We use traditional paper ballots in Spain, and we have the full results within 2-3h of polls closing.
The trick is using a distributed system. Each ballot box is opened, counted and tallied at the same time. The results (along with the votes themselves for posterior re-counting if needed) are sent to local electoral authorities who input the updates into a central system in real time. It essentially takes as long as it takes to count the fullest ballot boxes in big cities.
Funny that you mentioned speed as an argument for electronic voting, though. I never understood how the US uses it, yet it takes them days to get the full results.
>We use traditional paper ballots in Spain, and we have the full results within 2-3h of polls closing.
Thats great for a country of 44 million, not so great with a country the population of 333 million spread across multiple time zones.
>The trick is using a distributed system. Each ballot box is opened, counted and tallied at the same time. The results (along with the votes themselves for posterior re-counting if needed) are sent to local electoral authorities who input the updates into a central system in real time. It essentially takes as long as it takes to count the fullest ballot boxes in big cities.
Lets set aside the issues involved with transmitting data electronically (sounds like just a distributed electronic system). Each state in the US runs its own election process and has its own budget. You would have numerous problems implementing this system across a country with 4 primary time zones(lets ignore the lone two states with separate time zones for now).
>Funny that you mentioned speed as an argument for electronic voting, though. I never understood how the US uses it, yet it takes them days to get the full results.
What are you talking about? The last several elections were typically decided within 12-24 hrs of the polls closing on the east coast. Where are you getting your "days" from? Maybe you are just reading Spanish news that is days behind in covering American news?
EU elections work just fine on paper. EU has 449M people vs 331M in USA. Multiple time zones as well. Each country has its own process and budget too..
This is not an argument. It is the official reasoning on why DRE (Direct Recording Electronic) is used. Said by both state legislators and election security researchers.
They have done better: Since 2016 a majority of states with "DRE only" have switched to DRE with verifiable paper trail. It provides quick results with the backup option of manual counting. They could go further by doing statistical risk limiting auditing for all elections and not just the ones that are close but it is still a large step forward since 2016.
> They could go further by doing statistical risk limiting auditing for all elections
I doubt that would help with avoiding or correcting any damage.
Lets take the obvious scenario, someone does a blatant large scale steal of an election. (they get access to manufacturer, set up their own firmware to be updated on all voting machines)
Imagine the damage in that case.
Let's say you do detect and try to correct.
It's already too late. The winners will contest statistic analysis and say fake news then tie it and any recount up in lawsuits. (perhaps combined with arranging for some ballots to be destroyed in secondary storage so any recount would be contestable too)
They will assume power and it will be too late. (there is a time limit for recount and supreme court might decide to force usage of bad results)
Or they might be prevented from getting in power (how would that work, who would be leading?)
You will have revolts and unrest either way...
That sort of chaos would be exactly what a foreign power like Russia or China would want.
Punishing them would be impossible and they would have already won at this point, it wouldn't even matter who wins eventually.
Domestic actors might also view this as their only option to win and use it regardless... If they get in power it's game over, if they lose they might still be in a powerful position with lots of support.
So why not avoid the issue entirely and go paper ballots with independent observers.
>Lets take the obvious scenario, someone does a blatant large scale steal of an election. (they get access to manufacturer, set up their own firmware to be updated on all voting machines)
A DRE machine with a paper trail works by having the voter see the actual printed paper before committing the vote. How can an attacker overcome the paper record that has been verified by the voter before the vote is committed? Thats why I said that risk limiting audit where you perform statistical analysis on the paper ballots is the best of all worlds. It allows quick results and if there is either a close election or an anomaly from the audit then the entire paper backup is counted manually.
Fortunately many states have already laws on the books to automatically trigger a manual count if the election is within a specific extremely close margin but I believe they should also do the risk auditing on all elections which is still something that activists are working towards getting implemented.
>It's already too late. The winners will contest statistic analysis and say fake news then tie it and any recount up in lawsuits. (perhaps combined with arranging for some ballots to be destroyed in secondary storage so any recount would be contestable too)
That implies that the election staff is compromised. Each ballot has a unique serial number(at least in the states I have looked at).
>So why not avoid the issue entirely and go paper ballots with independent observers.
I have also been involved in a lawsuit contesting an election in NY. The bigger issue is not intimidation of staff or potential destruction of ballots(there are mitigations for both of those), its that when the ballots themselves are ambiguous (say in the case of a person marking a paper ballot incorrectly) then it allows legal maneuvers to dismiss ballots and swing an election which is exactly what happened in the recount triggered by the lawsuit. We had a number of paper ballots marked incorrectly and it was not possible to reach the voters in time to have their vote registered correctly so the election was lost by the person filing the lawsuit.
This issue would have been avoided by a electronic machine producing clean paper records verified by voters and are not ambiguous in a recount.
> This issue would have been avoided by a electronic machine producing clean paper records verified by voters and are not ambiguous in a recount
What happens if paper ballot is correct but machine then changes some small percentage of votes randomly when sending upstream?
You say there will be a recount, how would that work?, what would trigger it?, and what could a malicious actor do to prevent it from working?
Malicious actor that can have firmware modified (that seems like a easy target - compromise company making them), that can work up large crowds and have resources for lawsuits.
What would the end result be?
What would society look like after a few months of this?
>What happens if paper ballot is correct but machine then changes some small percentage of votes randomly when sending upstream?
If it does not change the outcome of the election then it does not have the intended effect. If the margin was so close as to change the election the laws on the books would force a complete manual count regardless. Nevertheless, you are proving my point about the risk limiting audits which would help to catch anomalies like this.
>You say there will be a recount, how would that work?, what would trigger it?, and what could a malicious actor do to prevent it from working?
If the margin is within a certain percentage (depends on the state) it forces a manual count of the ballots. I am advocating the risk limiting audits to help catch the machine acting malicious while printing the correct result on paper.
>Malicious actor that can have firmware modified (that seems like a easy target - compromise company making them), that can work up large crowds and have resources for lawsuits.
The lawsuits would still have to respect the law on the books. No machine is perfect but humans are not perfect either. In this thread I already discussed the incident in NY where they have paper ballots filled out by voters and then scanned. Humans messing up the ballots lead to the discarding of votes because they could not be validated. A combination of machine verifying human while human verifying machine is best.
We do not leave in an ideal world. Saying something should happen does not translate to it being done.
Example, Bush vs Gore was decided by the courts, not by recount.
So if that election was stolen, we will never know.
In that case, your whole argument falls apart, there should have been a recount but that never happened.
In that case, if firmware altered enough votes it worked.
" Justice Antonin Scalia, convinced that all the manual recounts being performed in Florida's counties were illegitimate, urged his colleagues to grant the stay immediately.[1] On December 9, the five conservative justices on the Court granted the stay, with Scalia citing "irreparable harm" that could befall Bush, as the recounts would cast "a needless and unjustified cloud" over Bush's legitimacy. "
Now replace Bush with Trump, have a blatant steal, work a lawsuit up to supreme court, have supreme court decide the same way.
>Example, Bush vs Gore was decided by the courts, not by recount.
That whole event was triggered by the "hanging chad" nonsense found in the poorly designed paper ballots that led to ambiguity.
>Now replace Bush with Trump, have a blatant steal, work a lawsuit up to supreme court, have supreme court decide the same way.
If you cannot trust the law then a speedy result works in your favor. If you have a quick electronic result plus have a risk limiting audit done the night of the election as standard practice it makes it harder to challenge the result. In a paper only ballot by definition will take longer and leaves the door open for every election to be challenged.
>So it seems that election result was changed successfully by machines.
Did you read the right wikipedia article? The ballots were paper ballots! The poor design caused people to vote for the incorrect candidate. What machine are you talking about? Certainly not DRE. There was no DRE involved in this state.
>Alas, you still argue machines are better when there's precedent of them changing an election result.
I am arguing DRE with risk limiting audits solves all issues. Fast turnaround with two way auditing.
>I don't have anything more to add here, thanks for the discussion, was interesting digging through wikipedia on this.
Its so funny to see how HN people tend to be so ignorant of the real world because they think they know best. After all they are hackers right? Sooner or later they always get smacked with reality.
> Did you read the right wikipedia article? The ballots were paper ballots! The poor design caused people to vote for the incorrect candidate. What machine are you talking about?
From same article:
"Florida later retired the punch-card voting machines that produced the ballots disputed in the case."
It looks like you haven't read the article.
I'll make it short:
- machines messed up, humans without machines would have not.
- attempts at recount were blocked by supreme court.
- bad result was used to alter election result.
As such, in your situation, if the voting machines you keep arguing for will produce wrong results, we can expect the same result, lawsuits and supreme court deciding election instead of the people.
Any "risk limiting audits" will be thrown in the trash if it's convenient. Same as the recount attempts in florida.
If you do not learn from history you are doomed to repeat it.
> Its so funny to see how HN people tend to be so ignorant of the real world because they think they know best. After all they are hackers right? Sooner or later they always get smacked with reality.
Kind if ironic, don't you think?
You keep arguing for a complex unproven system that is easily compromisable and needs risk limiting audits just to exist.
You are ignorant of real world risks.
You dismiss a simpler, resilient, proven, similarly fast without these glaring issues in EU.
You know best.
If voting machines ever mess up then reality will smack us all, same as in the past.
>"Florida later retired the punch-card voting machines that produced the ballots disputed in the case."
So they improved a bit? Thats good? They are still using Optical scanning with no risk limiting auditing which is not great. What are you even arguing anymore?
>machines messed up, humans without machines would have not.
You don't know that. You are making an assumption while improperly understanding what did happen. It wasn't the machines that messed up, it was the people caused by the paper ballot. I cannot believe it is so difficult to understand that a machine producing a consistent printout is better to verify than trying to decipher what humans have drawn in a circle.
>- attempts at recount were blocked by supreme court.
Again you are conflating two separate issues. The cause of the supreme court blocking the recount was the poor paper design. If the count was concluded before the networks called it then there wouldn't have been exposure to this seperate issue that activists needed to work on.
>Any "risk limiting audits" will be thrown in the trash if it's convenient. Same as the recount attempts in florida.
Not if there are laws and processes on the books or else you could just do anything like throw out the paper ballots with some nonsense stating they are tampered with.
>You keep arguing for a complex unproven system that is easily compromisable and needs risk limiting audits just to exist.
Its the system that all the election security researchers say is the best system for the US's complex ballots. I trust them more than some rando on HN. Not to mention that it makes sense.
>You dismiss a simpler, resilient, proven, similarly fast without these glaring issues in EU.
This is the height of ignorance, thinking that since something works in one locale that it automatically works best in all other environments.
>If voting machines ever mess up then reality will smack us all, same as in the past.
Arizona counts by paper ballot and is suffering from the problem that DRE is designed to solve. Their multiple days election is a function of a very close race and is not typically indicative of the majority of past election results. Maybe we are living in an era where each race will be razor close, which actually makes the argument for DRE.
> Thats great for a country of 44 million, not so great with a country the population of 333 million spread across multiple time zones.
> You would have numerous problems implementing this system across a country with 4 primary time zones(lets ignore the lone two states with separate time zones for now).
You have mentioned timezones twice but haven't really explained why or how they would be an issue. Spain has two timezones, early results are withheld until polls close in the westmost timezone. The EU spans across multiple timezones as well, and elections to the European Parliament follow the same principle.
> Lets set aside the issues involved with transmitting data electronically (sounds like just a distributed electronic system).
Data is transmitted electronically and made publicly available on a per-ballot-box basis. Representatives of political parties with obviously competing interests are present during the counting process (and any member of the public who wishes to can attend it as well) and keep their own tally. If they find out that it diverges from the published results, they can ask for a re-count, which is possible because the physical votes are preserved. In fact they are treated as evidence and follow proper chain of custody by the national police.
> What are you talking about? The last several elections were typically decided within 12-24 hrs of the polls closing on the east coast. Where are you getting your "days" from? Maybe you are just reading Spanish news that is days behind in covering American news?
I distinctly remember live following the 2020 presidential election, going to sleep after all polls closed in the US, and waking up 8 hours later with the race still undecided. How is this possible with a fully electronic system? Why is it not near-instant? This is what I haven't understood yet and would love to be explained.
From Wikipedia (emphasis mine):
> On the morning of November 7 at approximately 11:25 a.m. EST, roughly three and a half days after polls had closed, ABC News, NBC News, CBS News, the Associated Press, CNN, and Fox News all called the election and Pennsylvania's 20 electoral votes for Biden
>I distinctly remember live following the 2020 presidential election, going to sleep after all polls closed in the US, and waking up 8 hours later with the race still undecided. How is this possible with a fully electronic system? Why is it not near-instant? This is what I haven't understood yet and would love to be explained.
They were suffering from the downsides of switching to an all paper ballot system: If you recall there was a worldwide pandemic occurring in 2020 so as a result all states offered paper ballots which were mailed in.
And that election cycle, a record-breaking number of ballots were cast by mail.
In Pennsylvania, things were delayed because the state wasn't allowed to start the process of verifying and counting ballots until Election Day. Pennsylvania is the state with the most votes left to count, as the end of the election and it went into Thursday if I recall.
Some states, like Nevada, are also continuing to accept any mail-in ballots that arrive by Tuesday, Nov. 10, as long as they were postmarked by Election Day. That means votes were still trickling in, and all of those would have been counted.
Counting methods that work for a population of 60 millions will work for a population of 300 millions. It's not like counting votes is a O(N²) problem.
"same day 100% done" is just not possible unless things like mail-in deadlines are shifted to be "received by" instead of "post marked by" the election day.
If people want same day results, it's a heavier process change than "count faster".
With the current rules trying to cut it off in mere hours is disenfranchising valid voters.
I don't really think the public demands it, it's just the newscasters that race with each other to arrive at a statistically strong enough projection to "call it" eg "Dewey Defeats Truman"
And Dewey conceded the morning after the election then, is that not a quick result? My point is we don't need computers to tally votes and the only people actually vested in knowing who wins within hours of polls closing is the people selling papers.
Does the public demand same day results? If we're tapped into the psyche of the public and able to channel the public's collective mind, the public also demands unhackable results, so there's that. You can't hack an paper. The public also demands that people stop declaring what it does and does not demand.
I personally think the way to deal with this hacker that goes by the handle DEFCON who is coming for the elections is to bring in an even more powerful hacker, yes, I speak of the hacker known as "4chan"
>Does the public demand same day results? If we're tapped into the psyche of the public and able to channel the public's collective mind, the public also demands unhackable results, so there's that.
Well clearly they don't since there hasn't been any urgency in this issue.
But despite the fact that you are operating in a bubble and there is only a small cadre of activists many states have in fact changed course and have moved to a compromise: DRE with Paper audit. Is this enough? Well probably not, they should add risk limiting audits as well.
>You can't hack an paper. The public also demands that people stop declaring what it does and does not demand.
Well a slow paper count can potentially call into question the validity of an election when you are in a political environment where there is loss of trust (whether real or imagined).
"There were some Republican activists in Arizona who advocated that voters intentionally wait until Election Day itself to drop off their ballots. Some of this push was based on unfounded theories that fraudsters could manipulate voting systems and rig results for Democrats, once they had seen how many GOP votes had been returned early.
Experts had also warned that such a last-minute crush of ballots could end up creating delays that can ultimately be used by a bad actor to undermine confidence in the election. But there were indications that many GOP voters had heeded that call — the volume of mail-in ballots dropped off on Election Day far surpassed previous years in some counties — which Lake and other Republicans saw as reason to be confident the later ballots would break their way."
>I personally think the way to deal with this hacker that goes by the handle DEFCON who is coming for the elections is to bring in an even more powerful hacker, yes, I speak of the hacker known as "4chan"
Honestly sounds like you spend too much time online. Even election security advocates cite the reason for DRE is due to the difficulty in counting ballots in an efficient manner:
Who is actually demanding same day results? With mail in ballots being more common these days, it’s not really possible anyways (in a close race that can’t be called early). I would be okay with having a one month waiting period if needed. And with multiple days of actual voting at booths to accommodate people’s personal lives.
Man you Americans really suck at math don't you? It's always "but our big population", somehow that's the excuse for everything. Shitty prison system - big population, shitty healthcare system - big population, shitty education - big population, shitty voting system - big population.
Meanwhile I've never seen anyone explain why these things can't scale. You have more people so you have more votes but you also have more people to count them. Okay so there's a few different time zones so what? That's an easily solvable problem.
>Man you Americans really suck at math don't you? It's always "but our big population", somehow that's the excuse for everything. Shitty prison system - big population, shitty healthcare system - big population, shitty education - big population, shitty voting system - big population.
What an ignorant take. It would help for you to expand your horizons and realize that other countries have reasons for doing the things they do. The world is not one size fits all.
>Meanwhile I've never seen anyone explain why these things can't scale. You have more people so you have more votes but you also have more people to count them. Okay so there's a few different time zones so what? That's an easily solvable problem.
> What an ignorant take. It would help for you to expand your horizons and realize that other countries have reasons for doing the things they do. The world is not one size fits all.
From what it looks like across the pond, when it comes to American politics(and anything adjacent) the answer is almost always "greed".
Get enough people to count them in that timeframe.
We use paper ballots here in Australia and get the election results that same night. The USA has 12 times our population and around 6-7 times our voters so proportionally it should be easier for the USA to achieve this than for Australia.
>Get enough people to count them in that timeframe.
Whos going to pay for that? The US is essentially 50 different countries with 50 different budgets. The federal government could try to mandate this and help pay for it but states have rejected free heath care money because they don't want the federal government encroaching on their state and some states may push back and do the same. Therefore you'd potentially waste all this money and still have the problems that were solved with the electronic system.
>We use paper ballots here in Australia and get the election results that same night. The USA has 12 times our population and around 6-7 times our voters so proportionally it should be easier for the USA to achieve this than for Australia.
Easier? It would be much harder. The solution that many states are taking is electronic with verified paper trail(ie. the voter sees the printed ballot and verifies it before committing the vote).
The cost of running this year's EU election in our country where this system is used (paper ballots without any electronic counting), adjusted for the difference in median income between our country and the US, was reported to be around $15 per voter.
The 2020 US presidential election gathered 160 million votes, which would put the price of this system at $2.4 billion.
According to figures contained in a report by the MIT Election Lab [1], the cost of running a nation-wide US election is estimated to be between $2 and $5 billion.
By 2024 the majority of the country has switched to DRE with electronic paper trail. The country is still by and large spending money on electronic systems...just better electronic systems.
We use paper ballots in my jurisdiction (NY) and they’re counted electronically with a scanner. This gives a real time tally, but preserves a paper trail that can be audited.
This Optical Scanning system is a disaster in tight races. I would know. I was a volunteer in the Tiffany Caban queens election back in 2019 and I saw first hand how in a close race this system allows the more politically connected parties to push outsiders out by disregarding ballots that may have had any possible ambiguity: For example, there was a mustard stain on a ballot and the scanner tossed it out as invalid, it was only discovered after a lawsuit was filed and a manual count was done. In the end there were enough ambiguous ballots where they could not reach the voter that it swung the election to Caban's opponent.
Instead if you had DRE with Paper Trail generated by the machine like NJ has switched to, then you could have a clean concise re-count with no ambiguity.
It would not matter when you have verification of paper ballots by the voters + risk limiting audits. The voters keep the machines honest and the machines keep the humans honest. Thats the ideal system. Two way verification.
The entire voting process needs much more transparency, with the ability to conduct third party audits while retaining ballot secrecy. Yes this means fixing machines, maybe even forcing them to be open source, but also instituting procedural changes like voter identity verification. I am not sure how anyone can argue against making the most fundamental process in a democracy more resistant to various attacks or security gaps.
> Voting Village organizers are frustrated that, despite years of security findings, voting machines vendors aren’t moving more quickly to make fixes.
Who actually cares about security? Enough to make it an active priority?
The neat thing about state actors manipulating the machines is that so long as they're not detected, no one will lose their jobs or contracts.
Remember, it took Team Trump being ridiculous to make Smartmatic seem sympathetic.
A better way to frame this is what do the parties care about and what motivates them to care so deeply about that topic? I was at Voting Village this year and to see the same dogshit Diebold systems from the 2000s was depressing.
Fortunately there is a solution since these systems are administered state by state. Focus on the potential swing states to make sure they are up to par. Thats where the real fight is.
I can tell you in my local state(a strong democratic leaning state), local activists have been pushing the government and they actually managed to phase out all old voting machines for a Electronic + Print system that allows the voters to verify the ballot before casting. There is a paper record in case the election is close and so it can then be recounted. Its not perfect but its a start.
Also there is something to be said that 95% percent of 2024 voters will be voting with a voter verified paper trail so there has been a lot of progress made.
I don't read of any new vulnerabilities. I read that vulnerabilities have been announced at past DEFCON events and there is a new DEFCON event. Then concerns of what a hypothetical new vulneraibility could be at this point in the US election cycle. The dicussion is valid but nothing is new here?
I think by now the concept of a vulnerability in voting systems has become too partisan in the US for anyone to ever address it.
I really wish states everywhere just banned electronic voting. The savings simply aren't worth the loss of trust and verifiability.
(See also, Venezuela's recent election.)
> vulnerability in voting systems has become too partisan in the US for anyone to ever address it
It's pretty uniformly bipartisan, just on an alternating 4-year schedule somehow
>I really wish states everywhere just banned electronic voting. The savings simply aren't worth the loss of trust and verifiability.
But the public demands same day results. How are you going to overcome this issue?
We use traditional paper ballots in Spain, and we have the full results within 2-3h of polls closing.
The trick is using a distributed system. Each ballot box is opened, counted and tallied at the same time. The results (along with the votes themselves for posterior re-counting if needed) are sent to local electoral authorities who input the updates into a central system in real time. It essentially takes as long as it takes to count the fullest ballot boxes in big cities.
Funny that you mentioned speed as an argument for electronic voting, though. I never understood how the US uses it, yet it takes them days to get the full results.
>We use traditional paper ballots in Spain, and we have the full results within 2-3h of polls closing.
Thats great for a country of 44 million, not so great with a country the population of 333 million spread across multiple time zones.
>The trick is using a distributed system. Each ballot box is opened, counted and tallied at the same time. The results (along with the votes themselves for posterior re-counting if needed) are sent to local electoral authorities who input the updates into a central system in real time. It essentially takes as long as it takes to count the fullest ballot boxes in big cities.
Lets set aside the issues involved with transmitting data electronically (sounds like just a distributed electronic system). Each state in the US runs its own election process and has its own budget. You would have numerous problems implementing this system across a country with 4 primary time zones(lets ignore the lone two states with separate time zones for now).
>Funny that you mentioned speed as an argument for electronic voting, though. I never understood how the US uses it, yet it takes them days to get the full results.
What are you talking about? The last several elections were typically decided within 12-24 hrs of the polls closing on the east coast. Where are you getting your "days" from? Maybe you are just reading Spanish news that is days behind in covering American news?
EU elections work just fine on paper. EU has 449M people vs 331M in USA. Multiple time zones as well. Each country has its own process and budget too..
So your argument is moot.
This is not an argument. It is the official reasoning on why DRE (Direct Recording Electronic) is used. Said by both state legislators and election security researchers.
In that case it's poor reasoning and they can do better.
They have done better: Since 2016 a majority of states with "DRE only" have switched to DRE with verifiable paper trail. It provides quick results with the backup option of manual counting. They could go further by doing statistical risk limiting auditing for all elections and not just the ones that are close but it is still a large step forward since 2016.
> They could go further by doing statistical risk limiting auditing for all elections
I doubt that would help with avoiding or correcting any damage.
Lets take the obvious scenario, someone does a blatant large scale steal of an election. (they get access to manufacturer, set up their own firmware to be updated on all voting machines)
Imagine the damage in that case.
Let's say you do detect and try to correct.
It's already too late. The winners will contest statistic analysis and say fake news then tie it and any recount up in lawsuits. (perhaps combined with arranging for some ballots to be destroyed in secondary storage so any recount would be contestable too)
They will assume power and it will be too late. (there is a time limit for recount and supreme court might decide to force usage of bad results)
Or they might be prevented from getting in power (how would that work, who would be leading?)
You will have revolts and unrest either way...
That sort of chaos would be exactly what a foreign power like Russia or China would want.
Punishing them would be impossible and they would have already won at this point, it wouldn't even matter who wins eventually.
Domestic actors might also view this as their only option to win and use it regardless... If they get in power it's game over, if they lose they might still be in a powerful position with lots of support.
So why not avoid the issue entirely and go paper ballots with independent observers.
>Lets take the obvious scenario, someone does a blatant large scale steal of an election. (they get access to manufacturer, set up their own firmware to be updated on all voting machines)
A DRE machine with a paper trail works by having the voter see the actual printed paper before committing the vote. How can an attacker overcome the paper record that has been verified by the voter before the vote is committed? Thats why I said that risk limiting audit where you perform statistical analysis on the paper ballots is the best of all worlds. It allows quick results and if there is either a close election or an anomaly from the audit then the entire paper backup is counted manually.
Fortunately many states have already laws on the books to automatically trigger a manual count if the election is within a specific extremely close margin but I believe they should also do the risk auditing on all elections which is still something that activists are working towards getting implemented.
>It's already too late. The winners will contest statistic analysis and say fake news then tie it and any recount up in lawsuits. (perhaps combined with arranging for some ballots to be destroyed in secondary storage so any recount would be contestable too)
That implies that the election staff is compromised. Each ballot has a unique serial number(at least in the states I have looked at).
>So why not avoid the issue entirely and go paper ballots with independent observers.
I have also been involved in a lawsuit contesting an election in NY. The bigger issue is not intimidation of staff or potential destruction of ballots(there are mitigations for both of those), its that when the ballots themselves are ambiguous (say in the case of a person marking a paper ballot incorrectly) then it allows legal maneuvers to dismiss ballots and swing an election which is exactly what happened in the recount triggered by the lawsuit. We had a number of paper ballots marked incorrectly and it was not possible to reach the voters in time to have their vote registered correctly so the election was lost by the person filing the lawsuit.
This issue would have been avoided by a electronic machine producing clean paper records verified by voters and are not ambiguous in a recount.
> This issue would have been avoided by a electronic machine producing clean paper records verified by voters and are not ambiguous in a recount
What happens if paper ballot is correct but machine then changes some small percentage of votes randomly when sending upstream?
You say there will be a recount, how would that work?, what would trigger it?, and what could a malicious actor do to prevent it from working?
Malicious actor that can have firmware modified (that seems like a easy target - compromise company making them), that can work up large crowds and have resources for lawsuits.
What would the end result be?
What would society look like after a few months of this?
>What happens if paper ballot is correct but machine then changes some small percentage of votes randomly when sending upstream?
If it does not change the outcome of the election then it does not have the intended effect. If the margin was so close as to change the election the laws on the books would force a complete manual count regardless. Nevertheless, you are proving my point about the risk limiting audits which would help to catch anomalies like this.
>You say there will be a recount, how would that work?, what would trigger it?, and what could a malicious actor do to prevent it from working?
If the margin is within a certain percentage (depends on the state) it forces a manual count of the ballots. I am advocating the risk limiting audits to help catch the machine acting malicious while printing the correct result on paper.
>Malicious actor that can have firmware modified (that seems like a easy target - compromise company making them), that can work up large crowds and have resources for lawsuits.
The lawsuits would still have to respect the law on the books. No machine is perfect but humans are not perfect either. In this thread I already discussed the incident in NY where they have paper ballots filled out by voters and then scanned. Humans messing up the ballots lead to the discarding of votes because they could not be validated. A combination of machine verifying human while human verifying machine is best.
You are missing my point.
We do not leave in an ideal world. Saying something should happen does not translate to it being done.
Example, Bush vs Gore was decided by the courts, not by recount.
So if that election was stolen, we will never know.
In that case, your whole argument falls apart, there should have been a recount but that never happened.
In that case, if firmware altered enough votes it worked.
" Justice Antonin Scalia, convinced that all the manual recounts being performed in Florida's counties were illegitimate, urged his colleagues to grant the stay immediately.[1] On December 9, the five conservative justices on the Court granted the stay, with Scalia citing "irreparable harm" that could befall Bush, as the recounts would cast "a needless and unjustified cloud" over Bush's legitimacy. "
Now replace Bush with Trump, have a blatant steal, work a lawsuit up to supreme court, have supreme court decide the same way.
>Example, Bush vs Gore was decided by the courts, not by recount.
That whole event was triggered by the "hanging chad" nonsense found in the poorly designed paper ballots that led to ambiguity.
>Now replace Bush with Trump, have a blatant steal, work a lawsuit up to supreme court, have supreme court decide the same way.
If you cannot trust the law then a speedy result works in your favor. If you have a quick electronic result plus have a risk limiting audit done the night of the election as standard practice it makes it harder to challenge the result. In a paper only ballot by definition will take longer and leaves the door open for every election to be challenged.
> That whole event was triggered by the "hanging chad" nonsense found in the poorly designed paper ballots that led to ambiguity.
You say nonsense but wikipedia says:
"a statewide recount would have shown that Gore received the most votes, according to the Florida Ballot Project."
So it seems that election result was changed successfully by machines.
That would not have happened with regular vote counting.
> In a paper only ballot by definition will take longer and leaves the door open for every election to be challenged.
Paper and counting with observers is much harder to compromise and more efficient then some machines. (see EU parliament elections)
Alas, you still argue machines are better when there's precedent of them changing an election result.
I don't have anything more to add here, thanks for the discussion, was interesting digging through wikipedia on this.
>So it seems that election result was changed successfully by machines.
Did you read the right wikipedia article? The ballots were paper ballots! The poor design caused people to vote for the incorrect candidate. What machine are you talking about? Certainly not DRE. There was no DRE involved in this state.
>Alas, you still argue machines are better when there's precedent of them changing an election result.
I am arguing DRE with risk limiting audits solves all issues. Fast turnaround with two way auditing.
Prominent election security experts are advocating the same thing: https://www.youtube.com/watch?v=U-184ssFce4&t=1578s
>I don't have anything more to add here, thanks for the discussion, was interesting digging through wikipedia on this.
Its so funny to see how HN people tend to be so ignorant of the real world because they think they know best. After all they are hackers right? Sooner or later they always get smacked with reality.
> Did you read the right wikipedia article? The ballots were paper ballots! The poor design caused people to vote for the incorrect candidate. What machine are you talking about?
From same article:
"Florida later retired the punch-card voting machines that produced the ballots disputed in the case."
It looks like you haven't read the article.
I'll make it short:
- machines messed up, humans without machines would have not.
- attempts at recount were blocked by supreme court.
- bad result was used to alter election result.
As such, in your situation, if the voting machines you keep arguing for will produce wrong results, we can expect the same result, lawsuits and supreme court deciding election instead of the people.
Any "risk limiting audits" will be thrown in the trash if it's convenient. Same as the recount attempts in florida.
If you do not learn from history you are doomed to repeat it.
> Its so funny to see how HN people tend to be so ignorant of the real world because they think they know best. After all they are hackers right? Sooner or later they always get smacked with reality.
Kind if ironic, don't you think?
You keep arguing for a complex unproven system that is easily compromisable and needs risk limiting audits just to exist.
You are ignorant of real world risks.
You dismiss a simpler, resilient, proven, similarly fast without these glaring issues in EU.
You know best.
If voting machines ever mess up then reality will smack us all, same as in the past.
>"Florida later retired the punch-card voting machines that produced the ballots disputed in the case."
So they improved a bit? Thats good? They are still using Optical scanning with no risk limiting auditing which is not great. What are you even arguing anymore?
>machines messed up, humans without machines would have not.
You don't know that. You are making an assumption while improperly understanding what did happen. It wasn't the machines that messed up, it was the people caused by the paper ballot. I cannot believe it is so difficult to understand that a machine producing a consistent printout is better to verify than trying to decipher what humans have drawn in a circle.
>- attempts at recount were blocked by supreme court.
Again you are conflating two separate issues. The cause of the supreme court blocking the recount was the poor paper design. If the count was concluded before the networks called it then there wouldn't have been exposure to this seperate issue that activists needed to work on.
>Any "risk limiting audits" will be thrown in the trash if it's convenient. Same as the recount attempts in florida.
Not if there are laws and processes on the books or else you could just do anything like throw out the paper ballots with some nonsense stating they are tampered with.
>You keep arguing for a complex unproven system that is easily compromisable and needs risk limiting audits just to exist.
Its the system that all the election security researchers say is the best system for the US's complex ballots. I trust them more than some rando on HN. Not to mention that it makes sense.
>You dismiss a simpler, resilient, proven, similarly fast without these glaring issues in EU.
This is the height of ignorance, thinking that since something works in one locale that it automatically works best in all other environments.
>If voting machines ever mess up then reality will smack us all, same as in the past.
Hence two way auditing....
Simple math tells you just need 10ish times the people counting.
> The last several elections were typically decided within 12-24 hrs of the polls closing on the east coast. Where are you getting your "days" from?
Arizona was still counting 3 or 4 days later. Also 24 hours is a day.
Arizona counts by paper ballot and is suffering from the problem that DRE is designed to solve. Their multiple days election is a function of a very close race and is not typically indicative of the majority of past election results. Maybe we are living in an era where each race will be razor close, which actually makes the argument for DRE.
> Thats great for a country of 44 million, not so great with a country the population of 333 million spread across multiple time zones.
> You would have numerous problems implementing this system across a country with 4 primary time zones(lets ignore the lone two states with separate time zones for now).
You have mentioned timezones twice but haven't really explained why or how they would be an issue. Spain has two timezones, early results are withheld until polls close in the westmost timezone. The EU spans across multiple timezones as well, and elections to the European Parliament follow the same principle.
> Lets set aside the issues involved with transmitting data electronically (sounds like just a distributed electronic system).
Data is transmitted electronically and made publicly available on a per-ballot-box basis. Representatives of political parties with obviously competing interests are present during the counting process (and any member of the public who wishes to can attend it as well) and keep their own tally. If they find out that it diverges from the published results, they can ask for a re-count, which is possible because the physical votes are preserved. In fact they are treated as evidence and follow proper chain of custody by the national police.
> What are you talking about? The last several elections were typically decided within 12-24 hrs of the polls closing on the east coast. Where are you getting your "days" from? Maybe you are just reading Spanish news that is days behind in covering American news?
I distinctly remember live following the 2020 presidential election, going to sleep after all polls closed in the US, and waking up 8 hours later with the race still undecided. How is this possible with a fully electronic system? Why is it not near-instant? This is what I haven't understood yet and would love to be explained.
From Wikipedia (emphasis mine):
> On the morning of November 7 at approximately 11:25 a.m. EST, roughly three and a half days after polls had closed, ABC News, NBC News, CBS News, the Associated Press, CNN, and Fox News all called the election and Pennsylvania's 20 electoral votes for Biden
>I distinctly remember live following the 2020 presidential election, going to sleep after all polls closed in the US, and waking up 8 hours later with the race still undecided. How is this possible with a fully electronic system? Why is it not near-instant? This is what I haven't understood yet and would love to be explained.
They were suffering from the downsides of switching to an all paper ballot system: If you recall there was a worldwide pandemic occurring in 2020 so as a result all states offered paper ballots which were mailed in.
And that election cycle, a record-breaking number of ballots were cast by mail.
In Pennsylvania, things were delayed because the state wasn't allowed to start the process of verifying and counting ballots until Election Day. Pennsylvania is the state with the most votes left to count, as the end of the election and it went into Thursday if I recall.
Some states, like Nevada, are also continuing to accept any mail-in ballots that arrive by Tuesday, Nov. 10, as long as they were postmarked by Election Day. That means votes were still trickling in, and all of those would have been counted.
The 2020 election essentially proved my point.
Same as every other country that uses paper ballots and gets same day results?
How many of those have a population of 333 million?
The EU (449 million)?
But EU election is not as consequential as national election in the individual states of EU, right?
The point was whether it's possible at such a large scale.
Counting methods that work for a population of 60 millions will work for a population of 300 millions. It's not like counting votes is a O(N²) problem.
When you have ballots that have multiple questions on it and different amounts for each state, it scales linearly.
[1]: https://www.youtube.com/watch?v=U-184ssFce4&t=1578s
> But the public demands same day results. How are you going to overcome this issue?
This is suggestive reasoning. If you're going down that path, please provide a source for your claim, that the public demands results on the same day.
This is a solved problem, in the third world, in the 80's.
Then the knowledge was lost to man somehow.
I really pitty you if you belive this.
"same day 100% done" is just not possible unless things like mail-in deadlines are shifted to be "received by" instead of "post marked by" the election day.
If people want same day results, it's a heavier process change than "count faster".
With the current rules trying to cut it off in mere hours is disenfranchising valid voters.
I don't really think the public demands it, it's just the newscasters that race with each other to arrive at a statistically strong enough projection to "call it" eg "Dewey Defeats Truman"
You are referencing an event that happened 76 years ago. Its pretty clear that at this point the public is used to and expects quick results.
And Dewey conceded the morning after the election then, is that not a quick result? My point is we don't need computers to tally votes and the only people actually vested in knowing who wins within hours of polls closing is the people selling papers.
Does the public demand same day results? If we're tapped into the psyche of the public and able to channel the public's collective mind, the public also demands unhackable results, so there's that. You can't hack an paper. The public also demands that people stop declaring what it does and does not demand.
I personally think the way to deal with this hacker that goes by the handle DEFCON who is coming for the elections is to bring in an even more powerful hacker, yes, I speak of the hacker known as "4chan"
>Does the public demand same day results? If we're tapped into the psyche of the public and able to channel the public's collective mind, the public also demands unhackable results, so there's that.
Well clearly they don't since there hasn't been any urgency in this issue.
But despite the fact that you are operating in a bubble and there is only a small cadre of activists many states have in fact changed course and have moved to a compromise: DRE with Paper audit. Is this enough? Well probably not, they should add risk limiting audits as well.
>You can't hack an paper. The public also demands that people stop declaring what it does and does not demand.
Well a slow paper count can potentially call into question the validity of an election when you are in a political environment where there is loss of trust (whether real or imagined).
[1]:https://apnews.com/article/2022-midterm-elections-arizona-ba...
"There were some Republican activists in Arizona who advocated that voters intentionally wait until Election Day itself to drop off their ballots. Some of this push was based on unfounded theories that fraudsters could manipulate voting systems and rig results for Democrats, once they had seen how many GOP votes had been returned early.
Experts had also warned that such a last-minute crush of ballots could end up creating delays that can ultimately be used by a bad actor to undermine confidence in the election. But there were indications that many GOP voters had heeded that call — the volume of mail-in ballots dropped off on Election Day far surpassed previous years in some counties — which Lake and other Republicans saw as reason to be confident the later ballots would break their way."
>I personally think the way to deal with this hacker that goes by the handle DEFCON who is coming for the elections is to bring in an even more powerful hacker, yes, I speak of the hacker known as "4chan"
Honestly sounds like you spend too much time online. Even election security advocates cite the reason for DRE is due to the difficulty in counting ballots in an efficient manner:
[1]: https://youtu.be/U-184ssFce4?t=1578
Who is actually demanding same day results? With mail in ballots being more common these days, it’s not really possible anyways (in a close race that can’t be called early). I would be okay with having a one month waiting period if needed. And with multiple days of actual voting at booths to accommodate people’s personal lives.
The UK's really fast at counting. Or isn't the result on January 20 more important anyway? Change the norm.
Population 66 Million vs 333 million spread across 6 time zones(if you include Hawaii and Alaska).
Man you Americans really suck at math don't you? It's always "but our big population", somehow that's the excuse for everything. Shitty prison system - big population, shitty healthcare system - big population, shitty education - big population, shitty voting system - big population.
Meanwhile I've never seen anyone explain why these things can't scale. You have more people so you have more votes but you also have more people to count them. Okay so there's a few different time zones so what? That's an easily solvable problem.
>Man you Americans really suck at math don't you? It's always "but our big population", somehow that's the excuse for everything. Shitty prison system - big population, shitty healthcare system - big population, shitty education - big population, shitty voting system - big population.
What an ignorant take. It would help for you to expand your horizons and realize that other countries have reasons for doing the things they do. The world is not one size fits all.
>Meanwhile I've never seen anyone explain why these things can't scale. You have more people so you have more votes but you also have more people to count them. Okay so there's a few different time zones so what? That's an easily solvable problem.
Don't cite me then, cite an acclaimed election security researcher: https://youtu.be/U-184ssFce4?t=1578
> What an ignorant take. It would help for you to expand your horizons and realize that other countries have reasons for doing the things they do. The world is not one size fits all.
From what it looks like across the pond, when it comes to American politics(and anything adjacent) the answer is almost always "greed".
Just use paper ballots?
How are you going to count them all quickly when the public demands same day results?
Get enough people to count them in that timeframe.
We use paper ballots here in Australia and get the election results that same night. The USA has 12 times our population and around 6-7 times our voters so proportionally it should be easier for the USA to achieve this than for Australia.
>Get enough people to count them in that timeframe.
Whos going to pay for that? The US is essentially 50 different countries with 50 different budgets. The federal government could try to mandate this and help pay for it but states have rejected free heath care money because they don't want the federal government encroaching on their state and some states may push back and do the same. Therefore you'd potentially waste all this money and still have the problems that were solved with the electronic system.
>We use paper ballots here in Australia and get the election results that same night. The USA has 12 times our population and around 6-7 times our voters so proportionally it should be easier for the USA to achieve this than for Australia.
Easier? It would be much harder. The solution that many states are taking is electronic with verified paper trail(ie. the voter sees the printed ballot and verifies it before committing the vote).
> Whos going to pay for that?
The cost of running this year's EU election in our country where this system is used (paper ballots without any electronic counting), adjusted for the difference in median income between our country and the US, was reported to be around $15 per voter.
The 2020 US presidential election gathered 160 million votes, which would put the price of this system at $2.4 billion.
According to figures contained in a report by the MIT Election Lab [1], the cost of running a nation-wide US election is estimated to be between $2 and $5 billion.
[1] https://electionlab.mit.edu/sites/default/files/2022-05/TheC...
By 2024 the majority of the country has switched to DRE with electronic paper trail. The country is still by and large spending money on electronic systems...just better electronic systems.
We use paper ballots in my jurisdiction (NY) and they’re counted electronically with a scanner. This gives a real time tally, but preserves a paper trail that can be audited.
This Optical Scanning system is a disaster in tight races. I would know. I was a volunteer in the Tiffany Caban queens election back in 2019 and I saw first hand how in a close race this system allows the more politically connected parties to push outsiders out by disregarding ballots that may have had any possible ambiguity: For example, there was a mustard stain on a ballot and the scanner tossed it out as invalid, it was only discovered after a lawsuit was filed and a manual count was done. In the end there were enough ambiguous ballots where they could not reach the voter that it swung the election to Caban's opponent.
Instead if you had DRE with Paper Trail generated by the machine like NJ has switched to, then you could have a clean concise re-count with no ambiguity.
Like most countries scale up with lots of people to count them ?
Whos is going to pay for it? Many states certainly wont. If all states don't commit, then you are stuck with the same problem.
In many countries volunteers exist.
You want the nuttiest of the Trump nutjobs "counting" your ballots? Because thats whats going to happen.
Whoever doesn’t can volunteer to oversight positions. This is the same issue in every country with voting.
Do you really want the nuttiest of the Trump nutjobs "developing" your voting machine code?
It would not matter when you have verification of paper ballots by the voters + risk limiting audits. The voters keep the machines honest and the machines keep the humans honest. Thats the ideal system. Two way verification.
[dead]
The entire voting process needs much more transparency, with the ability to conduct third party audits while retaining ballot secrecy. Yes this means fixing machines, maybe even forcing them to be open source, but also instituting procedural changes like voter identity verification. I am not sure how anyone can argue against making the most fundamental process in a democracy more resistant to various attacks or security gaps.
> Voting Village organizers are frustrated that, despite years of security findings, voting machines vendors aren’t moving more quickly to make fixes.
Who actually cares about security? Enough to make it an active priority? The neat thing about state actors manipulating the machines is that so long as they're not detected, no one will lose their jobs or contracts.
Remember, it took Team Trump being ridiculous to make Smartmatic seem sympathetic.
>Who actually cares about security?
A better way to frame this is what do the parties care about and what motivates them to care so deeply about that topic? I was at Voting Village this year and to see the same dogshit Diebold systems from the 2000s was depressing.
Fortunately there is a solution since these systems are administered state by state. Focus on the potential swing states to make sure they are up to par. Thats where the real fight is.
I can tell you in my local state(a strong democratic leaning state), local activists have been pushing the government and they actually managed to phase out all old voting machines for a Electronic + Print system that allows the voters to verify the ballot before casting. There is a paper record in case the election is close and so it can then be recounted. Its not perfect but its a start.
Also there is something to be said that 95% percent of 2024 voters will be voting with a voter verified paper trail so there has been a lot of progress made.
[1]:https://bipartisanpolicy.org/explainer/united-in-security-st...
Clickbait headline and nothingburger article?
I don't read of any new vulnerabilities. I read that vulnerabilities have been announced at past DEFCON events and there is a new DEFCON event. Then concerns of what a hypothetical new vulneraibility could be at this point in the US election cycle. The dicussion is valid but nothing is new here?