Richard Stallman's personal site.
For current political commentary, see
the daily
political notes.
RMS's Bio |
The GNU Project
Computers That Count Votes
See also Why you can't trust internet voting.
The rest of the page describes specific instances of untrustworthy
digital voting machines.
●
Some Muscovites are being pressured, even ordered, to register to vote
through an internet voting system.
Such systems tend to be greatly insecure, and not to be trusted.
Putin has made a practice of rigging elections for years, often blatantly.
It is not clear that what a voter actually does has any effect on
the "results" that Putin's state will report. But it might.
Therefore, I think it is good not to actually vote.
Australia has suspended use of an internet-based system for blind people to vote with.
It is supposed to enable them to vote securely and anonymously. That is a worthy goal, but I strongly doubt that it can really achieve that. I'd rather trust a friend than trust network communication with my vote.
Georgia is about to install insecure voting machines state-wide.
Some [US] voting machines still have decade-old vulnerabilities.
America's New Voting Machines Bring New Fears of
Election
Tampering.
Matt Plaze's
testimony
in Congress, 29 Nov 2017, urging that the US eliminate unauditable
computerized voting machines.
Hackers at Defcon went to work on four different models of US voting
machines, and cracked all of them within hours of seeing them for the
first time.
Even if some model were totally secure against crackers, it can't be
secure against the company that develops its proprietary software.
If, however, the software is free, and the local election authority
can
change it, then the machine can't be secure against the local election
authority. There is always someone that can change the software,
and we can't trust that someone.
For secure elections, we must vote on paper.
●
Texas Voting Machines Have Been
'a
Known Problem' for a Decade.
Even carefully implemented digital voting systems are dangerous,
but
real ones are
often so sloppy you wouldn't believe it.
●
The
general reasons why computerized voting machines cannot be
trustworthy.
●
ES&S, a US company that makes digital voting machines, admits
that it
put
a remote back door on some of them, in the period 2000-2006.
●
Digital systems to keep track of which who in North Carolina had
already voted
malfunctioned in the 2016 election.
Some accuse Russian interference. Perhaps it was that, but other
suspects are possible, too. We may never know the real cause of this,
but we know a way to avoid it: use paper for these records.
●
Cosmic
rays can alter the vote count inside a vote-counting computer.
It has already happened.
●
Several
instances of untrustworthy or apparently rigged voting
machines in the US.
Voting machines used in Virginia and Pennsylvania
allowed election-rigging via wifi, for anyone that could crack the
machine's WEP password.
To make it even easier, they used the password "ABCDE". But that is
the icing on the cake. There are programs that reliably guess WEP
passwords. No matter what password they had chosen, the machine would
still have been vulnerable to anyone with some expertise.
Today's voting computers might have a little better security,
but that doesn't mean they can be trusted. Even if the security is
enough to thwart random passers-by, that does not mean it will stop
people from the company that made the machine, or people from the
election authority, from rigging the election indetectably.
Virginia has decertified this machine, but is the replacement good
enough for your elections? The proper criteria are more than a little
more strict.
Even if the computer's security isn't so weak that outsiders can crack
it, that doesn't mean you can trust it. The manufacturer might rig
the election; the election authority might rig the election.
●
Virginia's computerized voting machines, whose security was easy to
break,
have finally been decertified.
It's a shame that the article uses "hackers" to mean﹃security
breakers﹄— please use the term "crackers" when that's what you
mean.
All non-auditable digital voting systems should be banned, as a
blanket rule, because they make it easy to rig elections indetectably.
●It's amazing how bad computerized voting machines can be.
Here
is a study of a machine that was used in New Jersey (and maybe
elsewhere).
●
Investigation around 2006 found that Diebold voting machines were
susceptible to fraud, and a virus could be designed to infect all the
machines in a district.
More info.
●
It was
easy to put fraud software in Diebold voting machines.
●
The magic word "Blockchain"
does
not make computerized voting secure.
●
Recording votes in blockchain
would
not make online elections trustworthy.
●
Vote-counting machines that use a cellular modem to transmit results
are connected by it to the internet, and therefore insecure.
●
The use in the US of just a few models of voting machines, mainly
from two companies, results in central vulnerability for rigging
elections. Communications for reporting the
totals are
also vulnerable.
For trustworthy elections, voters should mark their votes by
hand on paper.
●
Used voting machines are
being sold
without wiping their disks, and they are very helpful for
developing unobtrusive ways to attack voting machines still in
use.
●
Why Voters
Should Mark
Ballots by Hand.
●
The Voatz "mobile voting app" was designed with worthless "security".
Voting machines made by ES&S conceal data against independent audits,
so it is hard to investigate why some ethnic groups' votes sometimes
mysteriously get dropped.
The Dominion ICE voting machine has lousy security and can be cracked
very quickly. Once it is cracked, the crack can alter the paper
ballots it produces as well as records in the machine.
The page is a little confusing because it starts by discussing other
models made by the same company before getting to the ICE model.
However, once you are aware of this, it is clear enough.
Some voting machines used in some US states, specifically the Dominion
Voting Systems ICE and the ESS ExpressVote machines, are vulnerable to
cracking. Crackers could install software that would alter the vote
printed it on the ballot before the machine deposits it in the ballot box.
Voters must vote directly on paper.
Voter verified paper audit trail
●
In a voting experiment,
most voters failed to notice errors in their
"voter-verified" paper ballots.
●
"Express Vote", a system that US states are buying in 2019, has
two
big flaws: the ballots are marked by computer with bar codes (and
the voter is required to trust that computer isn't cheating), and even
so the scanner can't read them all correctly.
A court
prohibited
the use of Georgia's voting machines, which make no paper ballots
at all.
I hope Georgia won't switch to "Express Vote".
●
The new "expressvote" voting machine offers to print a paper ballot
for the user to check — but invites the user to speed up the
process
by
saying "skip the check."
●
Voter-verified paper ballots seemed to have potential, but they don't
work
to protect
the election from theft.
For a secure election, voters should vote on paper. Computers can count the
votes by scanning the papers.
Internet Voting
●
Australia tried internet voting, and
a security flaw put 66,000
votes in question.
They had the good fortune of knowing there was a security flaw.
If a state tries internet voting and does not find a security flaw,
that doesn't mean there isn't one. It means there is one and it
has not been found.
●
Security risks and privacy issues are too great for moving the ballot
box to the Internet.
●
Attacking Washington DC's internet voting was as
easy as pie.
●
Estonia's internet voting is
vulnerable too.
Australia is
using
an insecure internet voting system.
In addition to the software vulnerabilities, remote voting opens
the door for voters to be coerced by their bosses, by abusive spouses,
etc. It is a foolish risk to permit remote voting except in special
cases such as when people are travelling or in the hospital.
If young people are not voting, it's because they see the candidates
that might win are working for plutocrats. Making it less work to vote
is no solution.
●
All remote voting has a fundamental danger: your boss or your violent
spouse might coerce you to vote a certain way. This is bad for
democracy and has no technical fix.
●
West Virginia is allowing people to vote remotely (which in general
means your spouse or boss could watch), demanding that voters give
their fingerprints (surveillance of voters) and use lots of nonfree
software (tyranny).
Of
couse, it
is insecure too.
●
Researchers
Find Critical
Backdoor in Swiss Online Voting System.
●
OmniBallot, a system for voting over the internet, is insecure in all
the usual ways such systems are. But it's even worse: it snoops on
piles of the voter's personal information.
Copyright (c) 2015, 2022, Richard Stallman.
Verbatim copying and redistribution of this entire page are
permitted provided this notice is preserved.