|
|
|
|
|
|
by jpgvm
2047 days ago
|
|
|
I am not seeing how the request system is vulnerable. As I understand it there is a register of absentee voters, ballots are generated (sometimes with privacy sleeves/envelopes etc) and printed with barcodes that tie ballots back to a specific voter ID up until the point that information is separated for counting. Given knowledge of how that system works and controls put around it I doubt any such vulnerabilities could exist that could be found by statistical analysis that isn't already being done... I also think you missed the point of my last sentence which is that you could consider the actual ballot system a lot like AES or any other cryto system you might be familiar with. Cracking the crypto system is stupidly hard because a ton of time was invested making that so.
Instead attacking the stuff -around- the crypto system is likely to prove much more fruitful. i.e social engineering, side channel attacks In the same way the attacks I listed above elicit the desired effect (a certain candidate having an unfair advantage) but without attacking the actual ballot system itself (which is likely far too difficult). Essentially it's a case of lower hanging fruit, you don't need voter fraud to "steal" an election. |
|
|
> I am not seeing how the request system is vulnerable.
Here's the scenario: I obtain your SSN, Name and Address to request your ballot to my address (either in the bussing example through your explicit permission or through the nefarious example like using Equifax 2017-2018 Data), then I fill it in at my address, and then mailed it in.
(Edit: to be clear, you have only provided the information to start the ballot process, or I obtained it nefariously, and submitted a ballot without your presence and pen to paper)
That's not a vulnerability? I guess I have a weird definition... I'm saying that's not what I expect when I hear someone 'voted.'