Poll

4 votes (100%)
No votes (0%)
No votes (0%)

4 members have voted

rxwine
rxwine
Joined: Feb 28, 2010
  • Threads: 173
  • Posts: 10462
November 2nd, 2010 at 7:59:11 PM permalink
Quote: mkl654321

The touch screens should emit a blood-curdling scream when you vote. Or, perhaps, maniacal laughter. Or maybe a recorded audio of Obama saying, "I'll get you for this!"



You ever hear the "I Dream of Jeannie" video slot. I believe at some point it moans, "Oh Master!"
The Hall of Unverified Claims is a vast place with many shelves.
Doc
Doc
Joined: Feb 27, 2010
  • Threads: 45
  • Posts: 7130
November 2nd, 2010 at 8:43:47 PM permalink
Quote: weaselman

... You walk in to the poll, give them a fake address (you don't need to know anything about the person, just any street address. it is easier to cast an illegal vote in US than to buy a pack of cigarettes), and walk out, without a trace.

Sounds as if you have a serious problem at the polling places in your district. I've only been voting for a little over four decades in five (I think) states. Over that period, I have never been to a poll where all I had to do was claim a street address in order to get to vote. Your district seems to go out of its way to invite voter fraud. Most commonly, I present my ID and my voter registration card, and my documents must match the registration list that they have at the polling place.

There have been some criticisms recently that requiring a government-issued, photo ID would be discriminatory, but I haven't been convinced that there is genuine validity in that argument. I suspect there would be similar claims that expecting voters to have access to the internet would be discriminatory, and there is more likely some validity to that.
ElectricDreams
ElectricDreams
Joined: Sep 8, 2010
  • Threads: 4
  • Posts: 194
November 2nd, 2010 at 8:52:22 PM permalink
Quote: weaselman

If Chinese want to hack our election process, they'd be much better off sending in a couple million spies on student visas, and having them walk into the polling place and vote (where I live, they don't even ask for an id. all you need is to name a random address).

Yeah, there were hacked websites lately. But that's not the right way to look at it. How many websites that were actually really protected got hacked recently?

Like, did IRS website get hacked? How about the US Treasury? FDIC? Why not?
Because it is just too damn hard, if not flat out impossible.



Gary McKinnon did a pretty good job of hacking into military servers. I think it's very, very naive for you to make an assertment that hacking "sites that matter" is "very hard". Software is written by humans, who aren't perfect. Therefore, the software won't be perfect. The closest we can get to fixing that is open source software, but I think as long as there will be humans writing software, there will be exploits.

I do think someday, eventually the method of voting you described will happen, but claiming that websites that are "actually really protected" are somehow invincible is incorrect, and frankly a dangerous opinion to hold.
weaselman
weaselman
Joined: Jul 11, 2010
  • Threads: 20
  • Posts: 2349
November 3rd, 2010 at 5:04:41 AM permalink
Quote:

I think it's very, very naive for you to make an assertment that hacking "sites that matter" is "very hard". Software is written by humans, who aren't perfect. Therefore, the software won't be perfect. The closest we can get to fixing that is open source software, but I think as long as there will be humans writing software, there will be exploits.



Do you bank online? Access you credit cards accounts? E-file your taxes?
Is it as naive of you? Or do you somehow manage to convince yourself that in this case it's ok?

Yes, there will always be exploits, that's not the point. But how much investment does it take to come up with an exploit, how much risk does it carry, and how much harm can it do or how much benefit can it bring to a hacker - that's the question. And the answer is ... well, if you do your banking online, I think, you know the answer.
"When two people always agree one of them is unnecessary"
weaselman
weaselman
Joined: Jul 11, 2010
  • Threads: 20
  • Posts: 2349
November 3rd, 2010 at 5:09:42 AM permalink
Quote: Doc

Your district seems to go out of its way to invite voter fraud.



Yes, exactly. And my point is that even though it is this easy. There has not been any fraud for a very long time (not any significant cases, the kind everyone would hear about). I mean, we all heard about those fake voter registration records created by Acorn (or whatever the name was), rigged voting machines etc.
But the kind of fraud we are talking about here ... well, it's like casino's cheating :) Everybody is afraid of it, but no one has ever seen it. Why? It's just way too hard, risky and costly, and the benefit from it is next to none.
You can't possibly hope to swing the elections one way or another this way, the absolute most you can expect is that the election will be canceled and held another day. And for that you'd risk federal felony charges? I don't think so.

If you can hack a well-protected server, and are willing to accept the risk, just go rob the Amazon, or get yourself a zilion of fake credit cards, and max them out - it's lower risk, and potentially unlimited benefit.

Quote: Doc

Most commonly, I present my ID and my voter registration card, and my documents must match the registration list that they have at the polling place.


We don't even have such a thing as a voter registration card around here.

Quote:

There have been some criticisms recently that requiring a government-issued, photo ID would be discriminatory,


Yeah, I think that's the argument they use here too. I could never figure out who that would discriminate against (and, if it is, then why it is not so when you are driving or boarding a plane, or buying alcohol or opening a bank account), but yeah, that's the argument.
Believe it on not, one of the local towns has recently decided that it was discriminatory that only citizens cold vote, so now even illegals are allowed to vote in their local elections.

Quote:

I suspect there would be similar claims that expecting voters to have access to the internet would be discriminatory, and there is more likely some validity to that.


There is no need to require internet access. There would still be a few "polling places" setup in schools and libraries where one can walk in and vote.
"When two people always agree one of them is unnecessary"
ElectricDreams
ElectricDreams
Joined: Sep 8, 2010
  • Threads: 4
  • Posts: 194
November 3rd, 2010 at 9:48:00 AM permalink
Quote: weaselman

Do you bank online? Access you credit cards accounts? E-file your taxes?
Is it as naive of you? Or do you somehow manage to convince yourself that in this case it's ok?



I do all those things because I have recourse, not because I trust them to be hack-proof: a copy of my tax returns to refer to, FDIC, etc. In all those instances, it's worth using the Internet to my advantage, because I can be relatively sure I have something to fall back to.

I don't have any recourse when I vote, because the whole thing is anonymous. I mean, I know how I voted, but there's no way to really prove that once I did.

Quote: weaselman

Yes, there will always be exploits, that's not the point. But how much investment does it take to come up with an exploit, how much risk does it carry, and how much harm can it do or how much benefit can it bring to a hacker - that's the question. And the answer is ... well, if you do your banking online, I think, you know the answer.



Investment? All it takes is someone finding an exploit. That doesn't necessarily have to take long at all, depending on how weak the system targeted is. Plus, it could just be some guy in a basement on his own - none of it has to be a huge investment.

Risk? It's not terribly difficult to stay anonymous on the Internet either.

Harm? That's hard to say. Hundreds of millions have been lost to hacking - I'd call that lots of harm.

Look, I'm just saying brushing aside the possible hacking argument to polling via internet by saying "the risk isn't worth it" or "it's too hard to do" is not the way to approach this. Hacking happens, and on some of the most seemingly secure systems out there. The Puzzle Palace itself, the NSA, has been hacked before.
weaselman
weaselman
Joined: Jul 11, 2010
  • Threads: 20
  • Posts: 2349
November 3rd, 2010 at 10:10:10 AM permalink
Quote:

I do all those things because I have recourse, not because I trust them to be hack-proof: a copy of my tax returns to refer to, FDIC, etc.



If somebody hacks the IRS site, steals your info, and opens a credit card in your name, good luck proving it wasn't you ten years down the road, when the collection agency finally finds you :)


Quote: ElectricDreams


I don't have any recourse when I vote, because the whole thing is anonymous. I mean, I know how I voted, but there's no way to really prove that once I did.



That's not a problem at all. You can get a receipt from the voting site after you vote.


Quote:



Investment? All it takes is someone finding an exploit. That doesn't necessarily have to take long at all, depending on how weak the system targeted is.



Exactly. My point is that if the system isn't weak - like an IRS web site, or vote.gov, it's not worth hacking, because of extremely small (practically non-existent) return on investment, and extremely high risk.

Quote:

Risk? It's not terribly difficult to stay anonymous on the Internet either.


Difficult? No, it's just impossible.
I mean, it depends on what you are doing. Watching porno anonymously is doable (and, yes, quite easy).
But accessing anonymously a government website, that makes it a point to prohibit anonymous access - nah.
You'd have to hack into somebody else's computer first, and their IP address would have to match the geo address you use for your fake vote - that's the very least. If you wanted to make any measurable impact on election, that means having to hack into several thousand residential computers, and not just any computers, but ones, picked specially, so that you know the owner's addresses SSN and bio data, within a short period of time (a few hours at most). This buy itself is an impossible feat to pull, but, even if you manage to do it, don't think for a second that you've remained anonymous - the ISP logs of the computers you hacked into will tell where you came from. You could have used a proxy, but they have their own ISP as well.
Don't be naive. If the feds needed to connect you to something you do on the internet, they'd be knocking at your door within a few hours.


Quote:

Harm? That's hard to say. Hundreds of millions have been lost to hacking - I'd call that lots of harm.


We are talking about harm caused by having to move an election to another day because of a hacker, not from from hacking in general (BTW, you'd have to subtract at least the value of free publicity - and it's not cheap -gained from those hundreds millions)
"When two people always agree one of them is unnecessary"
Doc
Doc
Joined: Feb 27, 2010
  • Threads: 45
  • Posts: 7130
November 3rd, 2010 at 10:58:19 AM permalink
I think my much-earlier point (probably not well expressed) was that there are apparently a large number of very-skilled hackers, likely operating with government support, trying to infiltrate US Government computers. These hackers operate in countries and environments where it is not possible for our laws to impact them. They and their government backers/employers might well consider it worthwhile to disrupt the US election process, perhaps not stop it but just create enough confusion that we spend months arguing about who was properly elected and who was not. Can't you just imagine the outcry if there were numerous districts across the country where far more votes were cast than there were people eligible to vote?
weaselman
weaselman
Joined: Jul 11, 2010
  • Threads: 20
  • Posts: 2349
November 3rd, 2010 at 12:16:33 PM permalink
Quote: Doc

I think my much-earlier point (probably not well expressed) was that there are apparently a large number of very-skilled hackers, likely operating with government support, trying to infiltrate US Government computers. These hackers operate in countries and environments where it is not possible for our laws to impact them. They and their government backers/employers might well consider it worthwhile to disrupt the US election process, perhaps not stop it but just create enough confusion that we spend months arguing about who was properly elected and who was not. Can't you just imagine the outcry if there were numerous districts across the country where far more votes were cast than there were people eligible to vote?



Yes, but can't you imagine the outcry and TOTAL CHAOS this county would be in, if IRS for example lost all the tax data for the last six years, or if it started charging outrageous fees and penalties to everyone, because the tax returns they submitted would never make it into database? Or if BankOfAmerica lost everybody's loan records all of a sudden?
Or if a major stockholder in Microsoft decided to dump all his stocks for a penny?

What I am saying is that, if there are any skilled hackers out there capable of and interested in hacking government websites (which I doubt), they'd be much better off taking on one of these (or numerous of other) tasks right now to bring our whole economy to stand-still instead of waiting two years just to cause som minor inconvenience to US voters.
"When two people always agree one of them is unnecessary"
Doc
Doc
Joined: Feb 27, 2010
  • Threads: 45
  • Posts: 7130
November 3rd, 2010 at 1:22:12 PM permalink
I am neither a computer scientist nor a system operator. But I think most of the examples like you are suggesting could be resolved by going to the off-line backup then auditing the more recent transactions to verify the proper current state. It would be a nuisance, granted. But in the case of voting, it is a one-time entry (no going back to yesterday's backup), and I am not certain just how well individual votes can be audited when they are entered electronically, particularly if the data is entered over today's internet. I think it would only require a modest disturbance to create a major problem

  • Jump to: