[alexandercrohde]

I think it's high time we start taking these concerns seriously. If state actors can accomplish stuxnet, then hacking a voting system seems well within the realm of technical possibility.

Fortunately, there are pretty simple policies we can enact to prevent fraud and give faith in elections (both in America, as well as other countries). If you care, I'd perhaps start at https://www.verifiedvoting.org/

[empath75]

They don't even need to throw the election. Two or three machines with absurd results in favor of Clinton or Trump would be enough to push the county into civil unrest.

[Pinckney]

Absurd results aren't what you want, since they're readily dismissed as localized, and people could believe that hacking had no effect on the overall result. You want to prove that hacking took place, but subtly, so that people can imagine it was widespread.

More effective would be to preselect a precise number of votes for a few machines in a swing state, with totals just 3-4 percentage points higher than what polling indicates for that precinct. Email a few journalists before the election: "I'm a engineer working to hack the election for Clinton, but I'm sickened by it and I want to blow the whistle... attached are encrypted tallies for the voting machines we compromised in precinct XXX. I know we have a team in YYY and I think in ZZZ, but I wasn't able to get data for those machines out. Decryption keys will follow Nov 15th."

[rblatz]

If you used a one time pad you could skip the whole hack the election part and generate a key that reflects the actual totals after they've been published.

[newjersey]

Hm... Is it a crime to write an email, not under oath, to a journalist accepting responsibility for a crime that one didn't commit (and had no idea was taking place)? I'd like to answer no but I'm sure a judge would use the "fire!" In a crowded movie theater analogy to answer in the affirmative.

[meowface]

Not saying there is any evidence this has happened or will happen, but:

If I were Russia, I would arrange something so one or two polling stations end up casting many fraudulent votes for Clinton, just to call the entire election into question and give more ammo to the Trump campaign. Even if those instances had no serious impact on the results, the uncertainty alone could definitely cause significant civil turmoil.

[code_duck]

but so far the country as a whole has shown almost no interest in the insecurity of electronic voting machines.

[akhilcacharya]

Only if it's in a tipping point state.

[grzm]

verifiedvoting.org looks like a good resource for taking action. If you're interested in learning more about verifiable/auditable voting systems, Wikipedia has some useful references:

https://en.wikipedia.org/wiki/End-to-end_auditable_voting_sy...

I also found this slide deck from Ron Rivest interesting:

Auditability and Verifiability of Elections ACM-IEEE talk March 16, 2016

https://people.csail.mit.edu/rivest/pubs/Riv16x.pdf

[code_duck]

The disturbing thing is that Stuxnet is more sophisticated than what it would take to control most voting machines. I think NSA type agencies for many countries and corporate espionage departments complete more complicated tasks every day.

[joering2]

I bet you that's the main reason they don't want to open-source it for independent verification -- you would find code so dirty and hackable that you would wonder which state actors actually did NOT hack.

[hackaflocka]

Exactly this.

If stuxnet is possible, a voting machine should be a piece of cake.