Dominion Voting Machines, Insecure by Design – by Francis Turner
Sufficiently advanced incompetence is indistinguishable from malice
Required reading for all Dominion engineers and product managers
I have, from time to time, been interested in the question of trust in voting machines and processes. That goes all the way back to the early 2000s and the sloppy Diebold machines in use then. At that time it was notable that Diebold, who also made (make?) ATMs, seemed to have invested a lot more time and effort into making their ATMs secure than making their voting machines secure.
Well anyway there’s only so many hours in a day and only so much outrage I can summon up for sloppy work so I moved on to other things like glowball worming. Anyway given the US 2020 elections and now the 2022 elections have been rife with allegations of vote rigging and other shenanigans I’ve started to renew my interest in the current state of the art.
The bad news up front
Dominion’s 2020 era voting systems and infrastructure are, if anything, easier to hack than Diebold’s 2000 era ones. To that end, despite Dominion settling with Fox for $megabuck$, it seems likely that Dominion is in fact guilty of making systems that have design choices that seem to be deliberately chosen to make fraud easy and then not testing to see if there were possible problems let alone making any attempt to fix them. Then, to add insult to injury, they have created machines that implement these poor design choices that are easy to hijack. Finally, needless to say, they have relied on “security via obscurity” and what a British politician called “being economical with the acualité” to disguise these design choices.
That’s what I get from the analysis by Professor Alex Halderman into the Dominion systems used in Georgia
Your vote is this QR code. Or is it?
Let me start with the most basic. In Georgia always, in other states under certain circumstances, voters use a machine to make select their voting choices and these choices are then printed onto a paper ballot that is then sent to another machine for counting. That ballot has a QR code (the box of dots like the one above) which contains the choices the voter made and some checksum for integrity. That QR code cannot be read easily by the voter (you don’t just need a smartphone with a QR code reader, you need some special software to read it and then you need to be able to map the docoded output to your choices) so the machine also prints a human readable version. However there is no checking anywhere that the QR code corresponds to the human readable version and the QR code is what the voting tabulators use to count.
Does the QR code match the text? how can you tell?
Halderman’s report notes both that it would be easy to have the QR code be different to the human readable part because there are no audits done that check that they correspond and that it would also be easy to change the output of both the QR code and the human readable print out on the assumption that most people will not check the print out.
The first case requires special audit equipment to detect and you would need to be very sure that you could actually trust that equipment so getting it from Dominion would be contra-indicated. The latter case would make it impossible to detect vote rigging via audit if the voter failed to raise the alarm at the polling station.
If you look at the sample above the human readable printout does not seem like a model of clarity (all the extra “vote for”s which add verbiage without adding clarity for example) making it easier to hide a fraudulent entry. Of course voters are likely to check the top of the ballot (i.e. their presidential vote) so changing that might be risky, but changing the votes lower down in the more obscure county level races is much more likely to escape notice. You have to wonder why they made it hard to read.
But that’s not all. Similar QR codes seem to be generated by other voting methods too such as the vote by mail web app which voters then have to print out themselves and mail to the county. What this means is that the 2000 mules sort of vote by mail fraud is made extremely easy.
And it gets worse.
Despite claims that the QR code data is encrypted, it isn’t. Once you know the proprietary format you can decode the data and see what choices the voter made. But wait there’s more. There is a checksum created using a shared key to detect accidental tampering/misprints etc. but that shared key turns out to be very easy to obtain and each vote from a particular county (or possibly multiple counties or part of a county depending on implementation) is indistinguishable from any other vote from that county/region no matter which voting machine (or vote by mail method) was used.
The consequences of a lack of encryption or serial number
This makes printing a few thousand additional votes very, very easy and almost impossible to catch. Halderman discusses a number of ways to modify or print additional votes including sticking a raspberry pi in the printer, but these are kind of incidental, the key point is that there is a clear weakness in the vote printing process that can be exploited in all sorts of ways; these ways would be hard to detect and once detected it would be impossible to detect which ballots where illegitimate so the only recourse would be to run the election again.
Moreover, as he explains later, in the tabulator (ImageCast Precinct or ICP) the scanned images of the votes counted are stored. Gaining access to the tabulator (running an embedded linux version dating from 2007!) means you can simply edit the counts and put the correct number of images in the directory to match. Short of hand checking all the actual print outs with all of the images the machine has stored it is impossible to confirm that the machine’s tally is correct. The only way to detect that the tabulator is lying is to build your own trusted one and rescan all the ballots.
Halderman did not spend much time looking at the tabulator but he identified that the tamper evident shields to block access to USB and Ethernet ports seemed to be easy to bypass in the unit he was provided with. What he doesn’t directly point out is that if an authorized person opens up the machine and installs malware the tamper evident seal can easily be replaced by another one. Even better, if the malware install is part of a scheduled firmware update the tamper evident seal is completely pointless because there need be no detectable difference between a USB stick containing a legitimate firmware update and one containing malware.
In summary
This design choice, with a machine readable QR code that is not readable by a human, seems to be a deliberate choice to make voter self-validation hard. The lack of public/private key encryption and a unique serial number per vote makes adding or replacing votes completely untrackable once they have been inserted into the system somehow because there is no audit trail possible.
The CEO of Dominion recently whined to TIME that even though Fox settled rather than going to trial, Dominion was likely to go out of business because their brand was irredeemably tarnished. I found this quote from the article to be deeply ironic:
As for Dominion’s future, Poulos is taking it one day at a time. The company is still focused on providing trusted voting systems to clients, with Poulos emphasizing that Americans do not have to trust Dominion blindly because of its commitment to transparency and its existing capability of producing paper ballots. But that defense may come too late.
Given the design decisions it made I find it hard to read “Americans do not have to trust Dominion blindly because of its commitment to transparency ” without laughing. The QR code is anything but transparent to the voter while being exceedingly transparent to the knowledgeable fraudster and the lack of easily verifiable audit trail is disturbing if you assume that the company wanted to make a “transparent” and trustworthy system.
The interesting questions though are
- whether the sub-optimal design choices were made from incompetence or malice?
- how many other voting solutions are as bad?
So how would you fix it?
I thought about ending the post there, but then I figured that opens me up to the charge of complaining without coming up with an alternate solution.
So what would I do instead. Obviously junk the QR code. But more importantly I’d want to come up with a system that allowed for a couple of basic validation checks
First voters have to be able to read what the machine outputs and confirm that it is what they voted for. That means no QR code. It also means a form with a more easy to understand output. Something like this:
| Race | Choice |
|---|---|
| President of USA | Donald J Trump (Rep) |
| US Senator | Fred J Dumbo (Dem) |
| … | … |
| County Dog Catcher | John X Smith(Ind) |
| … | … |
| Proposition 301 (open carry of bazookas) | FOR |
| Voting Machine Details | Silly County, Super High School, Machine 12 |
| Pub Key | AAAAB3NzaC1yc2EAAAADAQABAAABAQC6xg7 GxlqxAEM6z52vdPOUsdAncbaq/86Jy TO4Fk79pvTzK5pB6XSNiZyF6ny9GEH dHWTEdqcCUKxHvcwkv6FtWMlTBOr /kJux8R29G6q0zxKsFULf30axzs6m7i5ELZKkIhVnn/ |
| Date & Time | November 5, 2023, 11:23 AM |
| Checksum | qw345GRTqwjhdguyUYI098736HWOhbasdfoh |
The Checksum would be the data of all the other fields encrypted using the private key that is the pair to the public key in the document. The tabulator and any auditor could use the public key to decrypt the checksum and confirm that it matched the ballot.
Since no ballot could be made at the same time from the same machine the checksums would be almost certainly unique (there is a very slight chance of a collision but it’s extremely small) and in the case of a collision it would be possible to decrypt the two checksums with the different keys to confirm that they were in fact unique.
The private/public key pair would be created on the voting machine in a secure subsystem that would never reveal the private key but would encrypt anything passed to it with that key (this is a standard piece of hardware). In order to make some attacks difficult I suspect the secure subsystem would need its own clock and it would need to print out the date / time when it made an encryption as well as, of course, using that date/time as part of the data encrypted. That would make it easy to detect anomalously fast voting.
This checksum would absolutely stop the replay and copy attacks that the Dominion system allows. The human visible table allows the voter to do verification and in fact the voter could be given a copy of the checksum (and public key) so that if desired the voter can confirm on a different machine that the votes were cast as intended.
By doing this it becomes possible to create an auditable system that is much harder to fraud. There is probably a way to make it work for mail in ballots too (a browser session or smartphone app would create the page which could then be printed off and mailed back) and in fact it might allow for remote electronic voting because all that happens in that case is that the app prints off the vote in a central precinct instead of at the voters computer.
There may well be additional lacunae that I haven’t thought of. I can see, for example, that the desire for a private confirmation number would make it possible for others to see how you had voted (great for audits, not great in terms of voting privacy/secret ballots) and I’m not entirely sure how to fix that – though I guess making keeping the number optional would do. Perhaps an abbreviated “Proof of voting” checksum could be created that didn’t include all your votes.
According To Hoyt 
We were able to do timely voting on physical paper ballots in earlier eras. While such have their own issues, it is fairly easy to reconcile headcount versus ballot count, thus spotting shenanigans.
Noteworthy to 2000, the maker of the Florida puch-card system stated categoricly that the only way to get hanging/partial/dimpled chads is to punch multiple simultaneous ballots.
In other words. Shenanigans. Every dimpled/hanging/swinging chad was a cheater at work.
Hmmmmmm.
I wasn’t sure it was cheating, but I had the unfortunate experience to be behind a voter who likely had dementia. (Several years ago in Silly Valley.) Not sure how he did it, but he managed to feed the card in the jig in such a way that the entire thing was jammed. This after spending 3 X the time that a more, er, capable voter would need. Finally another booth opened up and I could vote.
Not that it did much good; very blue city and very blue county. The obvious election interference was a quiet warning to potential donors for an R candidate: “If you give money to Bob in this election, forget doing any business with government.” Not sure about other fraudulent bits, though the extra box-o-ballots trick would have been easy.
That’s how you win those statewide offices. A box here, and a box there, and Democrats take the Senate.
https://www.washingtontimes.com/news/2017/sep/7/voter-fraud-alert-over-5000-new-hampshire-presiden/
Yeah, that system sucks. Same day registration ballots should be set aside and not counted until the alleged voter provides the correct bona fides. On the other hand, here in Barrington, the number of registered Republicans and Democrats are about even. However, the Democrats come out to vote more than the GOP by 2 to 1.
I have experI have experience with that from the People’s Democratic Republic of Illinois.
DNR employee told to take out a (D) primary registration if he wanted that promotion.
No idea how they knew, but not terribly suprised, either.ien
I used those Florida punch card machines for many years. The maker’s assertion is wrong.
I’ve had a hanging chad when voting with them. I picked it off before scanning the card. The directions on each machine (and the scanner) tell you to check your ballot for punches that don’t go all the way through.
You can get a dimpled chad if the precinct never empties the chad tray so your attempted punch is blocked by the pile of chads underneath.
That said, it was a very good system when people followed directions, not so good when those directions were ignored.
Should there be a “not” in there?
missing words at ATH??!! Incon—–
nevermind
NEVAH
yeah. I fixed a bunch of typos but missed that dammit
then NOT testing
fixed. Sorry it took so long, was in panels.
I have always liked the “Fill in the bubble” in person ballets with, with local, *hand counting x 2, on the hour. With a 3rd validation count after voting ended.
Pull the ballots in the box on the hour. Count them (two people). Hand off to another two people for second count. Procedures if the two counts do not match. If do match go into final ballot box, bound as hourly tallied bunch, tally the common count. After end of voting day. Final hour count. Total hourly counts, with validation. Report preliminary total count. Take all ballots, recount. Compare to hourly summary. If match report final count. If don’t match figure out WHY don’t match. That means double checking against hourly counts (remember they’ve been bundled together). Double checking summary math (which these days had better have been both hand (calculator) and spreadsheet. Odds of the last having to have be done should be minimal. Otherwise possible shenanigans occurred (incompetency possible but low percentage).
No non human counting machines required.
All counting and transport must be in the presence of the candidates or their designated representatives. If any representative is removed for anything excepts actual physical violence or interference, that race must be re-voted on the designated day for the runoff.
100%
Oh. And only-can-fade-can’t wash off, purple ink on one finger, choice of voter. If can’t get to voting poll area, must be: Military (then where posted sets up appropriate voting location), otherwise no excuse. After all it isn’t like voting day isn’t published well in advance. Not even against multiday voting – see purple stained finger.
If we had an actually useful State Dept., they would set up polling places in the various U.S. embassies and consulates around the world for those like me who are not military yet live and work overseas. Show up in person, verify ID, consulate employee prints out a PDF of your blank ballot and you fill it in. The filled-in ballots are scanned and sent by Internet (plenty of ways to do that securely) to a counting station in the US, which can check the digital signature to make sure they came from a legit State Dept. office, and the physical ballots are sent via courier to be compared to the scans a week later. That way the person counting the votes is not the same person as the employee who just handed you the ballot, so they don’t know that this ballot came from Robin Munn — but they do know that it came from a voter whose photo ID was verified. And there are physical ballots to use in any recount, which were printed on watermarked stock that would be hard for a cheater to get hold of. (Not impossible, especially if employees are in on the cheating, but narrows the search for the culprit considerably, and most importantly, prevents the “thousand photocopies of this ballot whose votes I like” approach that the Dominion machines allow).
Anyway, I don’t think I’ll ever get to cast a ballot while having my photo ID verified unless I happen to be in the US in November. Because the fundamental requirement of all this is a useful State Dept. that actually cares about the interests of U.S. citizens living abroad. Which is not what we have now.
I’m recalling gallows humor jokes in old Tom Clancy novels lamenting that the State Department should have a USA desk. One wonders when the State Department actually gave a tinker’s damn about the interests of US citizens, whether in country or abroad.
(One suspects it might predate the phrase “tinker’s damn”. #sigh )
you think they verify ID here?
not a chance.
YEP!
AND every single ballot with an unique serial number. With serial number ranges tracked when dropped off and when collected for auditing reasons. Got a ballot outside the range for that location; shenanigans.
c4c
I think that one problem for mail-in or remote ballots using this system is that there is no way to verify that the person mailing in the ballot is the actual voter, and not somebody with access to the voter’s credentials. So I could see a major fraud operation using mail-in or remote voting for people who are not very likely to actually vote.
/dryly
Not like that ain’t happening now.
There should be no mail in ballots except for the military, period.
I fully agree. Also, election day should be a paid holiday so that everyone has the time to go vote in person. No early voting – one day and done. For those who have to work (fire, police, medical, etc.), require that they have a solid 4-hour block of free time while the polls are open so they can vote. Proof of citizenship required to register to vote, and ID required to vote. Purple finger to show that they’ve voted. No unreadable symbols on ballots (QR codes or otherwise), paper ballot printouts human-readable markings, no network connections on voting machines or ballot scanners, auditable source code for the machines and verifiable software versions installed on them.
It’s sad that we’ve come to this, but drastic steps are needed to restore trust in the ballot.
No holiday, just keep the polls open for 12 hours, minimum. If anybody can’t drag their lazy ass to the poll sometime during the day or evening, voting is obviously not very important to them.
Besides, missing one election is not that great a hardship. Vote in the next one. There is no need for ‘same day registration’. Anybody too lazy or too stupid to register a reasonable time before this election has to wait for the next one. If they’re Massholes voting illegally in New Hampshire, they don’t deserve to vote at all.
———————————
Why do ‘progressives’ assume that their anointed Victim Groups are too stupid to fill out the same simple paperwork as everybody else?
Well, as Robin noted, people working overseas.
Also no early ballots (except, obviously for the ones noted). Unless you go to the Clerk’s Office or whatever and execute an affidavit that you cannot be there.
(There are times you cannot. We didn’t do an affidavit, but we did have to early vote one year – Mom died October 28th, and it was a year that Election Day was November 2nd. Burial was in Kansas on that day.)
I have never voted in a situation where my vote was counted at the physical voting location. Granted, the first time, (1972!) I was a student at the U of Redacted, and the local PTB were adamant that undergrads should not be allowed residence in the city, so it was absentee.
California used punch cards, but through 2002, you voted and the ballots were sent to some other location to be scanned/spindled/mutilated/mixed with box-o-ballots.
Oregon had vote-fraud by mail since the 1990s. Locally, scanning seems to be at the county level, since we don’t have that many people in the county. Haven’t seen evidence of shenanigans at the county; that seems to be a NW Oregon specialty. OTOH, it wouldn’t take much to corrupt the system locally.
Why would the low population counties bother to fraud? Even if they in-your-face-fraud to 100% against what TPTB want, there isn’t enough population in the county to offset Portland metro decide what they want. The only way to potentially even it out is to have votes based on representation VS pure democracy. Which based on the makeup of the state house and senate percentage won’t help anyway (OTOH there would be no reason for Portland metro counties to fraud, except that, at this point, they cannot not fraud.)
We have what you want here in Williamson County Texas. You vote on a tablet. It then prints out a ballot that is booth human and machine readable. Just like your example.
In a close election hand counts are possible.
Are all the votes, including mail-in, verified for signature? Are all unverified votes, including challenged votes, strictly segregated until they are verified?
I didn’t bother to read your solution because it involves using computers in elections. No type of digital equipment should be used in elections whatsoever, including ballot scanners. Elections must fulfill two requirements to be successful. They require complete anonymity of the ballot and that the overwhelming majority believe that they can trust the outcome. Computers make the last requirement impossible. I’ve been in the IT field for over 40 years and have a masters in information assurance and experience has shown me that if something can go wrong it will and that there is always another avenue of attack.
Here is a short video on why elections and computers don’t mix.
Speaking of coups …. Russia, maybe, possibly, now? Rumour and innuendo at the moment,
Short, victorious wars do often end that way,
Estimates are they’ve lost more guys than they did in Afcrapistan. Which is what brought down the mighty, invincible Soviet Union.
In the spring, the mud in Ukraine is -deep-.
So … Looks as though Wagner are trying to march toward Moscow along with a GPU brigade. mercenaries and interior troops that’d never happen here. …. yeah. So. The word is they’re fighting against militia at the moment, which must suck for the militia. No one seems to know what’s happening and my Russian language source tells me that they’ve shut down social media in Russia.
Russia being a riddle inside an enigma, who knows what’s actually going on, but I can’t believe that putting Wagner in charge would be a good thing.
It’s all very odd,
Maybe they are, and maybe they aren’t. Something is definitely happening, but for all we know that something is a pretext to break up Wagner. It seems very unlikely that Wagner could do anything without air cover, something that Wagner should be aware of (courtesy of the US in Syria…).
Going into wait and see mode for now.
Word is that Putin is headed for a bunker and about to address the nation. ???
There’s been word about social media blocking, police being “called up” to gather together in their local cities, and similar stuff. So yeah, something’s going on.
No idea what, though. And I’m not sure that I’ll trust anything Putin or the head of Wagner say without some sort of solid evidence supporting the statement in question.
Is poor Vladdy having a bad day? So sad. 😦
Peter Zeihan just noted that anywhere outside of the former Soviet Union where there’s a Russian troop presence, it’s actually Wagner. Which means that Russia’s entire international military presence (outside of the former USSR) is now part of a rebellion against Putin.
American Public: “Hey! Politicians! The voting system is on fire!”
Politicians: “There’s no evidence of that.”
American Public: “But all that smoke! All those flames!”
Politicians: “You call that evidence?”
I don’t know if there was, or was not cheating in the 2020 election. But I do see smoke and flames. So does everyone else, whether they admit it or not. And that’s a matter of public trust in government. Public trust in elections is why the voting systems must be thoroughly investigated. Many think that’s happened. It hasn’t.
I think there at least two main reasons for resisting such investigations. (1) cheaters covering their tracks. In Georgia was one of them – to swing the states electoral votes. Georgia was decided by less than 12,000 votes out of 5 million cast. A thorough investigation is needed to prove definitively whether the system worked , or if it didn’t. Not to investigate smacks of the intent to deceive. And (2) the resistance to investigate is itself suspicious. Does it come from lazy bureaucrats who seem to resist for a living? Or from cheaters desperate to cover their crime? Either way, the status quo is unacceptable for the country because it hangs over the next election like a modern sword of Damocles.
There was massive cheating in the 2020 elections. Or else there were mathematical impossibilities so large that they’re the equivalent of the multiplication of the loaves and fish.
As the International Lord Of Hate put it: “There’s statistically improbable, and then there’s ‘violates the fundamental principles of the universe’ improbable.”
yep.
eighty one million votes my ass.
I could believe President Trump got 81 million votes. I have a hard time believing the Zombie Puppet and the Cackling Harpy got more than 60 million.
yep.
In other words, they are saying
“Won’t you rubes please Boog -now- ?”
actually no. They don’t expect us to boog. They did for a while. Now they think they got away with it.
They have. Because they will get to do exactly what they want to do.
The Arizona election was decided by less than the proven ‘anomalous’ votes found in Maricopa County alone. Boxes of mystery ballots appeared in the middle of the night in Philadelphia. Right after the election, they were ‘missing’ from the warehouse where they are supposed to be securely stored for 2 years.
When vice-FICUS Harris visited Guatemala to ‘get to the root of the immigration crisis’ a large group of protesters held up a banner: TRUMP WON
In Guatemala! Lemme tell ya, when folks in Guatemala laugh at your crooked elections, you got problems.
———————————
Statistically, the Democrats should elect at least a dozen dead Congresscritters to represent all their dead voters!
Larry Correia showed how much fuckery was afoot.
https://monsterhunternation.com/2020/11/05/the-2020-election-fuckery-is-afoot/
From the column above: “This is going to the courts.”
Except that every time it went to the courts, including SCOTUS under John “Taney 2.0” Roberts, they didn’t even look at the evidence. They found some BS process reason to keep from looking at it.
https://monsterhunternation.com/2020/11/09/election-2020-the-more-fuckery-update/
“But after this audacious fuckery? If they can pull off this level of blatant, clumsy, in your face bullshit and get away with it, no amount of regular votes will ever matter again. Even if we overcome Big Tech and the media controlling most information and get more people on our side, they’ll just stop the count when we are too far ahead and make more votes appear until they win. Then the media and Big Tech will declare nothing weird happened. Shut up.”
And this is why I haven’t slept very well for three years Because — note this is not incitement, it’s prediction — when you do this kind of thing, sooner or later a reset is coming.
The idiots in charge can’t see or feel the reset. They’re clumsy and dumb as f*ck. But I CAN and I have children and ducttape grandchildren, and hope to have blood grandchildren. Reset at any time is going to hurt them. Oh, me too, but them most of all.
I don’t want the violence. It’s what’s hurting me back. Me and a lot of others.
BUT that blatant? It’s coming. The longer it takes the worse it will be.
May G-d save the United States of America. It’s our only hope.
Courts seem to be innumerate and cautious.
Which seems to amount to ‘look corrupt as hockeysticks’/
Which is why essential questions of freedom vs slavery aren’t settled in courtrooms.
The Justices are not stupid. A mere rumor that SCOTUS might overturn Roe v Wade, caused unruly demonstrations and threats from people who are known to use violence. Now imagine how much worse it would be if the Left’s whole fraudulent power structure was threatened. Maybe the Justices just decided that election fraud was not the hill they were willing to die on.
The law and the Constitution comprise the hill they swore their oaths to die on. Fraudulent elections make a dead letter of the law and the Constitution. If they’re not willing to take a stand against election fraud, nothing else they do has any meaning.
———————————
Negotiating with an enemy that can’t be trusted is just plain stupid.
Because people elected by fraud have no reason to fear the voting public. As we have proof daily.
The live in gibbering terror of the armed public, though. As they demonstrate daily.
Yet Another good reason for the 2nd Amendment!
———————————
The Democrats trust violent criminals and terrorists with guns more than they trust you.
Which is why I refer to John Roberts as Taney 2.0. The original Taney didn’t see slavery as a big deal; all that did was require resolving it on the battlefield.
History doesn’t repeat, but it rhymes.
In politics, winning is everything. Consequently, the winners will have very little incentive to investigate any irregularities much less fix them. Even worse, if any security holes in the process or the hardware helped them to win, they have an incentive to protect the bad security and even further weaken it.
Nice summery of the current battle going on here.
Even better, if the malware install is part of a scheduled firmware update the tamper evident seal is completely pointless because there need be no detectable difference between a USB stick containing a legitimate firmware update and one containing malware. There is a scheduled update for every two years… yes, I know. Nobody likes the idea of hand voting, even if nobody blind can use the machines. Its impossible, literally. Yes, that’s a point in the current battle.
The Halderman report notes somewhere both that voting machines tend to be stored in warehouses for a long time and that updates are performed by lots of “trusted” people plugging in USB sticks as they are taken out of storage and powered on for the first time in a year. There is ample opportunity for inserting malware during both the warehousing and the upgrading process.
Continuous video verification, signature controlled access, all video logs must be continuously streamed to each candidate offsite. Any interruption means those machines are destroyed and the cost is assessed against the (former) election officials in the chain.
And yes, that includes any cause other than the warehouse being destroyed. No “the thunderstorm knocked out the power”.
As a poll worker, I filled out quite a few ballots for the blind. My technique was to read the race and the choices, and then fill in the bubble for the voter’s choice. I only had a problem when a recent immigrant kept loudly declaring “I support the X party!” even on the down-ballot (non-partisan) votes. He finally pulled out a piece of paper that presumably, someone with better eyesight had listed his choices. I could only hope that they were his choices at that point; I wasn’t getting anywhere with verbal decisions.
(He was a citizen. He just wasn’t very articulate.)
“How would you fix them?”
I would fire -everyone- who had anything to do with machine-based voting, and institute a paper ballot indelibly marked with a sharpie. Counted by hand, at the polling place, by county employees -and- volunteers, scrutineered by all parties AND video. Done on election day after the polls close, no advanced voting.
Because:
When you have advanced voting, you must trust the guys who collect and store the ballots. They are county employees, who have all been captured by the faction in power in that county. Their paycheck rests on that faction. Huge conflict of interest. So you can’t trust them.
When you have machine voting, you must trust the people who made the machine, which as we see from what Francis has said is a non-starter. You must also trust the people who store the machine, who maintain the machine, and who specified/bought the machine in the first place. County/state employees, by definition untrustworthy. Conflict of interest.
It is supposed to be a SECRET BALLOT. If you can track the voter by the ballot, ever, then it isn’t secret. Federal politics aside, voting for the wrong dog catcher or sheriff can get you a beating. That’s why ballots are secret. Because again, conflict of interest.
The real problem at the base of this is assuming trustworthy, competent individuals are in positions of responsibility. Looking out at the world, that is verifiably the case. Most people are trustworthy. Most people are competent. Most people get their jobs done right. Exceptions do exist, but expecting people to do things properly is not unreasonable.
But exceptions do exist. Crime does occur. I saw a tidbit the other day to the effect that 80++% of crime is done by ~5% of criminals. 95% of losers only account for 20% or less of all crime. Because as I said, -most- people are trustworthy. Only five percent aren’t.
So, how much damage can 5% of county employees do to an election? See 2020 for details. Maybe ask Cary Lake.
When you make a big pile of grain out in the open, mice come. Y’all will have seen that video of the guy’s farm in Oz where he turns on his headlights and the whole grain pile moves because there are like a million of them. You can’t kill all the mice. All you can do is make it harder for them to get the grain.
This is the same thing.
iirc it has fluctuated from 80-85% of crime is 3 or so, for many years.
lost the ‘%’ after “3 or so” 3-ish% does 80-85+%
The one I was reading was about recidivism. According to that author, all but 5% drop out before crime #8. The ones that continue are the ones who are never going to stop.
Clearly the system “mostly” works by beating it out of all but those 5%. Those ones are the Super Rats who can’t be swayed by mere privation and hardship, the screw-loose ones.
Could be we’re seeing an uptick in crazy thanks to the appalling street drugs these days. With this new stuff brain damage is a feature, not a bug.
Pareto principle aka the 80-20 rule.
80% of any output is generated by 20% of the input.
80% of profits generated from 20% of the customers
80% of the profits generated from 20% of the product
80% of the work generated by 20% of the employees.
80% of the crime generated by 20% of the criminals.
Yes. The original intent was small local precincts. Easily counted by hand. That is the key. These giant precincts foul up the system making the machines desirable for the election staff.
It’s strange how theory makes its way into public consciousness. We’re currently in a public “large, centralized” stage while theory has moved on (back?) to “small, distributed”.
High Schools are a good example. Who on earth thought it was a good idea to stuff 5,000 teenagers into a single building?!? Sure, one saves a bit on physical plant, but at what cost in learning?
The hand counting of votes is much the same. In order for that to work, precincts must be small. It’s difficult to deal with a pile of a million pieces of paper. Not so hard to do a thousand.
And whatever happened to those bubble-scanners? Are they still in widespread use for testing or have they gone the way of the mimeograph? That seems to me to be a reasonable compromise between computerized tabulation and paper voting. In the mayoral election here, two weeks ago for whatever reason, we had bubble ballots – and only about 6,000 people voted so it could have been hand counted as a cross check easily enough.
“Sure, one saves a bit on physical plant, but at what cost in learning?”
Bold of you to assume high schools are there for teenagers to learn in. It is becoming increasingly difficult to keep that pretense going.
More like a chicken farm. If you stick them all in one barn they’re easier to watch.
Fill in the bubble scanners is what Oregon uses (Lane County anyway). Difference between now (mail in ballots) and before (precinct voting) is now all ballots are scanned, no hand counting unless “too close to call” (and the abounding shenanigans with mail in
fraudvoting). Where as before the precincts (with oversight) did hand counting, turned in the counts with the ballots. Then the ballots were machine scanned, hand counting rejected ballots; note precinct ballots kept separated, JIC. Scanned totals + totals of rejected ballots must sum total reported by precincts (if smart those running the totals, kept a total the scan to insure it matched the precinct count, thus discrepancies easier to find). Or county had to hand count. In Oregon under the current situation most counties can be 100% honest. It only takes a few (cough portion of greater Portland) to be putting weight on the scales.Our county also uses the bubble system. AFAIK, there’s one scanning location, and at least around Flyover Falls, two non-mail ballot drops. We use the one next to the county clerk’s office and the other is by the senior center.
The senior center box got vandalized when it came time to decide if the county would allow pot shops. That was disallowed at the county level, but the Falls said OK as did one town in the not-reservation. Seems the mayor there was going to open a dispensary. #SMH
I know of 3 of the non-mail-in drop boxes. One downtown at county offices (uh no, because avoid downtown like it has the plague). Second close to Willamette HS. Third, with 3 boxes, at county operations offices, and the most convenient for us. There are others in the County, I’m sure (every small burg, and multiples in Springfield too).
California, oddly enough, has stuck with the bubbles, at least where I live. (Sacramento County, no less!) And they have a competent graphic design sense, clear demarcation between races, obvious which bubble for which candidate.
I took little interest in glowball worming though it is nice to know that it’s main spokeschild, Greta Whasthername, has at last graduated from high school at age 20!
Voter fraud, manipulation, verification, the only workable answers I see are;
Only election day voting, not eight months before and/or six months or more after.
Paper ballots and purple fingers.
Only people, at least 3 people not machines, counting each and every ballot.
Audio/video logs maintained of the counters counting them.
Any vote counters found guilty of bad count, sentenced to at least a week stocked and/or puilloryed outside the polling place irregardless (Sigh, yes a real word first acknowledged in 1912 by the Wentworth American Dialect Dictionary.) of geographic setting, weather (OK, I’m not completely heartless, if temperatures rise above 125 degrees Fahrenheit, I’d allow a spraydown with a fire hose to cool them.) , glowball worming, tossed eggs, defecataory needs, etc.
Did I mention voter ID?
No?
That’s ’cause that goes without saying.
The only way to secure a voting machine is to unplug the damn thing and NEVER use it again.
Because the issues with those particular vote stealing machines are far, far worse than you’re saying. Dominion is a Venezuelan company that was founded in the early 2000’s to rig elections for Hugo Chavez. After Chavez died, they moved to Spain for their health — as in, they weren’t likely to live long without Chavez’s patronage.
Why are our votes being counted by a Spanish company with servers located in Germany? Why were their counting machines communicating with computers in China during the election?
Did you know those machines store the votes internally as floating-point numbers? There is no innocent reason to store votes as floats.
The machines also have a hidden ‘feature’ which can be used to assign coefficients to each vote, so a vote for one candidate, let’s call him Candidate T, is stored as 0.8, while votes for, say, Candidate B are stored as 1.2. When cast to int for display, they both look like 1’s, but when they’re added up the totals are skewed. There are a dozen other such handy ‘features’ for ‘adjusting’ the reported vote totals.
———————————
Candidate Joe Biden, August 2020: “We have assembled the most extensive, comprehensive and inclusive voter fraud organization in the history of American politics.”
Minutes later: “What do you mean, I wasn’t supposed to say that?”
I’m just looking at the technical aspects and the way that these machines are designed for fraud. I don’t disagree with the no machines in the process option
Did you know those machines store the votes internally as floating-point numbers?
My immediate reaction: Oh, so they’re using Javascript. Makes sense.
Yes, folks, Javascript (the engine that runs nearly every website you use) stores all numbers as floating-point internally.
Thermite could work.
Let me put it this way: I’m an electronics engineer. I’ve been working with computers and embedded programming for over 40 years — basically, as long as there have been computers available to the general public. I know whereof I speak when I say that designing and implementing a secure computer voting system, one that can’t be corrupted by users, malign external actors, or insiders with access to both the hardware and the software is not even theoretically possible.
The fact that those machines are designed from the ground up to rig elections by falsifying vote counts is just the cherry on top.
It doesn’t end there. All of the voting machines currently in use run ‘proprietary software’ which the government agencies tasked with overseeing election integrity are not allowed to analyze. Some of that software comes from foreign countries! Anything can be hidden in there, and there is no way for anybody to find out what.
Most of them run voting software on top of MS-WIN-BLOWS, so they are based on an utterly insecure system in the first place. Security consultants have cracked into voting machines from the precinct’s parking lot using smartphones because they had wireless networking turned on!
Hard as it is to believe, all of the voting machine companies are less trustworthy than the government.
———————————
There are forms of stupidity that businesses can’t indulge in. There are no such limitations on the stupidity of government.
Actually the dominion machines use linux (the tabulator) and android (the voting machine that creates the QR code) rather than (embedded) Windoze.
It doesn’t really matter: the linux kernel in the former dates to 2007 and the latter – as Halderman demonstrates in the report – is extremely vulnerable to any number of attacks
If your election system business is caught cheating and it can be proved. Your business is given the death Penalty and you can never for the rest of your life be involved in any election. The same for anyone who cheats in an election, you get the death penalty or life in jail, your choice. Politicians who it is proven that they cheated, same thing. I bet the fraud would stop after they hung a few hundred democrats and confiscated a few dozen democrat businesses.
I don’t want to just out right hang democrat voters, at least not yet….sarc.
The press on the other hand…Sarc?
Heck, we can’t even get SCOTUS to agree that proven fraud causes you to lose the office you stole with it.
The humanoid caught ballot cheating should be, upon conviction by a jury of peers, beaten to death with ball peen hammers by the robbed public.
Hypothetical.
You discover that your bank account is suddenly missing $10,000. There’s no sign of tampering, no withdrawal or transfer, it’s just gone.
You call your bank and they tell you that their systems are totally secure and nothing is missing from your account.
When asked to show where your money went, they tell you it’s up to you to prove it’s missing, and they have no obligation to help.
When you insist, you are threatened with lawsuits and possible jail time. Their systems are perfectly secure and suggestions to the contrary are libel. “Because we say so” is accepted as a legitimate excuse, not only by them but by the banking industry, the public, and the media.
They tell you that you have no proof, and when presented with printed statements they are dismissed as insufficient evidence. Those you can interest in investigating are blackballed by the banking community.
Is this gaslighting? Or are you legitimately crazy?
Don’t forget that you were able to watch the withdrawal live on your computer as it happens, and you even got screenshots. “Fake evidence” was the response.
See this from the UK – https://www.bbc.com/news/business-56718036
None of the computerized improvements were anything of the sort. Well, they were computerized…not improvements. Never were going to be improvements. It was never going to end well.
The ONLY way to really fix it is to go back to the old analog system: voting in person at precincts with manageable numbers of voters. Add voter ID and inkstained fingers. Have multiple people from different political parties tallying ballots and independently checking the counts of the other people. As D described above, optical scanners could speed the counting without introducing uncertainty or disrupting chain of custody.
The cheaters will always be with us. Let’s not make it easier for them, and for God’s sake, quit letting them do it at scale.
This sounds like an old Mission Impossible episode. No joke, I remember watching the team change a voting machine to rig a vote. I wanna say season 3…
Congress brought in an expert witness a while back who changed votes live during a hearing. That was one event that convinced me that congressional hearings are just theater.
Congress has no authority to prosecute. Only the Executive can do that.
What they can do is expose the corruption until enough people get sick of the stench.
S1 E7. (Who, me, watch reruns of old shows because nothing new is any good?)
Was it season 1?! Goes to show what I pay attention to, I remember Barney working on the machine.
“Please dispose of this message in the usual manner…” (discards in “ashtray/urn”, flamingpooooooffff!)
Classic.
…how come we’re being ruled by these…these…paste-eaters?
Who is selling the paste? Follow the money. 🙃
When our hostess posted a link to this at Insty she ended with “Unlike him I lead to malice over stupidity.”
The point is that it is next to impossible to tell whether it was malice or gross incompetence. Without someone digging into dominion’s engineering design docs and the like we don’t know. We may in fact never know because if I were malicious I’d do my best to leave a cloud of incompetence around the critical parts of the process to obscure it. I suspect malice but OTOH I’ve seen a lot of braindead engineering decisions, particularly in the realm of security that I can’t say for certain.
And of course there will be no independent verification of either code or function.
IIRC, the Arizona auditors noted that info that might have shed light on what exactly happened there in 2020 Maricopa County was accidentally (or “accidentally”, though the auditors never said that) deleted. This is information that – according to the state’s laws – is required to be saved specifically in case the evidence needs to be reviewed. But it was (illegally) deleted before the auditors could look at it.
I don’t remember hearing whether anyone was punished for it.
They were rewarded for it by the Democrat they frauded in, just like in D.C.
Remember, the Democrats and their media arm loved whistleblowers right up until January 20, 2021, at which time they became “partisans spreading misinformation”.
There is smoking gun proof of not only Biden family corruption, but of the highest levels of the DOJ actively helping cover-up their corruption and shielding them from prosecution.
https://www.powerlineblog.com/archives/2023/06/on-merrick-garland-a-smoking-gun.php
The voting machines use Windows software for some functions such as scanning the ballots. It is trivial to adjust the scan brightness and contrast settings to make the scans any level of garbage you want, sending the scan to adjudication. Adjudication has no audit trail. This is another major fraud source.
There’s an element or two relevant but not yet mentioned.
Imaginos is correct about the security. In more detail, software security rests on hardware security rests on physical security.
Security is always a moving target, depending on what level of attacker it is meant to slow down. (This is true for both electronic security, and other security.)
You utterly screw over your software ‘security’ when ever you screw over physical security, like the courts just did in 2020.
The covid lockdown was a scam from the beginning (see Birx), and especially was a scam when it came to restricting Republican observers and refusing Republican complaints about irregularities in 2020’s ‘election’.
The lack of in person greatly simplified fraud.
Security scales to the adversary, and since 2016 the politicians have beaten the drum of foreign actors, from powers hostile to the US but for some reason specifically exempting PRC.
There is no way that we can treat an electronic system as secure against PRC potential attacks. Likely attacks, given limits on PRC and Democrat technical competence? Technically this is possible with electronic, but you have to trust the freaking people that can do the work that you cannot or have not personally done. Given that some of the security specialties involve are esoteric flavors of engineering, and given that universities are not trust worthy, electronic voting is suspect. All we can do is a paper only system, which at least requires a lot more explicitly knowing involvement by Democrat crooks in order to fraud.
Why are universities suspect? Because practice of law as endorsed by major universities is suspect.
All law schools are credentialled by the ABA. When the ABA is converged, the Law Schools are likely to follow to some degree.
The formal position of a majority fraction of heads of laws schools is that the law was proper, and that the elections are secure, including by electronic voting.
This position can be explained by utter corruption. This position can be explained by ABA convergence, and partial corruption. This position can also be explained by the theory that both schools of law and schools of medicine have been ruined by being at universities, and by the spread of critical theory(2) in the humanities/liberal arts programs of universities(1). This position can be explained by a status quo in the controlling law that is down stream of corruption, but not obviously corrupt(3). This position can be explained as law school heads being in criminal conspiracy with Clinton judges, Obama judges, and Bush faction judges(4). This position can be explained by many law faculty being badly educated (innumerate), and arrogant(5).
There is a federal commission on elections that is faffing around with the pretense of security.
There is a lot of stuff to work through.
(1) If true, this would be the end of the institution of the university. Universities are in the public trust busienss. If they cannot deliver on that with contamination from humanities, the only way to salvage that is with independent schools of whatever academic field. Seperate engineering from ‘engineering education’, etc.
(2) Critical theory is about ancient super conspiracies. It cares much about that, and about the magical powers of critical theory scholars when it comes to speech. This is a pathway towards really caring most about ‘goods’ that are completely outside traditional professional understanding of goods provided by medicine or law. Like, compromising the ‘very important’ and historically utterly novel scheme of quarantine in order to prevent a type of ‘black’ death that is so utterly rare that it is practically imaginary. Or, changing one’s mind on lawyers representing clients in an adversarial system to suppose that lawyers must also curate their clients, in order to not have results that inspire criminality. Which has absurd implications deliberately ignored when it comes to criminal defenders.
(3) So, the key elements influencing the precedent are that one consent decree, and the DoJ Civil Liberties unit. These are premised on ‘the parties switched places’ historical narrative. This historical narrative is probably actually false. So, the premise of the consent decree, that the Republican party was continuing racist conspiracies, was probably incorrect, and the consent decree was merely a corrupt way to create a last sixty years of case law stemming from very few Republican contests of elections. Secondly, a Civil Liberties unit that is converged by the left or captured by Democrats could at the same time contest elections where the Republican candidate might win, and arrange to set racist precedents in the case law. With the consent decree no longer in force, Republicans can file suit, and we can expect a period of time before the case law casts out the corrupt precedents.
(4) BLM riots included enough murders to be considered a criminal conspiracy. Clearly, those riots were allowed/enabled by Democrats local and state office. A bunch of other patterns also line up, like covid lockdown judgements, and Obama’s pattern of appointments and what we learn later about his appointees. If true, would suck massively.
(5) By and large, your path to becoming law faculty does not require skill in mathematics, a solid understanding of statistics, or any real understanding of machines. By and large, most people in America have crappy primary and secondary school educations. By and large, it requires a bit of confidence to be a tertiary school instructor.
All of this
Regarding the picture at the top of the post –
Badgers??? We don’t need no steenkin’ Badgers!!!
Every ballot cast, I believe, should have a unique cast-vote serial number, itself mainly unencrypted* and printed at the top of the page (including for mail-in or app-in ballots), coding for the following data points, in a selected sequence:
• Date-Time Group of submission
• State-County-Precinct-Machine ID (special codes for e-Voting via the website and the smartphone apps)
• Ballot #n from this machine/app/system per day (as measured by precinct’s local time zone)
• A designation of the voter (voter registration sequence number, perhaps, from the county rolls) unique to the voting system and not tied to other PII
• Optionally, some designation of what votes were cast.
The number itself as I envision it is “unencrypted,” but it’s data is encoded to make mimicry difficult: each data point might be represented by two to six digits in the string, in a preassigned position in the sequence, and the whole concatenated as a decimal number of as many as 20 places. But before it’s printed out on the page, the whole thing is converted to hexadecimal notation (still the same number, thus still unique to this and only this ballot). The ballot counters note each ballot’s submission number and lock it into the database so that duplicates will be refused, no questions asked.
No matter what procedures are enacted, they are still only as secure as the government bureaucrats and private contractors that implement and maintain them. The voters can’t validate the process or know what the machines are doing. Votes may go in, and numbers come out, but any connection between them is hidden and might as well be black magic.
The procedures that were in place had been adequate, but election officials, partisan judges and state bureaucrats changed them in violation of state law, federal law and the Constitution, and nothing was done about it. Three and a half years later, nothing is still being done about it with great determination. Zuckerborg the lizard-faced boy dumped half a billion dollars into corrupting the 2020 election and nothing was done.
And then there was ‘stopping the count’ in the middle of the night. When has that ever been done before? Never! The 1944 election, at the height of World War 2, was handled better than the 2020 election. Somehow, Biden picked up hundreds of thousands of votes while ‘counting was stopped’. How does that happen?
Nope, the only secure voting machine is one that is not used in the election.
———————————
Harris-und-Biden were never elected — they were installed, like a toilet and a bidet. Unlike them, a couple of plumbing fixtures would actually be useful.
“If ever a time should come, when vain and aspiring men shall possess the highest seats in Government, our country will stand in need of its experienced patriots to prevent its ruin.” – Samuel Adams
It’s not just the machines, it’s the process.
https://dailycaller.com/2023/06/24/opinion-virginia-is-no-place-for-crazy-voting-experiments-jason-snead/
“RCV’s end goal is to eliminate party primaries and upend the entire democratic process. By weakening political parties, RCV creates a power vacuum that Arabella and Soros are ready to fill. They have the funding, resources and infrastructure to do it.
In other words, left-wing elites are buying a new election system, one that will push politics to the left and make our system more responsive to them, not the voters. And it’s all part of the left’s ongoing push to reshape voting itself for partisan gain.”
“They have the funding, resources and infrastructure to do it.”
This post from Not the Bee is totally in agreement.
The Left took over many institutions not by persuasion but by purchase.
(LDS readers should explicitly recognize the source of this tactic, and others can easily infer the same.)
https://notthebee.com/article/come-read-this-thread-about-how-the-left-took-over-the-culture-and-how-conservatives-can-win-it-back
I don’t think I would go so far as the quoted Tweet thread author recommends (“become baser, more savage, but more vital”), but the question is one of how the Right can counter the Left without adopting the same methods and thus eventually becoming the same thing.
However, I’m not opposed to funding counter-leftist institutions to oppose their actions.
Our local voting machines have the voter select choices on a touch screen, displays choices after the ballot is complete and requires the voter to confirm them before counting the ballot, and prints a voter-readable copy of the ballot on a tape retained with the machine. In addition, casting a ballot requires a key card that is coded to the voter at check-in (with a photo ID requirement as well as a signature requirement), and these codes can be correlated to the check in signatures to ensure that the count of ballots matches the verified voters (the key code is not tied to the individual ballot, but counts of card codes are recorded – an excess number of a code vs voters assigned that code is a red flag). That does not make it IMPOSSIBLE to slip extra votes into the machine, but makes it difficult and establishes and audit trail.
That makes in-person voting fairly secure mechanically. Most voter fraud, in my experience – I was a GOP official and poll watcher in elections from 1994-1998 in the Little Rock area – occurs with absentee ballots. We encountered cases of ballots with the supposed receiving address being a vacant lot and ballot harvesting operations voting for senior citizens (not just nursing homes, where we found some specializing in dementia patients with 100% voter participation – but door-to-door as well). The office janitor at the office for the 1994 gubernatoral candidate I volunteered for reported a guy going door-to-door for our opponent’s campaign in his senior citizen’s complex offering to fill out ballots for residents! It was extremely frustrating to watch candidates’ leads evaporate when the absentees started to be counted.
As far as in-person fraud, I encountered and put an end in 1994 to the practice of drivers for a developmentally disabled adult program voting at the precinct for group home residents while the “voter” stared off into space as well as trying to review and tell residents who voted for themselves to “correct” their ballot when they voted for the “wrong candidate.” The barely trained poll-workers put a stop to it when I pointed out that it was illegal unless the voter specifically asked for assistance at check in – from that point on, the POLLWORKERS gave assistance instead of allowing the driver to vote, which truthfully went beyond the letter of the law but snuffed out the fraud. Alas, the liberal absentee rules of the “motor voter” law went into effect before 1996 and that program had all residents vote absentee in the future. Thirty to forty voters may not sound like a lot, but it was enough to give the local Democrat machine control in a military town.
The other problem we had was not really voter fraud, but still a violation of the state election code. Several precincts in the county were in schools, and the principals would often have endorsements of Democrat candidates posted on school marquees by the entrance voters used and well within the 200′ limit where campaigning was forbidden. In 1998, I had to threaten to call the sheriff in with a criminal complaint to get one elementary principal in rural Pulaski County to take down an endorsement for a Democrat incumbent in the legislature. When I mentioned the criminal penalties – he jumped right on it, despite stubbornly refusing before I started to pull out my cell phone!
I am very behind on my email, so I am just now reading this. Apologies.
First my qualifications: 4x Election/Alternate Judge at a polling location, 1x Election Clerk, Precinct Chair & involved with election integrity for several years. All in Travis County, Texas, which is the Capital of Texas.
Here in Texas, we have county wide voting. Which means that, in a few counties during some elections, there are hundreds of possible ballots. This makes pre printing them a major problem. Not impossible, but impractical. In my precinct alone there are often two different ballots used because of school districts.
In Travis County, we use ES&S machines. At registration a blank ballot is printed that contains serial number and the ballot “style” (as well as a few other bits). This is fed into a Ballot Marking Device where someone selects their choices via a touch screen. When finished, it prints out a ballot with both bar codes and human readable selections. This is then fed into a scanner where is is scanned, the results written to a USB, and the ballot dropped into a bin that will be sealed and locked at the end of the day. By Texas law, all ballots are required to be human readable, even if there is a barcode/QR code for use by the machine. In addition to the USB stick, there is also a tally tape of how many votes each item on the ballot received that is printed out at the end of Election Day (zero tape printed before the poll opens). This means that it is practical to to a manual recount by polling location. However, to my knowledge, this has not been done. I would like to see a mandatory recount of randomly selected polling locations (the most voters I have ever seen was less than 800) compared to both the results on USB and the tally tape.
Not all counties use machines, when there are less than a few thousand voters, filling out a ballot by hand and counting by hand makes economic sense.
There are various other security techniques in play including counting the number of ballot blanks and comparing it to the number of voters. A maximum difference of 4 is allowed before other processes come into play (never had that).
So, election integrity is improving, but can still be made better.
Unfortunately, when the folks running the election decide to cheat, there are multiple ways to do it. Fraudulent mail in ballots is one. Another is voter disenfranchisement as was seen in the 2022 elections in Maricopa County, Arizona and Harris County, Texas. They proved that no matter how blatant the cheating is, it will not be punished and the presumably fraudulent results will be allowed to stand.
If anyone has more detailed questions about the processes that I am familiar with, please feel free to ask. Not that people here are particularly shy about speaking up.