A decade and a half ago, a developer testified that he was contracted to make code that would swing an election using electronic voting machines. In this year’s presidential primaries, exit polling significantly differed from official results, but only in precincts using unverifiable electronic voting machines. A democracy can only exist if the integrity of the voting process can be assured, and there is no international electoral oversight committee that would verify the elections in every precinct of the United States.
Your vote may not count, but that doesn’t mean you should wait for hours to cast it. This Hackaday Prize aims to end excessive waiting times at polling places, by giving voters a handy app to check the wait times they’re about to face.
The Qubie is a device that simply keeps track of how long voters are waiting in line at their polling place. The tech behind this is extremely simple – just a Raspberry Pi, WiFi adapter, and a battery. The device keeps track of how long voters have been waiting in line by looking at WiFi coming from smartphones. This data, which has a MAC address in there somewhere, is pseudorandomized and checked every minute or so to get a very good idea of how long a specific smartphone has been in range of the Pi. This data is then broadcast out to a server which figures out how long wait times are at a specific polling place.
In the recent California primary election, the Qubie was used at ten polling places in Shasta county. They logged a total of over 30,000 WiFi contacts and after a cursory examination of the data, saw the phenomena you would expect: surges in activity around lunchtime and at the end of the day. It’s a great project that gathers data that should be automated and public, and a great entry for the Hackaday Prize.
OK, I can see that this would have some marginal use use, but the first paragraph lead me to believe this was something that would block or detect hacking of electronic polling. Write the article for the first paragraph (with references!). That would be more interesting!
Agreed; that would be interesting!
Likewise: the first paragraph seems irrelevant and slightly fearmongering? I’d love to see some references for that claim about electronic voting, let alone critical analysis.
They line about international monitors is just false; there are many NGOs and regional bodies that regularly monitor elections. To misquote Wikipedia, they don’t make to process fair, but they do document the type and extent of failures
Perhaps something more along the lines of;
The relationship between voting and new technologies has been a torrid one; whether its’s hanging chads, a developer testifying that he was contracted two write code to manipulate electronic, or the discrepancy between official results and exit polling during presidential primaries, the unverifiable nature of most polling technologies breeds suspicion – Sad!
Although there is no way Americans would tolerate oversight of international organisations for free and fair elections, this Hackaday Prize Entry is seeking to make a difference by letting voters know when waiting times at their local polling place are at their lowest. Your vote may not make a difference, but at least you don’t need to wait in a que for hours to cast it
“the first paragraph seems irrelevant and slightly fearmongering? I’d love to see some references for that claim about electronic voting, let alone critical analysis.”
That’s pronounced “Benchoff”.
I do recall there was a “Electronic voting machines are a terrible idea that can never be secure. We’ve been securing paper for hundreds of years.” kind of article.
Agreed, the first paragraph has almost nothing to do with the actual device. I guess Benchoff felt like the article wasnt long enough without that “history” added?
In this case Benchoff is absolutely correct, and if anything is understating the problem.
https://www.youtube.com/watch?v=t75xvZ3osFg
https://www.youtube.com/watch?v=Qs6w5ihNbtY
https://www.youtube.com/watch?v=-0grkxe5uPk
http://targetfreedomusa.com/wp-content/uploads/2014/12/Josef-Stalin-Those-who-cast-the-votes-decide-nothing.-.jpg
Allow people to verify their own votes in a public record that only identifies the voter by a RNG or hash.. Until then enjoy protecting from outside attackers [OR BUT NOT BOTH] corrupt government or establishment..
This is something I’ve always seen as intentional. You have voters who are scared to have their intentions revealed and then political establishment that creates new law every few years to veto their population’s voting results.. Then hackers typically fueled by economics or religion or xenophobia that aren’t even really the problem but people hired to design systems can’t actually do security engineering or know things like RE and fuzzing that actually test skills, so they remain an APT. Nobody points out the irony or maliciousness of either..
The problem with verifiable (to the caster only), is that he not only can document the result to himself, but to whomever. So this opens the possibility for vote buying! In Poland they have a system like that, You can log-in with your social security car key-code to cast and even change your vote until polls close, and the afterwards verify your vote. The part about anonymizing your ballots origin from the government and the same time also make it verifiable is also not trivial, but that part they have sorted in Poland.
I meant current one-time polls votes just have the votes ledgered and query-able by a hash or RNG sequence with no name bound since people are scared to show what they really think.. You do this then you kill corrupt politics and hacking because one person finds different vote everyone else becomes alert.
“since people are scared to show what they really think”
Do you realise what you’re saying here? You’re saying that in the U.S., people are afraid to express their opinion freely. It sounds like the U.S. has a high level of totalitarianism. Are you sure that your country is still a democracy?
Hasn’t truly been a democracy for decades.
Oligarchic Haplocracy?
It’s not just being afraid of having the government know how you vote. What about your union, your employer, your spouse, your potential employers, etc?
I was a poll worker at a primary election in SC a few years back when we had a judge come in that wanted to vote in party A’s primary (in order to vote for someone where the party affiliation didn’t really matter, like coroner), but didn’t want it to show on the public record that he had “voted A” when he was a member of party B. He said something like that could cost him his next election. That was a case of having the public just knowing which *party* he voted for could cost him his job.
Yes, we should all let people believe what they want to believe and vote for whomever they choose without it being an issue, but I’d say the vast majority of people aren’t that way.
I assumed everyone knews I meant non-government. People want to vote to have farmers forced off their land, for example, and not have their neighbor know.. You should see how crazy Americans get when they think their voting habits will be known by people they know..
The common counter example is a person demanding to see their spouse’s votes. And a beating if they don’t approve.
So, who’s to say that the verification records are safe from tampering? And if they’re not safe from tampering, then they’re useless. Because you can’t use the outcome for anything significant.
Sometimes, technology is NOT the best solution. Voter-marked ink-and-paper ballots, which are then electronically counted (with the paper originals retained) is simple, secure and verifiable, for as long as the original ballots remain available and in secure storage.
In the UK they’re hand-counted, and we have the results within a day. Counting votes by hand is a solved problem. You can secure it by having each counter’s total verified by someone else, with punishment if they deliberately mis-count. The more votes you have to count, the more human beings available to count them.
I don’t trust electronic voting at all. There’s way, way too much potential for fraud. All the responsibility is concentrated in a few people, and the mechanism is completely obscure.
I see the problem in reverse: use a computer (or some touch screen device) to print the ballot. Electronically counted, with paper originals to backup that claim.
Why this way? Because it can be done for all the possible handicaps: bigger letters for those with poor sight (both on computer and on the ballot), can accommodate headphone jacks and text to speech system for the blind (on the computer), selections can be big enough for use of extra tools for those who are not able to use their hands due to illness or injury (on the computer). And small thermal paper is easier on the environment than a big printed paper.
After the elections order hand counts of the all ballots on all voting places, but you can stastically disregard some (or most) of them if there are no differences between computer numbers and hand count. So more accurate (un)official results can come earlier.
Validating that your vote was recorded correctly is only half the picture for insuring a fair election. There’s also the problem of phony voters.
again.. keep poll stations with ID checks.. The public ledger protects from altering of votes and the indexing correlates to living-people census data anyone can verify at any time..
SHA3-512 hash or OTP on a paper from the polling station used to query your vote in a public ledger with no identifying info. Anyone can verify voting nobody can alter it without it being obvious.
Collisions are the only threat.. NSA can’t even do large volume SHA3 collisions inside months..
You guys feel free to tell us all how you’d compromise such a system without collisions.
Why even vote over here; we get two or three terrible choices for ‘prez’.
Disappointed at my country’s political system.
“Your vote may not count”
[Benchoff] is right. :(
On the entry…
I could see this being very useful; could track waiting at the DMV, bank, amusement park rides, ect.
I wonder how many phones they found appearing in more than one voting center?
Though I can see that happening incidentally in cities, people driving in from the burbs for work passing 2 or 3 polling spots. Not all of them but a few thousand people on the move makes for good odds on it happening.
I would suspect that unless you were walking very slowly past the polling place your phone wouldn’t register often enough to trigger. Even so, a simple exclusion for people that were there for less than x minutes would all but eliminate that issue.
There are always going to be people that legitimately go to multiple polling places. Think election workers/monitors, the media, candidates and their minions, etc. With any luck those numbers would be small enough to not trigger an election fraud panic, but that need to be accounted for.
We tend to use schools as polling places in my county, and multiples of them because of voting districts. I would actually be surprised if very many teachers lived in the same district that their school was a polling place for – just plain odds on this one, not demographics. So their phones should show up twice.
Incidentally, voting fraud is thought to be a pretty small problem even in my redneck state – there aren’t even that many complaints. Wasn’t always that way :-) , but (for instance) now every registration has to be verified by one democrat, one republican, and one unspecified person (could be either party or even a fringe party member for that matter). Can’t have anyone over 18 in the booth with you (yes, you’re encouraged to bring your kids…), except for handicapped voters who need assistance (and even this is rare – “accessible booths” are required, a large-screen projector is provided, and curbside is required to be offered for anyone who doesn’t feel like they can walk or stand that long). Absentee ballots represent the best attack vector, and still they’re only tiny numbers. Ballots are paper, counted by machine for the election night preliminary results, and counted by hand for the officially certified results a few days later. Given the budget they do this on, I’m reasonably impressed.
Nice hack.
You have a strange voting system over there. Over here I get a card in the mail that tells me where my polling place is. In that place they have a list with my name. I can’t simply vote at another polling place.
You usually are assigned to the closest polling place and there is rarely a queue.
No, what we have here is a group of people who whose goal is to disenfranchise minority, poor and elderly voters (i.e.: those who are likely to vote for progressive and liberal candidates) by creating the spectre of “voter fraud” and convincing people that stringent “voter ID” requirements is the only solution to this (imaginary) menace. In other words, it’s a scam.
In reality, there have been only a minute number of proven cases of actual individual voter fraud (it’s much easier to lose or fake ballots and totals in the back room) and the old manual method of voter registration, assigned precincts and manual verification of name against printed lists is just as good a way of verifying voter ID as it always has been.
Of course there are few “proven” cases when means to detect the fraud are systematically opposed as “disenfranchising” certain groups. The arguments against voter ID are pure rubbish, perpetrated by people I’m convinced used election fraud regularly.
Sorry but it’s very easy to find regular occurrences of voter fraud. And almost always by members of the same political party. You know the progressive and liberal party that condones voter fraud as long as it benefits them. http://www.usatoday.com/story/news/nation/2013/07/17/cincinnati-illegal-voting/2530119/
It’s not fear-mongering, its under-oath testimony.
Courtroom Testimony on Rigged Voting Machines
https://www.youtube.com/watch?v=rVmsaDS_FwY
Thank-you for sharing.
So, to summarise;
1) He claims that he was asked to write code that would affect a single voting machine, making it give a pre-determined outcome at the behest of an elected official in Florida
2) He states that because exit polling is different from formal results, the formal results are “hacked” (although he goes on to acknowledge that the exit polls might be altered instead, maintaining that they should be the same
3) He states that altering the code on a single tallying machine would be able to affect the individual voting machines
4) He states that open code is required to detect such manipulation, although decompiling will held be possible
Frankly he shouldn’t be offering an opinion on #2 – he’s not a pollster
He does seem to have multiple conflicts of interest, and an antagonistic separation from the employer and legislator he alleges asked him to provide such software; even the original wired article noted several inconsistencies with respect to the proposed method (touch screens that were t used at the time and place) or access to code. On the other hand, other allegations he made were coroborated (such as an illegal alien /spy working in the company) or sustained (such as questionable billing)
Really I think he just says he was asked to write code to alter the outcome from a single machine; he extrapolates that to tallying machines (which he didn’t work on and gives a fairly vague description of how it would work) and says that exit poll discrepancy is an indicator of fraud (which it isn’t nessecarily)
Democracy? With two parties and legalized bribery of politicians (aka donations)? Meh.
I really don’t understand where people get the idea that America is a Democracy? I’m not being facetious, I’m being serious, did you not make it to 6th grade? The USA was and never has been intended to be a Democracy. The USA is a Republic. It’s in the Pledge of Allegiance, it’s in the Constitution. You vote has nothing to do with making policy. In a Republic, a small few are elected to “carry the will of the people.” That being said, my personal opinion is that the will of the people is irrelevant to politicians who are mostly owned by corporations, and the top .1%-ers. So it’ snot really a Republic anyway.
But, please stop trying to spread misinformation about the USA being a democracy. The first step to fixing a problem is to understand it properly.
You seem to be conflating “direct democracy” with democracy in general.
If you vote for your representatives, you’re in some kind of democratic system – even a “Presidential Republic” is a type of democracy.
https://en.wikipedia.org/wiki/Democracy
(I’m leaving aside the corruption aspect of course)
I like the underlying idea here. Giving voters information as to when lines are quick would also help spread the out the load. I volunteered in the primary in June, and they ask us to make suggestions as to how to improve the voter experience. Something like this seems like something the Registrar or Voter organizations would really get behind.
Anyone else who’s volunteering, lets put this idea in!
Lastly, its not the top of the ticket where your vote matters the most! Its the local issues and people that have the greatest effect on you!
Finally, for the love of god people, get your registration correct! American Independent (the party) is not the same as independent (no party preference).
Are there more details about the WiFi signals emanating from the phones? It seems odd to me that the phone (end device, not AP) would be sending unsolicited beacons, or replying to unrecognized APs, so I’d like to learn more about how this works.
Default settings I’ll bet. A high percentage of users don’t really mess with the system.