General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsThis could be Microsoft's most important product in 2020. If it works
Last edited Tue Feb 18, 2020, 06:11 PM - Edit history (1)
Building 83 doesn't stand out on Microsoft's massive Redmond, Washington, headquarters. But last week, the nameless structure hosted what might be the software giant's most important product of 2020.
Tucked away in the corner of a meeting room, a sign reading "ElectionGuard" identifies a touchscreen that asks people to cast their votes. An Xbox adaptive controller is connected to it, as are an all-white printer and a white ballot box for paper votes. If you didn't look carefully, you might have mistaken all that for an array of office supplies.
ElectionGuard is open-source voting-machine software that Microsoft announced in May 2019. In Microsoft's demo, voters make their choices by touchscreen before printing out two copies. A voter is supposed to double-check one copy before placing it into a ballot box to be counted by election workers. The other is a backup record with a QR code the voter can use to check that the vote was counted after polls close.
With ElectionGuard, Microsoft isn't setting out to create an unhackable vote -- no one thinks that's possible -- but rather a vote in which hacks would be quickly noticed.
Snip
https://www.cnet.com/features/this-could-be-microsofts-most-important-product-in-2020-if-it-works/
Goodheart
(5,334 posts)The paper ballots placed into the ballot box would be the official votes. The machine tallies up the vote for quick unofficial election night news but does not represent the official final vote.
TalenaGor
(1,104 posts)Gawd...took someone long enough lol
customerserviceguy
(25,183 posts)It makes it literally possible to sell your vote. Bloomie'd love that. In his last election for NYC mayor, his campaign spent about $200 per vote. What's another Franklin on top of that, if you can be sure that you got the goods?
Sapient Donkey
(1,568 posts)and then have that receipt redeemed for cash?
customerserviceguy
(25,183 posts)nobody finds out, what's to stop it? Somebody getting an extra hundred from the petty cash drawer sure isn't going to ruin that for anybody else who wants the same thing.
No receipt means that a secret ballot is truly a secret ballot.
Sapient Donkey
(1,568 posts)But I wonder if people are willing to do that, why aren't they already doing it by using photos of videos of the ballot casting process? Whenever I voted I would step inside a box with a curtain in which no one could see in. Although, I've seen a lot of voting places with setups that would prevent that.
customerserviceguy
(25,183 posts)doesn't mean anything. First, there's Photoshop. Also, anyone can claim that they "spoiled their ballot" after photographing it, and be issued a new one to cast their real vote. Or, after marking the ballot, an additional vote for a candidate in the same race could be added to the paper ballot, making it invalid when it was counted.
A QR code that could be scanned by an app to verify that the vote was cast for the "right" candidate would just lend government-sponsored credence to a scheme where someone is willing to actually sell a vote. Only the most sophisticated computer geeks could manufacture a bogus QR code.
not_the_one
(2,227 posts)A photo at least gives me a record.
Or, an even better idea, let's just do nothing. Anything electronic can be hacked, a photo can be photoshopped, so why bother. Let's let the russians run the election.
I will photograph my ballot, WITH my driver's license AND voter id.
If necessary I will get it notarized ("I certify that this is a true and accurate copy of the original document" - I was a NY notary for 15 years). If I then lie about it, I am open to perjury. Sounds good enough for me. At least I have SOMETHING. What will you have?
customerserviceguy
(25,183 posts)I believe that voting machines that are run by adequately trained staff, and tested before an election, and kept off of the Internet are secure, especially with multiple people and observers from both parties taking the totals off of machines.
The Russian did not hack voting machines in 2016. What they did was run advertising, especially on social media to encourage disgruntled voters to stick it to Hillary for conspiring with the DNC to tilt the playing field in her direction that year.
Combine that with polling that showed that she had the election in the bag, and you've got a recipe for voting third party or Trump just out of anger for someone so inclined.
Or, you can advocate for a system that could encourage vote selling, especially in local elections. Barack Obama won fair and square twice with the system that is in place right now. Did the Russians only recently figure out hacking techniques?
Woodwizard
(845 posts)We have the optical scan paper ballot machines at our polling place in NY I like them. I doubt the law on pictures is enforced unless its holding people up, not an issue in my town of 3400 where we are lucky to get 900 to turn out on a presidential election. The last midterms a 126 Dems showed up, and a little over 150 republicans. So many make lots of noise but do not show up to vote.
yellowdogintexas
(22,267 posts)If someone gets their phone out we have to ask them to put it away. If people want to take pictures of their kid voting for the first time, they have to do it outside.
AtheistCrusader
(33,982 posts)And that only verified votes were counted, no extra votes for non-existent people.
Ms. Toad
(34,076 posts)and not jsut in the QR code, but in the printed text as well. There's not an election jurisdiction in this country that would buy that system. It violates the secret ballot principle, which is part of both election culture and law - adopted because early elections were subject to being bought by people who could prove they voted in the way they were paid to vote.
AtheistCrusader
(33,982 posts)I presume they can turn it off with the flip of the switch.
Ms. Toad
(34,076 posts)Unfortunately, people use terms imprecisely.
Agreed as to the senate.
customerserviceguy
(25,183 posts)It's clear that what's driving the "give me a receipt showing who I voted for" idea is extreme distrust of our election system. There are way to resolve that which do not invite further mischief.
cannabis_flower
(3,764 posts)Don't you think that if that's going on someone will find out? It wouldn't be too hard to run an investigation.
customerserviceguy
(25,183 posts)on how blatant the activity is. And, you could have multiple actors doing this on a one-off basis. Imagine a married couple with different political views, she could threaten to withhold sex if a vote is not "correct", he could extort her with financial or physical harm.
A secret ballot must stay a secret ballot in order to preserve faith in elections.
TryLogic
(1,723 posts)customerserviceguy
(25,183 posts)Stupid question, stupid answer.
mzmolly
(51,000 posts)to uh, sell.
58Sunliner
(4,388 posts)In my state I hand mark my ballot and then it goes back into the folder and I hand it to the person who then tells me to put it into the reader-face down if you like. Go blow smoke elsewhere.
Hearthrob
(84 posts)Been around for decades.
Paper trail and automatic tallys- cash registers- in our super markets with main frame inventory capabilities.
Machine not the problem.
If our own gov. has been making (supposedly) hack proof systems surely they can do that for unsophisticated machines.
Why are they still messing around with businesses and nerds in a gym that are not accountable to us?
CentralMass
(15,265 posts)LiberalArkie
(15,720 posts)that they use to check and see how their vote was tallied.
joost5
(421 posts)Self audit is empowering and gives the voter confidence in our election system.
customerserviceguy
(25,183 posts)notinkansas
(1,096 posts)That may be less wronger.
Locrian
(4,522 posts)You can still completely disrupt the voting process if desired
All the hackers have to do is sow doubt - and we have a nationwide version of Iowa.
Yes - better than not knowing, but in terms of the ability to abuse the system not perfect.
Kudos for trying.
JustAnotherGen
(31,828 posts)I'm willing to take the risk by doing something new. I want a receipt.
ToxMarz
(2,169 posts)IT departments to oversee a public open source voting system. With many or all states public tax supported institutions, it could be well funded (great education for students) and very transparent. The tax payers would own it and it would be studied and scrutinized throughly and incessantly as part of the curriculum. Much more difficult to sneak something into it and not know whats there. Voting tabulation is not that difficult, its just counting, simple math. It's the integrity and transparency that is difficult.
Hermit-The-Prog
(33,364 posts)USALiberal
(10,877 posts)Hermit-The-Prog
(33,364 posts)Cetacea
(7,367 posts)Last edited Wed Feb 19, 2020, 12:58 AM - Edit history (1)
The online reviews of the camera in the 1020 were a joke, with Apple frequently coming in first...I still use the 1020 for jobs. It was a stunning tech and optical feat and still is.
Nokia should have been sitting on top of the mobile market once again, especially now that mobile photography is all the rage.
tinrobot
(10,903 posts)You can check the code yourself to let us know if there's any Russian backdoors installed.
Girard442
(6,081 posts)...squicked by the phrase all-white printer?
pwb
(11,280 posts).
ProfessorPlum
(11,257 posts)a way to tell if your vote has been counted, and something that creates a physical paper ballot, which can be counted and then stored for re-counts. Sounds great.
OMGWTF
(3,963 posts)No hackable electronic voting machines, no lines to wait in, vote at your kitchen table, and there's a paper trail. I was a Democratic election observer for Pierce County, WA and know what they go through to ensure each vote is accurately counted.
ahlnord
(91 posts)Are these mailed-in ballots hand-counted, or run through a tabulator? Tabulators are hackable. And, why does everyone have such confidence that the mail (ballot) they deposit in a mailbox reaches its destination? There would be plenty of opportunities for ballots to go astray as the mail makes it way through the various pick-ups and distributions of the post office system. (Think of the horrors of a privatized post office system, which is so frequently pushed by the right-wing! They are doing their damnedest to destroy the Post Office.) I am not suggesting that the system in WA, ORS, or CO is corrupted today, but I see many possibilities that it could become corrupted. It is not fail-safe.
I think absentee ballots (mailed-in) are essential for those who cannot get to the polls, but I also think that voting by paper ballot at your polling place (so you KNOW your ballot gets into the right hands), and having all the ballots (including absentees) opened and hand counted on the spot by teams of election judges from both parties, videotaped and observed in a transparent fashion is the only way to ensure that the outcome reflects the will of the electorate.
It baffles me that folks voting by mail have confidence that their ballot gets counted. What am I missing about this?
William Seger
(10,779 posts)You can do it early, but I usually do it on election day (so that I still feel like part of the community in action), but now I wait in a short line in my car instead of standing in a long line -- and there's someone there handing out "I voted" stickers.
BBG
(2,540 posts)That can be used to confirm that your ballot was received and tabulated. Been there, done that, enabled us to see when our votes were counted in the days after the mail-in deadline which is called Election Day in other locales.
sinkingfeeling
(51,464 posts)I could verify the printed copy of my ballot from the touchscreen, but still didn't trust the machine that's doing the counting.
Toorich
(391 posts)...... there are too many doggone Democrats who won't vote at all if
we have to use up that much paper.
I, for one, will never use this system unless the printer
spits out Plastic copies of the ballots made from recycled Walmart bags.
<sarcasm>
IronLionZion
(45,466 posts)since they care so very deeply about the environment only when it comes to voting
hunter
(38,321 posts)Nobody can see what's going on inside a machine.
There's no reason for electronic voting but to CHEAT.
A person of average intelligence doesn't need to know anything about computers to secure an election that uses hand marked paper ballots.
Fuck Microsoft. They should know better than anyone that computer security is hard.
Sapient Donkey
(1,568 posts)In that case it's more of a hybrid system in which the act of casting the vote gets the benefits of the electronic method, but still have relative security of the paper ballots.
The only concern I can see is what CustomerServiceGuy stated with the possibility of the receipt being used to help facilitate cash for vote schemes. Although, I suspect those who want to do that would do it either way by setting up something in which they would send a picture or video of their ballot casting.
hunter
(38,321 posts)Hand marked ballots have a variability that's obvious to anyone. This is especially true of mail-in ballots. Machine printed ballots lack this variability.
If an electronic voting system is compromised then ballots could be printed to match the predetermined outcome and it would not be obvious in recounts that anything was amiss.
To achieve the same level of election fraud with hand marked ballots would require many accomplices. In historically corrupt cities this sort of election fraud was accomplished by small armies of political operatives. With automation such fraud might be accomplished by a handful of people in a back room.
When I was in college one of my classes had a section everyone was supposed to complete on the computer. It was one of those hideously boring computer assisted learning modules where you'd read a section and then answer multiple choice questions. When you were done it printed out a page that you handed in to the teaching assistant to prove you'd done the work.
Me and a friend realized it was just a stupid BASIC program and we wrote a script to automate the process which we shared with a few classmates. I don't know how many people used our script, and so far as I know, nobody got caught.
What happened here is that computers added a legitimacy to the module that did not exist. If the module had been on paper instead of the computer, then a teaching assistant might have noticed something was amiss if all the papers handed in looked like they'd been done by the same hand.
Today's electronic voting machines are, of course, much more sophisticated than 'seventies educational software, but the stakes in elections are much higher. It's life-or-death for some people, it's basic human rights that some would suppress, and millions, billions, or even trillions of dollars. The incentives to cheat are high.
Sapient Donkey
(1,568 posts)Is that if even if the printed ballots are verified by the voter to ensure accuracy before turning them in, there is the chance that since all the ballots will not have unique "human" made differences, that it would be easier for those printed ballots to be swapped out with some fake ones since no red flags would be raised if they all look exactly the same? Am I close or totally off?
If so, I would wonder if a technical way to prevent that is to have some sort of random signature that is formed for each ballot printed based on some sort random seed that isn't known to the site or anyone on the site until the polls open. Then during the counting those signatures can be verified that they are legitimate and from the site in which they claim to be from. Of course there would be ways to break that system, but at that point we're also getting to a point where we'd need to bring more people or at least compromise several more systems. This may be a totally brain dead idea, too. I never really put much thought into this until I read your post.
hunter
(38,321 posts)Computer voting machines don't solve any problem.
All the "solutions" to the shortcomings of computer voting machines are problems caused by the machines themselves.
The best answer is to skip the machines entirely.
AtheistCrusader
(33,982 posts)Never. Not once.
hunter
(38,321 posts)Fewer accomplices are required.
Ballot boxes are big bulky things, people tend to notice if you mess with them.
Nobody can see bits in a computer.
AtheistCrusader
(33,982 posts)Open source addresses most of that, especially since this is a high-value process that LOTS of eyeballs will be poring over.
Open Source is only as good as the eyes scanning it, and this will have the best. (Friend and foe.)
hunter
(38,321 posts)I won't use Apple, Microsoft, or Adobe products unless someone is paying me.
Open Source software is great (I'm a Debian guy) but it won't fix the fundamental flaws of electronic voting.
I live in a California county that uses absurdly large paper ballots we mark with a pen. Most people vote by mail. These ballots are counted in optical scanners, but they could be counted just as well by hand, and sometimes they are in close races. The voter rolls at the polling places are printed on paper. Provisional ballots are issued without a fuss. Nobody asks for ID. You tell them who you are and they check your name off in the book. Voting would continue without any trouble if the power went out.
There's no compelling reason to run an election any other way.
AtheistCrusader
(33,982 posts)Personally, I think we should have a government agency strictly built to maintain citizen identities, and issue even RSA keys and Certificates to each of us, for things like online voting, which is coming sooner rather than later.
Voter ID's should be free and easy to access. (In the sense that the government pro-actively works to get them TO you). (Along with Birth Certificates, SSN's, and other documents that people normally have to take time off, and struggle to obtain, and must pay for.
These backbone items that are needed for end to end digital voting security are of course, not in the interests of the Republican Party. But they will be eventually solved.
Ms. Toad
(34,076 posts)As it is, changes take 6 months to a year to implement because of regulations intended to protect the integrity and reliability of the system. So when a bug or a back door is discovered, hackers have 6 months to a year of unimpeded exploitation of that bug before it can be fixed.
If the laws and regulations are changed so the software fixes can be implemented quickly (to prevent intermediate hacks), open source absolutely addresses it. But right now the processes that are designed to make sure fixes don't destabilize an election prevent the responiveness needed to make open source an effective tool against bugs. So you're swapping one potential harm (trade secret software) for another (making a back-door known and being unable to fix it for 6 months to a year)
AtheistCrusader
(33,982 posts)And you nailed it.
That said, I think the election boards would now have a fair chance to catch the problems/vulns, where with a closed system, they can only brute-force test for the most part. (At least, I don't think they are ever granted code review rights)
Ms. Toad
(34,076 posts)it is the ability to fix them in a time to prevent an election disaster that is the hang-up under the current law.
As a general matter, your'e right about code review rights. There were third party reviews and testing, but generally not code review to the end user.
Hekate
(90,734 posts)As in, the electronic transmission of the count from Podunk County to the computer at the State capitol? There's room for error at the other end.
One thing I read that election clerks have been doing is transmitting totals out to laptops far away. It's the totals that currently can be jiggered easily.
ETA: at this point I trust Microsoft a good deal more than Diebold or any new start-up.
LiberalArkie
(15,720 posts)ballot box and then transported by your trusty sheriffs deputies. Hopefully he doesn't have a duplicate box filled with fake ballots and a delicate seal on them.
tinrobot
(10,903 posts)The electronic votes are counted separately from the paper ballots.
If they match, awesome. If they don't... then we dig deeper to find if there was electronic tampering, if ballots are missing, forged, etc...
Paper ballots could also have verification codes added to make it harder to forge them. Lots of ways to add security.
Ms. Toad
(34,076 posts)The source for the formal tally is the precinct itself, not the state. So what is transmitted from the jurisdiction to somewhere else is completely irrelevant.
And Diebold has been out of the election business for more than a decade.
Hekate
(90,734 posts)Wouldnt want to have been obscure.
Ms. Toad
(34,076 posts)is that the state tally has nothing to do with the overall total, and way too many people think it does. So when election night totals at the state level appear different from the local totals people freak out, thnking somhow in the transmission of data someone hacked it. That's like freaking out that something serious is wrong if a newspaper reported an incorrect vote total. Neither impact the actual vote - even if the email sending the votes to the newspaper (or state) was hacked.
wallyworld2
(375 posts)Paper ballots
ink pens
ballot boxes
and hand count
trump has made very clear how much cheaper that method is, than any other method of counting votes
Laura PourMeADrink
(42,770 posts)Pobeka
(4,999 posts)That being said, the QR code is just foolish.
Great. you have a QR code. And you look it up online. Says it was counted. How do you know that's the ballot that was actually counted. What if the end server doesn't send you what got counted but what it wants you to think got counted?
What if a man-in-the-middle does the same thing?
What if the "app" you have on your phone to check the QR code is really not trustworthy?
What if the software that verified your app on your phone was not actually trustworthy and actually claimed your app was verified?
There are SO many ways to attack these client-server interfaces, it's mind boggling.
FakeNoose
(32,659 posts)... especially among us older folks. This method with the QR code paper printout might be appealing to the under-30's who all have smart phones, and many of them sat out the last election. So if this succeeds in bringing in the under-30s to vote this time, I'd say let's do this!
However conservatives aren't going to move off the dime to deploy this system in time for next November. They're too busy looking for new ways to suppress the vote in every way possible.
AtheistCrusader
(33,982 posts)Username/PW instead.
It can be done. You can find out what's in a QR Code, just like you can find out what's encoded in the 2d barcode on the back of your driver's license.
tinrobot
(10,903 posts)I think this is a pretty good start. Perhaps they can run it by a some voting system experts to get further validation.
friend of m and j
(220 posts)I am 77 years old. For most of my life I voted with a paper ballot and ballot box. Seemed to work pretty well. Then election officials added a little receipt so the voter had a record of their vote. But some voters didn't tear the receipt completely off the ballot and we had "hanging chads". Created a hell of a mess and the courts wound up declaring who won.
High tech had advanced to the point that the consensus was that computers could do a better job than humans and so voting machines were installed at nearly all voting stations. But the bad guys could manipulate the voting machines and the computers that counted the votes. We still haven't found a fool proof way to protect against those.
An old fashion paper ballot with a ID code and ballot box with a copy machine for the voter to keep a copy of his ballot would be a easy and safe way to vote. A voter could check his ID code on his home computer to verify his vote was recorded and counted as he intended.
Fla Dem
(23,698 posts)A simple paper ballot that can be filled out, a copier for anyone who wants to make a copy of their ballot and a ballot box for the paper votes. Yes the results would have to be hand counted, but so what, that's how it's been done for years. Get these corporations out of our voting processes.
AtheistCrusader
(33,982 posts)You view the corporation making it as a risk. There are people who will view the sheriff deputy transporting the sealed box of paper ballots as a risk.
There is no single method that makes everyone entirely happy.
Hermit-The-Prog
(33,364 posts)Electronic voting eliminates the possibility of verified voting. Pretending that some magic software or device will make it ok is just enabling the GOP to cheat more easily.
LiberalArkie
(15,720 posts)TryLogic
(1,723 posts)Goodheart
(5,334 posts)Did you even read the article?
TomVilmer
(1,832 posts)- BUT, do not spread silly rumors. I trust the US voting systems much better than the US democracy system!
Simeon Salus
(1,144 posts)...which I wouldn't put past them.
Warpy
(111,292 posts)the system will work only with mandated, random forensic hard copy vote counts. Otherwise, there are two paper copies that will never be looked at and yes, the touch screen machine can be hacked.
Just the possibility of a forensic recount has kept NM's paper ballot, Opti Scan system in line with polls and exit polling. It does need to be mandated, a hand count of random machines (where the paper ballots are stored, also) done before the vote is certified a couple of weeks later. It can and should be done.
Funny how much bluer NM turned after we went to 100% paper, Opti Scan ballots.
LiberalArkie
(15,720 posts)you keep one and insert the other in the ballot box. You can visually check the ballot to verify that it is what you want. You carry a copy home with you. If you so desire you can scan the QR code to verify that the ballot scanner and tabulator did indeed post your vote correctly.
Warpy
(111,292 posts)"It's not the people who vote that count, it's the people who count the votes."--attributed to Stalin but he was beaten to the punch by Napoleon and Boss Tweed, who said much the same thing.
If machine or electronic counts are done, they need to be verified by spot checks involving hand counts. It's the only way to deter Republican election fraud.
Again, who counts these votes? Is there a provision for a spot check hand count on random machines to verify it?
If not, it's a piece of high tech crap that can be hacked just like any other piece of high tech crap. I don't care if it makes 20 jard copies of those ballots. If no one counts them, they're not worth the paper they're on.
infullview
(981 posts)It might be a good idea, but this company has the most hackable operating system in the world.