Is there any act more despicable, more treasonous, more of a direct attack upon the ideals of American democracy and everything it stands for, than deliberate and malicious interference with an election?

If these men are guilty, they deserve to hang.
posted by Faint of Butt at 6:37 AM on March 24, 2009 [10 favorites]

As Bruce notes, the interesting thing is that this was the product of social engineering, not any sort of computer hackery. Of course, the nature of the electronic machines made the exploit possible - this is simply proof that when trying to secure a machine you need to take non-computer related security into account, also.
posted by cimbrog at 6:44 AM on March 24, 2009 [1 favorite]

Funny, I'm so far unable to find out what party these guys were in. You'd think one party or the other would be all over this... the partisan silence makes me think the conspirators might have been a mixed bag.
posted by Edgewise at 6:44 AM on March 24, 2009

I'm not fundamentally opposed to voting machines. But it is ironic that we spend so many billions on rigorously testing military technology in order to "protect our democracy", and pay little attention to the machines that actually provide that democracy. We need an end to trade secrets, we need open source, and we need a new federal department that co-operates with security experts to identify flaws in machines before they are put into use. Whether this is a rare instance or whether vote fraud is endemic, the fact that so many people now believe their vote may not count is itself poisonous to democracy.
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 6:47 AM on March 24, 2009 [8 favorites]

The 10-count indictment, unsealed Thursday, accused the defendants of a conspiracy from March 2002 until November 2006 that violated the Racketeering Influenced and Corrupt Organizations Act (RICO). RICO is a federal statute that prosecutors use to combat organized crime.

Not to be confused with the Department of Latin Lover Security.
posted by mannequito at 6:49 AM on March 24, 2009

This article says that the conspirators were republicans registered as democrats. Not that it really matters. Anyone doing this, regardless of political affiliation, should be hung.
posted by stavrogin at 6:50 AM on March 24, 2009 [4 favorites]

I can see why security researchers wouldn't bother to report a security flaw like the one used, it's so simple and "obvious" that most people would just consider it normal operation, especially since the machines can be configured without that 'feature' anyway.

Plus, most people wouldn't imagine that someone stealing an election would have the time or motivation (or ability) to hang around and manually 'correct' hundreds of votes.
posted by delmoi at 6:57 AM on March 24, 2009

Edgewise That seems rather doubtful. Election fraud, pretty much by definition, would need to involve the victory of one party over another, I can't really see a mixed partisan group doing this.

Clay County is a Republican stronghold, it went McCain by over 70% in 2008. I doubt you could even find Democratic election officials there.

My guess on why the silence WRT their party affiliation is a) they're Republicans and the media is terrified of identifying them as such because then the mean talk radio hosts will berate them for being liberal again, and b) it doesn't matter.

Clay County is solidly Republican, there's no point in fooling with the election results for national, or even statewide, elections, they'll go Republican even if the Democrats were running Jesus Christ as their candidate, results to the contrary would bring in an insane amount of media attention.

Per the article the conspirators were involved in election fraud for personal gain, which means they were likely working to get themselves or their buddies elected to local positions. Which means, given the voting history of Clay County, we're looking at an in party fight between Republicans. If the local Democratic party even bothered running anyone in Clay County it'd just be as a "hey, we still exist" type gesture, not out of any real expectation of victory. Again, a Democratic victory would pretty much automatically result in an investigation because no one in Clay County votes Democrat.

So, odds are that we aren't looking at a group of Republicans conspiring to deny a Democrat victory, or vice versa, but a group of Republicans conspiring to ensure that the *RIGHT* Republican wins.
posted by sotonohito at 6:58 AM on March 24, 2009 [2 favorites]

stavrogin: "Anyone doing this, regardless of political affiliation, should be hung."

Or "hanged".
posted by Joe Beese at 6:59 AM on March 24, 2009 [1 favorite]

Faint of Butt: "Is there any act more despicable, more treasonous, more of a direct attack upon the ideals of American democracy and everything it stands for, than deliberate and malicious interference with an election?"

I'd say voting fraud should be the worst crime in any democracy: it is a direct attack on the foundations from which a state derives its legitimization. If it cannot be proven conclusively that a voting system accurately reflects the will of the voters all the power derived from this voting process is simply not legitimate.
I don't remember that much from my civics classes, but we went through the German voting system in great detail, pointing out why every component of the free, equal, secret, general, and direct voting was essential; and most e-voting conflicts with at least three of those.

That said, this interface design seems catastrophically wrong - if there is an external component to be activated after giving the option to do a program-internal review that should definitely be the very last step. Adding an "are you sure?" after that seems like a colossally bad decision at best and a deliberate attempt at leaving this kind of loophole open at worst. I mean, who in the world wouldn't think you have voted after you pressed a big red button with "VOTE" on it?
posted by PontifexPrimus at 7:00 AM on March 24, 2009 [2 favorites]

And also, these guys were operating in 2002, before the voting machines had come in. So my guess is the amount of work they had to do actually increased. Before, all they would have had to do was fill out fake paper ballots, and pull out and destroy paper ballots they disagreed with.
posted by delmoi at 7:01 AM on March 24, 2009

Extortion.
Mail Fraud.
Obstruction of justice.
Conspiracy to injure voters' rights.
CONSPIRACY TO COMMIT VOTER FRAUD.

20 years? Normally I'm against imposing minimum sentencing guidelines, and against the death penalty. This is a situation where I could be convinced the opposite. This is treason, plain and simple.
posted by Lemurrhea at 7:02 AM on March 24, 2009

... it is ironic that we spend so many billions on rigorously testing military technology in order to "protect our democracy", and pay little attention to the machines that actually provide that democracy.

Anyone doing this, regardless of political affiliation, should be hung.

I'm against capital punishment and remain so in this case, but I do believe that they should be charged with treason. By it's stealthy nature, election fraud is at the top of the list of the most dangerous threats to our democracy.
posted by marsha56 at 7:03 AM on March 24, 2009 [1 favorite]

On non-preview,
Joe Beese, just picture these people hung up from meathooks by their feet like a piñata. Much more rewarding.
posted by Lemurrhea at 7:05 AM on March 24, 2009 [2 favorites]

That said, this interface design seems catastrophically wrong - if there is an external component to be activated after giving the option to do a program-internal review that should definitely be the very last step. Adding an "are you sure?" after that seems like a colossally bad decision at best and a deliberate attempt at leaving this kind of loophole open at worst. I mean, who in the world wouldn't think you have voted after you pressed a big red button with "VOTE" on it?

This is exactly it. All of the fears about these machines being hacked and it turns out the greatest security flaw was a piss poor user interface design. Computer security is about more than just the bits and bytes. They should have a contest to see who can scam the most votes out of a machine when testing these things.
posted by cimbrog at 7:13 AM on March 24, 2009

Kentucky Fraud Election. It's Voter Trickin' Good!
posted by Outlawyr at 7:26 AM on March 24, 2009 [2 favorites]

Adams donated $250 to the Republican Party of Kentucky on 9/10/04 (via OpenSecrets). I checked the others but they didn't show up. William Stivers (Baldrock, KY), Billy Morris (Madisonville, KY) and Deborah Morris (Lexington, KY) popped up, but those cities aren't in Clay County so I don't think it's the same people. The first two are from '96 and '00 respectively though, so there's a chance they moved to Clay County afterwards.
posted by jwells at 7:31 AM on March 24, 2009

Joe Beese, just picture these people hung up from meathooks by their feet like a piñata. Much more rewarding.

For that, I'd have to say "hung up" or "hung by their feet" or something. "Hung" with no preposition and no object is pretty much unambiguously about dick size in my dialect.

I get that this is pedantic, but I'm also a sucker for dick jokes, so it all sort of evens out.
posted by nebulawindphone at 7:31 AM on March 24, 2009

In the elections I've voted in, using paper ballots, there have been observers present at the poll from each of the parties. Their job is to make sure there's no funny business by the poll workers, keep track of ballot boxes to make sure none have gone missing or been tampered with, and so on.

Now I'd never expect these volunteer observers to be able to determine that an electronic voting machine is operating correctly and hasn't been tampered with (which is a pretty strong argument against using such machines, but never mind).

But wouldn't they notice something like poll workers going over and fiddling with the machine after every voter left? Perhaps they don't do the observer thing in Kentucky, or if they do perhaps there's a reason this wasn't noticed at the time? I'm just curious why this could happen so easily. Mainly so if somebody wants to implement the same kind of system here, I know what to watch out for.
posted by FishBike at 7:38 AM on March 24, 2009

Even more unsettling is the fact that none of the published security analyses of the iVotronic -- including the one we did at Penn -- had noticed the user interface weakness. The first people to have discovered this flaw, it seems, didn't publish or report it. Instead, they kept it to themselves and used it to steal votes.

This is something to keep in mind. Despite security experts pouring over the machine and discovering numerous weakness, the weakness exploited was (a) one they didn't find, and (b) much simpler than the ones they found.

No matter how secure you think you make something, there is always a way to defeat the security. We could go back to paper ballots and you'd have to worry about people pre-stuffing boxes with filled-out ballots. You could use ink and thumbprints, until you discover that hundreds of ballots were filled out with the same thumb severed from a cadaver.

The votes have to be counted. Someone or something had to do the counting. There are literally an infinite number of ways to compromise people or machines.
posted by Pastabagel at 7:39 AM on March 24, 2009

But wouldn't they notice something like poll workers going over and fiddling with the machine after every voter left? Perhaps they don't do the observer thing in Kentucky, or if they do perhaps there's a reason this wasn't noticed at the time?

Maybe that's why, as the Brad Blog link Stavrogin cited upthread discusses, some of the parties to the conspiracy appeared to be known Republican supporters who were registered as Democrats.

I know in many places, the rule is that there have to be observers from both parties on hand at the polling site.

So if you got your guys to register as members of the other party, then appointed them to be election observers, voila! On paper, you'd have all the observers you needed to meet the letter of the law, without every being haunted by the spirit of the law.
posted by saulgoodman at 7:54 AM on March 24, 2009 [1 favorite]

I mean, who in the world wouldn't think you have voted after you pressed a big red button with "VOTE" on it?

It's hard to say without knowing the details of the system. Considering they shipped both with and without the extra step, created different demos and whatnot they obviously made the change on purpose, so there must have been some reason. It's possible that people were pressing VOTE after their first selection, incorrectly assuming that they had to press vote many times during the process.
posted by burnmp3s at 8:20 AM on March 24, 2009

Before, all they would have had to do was fill out fake paper ballots, and pull out and destroy paper ballots they disagreed with.

Clay County probably wasn't using paper before these, either. Most likely had the big old mechanical machines - fraud in the mountains typically goes in with the absentee votes, which are paper and mailed in. This was probably much easier and cheaper than buying the votes and getting people registered absentee and then "helping" them fill out their ballots.

Election fraud and vote buying are pretty run of the mill in the rural parts of this state, always have been. Coverage in the state has made no mention of the electronic angle, makes it sound more like the usual stuff. I didn't read the indictment, but it's available in the article I just linked.
posted by dilettante at 8:28 AM on March 24, 2009

but I'm also a sucker for dick jokes,

Really?
posted by notreally at 8:43 AM on March 24, 2009 [1 favorite]

Clay County is a Republican stronghold, it went McCain by over 70% in 2008. I doubt you could even find Democratic election officials there.

That might be true in this case, but that's still not a really good bet in the rural south. Plenty of counties that vote heavily Republican for federal offices but where nearly everyone is still registered Democratic because the local machine still has that name.
posted by ROU_Xenophobe at 8:49 AM on March 24, 2009

Really?
posted by notreally

Heh.
posted by shakespeherian at 9:09 AM on March 24, 2009 [1 favorite]

I can always count of Metafilter to find something that makes me incredibly angry.

The way I figure it, if I can get mad enough, I'll never die. I'll just subsist off my incredible rage for hundreds of years, like some kind of wraith. I'll probably have to, once the stress wears out my heart.
posted by JHarris at 9:12 AM on March 24, 2009

When a misled voter would leave the machine with the extra "confirm vote" screen still displayed, a pollworker would quietly "correct" the not-yet-finalized ballot before casting it.

This is a great example of why a paper receipt printed on the voting machine is important. It's much less ambiguous whether your vote was recorded if the machine gives you some explicit confirmation the vote was registered.
posted by Nelson at 9:43 AM on March 24, 2009

I was looking for some glowing review of Linux-based open source voting machines somewhere in South America, but only came up with stories of 2% of the votes lost in a Finnish E-Voting System (Oct. 2008), and questionable closed-source systems in Brazil (Oct. 2006). Drat.
posted by filthy light thief at 10:09 AM on March 24, 2009

All of the fears about these machines being hacked and it turns out the greatest security flaw was a piss poor user interface design. Computer security is about more than just the bits and bytes. They should have a contest to see who can scam the most votes out of a machine when testing these things.

Actually, the biggest issue with almost every single flaw found in these electronic election breakers is not that there are "security flaws" that allow someone to "hack" the election, it's that they are designed SO POORLY that they seem like downright deliberate attempts to undermine their own structure, and allow anyone with the slightest inclination to invalidate the entire database by blowing gently on the screen. It's like every iteration of the software and hardware is a race to see who can make election fraud the most user friendly experience available.
posted by FatherDagon at 10:17 AM on March 24, 2009 [1 favorite]

I've totally got to get one of those Kentucky Colonel outfits.
posted by Artw at 11:24 AM on March 24, 2009

So if you got your guys to register as members of the other party, then appointed them to be election observers, voila! On paper, you'd have all the observers you needed to meet the letter of the law, without every being haunted by the spirit of the law.

No, it's harder than that, or at least it's harder in Canada. Scrutineers are appointed by the candidates. It's not enough to be a member of the party actually has to have placed trust in you personally.
posted by justsomebodythatyouusedtoknow at 12:18 PM on March 24, 2009

"Anyone doing this, regardless of political affiliation, should be hung."

Unless their party affiliation is "anarchist."

Just sayin'. Power to the people and all.
posted by Eideteker at 12:37 PM on March 24, 2009

What The Kentucky?

"I do solemnly swear that I will support the Constitution of the United States and the Constitution of this Commonwealth, and be faithful and true to the Commonwealth of Kentucky so long as I continue to be a citizen thereof, and that I will faithfully execute, to the best of my ability, the office of Governor according to law; and I do further solemnly swear that since the adoption of the present Constitution, I, being a citizen of this state, have not fought a duel with deadly weapons within this state, nor out of it, nor have I sent or accepted a challenge to fight a duel with deadly weapons, nor have I acted as second in carrying a challenge, nor aided or assisted any person thus offending, so help me God."
posted by phoque at 7:39 PM on March 24, 2009