Richard Stallman's personal site.

https://stallman.org

For current political commentary, see the daily political notes. RMS's Bio | The GNU Project

Computers That Count Votes

See also Why you can't trust internet voting. The rest of the page describes specific instances of untrustworthy digital voting machines. ● Some Muscovites are being pressured, even ordered, to register to vote through an internet voting system. Such systems tend to be greatly insecure, and not to be trusted. Putin has made a practice of rigging elections for years, often blatantly. It is not clear that what a voter actually does has any effect on the "results" that Putin's state will report. But it might. Therefore, I think it is good not to actually vote. Australia has suspended use of an internet-based system for blind people to vote with. It is supposed to enable them to vote securely and anonymously. That is a worthy goal, but I strongly doubt that it can really achieve that. I'd rather trust a friend than trust network communication with my vote. Georgia is about to install insecure voting machines state-wide. Some [US] voting machines still have decade-old vulnerabilities. America's New Voting Machines Bring New Fears of Election Tampering. Matt Plaze's testimony in Congress, 29 Nov 2017, urging that the US eliminate unauditable computerized voting machines. Hackers at Defcon went to work on four different models of US voting machines, and cracked all of them within hours of seeing them for the first time. Even if some model were totally secure against crackers, it can't be secure against the company that develops its proprietary software. If, however, the software is free, and the local election authority can change it, then the machine can't be secure against the local election authority. There is always someone that can change the software, and we can't trust that someone. For secure elections, we must vote on paper. ● Texas Voting Machines Have Been 'a Known Problem' for a Decade. Even carefully implemented digital voting systems are dangerous, but real ones are often so sloppy you wouldn't believe it. ● The general reasons why computerized voting machines cannot be trustworthy. ● ES&S, a US company that makes digital voting machines, admits that it put a remote back door on some of them, in the period 2000-2006. ● Digital systems to keep track of which who in North Carolina had already voted malfunctioned in the 2016 election. Some accuse Russian interference. Perhaps it was that, but other suspects are possible, too. We may never know the real cause of this, but we know a way to avoid it: use paper for these records. ● Cosmic rays can alter the vote count inside a vote-counting computer. It has already happened. ● Several instances of untrustworthy or apparently rigged voting machines in the US. Voting machines used in Virginia and Pennsylvania allowed election-rigging via wifi, for anyone that could crack the machine's WEP password. To make it even easier, they used the password "ABCDE". But that is the icing on the cake. There are programs that reliably guess WEP passwords. No matter what password they had chosen, the machine would still have been vulnerable to anyone with some expertise. Today's voting computers might have a little better security, but that doesn't mean they can be trusted. Even if the security is enough to thwart random passers-by, that does not mean it will stop people from the company that made the machine, or people from the election authority, from rigging the election indetectably. Virginia has decertified this machine, but is the replacement good enough for your elections? The proper criteria are more than a little more strict. Even if the computer's security isn't so weak that outsiders can crack it, that doesn't mean you can trust it. The manufacturer might rig the election; the election authority might rig the election. ● Virginia's computerized voting machines, whose security was easy to break, have finally been decertified. It's a shame that the article uses "hackers" to mean﹃security breakers﹄— please use the term "crackers" when that's what you mean. All non-auditable digital voting systems should be banned, as a blanket rule, because they make it easy to rig elections indetectably. ●It's amazing how bad computerized voting machines can be. Here is a study of a machine that was used in New Jersey (and maybe elsewhere). ● Investigation around 2006 found that Diebold voting machines were susceptible to fraud, and a virus could be designed to infect all the machines in a district. More info. ● It was easy to put fraud software in Diebold voting machines. ● The magic word "Blockchain" does not make computerized voting secure. ● Recording votes in blockchain would not make online elections trustworthy. ● Vote-counting machines that use a cellular modem to transmit results are connected by it to the internet, and therefore insecure. ● The use in the US of just a few models of voting machines, mainly from two companies, results in central vulnerability for rigging elections. Communications for reporting the totals are also vulnerable. For trustworthy elections, voters should mark their votes by hand on paper. ● Used voting machines are being sold without wiping their disks, and they are very helpful for developing unobtrusive ways to attack voting machines still in use. ● Why Voters Should Mark Ballots by Hand. ● The Voatz "mobile voting app" was designed with worthless "security". Voting machines made by ES&S conceal data against independent audits, so it is hard to investigate why some ethnic groups' votes sometimes mysteriously get dropped. The Dominion ICE voting machine has lousy security and can be cracked very quickly. Once it is cracked, the crack can alter the paper ballots it produces as well as records in the machine. The page is a little confusing because it starts by discussing other models made by the same company before getting to the ICE model. However, once you are aware of this, it is clear enough. Some voting machines used in some US states, specifically the Dominion Voting Systems ICE and the ESS ExpressVote machines, are vulnerable to cracking. Crackers could install software that would alter the vote printed it on the ballot before the machine deposits it in the ballot box. Voters must vote directly on paper.

Voter verified paper audit trail

● In a voting experiment, most voters failed to notice errors in their "voter-verified" paper ballots. ● "Express Vote", a system that US states are buying in 2019, has two big flaws: the ballots are marked by computer with bar codes (and the voter is required to trust that computer isn't cheating), and even so the scanner can't read them all correctly. A court prohibited the use of Georgia's voting machines, which make no paper ballots at all. I hope Georgia won't switch to "Express Vote". ● The new "expressvote" voting machine offers to print a paper ballot for the user to check — but invites the user to speed up the process by saying "skip the check." ● Voter-verified paper ballots seemed to have potential, but they don't work to protect the election from theft. For a secure election, voters should vote on paper. Computers can count the votes by scanning the papers.

Internet Voting

● Australia tried internet voting, and a security flaw put 66,000 votes in question. They had the good fortune of knowing there was a security flaw. If a state tries internet voting and does not find a security flaw, that doesn't mean there isn't one. It means there is one and it has not been found. ● Security risks and privacy issues are too great for moving the ballot box to the Internet. ● Attacking Washington DC's internet voting was as easy as pie. ● Estonia's internet voting is vulnerable too. Australia is using an insecure internet voting system. In addition to the software vulnerabilities, remote voting opens the door for voters to be coerced by their bosses, by abusive spouses, etc. It is a foolish risk to permit remote voting except in special cases such as when people are travelling or in the hospital. If young people are not voting, it's because they see the candidates that might win are working for plutocrats. Making it less work to vote is no solution. ● All remote voting has a fundamental danger: your boss or your violent spouse might coerce you to vote a certain way. This is bad for democracy and has no technical fix. ● West Virginia is allowing people to vote remotely (which in general means your spouse or boss could watch), demanding that voters give their fingerprints (surveillance of voters) and use lots of nonfree software (tyranny). Of couse, it is insecure too. ● Researchers Find Critical Backdoor in Swiss Online Voting System. ● OmniBallot, a system for voting over the internet, is insecure in all the usual ways such systems are. But it's even worse: it snoops on piles of the voter's personal information.