How to Rig an Election with Technology
Posted: Mon Nov 18, 2024 3:38 am
Suppose there are 7 ballots put into the mail, with 4 votes for Candidate A and 3 votes for candidate B.
1:A, 2:B, 3:A, 4:A, 5:B, 6:B, 7:A
Now let's pretend we are cheating to get Candidate B elected by altering the vote counts.
Late at night at the post office we scan the envelopes with either a far-IR scanner (like millimeter airport scanners that see through clothes), UVC, or near X-ray with optimized wavelength to read the votes inside without opening envelopes. We shred ballot 7 which was a vote for A. Cameras are turned off, and hopefully that day's footage is overwritten before anybody checks the video footage.
The other 6 envelopes are delivered to the polling place. Now the voter of ballot 7 may notice their vote was not recorded, but we can say we were busy and create delivery chaos in the mail system.
We've also bribed programmers of the voting machines in the building (90% in USA are from 3 companies). The day before the election the machines behave honestly during the pre-election test where people clap and have a warm feeling inside while celebrating the democratic republic, but on election day they switch to become dishonest. (Much like the Volkswagen emissions scandal.)
Stored inside the voting machines and the auditing software is malicious code with identical copies of this randomly-generated array and a random variable or constant.
bool random_alterations[6] = {1,0,0,1,0,1}; // Add 1 to indices. 0-5 becomes 1-6.
uint8_t non_rigged_batch = 2;
If the auditing software is open-source, then we download the source code, insert our malicious code, compile, and install on a computer for election officials because the opposing party won't bother with checksum hashes and digital signatures, right? And if there's only 1 signature to check, then we can bribe that 1 person or hack their computer. We know that batch 2 will get a hand recount because we altered the code. This same method could also be done with precinct recounts.
Now the ballots arrive at the polling place and are randomly sorted into 3 batches:
Batch 1 is 3:A 2:B
Batch 2 is 1:A 5:B
Batch 3 is 4:A 6:B
The machines do not alter batch 2 in order to pass the "random" hand recount as part of the audit process. For batch 1 and batch 3, the machine checks the random_alterations array. Indices 0-5 correspond to ballots 1-6 because us humans like to start counting at 1. The one's mean alter A votes to B votes or leave B votes unaltered. The zero's mean no alterations. Ballot 4 is changed from A to B, so we get this altered data set:
1:A, 2:B, 3:A, 4:B, 5:B, 6:B
Results are 2 votes for A and 4 votes for B. Candidate B wins! And on a larger scale, the randomization of the decisions would not produce statistical anomalies, much like the 1-time pad method of encryption.
If election laws require switching machines for machine recounts, that doesn't matter because all machines in the building have the same malicious code and produce identical alterations. Machine recounts are perfect!
Now where we run into trouble is if the hand recounts are truly random such as rolling a 6-sided die and dividing by 2. If somebody rolls a 6 that means batch 3 would be hand-counted. Uh oh, that's a problem for us. We altered ballot 4 in batch 3. So how do we get around this? Well we can take inspiration from the Bernie Madoff scam. He created fake portfolios for his clients, but because they couldn't access his business records or see other clients' portfolios, they didn't have enough information to see that the data was falsified. When an election volunteer counts batch 3 they see 1 vote for A and 1 vote for B. Then the elections official logs into the voting software which displays 1 vote for A and 1 vote for B, even though it counted 2 votes for B in the results calculation. Ideally, we never export the entire data set to be viewed as a spreadsheet in any other software like Excel or Libre Office. But if we are required to export a CSV file, then we cross our fingers and hope nobody checks ballot 4 or batch 3 in the spreadsheet.
These cheating methods do not require any communication between machines or computers.
Thoughts? Could these things happen?
1:A, 2:B, 3:A, 4:A, 5:B, 6:B, 7:A
Now let's pretend we are cheating to get Candidate B elected by altering the vote counts.
Late at night at the post office we scan the envelopes with either a far-IR scanner (like millimeter airport scanners that see through clothes), UVC, or near X-ray with optimized wavelength to read the votes inside without opening envelopes. We shred ballot 7 which was a vote for A. Cameras are turned off, and hopefully that day's footage is overwritten before anybody checks the video footage.
The other 6 envelopes are delivered to the polling place. Now the voter of ballot 7 may notice their vote was not recorded, but we can say we were busy and create delivery chaos in the mail system.
We've also bribed programmers of the voting machines in the building (90% in USA are from 3 companies). The day before the election the machines behave honestly during the pre-election test where people clap and have a warm feeling inside while celebrating the democratic republic, but on election day they switch to become dishonest. (Much like the Volkswagen emissions scandal.)
Stored inside the voting machines and the auditing software is malicious code with identical copies of this randomly-generated array and a random variable or constant.
bool random_alterations[6] = {1,0,0,1,0,1}; // Add 1 to indices. 0-5 becomes 1-6.
uint8_t non_rigged_batch = 2;
If the auditing software is open-source, then we download the source code, insert our malicious code, compile, and install on a computer for election officials because the opposing party won't bother with checksum hashes and digital signatures, right? And if there's only 1 signature to check, then we can bribe that 1 person or hack their computer. We know that batch 2 will get a hand recount because we altered the code. This same method could also be done with precinct recounts.
Now the ballots arrive at the polling place and are randomly sorted into 3 batches:
Batch 1 is 3:A 2:B
Batch 2 is 1:A 5:B
Batch 3 is 4:A 6:B
The machines do not alter batch 2 in order to pass the "random" hand recount as part of the audit process. For batch 1 and batch 3, the machine checks the random_alterations array. Indices 0-5 correspond to ballots 1-6 because us humans like to start counting at 1. The one's mean alter A votes to B votes or leave B votes unaltered. The zero's mean no alterations. Ballot 4 is changed from A to B, so we get this altered data set:
1:A, 2:B, 3:A, 4:B, 5:B, 6:B
Results are 2 votes for A and 4 votes for B. Candidate B wins! And on a larger scale, the randomization of the decisions would not produce statistical anomalies, much like the 1-time pad method of encryption.
If election laws require switching machines for machine recounts, that doesn't matter because all machines in the building have the same malicious code and produce identical alterations. Machine recounts are perfect!
Now where we run into trouble is if the hand recounts are truly random such as rolling a 6-sided die and dividing by 2. If somebody rolls a 6 that means batch 3 would be hand-counted. Uh oh, that's a problem for us. We altered ballot 4 in batch 3. So how do we get around this? Well we can take inspiration from the Bernie Madoff scam. He created fake portfolios for his clients, but because they couldn't access his business records or see other clients' portfolios, they didn't have enough information to see that the data was falsified. When an election volunteer counts batch 3 they see 1 vote for A and 1 vote for B. Then the elections official logs into the voting software which displays 1 vote for A and 1 vote for B, even though it counted 2 votes for B in the results calculation. Ideally, we never export the entire data set to be viewed as a spreadsheet in any other software like Excel or Libre Office. But if we are required to export a CSV file, then we cross our fingers and hope nobody checks ballot 4 or batch 3 in the spreadsheet.
These cheating methods do not require any communication between machines or computers.
Thoughts? Could these things happen?