Based on a first look, this appears to be... genuine:
> The letter is signed by Professor Duncan Buell, Ph.D., Chair Emeritus — NCR Chair in Computer Science and Engineering, Dept. of Computer Science and Engineering, University of South Carolina; David Jefferson Ph.D., Lawrence Livermore National Laboratory (retired), Election Integrity Foundation; Susan Greenhalgh, Senior Advisor for Election Security, Free Speech For People; Chris Klaus, Chief Executive Officer, Fusen World; William John Malik, Malik Consulting, LLC; Marilyn R. Marks, Executive Director, Coalition for Good Governance; Peter G. Neumann Ph.D., Chief Scientist, SRI International Computer Science Lab; and Professor John E. Savage, Ph.D, An Wang Professor Emeritus of Computer Science, Brown University.
> This is exactly backwards. Voting software ideally would not be used at all, but if it is used it should at least be open source.
Ideally, yes. But you can't have it both ways. Having closed software suddenly disclosed does indeed allow for bad actors to perform analysis and figure out '0 days' without the opportunity to patch.
Opening the source should have been done years ago, way before any elections took place. That allows time for responsible disclosure and any required patching.
I'd like to know what other measures were taken to secure the machines themselves. It doesn't matter how secure your system is, if the machine is physically compromised, all bets are off. I'd also like to know how the data is validated and collected once it's been tallied.
In India they use voting machines and there have been many petitions in court to get it banned. Apparently court never agrees and Election commission too.
Looks like the warning here boils down to the source code for the machines being available to Trump's team due to their post 2020 election legal proceedings. It seems most states now perform Risk Limiting Audits to ensure statistical conformance of digitally counted votes to manually counted, voter verified paper ballots. Is there any reason to believe those wouldn't be a reasonably effective canary to indicate digital tampering?
Georgia has already certified, ostensibly performing their RLA prior as I understand is now required by their laws. Pennsylvania should be soon.
I certainly agree that the source being available to one party and not another is an unacceptable compromise of our elections integrity that needs to be addressed though. Australia's digital polling system's source is publicly available for audit. Security by obscurity is an especially weak argument to keep from publishing ours when one party with incentive to tamper already has it.
I think it's probable we will see some genuine election tampering from this election. There are lots of government workers who believe his claims that Democrats cheat and genuinely believe they MUST cheat to "balance" that out. There are on the order of tens of actual cases of voter fraud these past couple elections, mostly done by republicans, not making a meaningful difference, and mostly just being kind of ignorant about how the process works.
However, we will not see this election overturned. 75ish million Americans really did vote for Trump, and really do want him back in the white house, despite how demonstrably dumb that is. Their votes were legitimate and shall be honored by the US, even if it kills us.
There are tiny bubbles of people very insistent that "this couldn't have happened" essentially. They are convinced that a million people voting for a democratic senator while also voting for Trump can only be signs of fraud. They are a little delusional.
This happened in 2020 when thousands of people couldn't process the fact that, yes Maine voted for Collins again even though she's spineless and soulless and threw away everything that made her special and like our state. They went away when it was clear there was no evidence.
Genuinely not trying to start a political firestorm, but I'm curious - did these same scientists bring up similar concerns in any previous elections?
I'm a firm believer of absolutely no electronic voting machines. In-person, paper ballots, hand tallied, escorted by armed guards/trusted election officials with audited paper trails. It might cause a bit of a ruckus mentioning it here, but requiring photo ID to verify who you are before you vote should be mandatory as well.
If Israel and the USA can deploy offline-based malware to cause damage to nuclear centrifuges in Iran, what makes people think that US-unfriendly countries (or heck, even the CIA) won't try to do the exact same thing to voting machines to undermine democracy?
I wouldn't even trust open source, since I wouldn't trust election officials to keep software up to date on their voting machines, let alone know how to even update them.
> did these same scientists bring up similar concerns in any previous elections?
The stated cause of their warning is that the obscurity of the source code has been recently compromised, and beyond giving similar warnings to the FBI and other agencies as soon as they learned this, the authors appear to have been vociferous about weaknesses in electronic polling in prior cycles as well.
> I'm a firm believer of absolutely no electronic voting machines. In-person, paper ballots, hand tallied, escorted by armed guards/trusted election officials with audited paper trails.
We have voter-verified paper ballots with chain-of-custody in addition to our digital polling, right? These seem to be sampled with statistical comparison to the electronically tallied votes as a matter of routine before states verify. The authors of the letter don't seem to mention that procedure so I'm wondering why they consider that process insufficient for catching digital fraud and are instead advocating for a full recount.
> I wouldn't even trust open source, since I wouldn't trust election officials to keep software up to date on their voting machines, let alone know how to even update them.
Yeah I wonder about this! Australia's system is source-available, but I can't find any information on how the installations and hardware are verifiable to independent auditors.
I find it surprising that the whole reasoning of the letter is "voting machines rely on security by obscurity; this obscurity has been breached and therefore the security is harder to attain and guarantee".
The call for recounts is probably meaningful, but it should go hand in hand with a very thorough forensic auditing of the actual voting machines.
Might be relevant: https://www.planetcritical.com/p/cyber-security-experts-warn...
No comments yet: https://news.ycombinator.com/item?id=42207490
Based on a first look, this appears to be... genuine:
> The letter is signed by Professor Duncan Buell, Ph.D., Chair Emeritus — NCR Chair in Computer Science and Engineering, Dept. of Computer Science and Engineering, University of South Carolina; David Jefferson Ph.D., Lawrence Livermore National Laboratory (retired), Election Integrity Foundation; Susan Greenhalgh, Senior Advisor for Election Security, Free Speech For People; Chris Klaus, Chief Executive Officer, Fusen World; William John Malik, Malik Consulting, LLC; Marilyn R. Marks, Executive Director, Coalition for Good Governance; Peter G. Neumann Ph.D., Chief Scientist, SRI International Computer Science Lab; and Professor John E. Savage, Ph.D, An Wang Professor Emeritus of Computer Science, Brown University.
Ugh.
I've known Peter Neumann through his decades-long work on the security of election systems. These authors are legit.
The Election Integrity Foundation are the sponsors/organizers of the Voting Village at DEF CON.
They probably know what they are talking about when it comes to hacking voting machines.
This is exactly backwards. Voting software ideally would not be used at all, but if it is used it should at least be open source.
Arguing that voting software should be a secret that only the anointed may possess is anti-democratic in the extreme.
> This is exactly backwards. Voting software ideally would not be used at all, but if it is used it should at least be open source.
Ideally, yes. But you can't have it both ways. Having closed software suddenly disclosed does indeed allow for bad actors to perform analysis and figure out '0 days' without the opportunity to patch.
Opening the source should have been done years ago, way before any elections took place. That allows time for responsible disclosure and any required patching.
I'd like to know what other measures were taken to secure the machines themselves. It doesn't matter how secure your system is, if the machine is physically compromised, all bets are off. I'd also like to know how the data is validated and collected once it's been tallied.
In India they use voting machines and there have been many petitions in court to get it banned. Apparently court never agrees and Election commission too.
Looks like the warning here boils down to the source code for the machines being available to Trump's team due to their post 2020 election legal proceedings. It seems most states now perform Risk Limiting Audits to ensure statistical conformance of digitally counted votes to manually counted, voter verified paper ballots. Is there any reason to believe those wouldn't be a reasonably effective canary to indicate digital tampering?
Georgia has already certified, ostensibly performing their RLA prior as I understand is now required by their laws. Pennsylvania should be soon.
I certainly agree that the source being available to one party and not another is an unacceptable compromise of our elections integrity that needs to be addressed though. Australia's digital polling system's source is publicly available for audit. Security by obscurity is an especially weak argument to keep from publishing ours when one party with incentive to tamper already has it.
I think it's probable we will see some genuine election tampering from this election. There are lots of government workers who believe his claims that Democrats cheat and genuinely believe they MUST cheat to "balance" that out. There are on the order of tens of actual cases of voter fraud these past couple elections, mostly done by republicans, not making a meaningful difference, and mostly just being kind of ignorant about how the process works.
However, we will not see this election overturned. 75ish million Americans really did vote for Trump, and really do want him back in the white house, despite how demonstrably dumb that is. Their votes were legitimate and shall be honored by the US, even if it kills us.
There are tiny bubbles of people very insistent that "this couldn't have happened" essentially. They are convinced that a million people voting for a democratic senator while also voting for Trump can only be signs of fraud. They are a little delusional.
This happened in 2020 when thousands of people couldn't process the fact that, yes Maine voted for Collins again even though she's spineless and soulless and threw away everything that made her special and like our state. They went away when it was clear there was no evidence.
Genuinely not trying to start a political firestorm, but I'm curious - did these same scientists bring up similar concerns in any previous elections?
I'm a firm believer of absolutely no electronic voting machines. In-person, paper ballots, hand tallied, escorted by armed guards/trusted election officials with audited paper trails. It might cause a bit of a ruckus mentioning it here, but requiring photo ID to verify who you are before you vote should be mandatory as well.
If Israel and the USA can deploy offline-based malware to cause damage to nuclear centrifuges in Iran, what makes people think that US-unfriendly countries (or heck, even the CIA) won't try to do the exact same thing to voting machines to undermine democracy?
I wouldn't even trust open source, since I wouldn't trust election officials to keep software up to date on their voting machines, let alone know how to even update them.
> did these same scientists bring up similar concerns in any previous elections?
The stated cause of their warning is that the obscurity of the source code has been recently compromised, and beyond giving similar warnings to the FBI and other agencies as soon as they learned this, the authors appear to have been vociferous about weaknesses in electronic polling in prior cycles as well.
> I'm a firm believer of absolutely no electronic voting machines. In-person, paper ballots, hand tallied, escorted by armed guards/trusted election officials with audited paper trails.
We have voter-verified paper ballots with chain-of-custody in addition to our digital polling, right? These seem to be sampled with statistical comparison to the electronically tallied votes as a matter of routine before states verify. The authors of the letter don't seem to mention that procedure so I'm wondering why they consider that process insufficient for catching digital fraud and are instead advocating for a full recount.
> I wouldn't even trust open source, since I wouldn't trust election officials to keep software up to date on their voting machines, let alone know how to even update them.
Yeah I wonder about this! Australia's system is source-available, but I can't find any information on how the installations and hardware are verifiable to independent auditors.
I find it surprising that the whole reasoning of the letter is "voting machines rely on security by obscurity; this obscurity has been breached and therefore the security is harder to attain and guarantee".
The call for recounts is probably meaningful, but it should go hand in hand with a very thorough forensic auditing of the actual voting machines.