Trump Fires FBI Director Comey

I don’t think outside hacking is the only concern. In a paper ballot system you have multiple people from different parties looking at the physical ballots. Even a secured system could be manipulated for someone with the right authorization level. Basically putting things in a lot of different people’s hands makes a widespread conspiracy harder.

I don’t think a bank account is quite the same situation. If stuff starts missing from people’s accounts, they are going to notice, there are going to be follow up investigations about this particular account having a withdrawal that never happened etc. If you change 1% of the votes, no one knows it was their vote that was changed.

Diebold, the biggest player in the electronic voting machine business, also makes ATMs. Their ATMs are secure. Successful hacking against them is almost non-existent.

It has been shown over and over again that their voting machines are made of tissue paper, and can be hacked by anyone who has any experience in a matter of minutes, and vote totals can be changed, undelectably.

It’s not that secure electronic voting machines can’t be made. They definitely can. There is a lot of research and theory on the subject. The problem is, do you trust anyone to do it? Isn’t it just easier to use paper ballots, which are nearly impossible to change on a large scale, and can be independently verified by anyone?

I’d trust a company to do it, assuming the financial incentives were aligned correctly to make them want to do it right. Right now they aren’t, as voting is currently handled by local municipalities or counties mostly without the budgets to invest in solid technologies.

Financial systems secure themselves against this, because you COULD create transactions which were so small as to not be noticed, spread out over the entire bazillion people.

Seriously, we entrust literally every aspect of our lives to digital systems these days. Suggesting that voting is the one area where this can’t work just doesn’t have any basis in reality that I can see.

Not exactly “breaking” (i.e. we all knew there was no tape) but

So he was telling the truth when he said Trump pressured him to call off the investigation? And this helps Trump how?

If it weren’t so depressing, it would be hilarious how the attempts to justify Trump’s blather always end up just digging a deeper hole for Trump. “OK, so maybe Obama didn’t technically wiretap Trump, but the intelligence agencies did intercept conversations with Trump campaign officials that they didn’t disclose under oath. Vindication!”

Well bear in mind that when the word truth is used by Mr Trump, there is always an implied finger quotes, along with surreptitious eyebrow waggling, as well as a light tap on your foot from his shoe plus a discreet throat clearing cough.

Daniel Lin‏ @danwlin
[Poker game]

TRUMP: I’m all in
OPPONENT: Me, too

Trump stares at cards for six weeks

TRUMP: I fold

Voting is unique due to the secret ballot. Financial systems work because the users accept (and expect!) that every relevant detail of every transaction is logged, and the logs can be audited by the participants. That’s unacceptable when it comes to voting: it must be impossible for anyone but me to know how I voted. (And it should preferably be impossible for me to prove to anyone else that I’ve voted a certain way). It’s very hard to reconcile these two desires, and make an electronic system both auditable and secret.

“Paper based voting doesn’t have an audit trail either!”, you say. And that’s true.

It’s instead based on common sense physical security. For example, have representatives of all parties confirm that the ballot box is empty at the start of voting, and make sure that each person can only insert one ballot into the box, etc. This form of security works because the laws of physics make it very hard for an attacker to just create new ballots out of the thin air inside the box, or change the contents of the ballots once they’re in the box.

With computers, those kinds of physical limits don’t exist. If the system is vulnerable, the attacker could modify the data in arbitrary ways. To get confidence in the results you need audit logs, with audit logs you kill the secret ballot, and by killing the secret ballot you kill democracy as we know it.

I’m still surprised anybody gave the secret tape thing an ounce of credibility. It’s one of those things that annoys me about how much the media is letting the Trump administration play them for suckers. He’s shown over and over again that his word is worth nothing, but reporters keep playing the ‘gotcha’ game on the things he tweets as if anybody thought he actually recorded tapes.

I think, like Comey, we all wish that there actually were tapes.

You forgot the “Lordy!” part.

Just kind of throwing some stuff in here, but that’s a pretty bad analogy. Jsnell pointed out some of the inconsistencies, but the one that I’ll toss in is this: Financial systems are as secure as it’s possible to make them while still making them useful. That is, financial systems are not particularly secure.

Because they want folks to do banking from home (and thus free the banks from paying a legion of tellers, your financial data is protected by relatively weak web-based protocols; the data is transmitted over public, easilly-sniffed lines or even laughably insecure wifi.

Because they want you to be able to retrieve cash from ATMs (again, freeing the bank up from paying tellers), your finances are “secured” by possession of a flimsy plastic card and knowledge of a 4-digit pin… which most of the time is the same code that an idiot would put on his luggage.

Hell, the contents of your bank account are effectively accessible to anyone that you hand a check (blank or otherwise) to because your account number and the bank’s routing number are in plain text at the bottom. Almost anyone could set up a short-term transfer of funds with that information.

Now there are significant secondary protections on each of these weaknesses that would make it difficult for thieves to clean you out using any one of them, but they DO exist… and the banks continue to let them exist.

Why? Because the money that the banks lose due to these vulnerabilities is trivial compared to the money that they and their partners earn by providing their members with easy-to-use services. They literally write the losses off as the cost of doing business.

That not an option with voting… at least not to the same scale. The public will not accept an election commission that says, “Yeah, the electronic voting system may produce some 1% to 2% fraud, but we think it’s worth it due to ease-of-use.”

Sure, but you don’t need to enable all of the ease of use stuff that you encounter with fiancial transactions.
Like, you don’t need to be able to vote from machines randomly placed everywhere. You don’t need to vote over the web. Virtually all of the convenience things you talk about as being the security limitations on financial transactions don’t need to be there.

Who is going to secure it that you trust? NSA? Ha. They can’t even keep their own admins from copying top secret data onto thumb drives. You’d think after the first time they might have clamped down a little…

But of course more to the point Diebold is as corrupt, incompetent and just plain bad as any tech company can possibly be, and for whatever reason [graft] they dominate the industry. If Alphabet decided to implement something starting from scratch I might trust it a bit more.

We had a voter problem here. She took the paper votes and basically dumped all the Democratic votes in the trash. She was also tried and convicted. My point… physical voting isn’t exactly that secure either. Accessibility is important, so any digital system needs to be reasonably secure and any concerns followed-up, that last part seems to be a problem now.

Well, security researchers have shown them (voting machines) to be insecure, and AFAIK they don’t get patched or updated for better security (Georgia 6 was using 10+ year old Voting machines whose manufacturer went out of business years ago).

The thing about physical voting security is a much lower risk than digital voting security. It’s why digital bank robberies are more dangerous than physical ones, at least in terms of dollar amounts. See the Brazil DNS scam recently.

My main point is, it makes no sense to go looking for perfect when we don’t have perfect now. There are reasonable ways to make systems mostly secure. There just is. The problem is updating and follow-through… as in you have to actually check these things and address issues. As far as i can tell, not much checking or addressing is going on.

It has to be a balance between accessible and secure… we have problems with both right now.

And they aren’t just technology problems, unfortunately. Layer 8 (politics) and Layer 9 (financial, as I call it) are definitely in play

But she was caught. We had an incident here where a woman faked a bunch of absentee ballots. She was caught.