Brazilian Breaks Secrecy of Brazil's E-Voting Machines With Van Eck Phreaking

After the report last week that Brazil's e-voting machines had withstood the scrutiny of a team of invited hackers, reader ateu writes with news that a hacker has shown that the Linux-based voting machines aren't perfectly safe; he was able to eavesdrop on them (translated from Portuguese) by means of Van Eck phreaking.

Honestly

[pieisgood]

What options do you have to protect your self from Van eck phreaking? Lead casing? Foil voting boxes? Honest replies welcome.

Re:

[sjames]

Copper mesh or metal plating on the case tied to the ground. Chokes on all connections. If touchscreen, you could be screwed since it might not like a copper mesh but if it isn't covered it becomes an emitter.

Re:

[biryokumaru]

In addition to a Faraday cage as you suggest, the NSA recommends scrambling the least significant bit of the image to increase the difficulty of descrambling.

Re:

[sjames]

Good pictures. It looks like a newer version could be made to limit the emissions quite nicely. It might also be possible to retrofit the existing machines with shielding including a false front to extend the keypad buttons (but not the switches) through the shield.

At the busiest polling places it probably wouldn't be as much problem as many people would be using many identical machines at once. It would be hard to know who did what.

A tone generator connected to a transmitter might be able to simply jam the

Re:Honestly

[Anonymous Coward]

It's simple. just throw out the person with the radar dish, oscilliscope, and notepad.

Re:Honestly

[icebike]

Exactly so.

The equipment to carry out this snooping is easily spotted, and more easily foiled.

With more than one voting station in the room, said eaves dropper could never distinguish one vote from the other, and could certainly not CHANGE the results.

You would be better able to guess how persons voted by the color of their tie. http://www.tie-necktie-video.com/tie-color.html [tie-necktie-video.com]

Re:

[vhogemann]

Easy...

If he went to the voting place wearing a tie, chances are that he's voting for himself. :-)

Re:

[NickFortune]

The equipment to carry out this snooping is easily spotted, and more easily foiled.

mmm... let's not rely on that. More sophisticated and less bulk solutions may arise in the future, and with the potential to tamper with the electoral process, it's possible we might see some serious effort going into creating such solutions.

and could certainly not CHANGE the results.

The concern is that you wouldn't need to change anything. "Vote for me or I break your legs. I will know how you vote."

Re:

[mspohr]

You could also view votes with a video camera in the ceiling and it would also give you a picture of the top of the person's head to help with identification. This would also work to reveal paper ballots as well as electronic machines. Think of the children! You could also ask people how they voted when they left the polling place and most people would just tell you! Some would lie but only because you were ugly. In other news, most people don't vote; those who do vote are uninformed; and the only votes

Re:Honestly

[robbak]

Several ideas. Of course, use LCDs, as the CRT circuitry is the bad one. Shield the data connections so they don't radiate too much. Make the connections that transmit unencrypted data short. Use low-contrast fonts, so the sharp edges do not cause large voltage (and therefore EMI) spikes. Randomise the low bits of data shown on the screen, so you create obfuscating noise.

Maybe you have to go as far as have a white noise transmitter to mask what you cannot elimiate. Plenty of room to move. Good on them for having such a contest - it flushed out all the 'Ooh, I didn't think of that' problems.

Re:Honestly

[biryokumaru]

Of course, use LCDs, as the CRT circuitry is the bad one.

Wikipedia would disagree [wikipedia.org] with an annoying PDF [cam.ac.uk].

Re:

[hazem]

Actually, the same site that PDF came from says the biggest source from LCDs is the video cable, especially if the signal is all digital. This would be an improvement over a CRT because the CRT will shares the video cable problem.

http://www.cl.cam.ac.uk/~mgk25/emsec/softtempest-faq.html [cam.ac.uk]
My experience so far has been that with LCDs, the video cable is the most significant source of radiated information leakage. Where an analogue video cable (with 15-pin VGA connector) is used, low-pass filtered fonts have th

Re:

[petermgreen]

I suspect there is already an encrypted standard for digital monitor signals
The paper that the GP linked suggests using HDCP.

Re:

[robbak]

I did not say that it was not an issue with LCDs: There is obviously the data cable and data handling circuitry to consider. But it is a much greater issue with CRTs: literally, all you need is a VHF arial, feed the signal into a CRT, and tweak until you have a readable image.
With LCDs, if you can catch the digital signal, you can recover the data. But the signal is weaker (10s of volts, not thousands!), and higher frequency, so you need to be closer. The problem can be eliminated if you implement encryptio

Re:Honestly

[Nimey]

Low-contrast fonts are probably right out, since you don't want to disenfranchise old folks and others with vision problems.

Re:Honestly

[Opportunist]

Easy. Take the machine, hollow them out, put a board in and use their shell as a guard from prying eyes for pen&paper voting. The manufacturers of the machines get the money and we get secure and anonymous voting.

Re:

[mrmeval]

Not much really. While it is possible to effectively protect a device from such snooping it is very expensive due to the testing and handling requirements. I don't see it on the link but I think there is a commercial Tempest standard.

http://www.eskimo.com/~joelm/tempestintro.html [eskimo.com]

The page has good info and you can try the anti-Tempest fonts for a grin. It's based on the paper also referenced on that page.

Fonts where?

[argent]

The anti-TEMPEST fonts seem to have been withdrawn:

Q: Where can I download low-pass filtered Soft Tempest fonts

Unfortunately, the existing font display mechanics in operating systems does not make it possible to implement this protection technique simply by installing a new font file.

For this reason, I am not providing any filtered font files.

Re:

[mrmeval]

My bad I'd assumed they were available but it seems they improved the attack enough to render them useless.

It was not the best solution and now that DSP and FPGA solutions have improved so much since I read that article you're left with doing the full Tempest hardening solution. I did not clue into the current state of the art as fast as I should have when I wrote that post.

A Van Eck setup that would have cost millions when that paper was written is now within the reach of some hobbyists and blackhats.

I am

Re:

[argent]

You could run all your text through a CAPTCHA filter. :)

Re:

[mrmeval]

It'd be nice if it could be made to work. The font had two images. One human eyes would see and one the Van Eck freak would see. I read some more and because technology has advanced dramatically and font technology does not allow real time animations that don't bother the user but do bother the Van Eck freak the authors dispensed with that line of protection.

Re:

[jambarama]

Not only that, but no device will ever be "perfectly safe." That phrase doesn't appear in TFA, it shouldn't have been put in the summary. If someone has to resort to Van Eck phreaking just to eavesdrop on polling because an open hacking competition yielded no vulnerabilities, it sounds pretty darn safe. Publicizing the vulnerability is still a good thing, maybe someone will be able to come up with a reasonable defense, but it doesn't sound like a showstopper to me.

Re:

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[nstlgc]

You mean Republicans?

Re:

[Xest]

I'm not sure if your post was sarcasm and it whooshed over the head of the rest of Slashdot or if you're serious.

The KGB (now FSB) took Russia, the Republicans took the US, Ahmadinejad took Iran, Karzai has taken Afghanistan and so on all without winning the elections through fair process.

Unfortunately election fraud by organised groups happens far too often, even in nations where it really shouldn't because they're supposed to be role models (i.e. the US). I'm hoping then that your post was rather subtle s

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Xest]

Well neither did I until I read everyone elses responses which made me second guess my judgement!

Re:

[Toonol]

Right. Of course these machines are vulnerable to Van Eck phreaking. Pretty much everything with a CRT and a lot of LCDs are vulnerable. That's barely more of a true security flaw than the fact that the machines are vulnerable to hiding a camera in the poling booth.

Cryptonomicon

[MichaelSmith]

What options do you have to protect your self from Van eck phreaking? Lead casing? Foil voting boxes?

Honest replies welcome.

Put rubbish on the screen and send all your actual output through the caps lock LED with xled.

Not very useful outside in the real world, I know.

Re:

[mariushm]

LCD screens are also sensitive... so I'd say maybe... Monochrome 640x480 LED Matrix and custom video chips.... or "Split-Flap type display" as seen here http://www.salient.com.au/products-splitflap.htm [salient.com.au] ... maybe some sort of adapted nixie tubes as seen here : http://www.vintagecalculators.com/html/calculator_displays.html#ColdCathode [vintagecalculators.com]

Re:

[AnotherBrian]

Split-flap displays make a little click when they change characters. Given some of the known words sequences that will be displayed, variations in the sound of each click, and variations in the timing due to the addressing of the characters, I'm sure complete displays could be reconstructed.

Re:

[blueg3]

The NSA Tempest guidelines are probably sufficient.

Of course, the requirements are potentially made weaker by what you're eavesdropping. Tempest is written assuming that eavesdropping is a problem, but that's not true with voting -- it's only a problem if you are then able to associate votes with individuals.

Re:

[ThePhilips]

Reading through the comments, it stroke me the same. Van Eck phreaking can't be a problem because it provides literally the same information as exit polls.

... it's only a problem if you are then able to associate votes with individuals.

What again is not a problem if one votes in densely populated area: emission from many voting machines would mix making it hard to differentiate a vote on a single machine.

It might be the problem with VIPs. But for the case one can really go extra mile and install proper shielding.

Re:

[ThePhilips]

emission from many voting machines would mix making it hard to differentiate a vote on a single machine.

Stupid idea #523: equip the voting machine with say two extra displays on the back and make them show some obfuscation video sequence so that it would be hard (if feasible at all) to tell what the hell is going on on the first main screen.

Re:

[ThePhilips]

some obfuscation video sequence

Or better yet the voting machine might emulate on the auxiliary displays the process of user voting for a random option.

Even if information can be still gathered, it would be heavily watered down by the fake voting information from the extra displays.

Re:

[Z00L00K]

Randomize the image for each voting.

This will make it a lot harder to decide the selection for each individual voter since the image will be different for each voter.

So - yes you may be able to recognize that a voted did make a selection but you won't know what the selection really was unless you have some very expensive equipment.

And as a voter I wouldn't be too worried about that kind of eavesdropping. Who besides the authorities would really be interested in the vote of an individual person bad enough to

Re:

[plover]

If you take a look at Ross Anderson's work in this area, you'll see that the picture quality on a Van Eck rig can range from almost static to highly legible black and white imagery. I'm sure it's installation dependent among other factors, but it can be very readable. Remember that it doesn't have to be machine readable, either. When you're talking about elections you're talking about a kiloton of money, which can likely buy a whole lot of people to sit there and watch the screens with their eyes.

Remember t

Re:

[StarsAreAlsoFire]

a: Visit your local feed store.

b: Buy 100 meters of chicken wire.

c: Wrap voting booths.

I am of course being somewhat sarcastic. But not much. If you ground a wire cage as described you'd be fine. The question I'm hazy about is what frequencies are being scanned. You may need something with a finer mesh than chicken wire. Now that I actually consider it, this might also just reduce the range of the scan, rather than eliminate the possibility. Any EE's care to enlighten?

Re:

[RiotingPacifist]

If i read the article correctly he is Van ecking the keyboard, so randomizing the button->candidate mapping should be enough. However for Van ecking you build a Faraday cage around the device (a pita that may not be possible for voting booths you need to get in/out of), or use active electronic countermeasures, this is not 100% safe, as your basically engaging in a race of creating random noise, vs filtering it, but that is a race that the jammers can generally win so 99.999%, in addition as the detect

Re:

[PopeRatzo]

What options do you have to protect your self from Van eck phreaking?

As far as elections go, the best protection against Van eck phreaking is the paper ballot.

When you have poll-workers from each political party and lots of poll-watchers, it provides fair elections and really scales very well. The only thing that scales well when you have electronic voting is the ability to perpetrate fraud.

Re:

[CharlieG]

Of course, there is the whole "If someone is going to that point, is it really worth the worry, or do we have more imprtant things to worry about?" (like someone sticking a hidden camera watching the screen)

Re:

[petermgreen]

someone else linked http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf [cam.ac.uk] which gives some countermeasures.

In summary firsly use a LCD screen, this pretty much eliminates emmisions from the display itself but the link to the display is still be an issue. Countermeasures against link snooping can include messing with foreground and background colours, adding noise or best of all using an encrypted (e.g. HDCP) digital link.

Whew, that was a close one...

[robwgibbons]

"Listening in" and actually breaking the security of the machine are two entirely different things. What's the most someone could do with this exploit? Basically it just allows for a more accurate exit-poll. As far as I see it, the machine's security has still yet to be bested.

Re:Whew, that was a close one...

[Animaether]

What's the most someone could do with this exploit? Basically it just allows for a more accurate exit-poll.

Basically.. all of the reasons you want voting to be done anonymously apply here.

If you can couple the emissions at the location of the machine with the emissions from a particular user - say, their mobile phone's signature - then you can go back to forcing people to vote for X and make sure that they do, roughing them up as an example to the others you told to vote for X if you detected a vote for Y instead, without a need to plant something on them or leaving any trace.

In theory, anyway.

No technology will prevent that

[lwoggardner]

Not to say that secrecy isn't important, but once it requires a certain level of technology to eavesdrop then surely you just pick some random people and rough them up anyway telling the people you are intimidating that you have this "magic" eavesdropping technology.

Re:

[miro f]

in some countries voting is compulsory, so you can't stop people voting.

the preferred solution is to adjust the boundaries of the voting district and move people who typically vote for your opposition from marginal seats to safe seats, and vice versa.

Re:

[Vellmont]

What's the most someone could do with this exploit?

Uhh.. find out who someone voted for? All you need is two people, one in the polling place and someone else with one of these devices. If I really have to try to convince you of the value of secret votes, I give up.

Re:

[AK Marc]

If I really have to try to convince you of the value of secret votes, I give up.

I guess I'm broken. I'd rather have my open vote count, than my private vote lost. Currently, we only get the latter.

Re:

[Sique]

As someone who grew up in a country, where "Open Voting" was the norm and using the voting cabin was being frowned upon I tell you: You have no clue.

Re:

[vakuona]

Seriously I agree with this fellow. In most countries, secret ballot was/is useful because people could be persecuted by the government for voting for the other fellow. If open voting is the norm, where there is a running total on the screen, and at the end of the day, all we do is total the running scores, then we have security by openness. You would actually have the public checking, millions of time as their votes are cast, that nothing strange was happening with their votes. Of course, this requires tha

The open skull voting process is not good for you

[synthespian]

... then we have security by openness

And you also have the 500-meter dash away from the polling station, where the thug, army, or police officer was waiting for you with his nice wooden baton to crack your skull open, after you cast your open vote against the ruling party.

You don't watch much news on TV, do you? Remember: 1) all the world is not made of latte; 2) Star Trek ain't real; 3) Pakhistan is actual country; 4) Bin Laden is livin' large.

Re:

[AK Marc]

I find your comment valueless without the country. The USA had open voting for around 100 years with fewer problems than secret voting. It only ended because of the Civil War and politics of hate that followed (and some still aren't over, but they are considered fringe now). The introduction of secret balloting increased the fraud rate greatly, with the number of voters exceeding the registered voters, whole cemetaries that came out to vote, and such.

Did you move from the country with open ballots? Why

Re:

[Sique]

You are barking up the wrong tree. I am all for secret voting. It was the grand parent who was saying:

I guess I'm broken. I'd rather have my open vote count, than my private vote lost.

There is no point in counting open votes, because they have no value at all. If you run into troubles for not voting publicly, this is equivalent to running into trouble for voting for the wrong person.

Re:

[AK Marc]

Wait, your argument is "because it could be bad sometimes, it should never be done, even if it is good in some cases"? Apparently, there is a distinction between the countries where voting for the wrong person gets you killed or not. And that it's bad in one means it's bad in the other, even though the value in the other is never addressed?

Or are you stating that if the USA adopts open ballots, then there will be hits on anyone in Chicago that votes Republican and anyone in San Francisco that votes Democ

Re:

[coppro]

The issue is one of anonymity. Someone could (comparatively) easily phreak a machine when a specific person walks into the polling booth so that they could determine that person's vote. The integrity of the results is not compromised, however; there is no threat of vote-stuffing or fraud.

Re:

[MichaelSmith]

Use it as feedback to calibrate a separate vote rigging operation. If your guy wins by 20% an investigation may be triggered. If he wins by 2% you may be in the clear. So how do you gauge the real vote, while there is still time to cast face votes?

Broken "secrecy"

[doug141]

Perhaps you read too quickly. "Secrecy," not "security." There are plenty of responses explaining the importance of secret ballots.

Re:

[Yvanhoe]

As long as you didn't vote unamericanly I guess you don't have to worry...

Re:

[synthespian]

What's the most someone could do with this exploit?

A little context is needed in order to further explore this point. Brazil is a huge country, of continental dimensions. Voting is a mandatory civic duty (except for older citizens). In the remote and impoverished areas, intimidating voters or buying votes was a common, widespread practice, constituting what is termed an "electoral corral", that helped maintain veritable "political dynasties" in these areas for decades. One of the selling points of electroni

Physical Security

[tetsukaze]

So the cheap devices he used only worked inches away. A more powerful device might work up to 20 meters away. Now, I assume a more powerful antennae is going to mean a bigger one. Isn't this going to stand out? I would hope that there is someone in charge that would notice a foot long antennae being pointed at voting areas. You can secure the machine itself, but if you don't have real people doing their part, it doesn't matter how secure your voting machine is.

Re:Physical Security

[Sarten-X]

If an attacker were able to access the voting location enough to install an unnoticeable antenna, I'd be more concerned with small cameras. Even a large antenna in a nearby building would require somebody watching to see who was using which voting machine, in order to pose any real threat.

I'm still not even at this step yet

[Opportunist]

I'm not yet at "how do we get e-voting secure?". I'm still puzzled by the question "why the f. do we need it?"

Re:

[AHuxley]

Would you like supporters of 'the major', beef/soy barons and priests 'transporting' your vote over a few days?
In some parts of the world they do learn about democracy after right-wing military dictatorships.
In others they just trust election solutions provided by an ATM maker.
When their boss is exposed on wikipedia, they go back in using the company IP's and try to "Soviet" out the references to the CEO's fund-raising.

Re:

[Volante3192]

Easier for the disabled. Easier to support multiple languages. Easier to have duplicate copies so you can't be surprised and "find" a box of ballots in a warehouse later. Less ambiguity in regards to intention (see Minnesota's Senate race.)

Re:

[Opportunist]

Easier for the disabled.

There are masks with braille that work pretty well. I have a friend who is blind and can vote just fine.

Easier to support multiple languages.

Last time I checked the US had their official language English. Learn it or don't vote. Also, I can't see what's so difficult about learning the name of your prefered party/candidate well enough if you utterly refuse to learn English and don't use a latin alphabet.

Easier to have duplicate copies so you can't be surprised and "find" a box of ball

Re:

[Volante3192]

There are masks with braille that work pretty well. I have a friend who is blind and can vote just fine.

But those have to be specially made, and with ballots ranging from Federal, to State, to County to City elections, that takes time to translate and print. Plus, what if you run out or they get lost?

Note, I simply said easier. I find voting easy to begin with, but there's plenty of people who don't understand "Only fill the circle of the candidate you want elected" (more on this later.)

Last time I check

Re:

[Opportunist]

but there's plenty of people who don't understand "Only fill the circle of the candidate you want elected" (more on this later.)

Then they're too stupid to vote. The system works, if you ask me...

Re:

[phantomfive]

Because it's more convenient and the count should be more reliable. If it's secure, that should be enough.

Re:

[Onymous Coward]

Among the others, enabling a non-FPTP system.

If anyone isn't aware of how FPTP has hosed democracy, they should start here [wikipedia.org].

The primary concern I recognize is that FPTP collapses your system into a two-party system and makes third parties non-viable. Just try voting for Nader or Kucinich.

Re:

[Sique]

You don't need electronic voting to establish a non-FPTP system. Non-FPTP works fine in european states with paper and pencil voting.

Re:

[Onymous Coward]

I could be wrong, then. Tell me more about preferential voting and paper ballots that you're familiar with?

Re:

[miro f]

in Australia we number the candidates from 1 to x (where x is the number of candidates). The ballot papers are then counted manually into piles, and then once they've all been counted the smallest pile is broken up and split amongst the remaining piles, until someone has the majority.

Re:

[Onymous Coward]

Thanks for sharing. IRV is actually a pretty good system... in that it's better than plurality. In comparison, it could be better. [zesty.ca] Maybe there are manual count methods for better systems?

I have to say I'm still not entirely sure on the matter of electronic voting v. manual voting. I think most people who have strong opinions are basing them on too few criteria.

Re:

[Opportunist]

Most European countries I know accomplish the same feat with P&P voting.

E-paper

[MDMurphy]

Besides all the shielding options, perhaps this is a good use for E-paper displays? The persistent nature of the display would minimize the constant refreshing. The slow screen response would be unlikely to be an issue with a ballot.

Re:

[beej]

mod parent up

This happened with the Dutch in 2006

[JoshuaZ]

As discussed here in 2006, the Dutch had to modify their voting machines back in 2006 due to exactly this sort of attack. http://politics.slashdot.org/article.pl?sid=06/10/14/1641239 [slashdot.org]

Re:This happened with the Dutch in 2006

[RAMMS+EIN]

That's only part of the story.

The voting machines were vulnerable to more than just eavesdropping, although eavesdropping was the official story from the government and also what most of the press was about.

However, the voting machines have since been banned. The latest elections were held with paper and pencil. It's good that way.

Now if people would only understand this ...

Re:

[pv2b]

You seem to think that paper voting systems by neccessity depend on transporting all the ballots to a central location, where they'll be counted.

This is how paper voting works in Sweden. [www.val.se]

To summarize and simplify:

• On election night, the ballots are hand-counted by election officials at every polling station. Results are phoned in to the authorities and tallied, and made available to the general public. (Basically an entire database dump of vote tallies in every district is made available as an XML over the In

It could be big...

[JazzyMusicMan]

If we could somehow reach a level where e-voting was secure, think of the possibilities. The people might actually be heard! Now whether you think that is a good thing or not, I leave as an exercise for the reader. But what I'm trying to say is, imagine voting from your home computer on issues that matter to you. No longer will your representatives be able to hand wave about what their constituency wants, heck, you might not even need representatives.

Re:

[nietsch]

You just overlooked one small issue: voter turnout is already a problem in most democracies, as it is somewhat boring to vote for things your are not that interested in. If there were more elections, you would have to vote each week. Nobody is going to keep doing that, as most people do not see it as their job, and it is a process with very little positive feedback. So only the zealots and paid shills will remain, thus making your country run by big money and zealots with a nutty agenda. Not unlike the US i

As a person in the infosec field

[seifried]

This is why I love the Canadian method: paper with circles, make an "X" in the circle you want, fold the paper and put it in the ballot box. Good luck hacking that on a large scale (what with scrutineers from multiple parties watching the election and the count and each other, plus the people there as independent scrutineers watching everyone else), and monitoring it (little cardboard voting booth on a table, voila, privacy. The only argument I could imagine is finger prints on the ballots, but you can wear gloves if you want.

Re:

[Urkki]

This is why I love the Canadian method: paper with circles, make an "X" in the circle you want, fold the paper and put it in the ballot box.

Yes, except I personally think that having to write a number is better. If somebody is unable to do that, it's probably for the better... (blind and other disabled people need an assistant anyway).

Re:

[bruno.fatia]

You should consider that Brazil has almost 6 times the canadian population (180 million for Brazil and 30 for Canada) and that these voting machines have decreased the time it takes to display results greatly. We have results with 90%+ machines accounted in less than 12 hours. So far this hack has been the most significant issue and it can be prevented now that the information is public.

Dumb question...

[EricX2]

Why does the electronic voting machine have to be a touch screen? Why not a list of the options with buttons with an LED in them that light up when you press the button? The list could be on a separate display next to the buttons but nothing changes therefore the 'van eck phreaker' would only get the data on the screen, not the option picked... but I have no knowledge of this sort of stuff.

Maybe some places do that, but where I live we do vote by mail.

Re:

[StickyWidget]

Because people are stupid.

~Sticky

Re:

[dlgeek]

North Carolina used to use a system like that, a long time ago. (I remember my parents taking me with them when they voted, I got to help my mom submit her ballot, it must have been back in '96). However, the main draw of e-voting is accessibility: the ability to have high contrast and/or large size fonts, computer reading the ballot out loud, etc. This isn't possible with the equipment you describe.

Re:

[C0vardeAn0nim0]

because here in brasil we don't have voting districts, so in state and federal elections, a candidate from santos (a sea-side city in sao paulo state, some 80 km east of the state capital) can receive votes from people in ribeirão preto (a city 400 km west of the capital). this makes the candidate lists for federal and state deputies something in the thousands.

our voting system uses numbers. each party is assigned a number (ex. PP=11, PDT=12, PT=13, etc.) and every candidate have a number prefixed with

Dumber question...

[Civil_Disobedient]

Why does the electronic voting machine have to be

Why does the voting machine even have to be electronic?

Even one good reason would be nice.

It's not a practical approach

[SlappyBastard]

While in principle it is a good method for snooping a single monitor, it would take a ton of disentangling signals to read every monitor consistently at a polling place from any distance. It is not a practical way to screw with an election, considering that any party willing to snoop this aggressively is probably willing to do a lot more than just snoop.

Frankly, it shows just how effective Brazil's security measures are that hackers have to go this deep into the playbook to get even one sort of result.

Electronic voting in the largest democracy

[devendra_l]

Simple electronic voting machine that is successfully used by the largest democracy in the world :- http://en.wikipedia.org/wiki/Indian_voting_machines [wikipedia.org] btw, these machines are used in all sorts of conditions. In some remote places with no electricity.

Re:Van Eck Phreacking will always exist

[Frankie70]

If your country really is free (something that Brazil is good at) there is no problem telling everybody who you voted on..
Vote's anonymity only makes it easier to fake elections.

Don't be silly.
Secret ballot is one of the cornerstones of democracy.

In a secret ballot, you don't get bribed to vote for a particular person because you can
always say you voted for him while voting for him.
Likewise, about getting pressured about voting for someone.

Re:

[Frankie70]

In a secret ballot, you don't get bribed to vote for a particular person because you can
always say you voted for him while voting for him .
Likewise, about getting pressured about voting for someone.

Meant to write - "while voting for someone else".

Re:

[m.ducharme]

So her husband's candidate didn't vote for himself? Was he running against a Bush?

Re:

[Onymous Coward]

Vote coercion can't happen on effective scales.

How much cost and danger is involved with coercing a single vote?

Re:

[TheLink]

The people who think that secrecy matters so much are the ones living in a dream world.

In many of those countries, the secrecy of your vote hardly matters anyway. After all, they've already done most of the voting for you.

You might even get your hands chopped off for just daring to show up to vote.

In places where you can have voter intimidation without the police stepping in (or the police being the culprits), secrecy of your vote is not much of a concern.

And in some countries the voting system is so fast a

Re:

[Onymous Coward]

Maybe a long and ancient history.

But, yeah, I am referring to the difficulty in the US specifically.

Tell me, how would you, today, go about coercing votes in any practical way?

Re:

[cpscotti]

There is no "REAL" anonymous vote since the sums of votes in a voting station is publicly available...
You bribe half city; then check (on the publicly available channels) how many votes you got there... if you got less than expected... someone cheated and you "don't pay".

If your idea is not to bribe a huge amount of persons we don't care.

Bribe is another problem.. and can't really be solved by the voting machine itself.

Re:

[synthespian]

The "chain of custody" was actually good argument (too bad you have to wrap your argument in foul language - not good job skills, dude...)