Dominion Voting machine and system in action. It'll even scan a batch of blank ballots and vote for whoever you tell it to!
(streamable.com)
🛑 STOP THE STEAL 🛑
Comments (1029)
sorted by:
DEFAULT COMMUNITIES
•
All
General
AskWin
Funny
Technology
Animals
Sports
Gaming
DIY
Health
Positive
Privacy
Digital faggotry has no place in elections!
I'm fine with primitive digital tabulators on the level of a scantron machine, they can be made low-complexity enough to 100% audit. I'm talking a 8-bit microcontroller with a few K of program memory stored in an immutable ROM on the chip, basically early 80s level of tech.
This shit with interactive GUIs, networking, a full OS...FUCK NO.
Yeah an election machine has no place even having internet built in. So updating is hard? How fucking often do you need to change the software on a voting machine? Should be almost never.
It's like buying a calculator that needs firmware updates for addition or subtraction lol
Right. It's a tabulator, not much going on there. Math doesn't change.
Never if it's never online. If it breaks you just replace the machine.
but the internet of things, the touch screen, the sci fi aesthetics...
Voter ID, paper ballots with blockchain traceability, ink pad, fingerprint on the chosen candidate, military supervision roaming around the place.
Maximum capacity for every voting station no more than 5000 ballots. If it's a big city, do more voting stations. Workers selected and distributed across counties at random.
Results communicated by phone to central command, on loudspeaker, with witnesses, without knowing how the other stations are doing.
Cameras all over like in a casino + every official with a body cam. All footage remains stored for 24 months
Total cost: probably 5% of what was spent on Dominion
Blockchain needs to be done in a way that the vote cannot be traced to the voter. It must remain anonymous. If the voter can confirm how he voted, he can sell his vote with his receipt. This will immediately ruin any election. If the government can track it, a hostile government can track down dissenters and supporters of the "evil" candidate and add them to the naughty list.
Absolutely, vote anonimity must be preserved and I think it's possible.
Traceability for example should kick in ONLY if votes get contested in a way that requires an audit.
All the workers would see while counting is a fingerprint in the candidate box and random encryption dots.
Impossible to match it to a voter with the naked eye. The use of any scanner or electronic device other than cameras during the counting process should be banned
The blockchain traceability should be for chain of custody purposes only, within an internal offline system, with a complex encryption key to protect it from any unwarranted intrusion. Once decoded, ballot traceability could look something like a serial number. Example
IL C 28 - 0001 to 5000
Illinois (IL) gave custody to Chicago (C) Voting Station (28) 5000 individually numbered ballots
Again, this is all encrypted. Workers don't knows what number is the ballot they're handing out, the stacks come pre shuffled, not in order.
Voting night should be a very simple process that can't be fucked up.
Voter ID gets scanned upon entrance
Voter proceeds to ballot desk where individual ballot is matched with voter ID
System gives green light to access voting booth
Voter puts fingerprint on chosen candidate
Voter puts folded ballot in a box guarded by the military, who will also observe all the counting process until certification and results call to central command, a process that shouldn't take more than 5/6 hours
Only the decentralized, offline local system has the voter ID and ballot matched and accessing that info would require official audit.
I'm not a tech expert but I imagine this would make cheating very, very hard. And if the fingerprint doesn't match voter ID or ballot number, the vote is invalid. Period.
Responsibilities can be traced back because of chain of custody, diversified system made of many small stations avoid giant fuck ups like invalidanting millions of votes
Blockchain basically prints a unique code for every ballot, it becomes impossible for anyone to print extra ballots because it's impossible for them too add new ballots to the chain, so it's easy to detect the fakes and the ones sent across county lines
Based on what happened in the key cities of key swing states, it's almost like you need a poly and a background check to be a ballot counter.
The Shaniquas they had counting ballots looked like they were pulled straight out of a Section 8 housing project
Dominion was paying people off
Source?
Those are the easiest to scam. Just run the same ballot through 10 times.
Simple analog fix. Prior to leaving the machine a row of holes is punched at the bottom of the ballot.
There's easy ways around that even on a very small, very simple system - output a log of all ballot serial numbers scanned in the batch along with the batch tally.
For extra assurance, sign all the output data with a machine-unique private key to ensure it can't be tampered with upstream in the processing chain. Signature bad on a batch -> reject all ballots from that machine and send it off for forensic analysis. Validated crypto engines are available even on very simple platforms now, so this doesn't conflict with low-complexity hardware.
They don't even need to do that. They can just insert a thumb drive and upload a fake database of ballots as if they were scanned, without ever scanning a single ballot, or scan real ballots as normal then upload from a thumb drive to replace the ballot database with a fake one made months ago. Then after the election is over, they erase everything and go into the physical ballot storage and switch hand made fraud ballots in for the next week after the election, so even a recount wouldn't show anything.
Like those note counting machines at the bank. You physically count the stack first, then toss it in the counting machine to verify. No other information.
Isn't it great to realize that the shittiest truckstop Injun casino in Nevada almost certainly has a more secure count process than our national election?
Almost like Big Chief Counting Cash cares more about getting his money right than Uncle Sam cares about getting the election right.
The fraud proves that Uncle Sam cares about the election results, but not the will of the people.
Given how much money is involved in the outcome of an election, you'd think they'd have more vested interest in getting it right (or at least definitely wrong), but it just seems to be a cast of keystone klutzes.
That's one reason Trump was such a threat to the establishment - he came in knowing how to manage his own money (even if people thought he did it badly).
So correct me since I’m not IT goon. Wouldn’t her computer(s) be connected to the Internet if she’s using what looked like a Windows desktop setup and furthermore anything connected to the Internet is hackable (especially Windows)?
Not necessarily connected to the internet at large (private net is entirely possible), but almost certainly so. There should be an airgap (logical if not physical isolation of this network from any other lower security network) but I have no reason whatsoever to believe there was one given the general incompetence or malice on display here.
The workstation could be compromised, but as far as remote exploitation, honestly I'd be more concerned with the tabulator itself. Unless explicitly designed with security in mind, embedded systems are usually really good targets because they often run core software (networking/parsing/whatever) libraries that are out of date and have not just security flaws, but security flaws that have been in the wild for years. Embedded systems can be a yuge pain in the ass for corporate infosec, printers have led to major compromises.
What most concerns me about this system is not so much external actors attacking, but that nothing about any of it indicates security was in mind when it was either designed or configured/deployed. Even trivial UI stuff like it doesn't even ask for a password (or better, a user AND supervisor password), when changing a vote is deebly goncerning. There's not even anything in the voting machine software stopping the office janitor from sitting down at the workstation and changing votes while the election manager was taking a shit, and if the election manager herself is the bad actor, she can just do anything she wants. There might be an audit trail, but without confirming and logging the identity of the operator when the change is made there's no way to prove who made a change or why. Just the fact that it lets the user change a vote at all is insane - that should be a formal process where the questionable ballot is shunted into an entirely different queue for manual review, or just rejected outright. It's not an election staffer's place to be interpreting who some idiot that marked both boxes intended to vote for.
This system, or at least this system as configured, is shockingly permissive.
(My background is information security, held multiple senior titles in that field, and I do embedded systems for fun.)
The more I think about this the more I could add to it, but it's already a wall of text. As a security guy this is absolutely horrifying on so many levels.
It has to be connected to the internet
you have to understand, you're crying for paper ballots but that's exactly what these are
they're paper
handled by a person
who has absolutely all the capability in the world to nullify your vote
don't cry for paper, you should be crying for open-source blockchain voting
Ok. But if your machine counted 100 votes, but there are only 10 paper ballots, we know something is very wrong.
Their cheating involved vote switching in real time, and the double/triple counting of Biden votes.
Also ballot stuffing, also destroying Trump ballots.
I believe both would be needed, blockchain ballots for the digital aspect of it and paper ballots as a backup. Paper ballots should match blockchain ballots.
I've pointed this out about opensource before, but you can't really know for sure that the code that's out on the repo is the code that was released to the voting hardware. So tangible backups are necessary.
There's always a way to cheat but however they do it, there must be full transparency.