How Do You Steal An Election on a Optical Scanner?
5 December 2015
Maine RCV/optscan <
Electronic Voting <
- Memory Card I -- The theft is handled by the memory card, which has thousands of lines of executable code for handling the ballots, the log files of what is occurring, and the counting registers for the various candidates and issues. Memory cards can be mass duplicated.
- Unbalanced Start -- At the beginning of the election (or test) the code is supposed to set the counting registers to zero for each candidate or issue. You include in the code (or in a convenient update) a few lines of code that start the desired winner at some positive number (say, 100), and lines of code that will set the other candidates/issues to some combination of negative numbers whose sum equals that positive number (-100).
- CYA --
- Testphobia -- Just in case someone might run a test, you pull a Volkswagen switch, with code that checks the date/time and only executes the above code if the date/time indicates the election is on. The machine will behave normally for a test at any other time.
- Now you see it... -- Just in case someone might look at the code after the election, you design the code to be self-deleting after the election.
- The Steal -- "Zero" the counting register for Candidate A at -100 votes, and the register for Candidate B (the desired winner) at +100 votes. Let's say there are 900 voters in the election, and they give Candidate A (the legitimate winner) 500 votes and Candidate B 400 votes. But the machine "results" of the election are different: Candidate A gets 400 (500-100), Candidate B wins with 500 (400+100). The total (900) matches the recorded number of voters (nothing to see here, folks, keep on moving...), and the spread is a comfortably large at 11% (56% to 45%) so there won't be a recount. Hence the ballots will never be checked and the theft not detected.
- Memory Card II -- No one will ever check the memory cards, so CYA step 3b may not be necessary.
- Decapitation -- It may not be necessary to mess with the individual memory cards at all if you can hack the central state tabulator, which Maine will purchase if Ranked Choice Voting is implemented.
- Prevention? -- Computer security expert Stephen Spoonamore says a random hand count of 1-2% of scanned ballots would be enough to spot fraud. Election fraud monitor Brad Friedman believes this percentage to be far too conservative, considering how easy it is to game optical scanners. But will such audits ever be done in Maine on a statewide election? And is it even possible with Ranked Choice Voting?