Rigging Elections part 1
The problem with rigging elections in this day and age is a matter of logistics more than anything else.
The following expert explanation is from the Anarchangel Chris Byrne.
I am an information security professional, a certified auditor for a number of different regulatory regimes, and a certified forensic investigator for information systems and networks. In fact, I even develop training and courseware, and train others in these skills.
I literally not only do this sort of thing for a living, I teach others how to do it as well.
I’ve worked a lot with state and county republican and libertarian parties, and with city, county, and state governments; including state and county election administrators. I’ve been involved in security reviews and audits for several different electronic voting systems around the country.
The first thing to understand, is that there are a couple dozen manufacturers and vendors of electronic voting systems, all using different hardware and software. Further, even within a single manufacturer or vendor, they often have a number of different systems and models, with different hardware and software, and different capabilities.
Few states have entirely standardized and uniform voting systems across all counties and precincts, because these systems are expensive and are often purchased one county at a time, or even a few precincts at a time.
That means if you want to rig a national election, you can’t just compromise one manufacturer, nor can one manufacturer rig the election on their own.
Yes, the individual machines mostly have weak security… sometimes shockingly poor in fact. However, they are also generally difficult to tamper with on even a statewide basis, simply because of logistics and scale if nothing else; but also because they are mostly fairly primitive systems, with limited functionality.
Most electeonic voting systems aren’t actually networked together, never mind netowrked to the open internwt, or to the outside world in general. Those systems that are networked, generally have extremely limited communication and functionality over the network; just tabulation and reporting of the results, and maybe rebooting, getting boot up configs and the like. Some systems may also have a scheduled, or manually initiated, “call home” to the manufacturer for firmware or software updates. They are not generally persistently connected to the internet, or to their manufacturer or vendor, or really through any other way of easily hacking them remotely, or hacking many machines at once.
A few electronic voting systems have some kind of wireless networking built in, which may be a hackable compromise vector, but it’s still very difficult to do without detection; particularly given the systems arent continuously connected to the wireless network. They only connect for maintenance purposes, and to report their data, usually after polls close; or after a particular command or mode is entered manually on the machine, by the poll workers or election administrators.
Without a persistent connection to an outside network, it is very difficult to remotely compromise such systems. An attacker would have to know when the machines were going to be connected, and either have the outside network compromised beforehand waiting for the machines to connect (which dramatically increases the likelihood of detection), and then inject inject compromise; or they would have to be wathcing and waiting for the connections to occur, and be able to compromise the system during the few seconds, or at most few minutes, the machines were connected to the outside network.
It is possible to do so, yes… but again, it is very difficult to do so without detection, for even a few machines, in a few precincts.
When considering the fact that an attacker would have to do so for many different voting systems, and thousands of machines, spread across thousands of polling places, just within a single state…. Again, it is extremely unlikely they would be able to do so without detection, to the point that it is outside the realm of practical feasibility.
Absolute best case for someone wanting to rig an election… they might be able to rig a single precinct or maybe a single county, or possibly a few counties spread across several states without detection (since the state and county officials would be less likely to the notice something wrong across state lines, rather than seeing anomalies in multiple counties in the same state).
They MIGHT be able to get all the machines for a single precinct, or maybe even a single county, at once; by compromising the systems for the location where they perform maintenance on the machines, so that when the election administrators or IT people connect to the internet to fetch updates automatically on the machines, or the IT staff manually download updates to memory card or usb drive, the hacker can inject their own hacked update.
However that would only work for machines that called home for an update (most don’t), or that had someone manually download updates over the internet to distribute to the machines (again, most don’t). And of course, the hackers would have to know the location they were doing the maintenance, know the approximate date they were doing it, compromise that locations network, bypass whatever security the machines have on their update system, and not be detected.
Alternatively, an attacker could compromise the manufacturer or vendors networks and systems, that the machines would call home to, again without being detected.
That’s within the realm of possibility for a single precinct or county, or for a single vendor or manufacturer… but it’s still unlikely, and it’s not practically feasible, on the scale necessary to rig an entire large state, or multiple states, without being detected at some point.
Plus, as i said, most machines arent updated over the internet like that. Normally to update machines, an authorized individual has to go to each machine individually, and actually connect to a serial or usb port, a network port, or insert a memory card. Many of them, that’s also how you get the vote counts when the polls close. And many machines can only be updated by vendor service reps.
Successfully compromising these systems, is really a question of timing, logistics, scale, and risk of exposure.
Is it possible? Yes. Is it realistically practical and feasible? Not really, no… not without detection.
Rigging a national election, without detection, would require a massive conspiracy, between dozens of manufacturers and vendors, and their employees, thousands of election officials and volunteers, and thousands of attackers.
Attackers would have to individually compromise tens of thousands of machines, from many different vendors.
To do so, they couldnt just penetrate one system or a few systems once; or just compromise a few system or machines, and let it spread automatically over a network… like you could with malware worms over internet connected windows machines for example…
For most electronic voting systems, attackers would have to physically mess with every single machine, individually, in every single polling place or precinct, in every single county, in every single state, one at a time… Or best case for them, at least for every county or every precinct.
…And it’s not something an attacker could do discretely, by going to the polling places as a voter, or as a polling place volunteer. It would be obvious you were messing with the machines.
Which means ithat it is functionally impossible to do it that way, without being detected.
To “rig” the election successfully then, multiple different attackers would have to pose as factory maintenance techs or something similar, for each different type of machine, in every county and possibly every precinct (some counties store and maintain the machines centrally, some store and maintain them precinct by precinct); in the 12 states that use electronic voting machines that don’t give a paper confirmation.
…Or at least enough of them to swing the election….
Either that, or you would have to send out a hacked “maintenance update” or something similar, to every election administrator in every county using a particular type of machine, and get them to do it for you… and if even one of them calls the real manufacturer, the game is up. And there’s a couple dozen different systems out there, so you’d have to make a convincing social engineering effort for each type of machine, and each administrator, and you would have to code a compromise package for each etc… etc…
Again, this is remotely possible, but practically infeasible.
Another hurdle to clear, is that you’d only have, at most, a few weeks to do it… or maybe as much as 90 days… because normal procedures for most states/counties/precincts, are to wipe and reset the machines to factory clean, and update to current maintenance release; anywhere between 7 days and 90 days before the election. Then the machines are tested before being set up at the polling places, and usually tested again each morning before polls open. If any of the machines have have a problem or fail testing,, the policy and process is generally to download download the machines data, swap it out for a spare, then wipe to factory clean, update etc…
Again…Is it possible? Yes… remotely… maybe… for a few precincts or counties.
In practical terms, no, really, it’s not possible to do it at the scale required, without being detected.
An attacker might be able to do it to a few precincts, or even a few counties, maybe, and get away with it, without detection… but it’s incredibly unlikely.
This of course means it’s also incredibly unlikely be able to do it to a whole state, except maybe Hawaii or Rhode island, and they’re 100% in the bag for democrats anyway, there would would be no need to rig the election for them, and rigging it for republicans would be so obvious, it would give the game away entirely..
You certainly couldn’t do it to multiple states; unless as I said above, you had a truly massive conspiracy, involving several different voting machine manufacturers, and the election administrators themselves, which given those administrators are generally a mix of both dems and republicans, means you’d have to a convince half of them to sabotage their own candidate.
Realistically, the only way you can rig an election without being detected, is if the election is very close anyway. Then, by changing just just a few precincts and counties, you might be able to swing a whole state, without massive red flags…. but all of the challenges and difficulty and complexity I mention above still apply.
So yes… within the farthest outside realm of possibility, you might be able to rig a few counties, in a few states, which, if the election were very close, might swing those few states enough to tip it away from the party that would have otherwise won… but the chances of doing it successfully, without being detected are astronomical.
In practical terms, it’s just beyond the realm of reasonable feasibility.
Part of the reason why we still have county by county, and precinct by precinct elections, is just exactly because it is a very robust widely distributed system, that is very difficult to compromise, or fail on a large scale. When things do fail or are compromised, the spread of that failure or compromise is naturally limited to a few precincts, or a few counties… or at most a single state.
The biggest problem with these machines, is that they often have terrible user interfaces, that are extremely unclear, and have poorly laid out and labeled controls, and often poor quality and poorly aligned touch screen systems. This results in users making a lot of mistakes, and they often misvote; especially older voters with poor eyesight, or poor manual dexterity (touch screens with small non tactile controls are the worst possible interface for these folks), and who are less familiar with technology.
For that matter, the machines are just plain buggy. A lot of these systems have frighteningly bad QA and testing. What may pass a simple test regime with a few machines in a controlled lab environment; may fail badly, when it’s thousands of machines, being pounded on by thousands of actual users.
As far as users seeing their votes being changed to another candidate on screen… why would an attacker trying to rig an election ever allow that to happen?
If machines had actually been rigged, the people doing the rigging certainly wouldn’t show you that they had reversed your vote. They would confirm your vote was what you wanted, and then silently change it in the tabulation later. The voter would never know, and neither would the poll workers or election officials. Everything would look perfect to everyone, but the election result would go the way the riggers decided.
You would have to believe that the election riggers were competent enough, and powerful enough, to successfully rig thousands of machines, from many different vendors, across thousands of precincts and hundreds of counties, across a dozen states…
…and to compromise the hundreds of people from both major parties, and all the different vendors necessary to do so…
… and competent and powerful enough to do so without detection…
… and competent and powerful enough that none of those thousands of people ever leaked anything about it, in any way…
… but that at the same time, so INCOMPETENT, that they actually showed people their votes were being changed, right there on screen, as they were voting…
I’m not sure I could make my brain twist into the kind of pretzel necessary to believe that…
The recent rumor I see on social media is that people are seeing their votes changed to someone other than for whom they intended to vote. This is ludicrous on the face of it but there are paranoid folk.
Mind you in the case of voter fraud rigged elections have occurred in the past but that was different technology and the scale was different.
the Anarchangel opines on that
Well… the John Birch society types have said every election since 1960 was rigged… It doesn’t help that in 1960, it WAS rigged, in Florida, illinois, Rhode island, Massachussets, and Missouri.
Certainly voter fraud should be stopped and curtailed, as it is the most effective form of voter disenfranchisement.
What curtails a lot of voter fraud, election rigging, are the requirements to succeed in rigging the elections as well as to hide the evidence.