[badsock]

Imagine if you took a vote with paper ballots, and then went to every one of the tens (if not hundreds) of thousands of people who had a hand in creating a voting machine (think of the millions of lines of code in the OS and drivers, and the billions of transistors) and left the unsealed box of votes with each of them, alone, for several hours. That box would travel to people in many foreign countries, some working for intelligence agencies. Would you trust the votes after that?

It's possible to hide exploits in so many places - consider the obfuscated C contests, or the trojans that have been found in SSDs, or that hack a while ago where someone compromised a RNG by undetectably tweaked the dopant levels on a chip.

It takes very little to swing an election if you're strategic, sometimes less than 1% of the vote, and having the head of a state owe you a favour (not to mention the blackmail material), is well worth compromising one or more of the people involved in the production of the machine.

To make a demonstrably exploit-free voting machine, you'd have to design and manufacture every chip yourself and write every line of software (including the OS) yourself. Not only that, but everyone involved would have to be trusted to not be bribed, and to not make any mistakes that could lead to an external exploit. That's completely unrealistic, so countries are essentially saying "it's OK if there's a possibility for someone to take control of our country through fraud, because even though we know for sure that it's possible, we don't think it will happen to us".

Elections are too important to let the fools and charlatans who say things like "unhackable" to have influence over anyone with the the power to make decisions about electronic voting machines. Everything is hackable, given the resources and the motivations. Gaining control of an entire country is sufficient to have both.

[setum]

> Elections are too important to let the fools and charlatans who say things like "unhackable"

Can there be process that can be guaranteed "unhackable". The paper based Ballot Box election in India were subjected to an even higher degree of reported rigging/hack then EVMs.

[nborwankar]

They are not saying "our elections are unhackable" they are saying "our already manufactured machines as available to register votes are unhackable". It could be true today. But now that they have thrown open the challenge who knows if future such machines will be or not. IIRC the machines are hardware with no installable software. The issues you raise about chip and firmware vulnerabilities remain. And the Govt of India have painted a target on their backs for the foreseeable future and way beyond.

[hackuser]

> It takes very little to swing an election if you're strategic, sometimes less than 1% of the vote

Good points. I'd add that the potential attackers include national intelligence agencies and other very well-resourced groups, including criminal organizations, corporations, and others. For them, the value of controlling the outcome of an election can be many billions of dollars or existential.

It doesn't matter if it takes a little or a lot; the cost is unlikely to be a deterrent to those types of attackers.

[trowmeaway]

This. You are basing the bedrock of your democracy/country on an illusion.

I have had countless discussions with my colleagues and not one of them understands the gravity of closed EVM machines instead believe in security by obscurity. It makes me sad that if the very people who work in technology are like ostriches with their heads buried in sand, how can you expect the lay person to understand the argument for implementing a verifiable system. Its an anathema.

Anyone who argues for this is either a case of sour grapes or anti-government/anti-democracy.

Also can anyone please clarify how one one can go about taking part in this process, wasn't clear to me from the article.

[HaoZeke]

It's a fluff piece.

The govt will invite some unknown or well paid experts, and get a clean bill of security. Simple.

[corpMaverick]

Even if it was possible to guarantee that the machines were not hackable. What is stopping a undemocratic candidate to cry foul. It is just too easy to blame it on the technology. People do it even for paper systems where it is evident even for a lay person to know that fraud cannot be done at a large scale, that needs to involved hundreds or thousands of accomplices.

[accountyaccount]

Wouldn't a reliable safeguard be to have people vote and then verify their vote using an entirely separate system with an entirely separate database... then compare the two and identify any possible mismatches.

You'd then require a hack to comprise entirely different systems of hardware & software simultaneously. No one hardware vendor could control it?

[badsock]

That theoretically makes the hack harder (you've got to hack two systems/vendors), but we're talking about attackers with potentially state-level resources.

The bigger problem is that it can be used to verify that a coerced voter cast their ballot the way that the coercer wanted.

My question is: why go through all this incredible effort, and take such huge risks, when paper ballots do the job just fine?

[fellellor]

I'm guessing you only need to hack one system to throw doubts on the election process, and maybe start some sort of narrative that influences people to vote the other way in the repeat election. Also, the second verification database, mey be needed to be guarded more securely for a longer time in order to give people a chance to verify their votes.

The electronic voting machines are not much different from a paper ballot system in that they are just boxes that hold vote counts, in bits rather than bits of paper. They are not network connected and to my knowledge they are not easily programmable once deployed in the field. i.e, they would require collusion of a large number of local officials, including that of the central election commission officer deployed in order to facilitate reprogramming.

Elections if rigged are done so by people, so the threat comes from the vast numbers of government employees who are deputed from their day jobs to perform election duty. These people hold the power to rig elections by miscounting the paper votes. If the counting process is digitized using dumb machines, then that would maybe take care of the malicious counting problem.

Ultimately any system would rely on the integrity of the actors involved to function properly. In a country with levels of corruption that India faces, it is easier to keep an eye on the few direct employees of the election council rather than every person deputed for election duty.