
Yeah; that seems less about the flaws of online voting and more about the flaws of having weak passwords.
EDIT: "We can't have electronic voting! Hackers were able to brute force their way into our pilot program's ballot database through an 8 digit password!"
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
0
Options
JohnnyCacheStarting DefensePlace at the tableRegistered Userregular
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
to be fair, if you set up a decent firewall around anything, you'll find you get pings from china. I think a few million people in china sit around just running every possible IP.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
Oh, I agree. I'd further add that I don't trust anyone to get something that important right, whether government, business, or open source.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
Its not like they would use simple passwords like all all zeros for nuclear launch codes for all our missiles for decades.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
I don't know about any other state, but I have first hand knowledge of how the electronic voting checks are done in Wisconsin and if everything is followed correctly it would be virtually impossible to not find out that there was tampering. Only pure and total incompetence on the part of an election official would let someone get away with tampering, or I guess being party to the crime.
The memory card for the electronic vote machines are kept in a compartment that has a small plastic tag that has to be cut to get to the compartment, that tag has a number that is unique to the tag and is to be written down, in non-erasable ink, when it is attached to the machine and a blank memory card is inserted and then the number is submitted to the GAB the day before the election. After the election that tag is checked, the tag number written down, and once again submitted to the GAB. The tags are purchased, but the numbers are randomly sent to the districts in sealed envelopes so no one knows which numbers went where and they're not to be opened until they are attached to the machine. And as far as I was told, the machines do not have any wireless capabilities.
It won't stop someone from attempting or even succeeding in tampering with the vote, but it will be caught almost immediately.
Yeah; that seems less about the flaws of online voting and more about the flaws of having weak passwords.
EDIT: "We can't have electronic voting! Hackers were able to brute force their way into our pilot program's ballot database through an 8 digit password!"
Blame our current standard of giving government contracts in IT to the absolute lowest bidder
Which stems from a much larger, less easy to pin down policy of having tiered groups to manage missions in order to avoid impropriety, but also ultimately results in people completely divorced from the goal of a project having absolute financial control over it.
How has security been for the Healthcare marketplace? I know user experience was poor for quite a bit but that is easily managed with proper people at the helm.
Don't HIPPA requirements lead to a lot of medical data residing either on paper or on devices and systems that are not connected to the Internet? Legit question, not rhetorical. But I thought this was the case.
Edit: which is to say that the insurance purchasing system may not be the one to look at to draw an analogy to election security.
No ARAA and ACA (and other things) have pushed hard for the opposite. Paper is less secure in real terms oftentimes too - there are more HIPAA violations due to people dumpster diving than hacking (although dumpster diving for hardware is also an issue).
I would disagree. Not that mail in balloting would require hardening or is immune from electoral fraud, though it seems like there should be a good number of ways to ensure the outcome is authentic through audits, statistical regression, Benford's Law, &c. in order to catch it at least as often as current electoral fraud with a more varied approach to balloting. (Plus it isn't like in person voting at various county offices would be outlawed, it'd just be a less prominent option to be elected.) But I would say that giving everyone a ballot, rather than requiring everyone show up to get a ballot, is intrinsically better for the majority of voters. Not that I'm terribly well versed in the subject, but of the handful of studies that I've seen at worst switching elections to mail in doesn't have an impact on voter participation for general elections, but does actually increase turnout for special and off year election that get held. Elections which traditionally have horrendously low turnout. And that's at worst. At best there is a marginal increase in overall participation mostly led by increases in turnout from women, minorities, and the elderly.
Mail-in voting has a negligible effect on turnout most of the time and in special elections its not a big impact, which eliminates most of the theoretical benefit.
The downside is its a lot more open to fraud if you don't have physical ballot security and at least the risk involved in vote fraud.
1 - Ballot security is key.
If you mail in a copy of someone else's ballot (either because it was stolen, or because the people making the ballots and their security marks are likely to be involved in the elections themselves) there is almost no way to be caught doing so. Worst case scenario, you cancel out someone's vote as both ballots are rejected. And for that to happen you have to link identities with ballots for a much longer period of time/the process, which is bad for the secret ballot.
Worst case for in person is you show up, they've already voted and you get arrested. Or if you're first they make a stink and its a big to-do and people try to remember who voted under that name. Or when you try to vote, you're talking to a neighbor/aunt/coworker of the actual person and you get arrested.
Plus in person voting as someone else en masse isn't easy. Realistically you can't go to the same polling place multiple times without a huge risk, so you'd need to involve more people which introduces more risk. Mailing 300 ballots wouldn't be tough.
2 - Ballot Box security is key.
Physical voting requires a physical container for the ballots. Representatives for both sides are generally there, along with law enforcement and civic minded volunteers. You start empty, anything put inside goes through a process and then under lock and key the container is brought to a central location where more people verify no additional ballots are added and none are improperly removed. The whole reason a recount makes sense is you know that ballots are cast ballots.
Mailed in ballots arrive over a much longer amount of time. They are examined by officials and then entered in without their identifying information (to preserve some amount of ballot secrecy) into a storage area. But that storage area is more difficult to watch by everyone involved because of the duration and because how ballots go into it. When someone votes, the actual voter is almost always the one to place it in the box (or it is done in full view by a volunteer/worker). No one can watch everyone checking the ballots and then transporting them to the storage unit for 6 weeks. Ballots can be introduced that were never sent much more readily with no record or witness.
3 - Statistical models aren't legal counting methods. You can't overturn an election based on statistical models.
For one, you'd need something to compare it to. Polls are flawed. Past elections are not deterministic of future elections. Demographics isn't election destiny. Without good data you can't create a strong model and polls are going to be wrong sometimes.
Four years ago Sharon Angle was supposed to beat Reid based on all the polling. Should it have been overturned because its not the expected result? Can you imagine a stronger tool against change?
For that reason and others you legally can't do that. We aren't allowed to count people for the Census using statistical methods and estimates. We certainly aren't legally allowed to overturn election results based on them.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
I don't know about any other state, but I have first hand knowledge of how the electronic voting checks are done in Wisconsin and if everything is followed correctly it would be virtually impossible to not find out that there was tampering. Only pure and total incompetence on the part of an election official would let someone get away with tampering, or I guess being party to the crime.
The memory card for the electronic vote machines are kept in a compartment that has a small plastic tag that has to be cut to get to the compartment, that tag has a number that is unique to the tag and is to be written down, in non-erasable ink, when it is attached to the machine and a blank memory card is inserted and then the number is submitted to the GAB the day before the election. After the election that tag is checked, the tag number written down, and once again submitted to the GAB. The tags are purchased, but the numbers are randomly sent to the districts in sealed envelopes so no one knows which numbers went where and they're not to be opened until they are attached to the machine. And as far as I was told, the machines do not have any wireless capabilities.
It won't stop someone from attempting or even succeeding in tampering with the vote, but it will be caught almost immediately.
That's good to hear. Part of the problem is that there's no nationwide standard for voting machines, so what's true of one state isn't necessarily true of others. I don't remember the details, but I read an article a couple of years ago talking about how appallingly insecure some machines were.
For that reason and others you legally can't do that. We aren't allowed to count people for the Census using statistical methods and estimates. We certainly aren't legally allowed to overturn election results based on them.
This is inaccurate. I was a crew leader for the 2010 Census, and we were instructed that if the household would not cooperate to go to a neighbor, or even sit outside the house and count if we had to, and get a very good estimate if we couldn't get an actual count from the head of household.
Edit: Anything besides the number of people could not be guessed. So if I went to a house and they wouldn't cooperate I could estimate the number, but I couldn't fill in anything about age or ethnicity or anything else even if I actually knew it
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
In 2010, the government rolled out a test voting website that they had planned to use for actual elections. It was utterly compromised within 36 hours by students at the University of Michigan:
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
Maybe don't use a 4 character long password as the MASTER PASSWORD
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
So it's still a major security fail, but one of negligence rather than the idiocy that would be required for someone to actively choose a password like that for election software.
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
Stopping legal voters from voting hurts our elections integrity too
Am I proposing that? No. So, stop claiming that I do.
There's plenty we can do to ensure the integrity of our elections. Getting dead people off the rolls, trying to remove the double-counted people (registered to vote in one place, moved to another state and registered there, and the first registration is never removed,) and other things would be a start.
It turns out that efforts to eliminate double-enrolled voters can get ugly, too.
At the heart of this voter-roll scrub is the Interstate Crosscheck program, which has generated a master list of nearly 7 million names. Officials say that these names represent legions of fraudsters who are not only registered but have actually voted in two or more states in the same election — a felony punishable by 2 to 10 years in prison.
... the actual lists show that not only are middle names commonly mismatched and suffix discrepancies ignored, even birthdates don’t seem to have been taken into account. Moreover, Crosscheck deliberately ignores Social Security mismatches, in the few instances when the numbers are even collected. The Crosscheck instructions for county election officers state, “Social Security numbers are included for verification; the numbers might or might not match.”
In practice, all it takes to become a suspect is sharing a first and last name with a voter in another state.
...
Mark Swedlund is a specialist in list analytics whose clients have included eBay, AT&T and Nike. At Al Jazeera America’s request, he conducted a statistical review of Crosscheck’s three lists of suspected double voters. According to Swedlund, “It appears that Crosscheck does have inherent bias to over-selecting for potential scrutiny and purging voters from Asian, Hispanic and Black ethnic groups. In fact, the matching methodology, which presumes people in other states with the same name are matches, will always over-select from groups of people with common surnames.” Swedlund sums up the method for finding two-state voters — simply matching first and last name — as “ludicrous, just crazy.”
In graphic form:
every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.
Stopping legal voters from voting hurts our elections integrity too
Am I proposing that? No. So, stop claiming that I do.
There's plenty we can do to ensure the integrity of our elections. Getting dead people off the rolls, trying to remove the double-counted people (registered to vote in one place, moved to another state and registered there, and the first registration is never removed,) and other things would be a start.
It turns out that efforts to eliminate double-enrolled voters can get ugly, too.
At the heart of this voter-roll scrub is the Interstate Crosscheck program, which has generated a master list of nearly 7 million names. Officials say that these names represent legions of fraudsters who are not only registered but have actually voted in two or more states in the same election — a felony punishable by 2 to 10 years in prison.
... the actual lists show that not only are middle names commonly mismatched and suffix discrepancies ignored, even birthdates don’t seem to have been taken into account. Moreover, Crosscheck deliberately ignores Social Security mismatches, in the few instances when the numbers are even collected. The Crosscheck instructions for county election officers state, “Social Security numbers are included for verification; the numbers might or might not match.”
In practice, all it takes to become a suspect is sharing a first and last name with a voter in another state.
...
Mark Swedlund is a specialist in list analytics whose clients have included eBay, AT&T and Nike. At Al Jazeera America’s request, he conducted a statistical review of Crosscheck’s three lists of suspected double voters. According to Swedlund, “It appears that Crosscheck does have inherent bias to over-selecting for potential scrutiny and purging voters from Asian, Hispanic and Black ethnic groups. In fact, the matching methodology, which presumes people in other states with the same name are matches, will always over-select from groups of people with common surnames.” Swedlund sums up the method for finding two-state voters — simply matching first and last name — as “ludicrous, just crazy.”
In graphic form:
Thanks for the infographics and numbers, though. It's always good to see just how harmful this stuff is.
According to Crosscheck, close to a quarter of a million voters in Washington state are potential double-voting fraudsters. The Republican secretary of state, Kim Wyman, has no plans to use the Crosscheck list, preferring instead a far narrower matching program, the Electronic Registration Information Center, funded by the research and public-policy nonprofit the PEW Charitable Trusts. Notably, the ERIC lists require an exact match in several of these fields — among them, driver’s license number, Social Security number, email and phone — as opposed to just name and date of birth. Eleven states, plus the District of Columbia, are members of ERIC.
Virginia agreed to supply Al Jazeera America with the state’s ERIC match list despite a contract requiring confidentiality. That list, with only 37,405 names, was a fraction the size of Crosscheck’s, which tagged over a third of a million Virginians.
Al Jazeera America reached one of ERIC’s creators, the Pew Trusts’ David Becker, in Baltimore. He is dismissive of Crosscheck’s claim of finding legions of fraudulent double voters. Even of ERIC’s own lists, he says, “99.999 percent of those people would not be thinking of voting twice in two states.” He adds, “There’s no widespread evidence of voting in two states. There’s a real problem of millions of people registered in more than one state — though this is hardly an indication of fraud.”In fact, the purpose of ERIC is not just to remove names but also to add those who are eligible to vote but have not yet registered, Becker says. States that use the ERIC lists must agree, by contract, to find those who have moved or who have an outdated registration in another state and add them to the voter rolls. Postcards or letters must be sent to the unregistered to get them on to the rolls and to the dual registered to update their information.
According to Crosscheck, close to a quarter of a million voters in Washington state are potential double-voting fraudsters. The Republican secretary of state, Kim Wyman, has no plans to use the Crosscheck list, preferring instead a far narrower matching program, the Electronic Registration Information Center, funded by the research and public-policy nonprofit the PEW Charitable Trusts. Notably, the ERIC lists require an exact match in several of these fields — among them, driver’s license number, Social Security number, email and phone — as opposed to just name and date of birth. Eleven states, plus the District of Columbia, are members of ERIC.
Virginia agreed to supply Al Jazeera America with the state’s ERIC match list despite a contract requiring confidentiality. That list, with only 37,405 names, was a fraction the size of Crosscheck’s, which tagged over a third of a million Virginians.
Al Jazeera America reached one of ERIC’s creators, the Pew Trusts’ David Becker, in Baltimore. He is dismissive of Crosscheck’s claim of finding legions of fraudulent double voters. Even of ERIC’s own lists, he says, “99.999 percent of those people would not be thinking of voting twice in two states.” He adds, “There’s no widespread evidence of voting in two states. There’s a real problem of millions of people registered in more than one state — though this is hardly an indication of fraud.”In fact, the purpose of ERIC is not just to remove names but also to add those who are eligible to vote but have not yet registered, Becker says. States that use the ERIC lists must agree, by contract, to find those who have moved or who have an outdated registration in another state and add them to the voter rolls. Postcards or letters must be sent to the unregistered to get them on to the rolls and to the dual registered to update their information.
It's nice when major State departments are headed by goo-goo's, regardless of party. I mean, I'll readily admit to having my policy preferences for a vat array of things, not all of them well formed, but certain philosophical things (like caring about democracy) transcend that.
On Election Day in 2013, I took my four children with me to watch me register to vote and cast my ballot in a city election in my small town in Iowa. Earlier that day, my daughter's class learned about the meaning of democracy and the importance of elections.
Two months after I cast my ballot as a civics lesson for my daughter, the Iowa Department of Criminal Investigation agents parked across the street from my house, questioned me, and eventually arrested me and charged me with voter fraud.
Let me explain: When I was convicted on a nonviolent drug charge in 2008, my defense attorney told me that once I served my probation, I would regain my right to vote automatically – correct information at the time. But Gov. Terry Branstad suddenly changed the rules in 2011, and now all citizens with a felony conviction lose their voting rights for life. Our Secretary of State Matt Schultz, in fact, has made this subversion of democracy a point of pride. He has spent hundreds of thousands of dollars hunting down and prosecuting people with past convictions who unknowingly registered or cast a vote.
It's bad enough that they took away voting rights they were given back (seriously, why the fuck would a law like that be retroactive?) but it's especially abhorrent that they spend so much damn money trying to prosecute these people when it should be easy enough to simply mail them a notice saying "actually you aren't allowed to vote any more."
But when the right to vote at any election for the choice of electors for President and Vice President of the United States, Representatives in Congress, the executive and judicial officers of a state, or the members of the legislature thereof, is denied [...] or in any way abridged, except for participation in rebellion, or other crime, [...]
Felon disenfranchisement is Constitutional. Terrible policy that makes a mockery of the idea of universal suffrage, but Constitutional.
But when the right to vote at any election for the choice of electors for President and Vice President of the United States, Representatives in Congress, the executive and judicial officers of a state, or the members of the legislature thereof, is denied [...] or in any way abridged, except for participation in rebellion, or other crime, [...]
Felon disenfranchisement is Constitutional. Terrible policy that makes a mockery of the idea of universal suffrage, but Constitutional.
Yep. Number of states have it. Primarily where you'd expect.
But when the right to vote at any election for the choice of electors for President and Vice President of the United States, Representatives in Congress, the executive and judicial officers of a state, or the members of the legislature thereof, is denied [...] or in any way abridged, except for participation in rebellion, or other crime, [...]
Felon disenfranchisement is Constitutional. Terrible policy that makes a mockery of the idea of universal suffrage, but Constitutional.
I like the wording of "rebellion, or other crime". I know it's held to be constitutional but it just feels like the intention was not to ban any felon from voting.
Posts
Yeah, I'd agree, but if there's one thing that's become clear in recent years it's that nothing online is ever going to be secure. I'd think an election for a major superpower would be nearly as big a target as celebrity boobs and my credit card number, and I'm pretty certain we will never secure it sufficiently.
I'm not even sure it's possible to do so.
Don't HIPPA requirements lead to a lot of medical data residing either on paper or on devices and systems that are not connected to the Internet? Legit question, not rhetorical. But I thought this was the case.
Edit: which is to say that the insurance purchasing system may not be the one to look at to draw an analogy to election security.
I think we are at a point now where little, if any, of that info can be considered secure anyway.
Yeah, which is why it's not a useful comparison. We don't need that server to be anything but "harder" than the next one, because the information is all compromised anyway. We just need deniability.
Whereas an election? That's like saying that somewhere, on a single server, there's a nude JLaw selfie...with all of Bill Gates's banking info written in sharpie on her boobs.
That will get compromised, or people will burn the whole Internet down trying.
Is there a way to resize images in-line? I'd like to post some of these, but dimensionally they're too large.
That being said, Jesus Christ, Kentucky.
I would disagree. Not that mail in balloting would require hardening or is immune from electoral fraud, though it seems like there should be a good number of ways to ensure the outcome is authentic through audits, statistical regression, Benford's Law, &c. in order to catch it at least as often as current electoral fraud with a more varied approach to balloting. (Plus it isn't like in person voting at various county offices would be outlawed, it'd just be a less prominent option to be elected.) But I would say that giving everyone a ballot, rather than requiring everyone show up to get a ballot, is intrinsically better for the majority of voters. Not that I'm terribly well versed in the subject, but of the handful of studies that I've seen at worst switching elections to mail in doesn't have an impact on voter participation for general elections, but does actually increase turnout for special and off year election that get held. Elections which traditionally have horrendously low turnout. And that's at worst. At best there is a marginal increase in overall participation mostly led by increases in turnout from women, minorities, and the elderly.
http://voices.washingtonpost.com/debonis/2010/10/prof_explains_how_dc_online_vo.html
More details: http://www.bradblog.com/?p=8118
Maybe don't use a 4 character long password as the MASTER PASSWORD
PSN/Steam/NNID: SyphonBlue | BNet: SyphonBlue#1126
EDIT: "We can't have electronic voting! Hackers were able to brute force their way into our pilot program's ballot database through an 8 digit password!"
"...Was your password 'PASSWORD'?"
"OMG! GET OUT OF MY HEAD!"
"DAMMITALL, UMICH! That was our Operation Fuck China honeypot! Millions of dollars down the drain!"
Steam: Elvenshae // PSN: Elvenshae // WotC: Elvenshae
Wilds of Aladrion: [https://forums.penny-arcade.com/discussion/comment/43159014/#Comment_43159014]Ellandryn[/url]
I totally agree, but I'm afraid that ANY government-funded project would be similarly plagued by incompetence and idiocy. The voting machines used now are apparently ridiculously insecure, for reasons ranging from hardware so flimsy you can bend it with your bare hands, to dumbfuckery like the password thing.
to be fair, if you set up a decent firewall around anything, you'll find you get pings from china. I think a few million people in china sit around just running every possible IP.
I host a podcast about movies.
Its not like they would use simple passwords like all all zeros for nuclear launch codes for all our missiles for decades.
I don't know about any other state, but I have first hand knowledge of how the electronic voting checks are done in Wisconsin and if everything is followed correctly it would be virtually impossible to not find out that there was tampering. Only pure and total incompetence on the part of an election official would let someone get away with tampering, or I guess being party to the crime.
The memory card for the electronic vote machines are kept in a compartment that has a small plastic tag that has to be cut to get to the compartment, that tag has a number that is unique to the tag and is to be written down, in non-erasable ink, when it is attached to the machine and a blank memory card is inserted and then the number is submitted to the GAB the day before the election. After the election that tag is checked, the tag number written down, and once again submitted to the GAB. The tags are purchased, but the numbers are randomly sent to the districts in sealed envelopes so no one knows which numbers went where and they're not to be opened until they are attached to the machine. And as far as I was told, the machines do not have any wireless capabilities.
It won't stop someone from attempting or even succeeding in tampering with the vote, but it will be caught almost immediately.
Which stems from a much larger, less easy to pin down policy of having tiered groups to manage missions in order to avoid impropriety, but also ultimately results in people completely divorced from the goal of a project having absolute financial control over it.
No ARAA and ACA (and other things) have pushed hard for the opposite. Paper is less secure in real terms oftentimes too - there are more HIPAA violations due to people dumpster diving than hacking (although dumpster diving for hardware is also an issue).
QEDMF xbl: PantsB G+
Mail-in voting has a negligible effect on turnout most of the time and in special elections its not a big impact, which eliminates most of the theoretical benefit.
The downside is its a lot more open to fraud if you don't have physical ballot security and at least the risk involved in vote fraud.
1 - Ballot security is key.
If you mail in a copy of someone else's ballot (either because it was stolen, or because the people making the ballots and their security marks are likely to be involved in the elections themselves) there is almost no way to be caught doing so. Worst case scenario, you cancel out someone's vote as both ballots are rejected. And for that to happen you have to link identities with ballots for a much longer period of time/the process, which is bad for the secret ballot.
Worst case for in person is you show up, they've already voted and you get arrested. Or if you're first they make a stink and its a big to-do and people try to remember who voted under that name. Or when you try to vote, you're talking to a neighbor/aunt/coworker of the actual person and you get arrested.
Plus in person voting as someone else en masse isn't easy. Realistically you can't go to the same polling place multiple times without a huge risk, so you'd need to involve more people which introduces more risk. Mailing 300 ballots wouldn't be tough.
2 - Ballot Box security is key.
Physical voting requires a physical container for the ballots. Representatives for both sides are generally there, along with law enforcement and civic minded volunteers. You start empty, anything put inside goes through a process and then under lock and key the container is brought to a central location where more people verify no additional ballots are added and none are improperly removed. The whole reason a recount makes sense is you know that ballots are cast ballots.
Mailed in ballots arrive over a much longer amount of time. They are examined by officials and then entered in without their identifying information (to preserve some amount of ballot secrecy) into a storage area. But that storage area is more difficult to watch by everyone involved because of the duration and because how ballots go into it. When someone votes, the actual voter is almost always the one to place it in the box (or it is done in full view by a volunteer/worker). No one can watch everyone checking the ballots and then transporting them to the storage unit for 6 weeks. Ballots can be introduced that were never sent much more readily with no record or witness.
3 - Statistical models aren't legal counting methods. You can't overturn an election based on statistical models.
For one, you'd need something to compare it to. Polls are flawed. Past elections are not deterministic of future elections. Demographics isn't election destiny. Without good data you can't create a strong model and polls are going to be wrong sometimes.
Four years ago Sharon Angle was supposed to beat Reid based on all the polling. Should it have been overturned because its not the expected result? Can you imagine a stronger tool against change?
For that reason and others you legally can't do that. We aren't allowed to count people for the Census using statistical methods and estimates. We certainly aren't legally allowed to overturn election results based on them.
QEDMF xbl: PantsB G+
That's good to hear. Part of the problem is that there's no nationwide standard for voting machines, so what's true of one state isn't necessarily true of others. I don't remember the details, but I read an article a couple of years ago talking about how appallingly insecure some machines were.
Fake edit: here.
I mean, I'll still vote no matter what system I have to use, because what're you gonna do?
This is inaccurate. I was a crew leader for the 2010 Census, and we were instructed that if the household would not cooperate to go to a neighbor, or even sit outside the house and count if we had to, and get a very good estimate if we couldn't get an actual count from the head of household.
Edit: Anything besides the number of people could not be guessed. So if I went to a house and they wouldn't cooperate I could estimate the number, but I couldn't fill in anything about age or ethnicity or anything else even if I actually knew it
So we use the iPhone 6?
Just as long as iCloud isnt used!
It turns out that efforts to eliminate double-enrolled voters can get ugly, too.
From Al-Jazeera, two days ago: http://projects.aljazeera.com/2014/double-voters
In graphic form:
the "no true scotch man" fallacy.
Thanks for the infographics and numbers, though. It's always good to see just how harmful this stuff is.
That said, Crosscheck is favored by GOP states, for whom discrimination is a desired feature, not a bug.
the "no true scotch man" fallacy.
It's nice when major State departments are headed by goo-goo's, regardless of party. I mean, I'll readily admit to having my policy preferences for a vat array of things, not all of them well formed, but certain philosophical things (like caring about democracy) transcend that.
Yay!
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
Felon disenfranchisement is Constitutional. Terrible policy that makes a mockery of the idea of universal suffrage, but Constitutional.
Yep. Number of states have it. Primarily where you'd expect.
http://sentencingproject.org/doc/fd_Estimates of African American Disenfranchisement.pdf
22.34% of black people who are old enough to vote are not able to in Kentucky because of prior felonies.
I like the wording of "rebellion, or other crime". I know it's held to be constitutional but it just feels like the intention was not to ban any felon from voting.