Re: Stealing an Election: What's it worth?

From: Jim March <jmarch_at_prodigy_dot_net>
Date: Mon May 30 2005 - 15:18:21 CDT

To clarify something: not only does stock fraud as a motive work
financially, it also has the advantage of NOT needing a lot of
conspirators, and you NEVER need to "sell services" to "customers" who
might get "disgruntled".

What I mean is: say you're a Diebold employee or contractor, and you
make an offer to a candidate to steal the election his way for "x"
amount of money. Fine. Try that enough times, one of 'em will contact
the FBI, wear a wire to your next meeting, you're toast. You can
minimize the risk by making all "sales" to a single key party operative,
somebody on the level of Carl Rove or Terry McAuliff...but even then, if
it's ever in the interest of snakes like that to bump you, you're gone.
(And yes, I consider both to be snakes.)

A stock scheme wouldn't have that risk of "stranger connections". You'd
have a group of as few as three people, as many as eight or so scattered
within Global/Diebold Election Systems. You need somebody on the
programming staff, somebody loading software on the boxes being shipped,
somebody who's a stock guy, somebody who's a political wonk enough to
suspect which races will affect which stocks. And maybe one or two
field people monitoring things at specific counties. Some of these
tasks can be "doubled up". Cocaine import rings with that many insiders
have operated for years.

Sometimes a political situation will happen where it's dead obvious what
the stock results would be. Reagan vs. Mondale for example: everybody
*knew* what that matchup would do for defense industry stocks! Reagan
vs. Carter for that matter, or Bush vs. Gore. Gore was such a publicly
avvowed "greenie" you just KNEW he would have affected alternative
energy stocks fr'instance and you could probably short-sell defense
industry pretty big.

And so on. Local bond construction measures even moreso.

The gang pulling it off doesn't need to interact with outside players at
all...not even to the extent major drug dealers do. It's ALL "in the

And that makes it one of the safest forms of crime ever thunk up.


Ed Kennedy wrote:

> Hello Arthur and all:
> There seems to be something missing here in this analysis. Just as in
> a murder mystery, one looks for motives, means and opportunities. we
> have here, the means, either corrupt or incompetent voting machine
> design and use with money as the weapon, opportunity in every election
> but no formal discussion of motive for stealing the election. While
> Jim March has clearly given some thought to this I'd like to see it
> quantified along the lines of the rest of the discussion.
> Obviously power is a wonderful thing but it can destroy the wielder of
> that power unless used responsibly and brings with it burdensome
> responsibilities and duties. Frankly I would be more inclined to see
> the likelihood of quick economic gain as the motive. For the purpose
> of this little discussion I'll rule out the desire to impose one's
> will upon another as a motive. That seems more like a means anyway.
> --
> Thanks, Edmund R. Kennedy
> Always work for the common good.
> 10777 Bendigo Cove
> San Diego, CA 92126-2510
> I blog now and then at: <>
> Also, I've got a web site at <>
> ----- Original Message -----
> *From:* Arthur Keller <>
> *To:* Open Voting Consortium discussion list
> <>
> *Sent:* Sunday, May 29, 2005 5:47 PM
> *Subject:* [OVC-discuss] Stealing an Election: What's it worth?
> Crypto-Gram Newsletter
> April 15, 2004
> by Bruce Schneier
> Founder and CTO
> Counterpane Internet Security, Inc.
> <>
> <>
> <>
> A free monthly newsletter providing summaries, analyses, insights,
> and commentaries on security: computer and otherwise.
> Back issues are available at
> <>. To subscribe, visit
> <> or send a blank message
> to
> *Stealing an Election*
> There are major efforts by computer security professionals to
> convince government officials that paper audit trails are
> essential in any computerized voting machine. They have conducted
> actual examination of software, engaged in letter writing
> campaigns, testified before government bodies, and collectively,
> have maintained visibility and public awareness of the issue.
> The track record of the computerized voting machines used to date
> has been abysmal; stories of errors are legion. Here's another way
> to look at the issue: what are the economics of trying to steal an
> election?
> Let's look at the 2002 election results for the 435 seats in the
> House of Representatives. In order to gain control of the House,
> the Democrats would have needed to win 23 more seats. According to
> actual voting data (pulled off the ABC News website), the
> Democrats could have won these 23 seats by swinging 163,953 votes
> from Republican to Democrat, out of the total 65,812,545 cast for
> both parties. (The total number of votes cast is actually a bit
> higher; this analysis only uses data for the winning and
> second-place candidates.)
> This means that the Democrats could have gained the majority in
> the House by switching less than 1/4 of one percent of the total
> votes -- less than one in 250 votes.
> Of course, this analysis is done in hindsight. In practice, more
> cheating would be required to be reasonably certain of winning.
> Even so, the Democrats could have won the house by shifting well
> below 0.5% of the total votes cast across the election.
> Let's try another analysis: What is it worth to compromise a
> voting machine? In contested House races in 2002, candidates
> typically spent $3M to $4M, although the highest was over $8M. The
> outcomes of the 20 closest races would have changed by swinging an
> average of 2,593 votes each. Assuming (conservatively) a candidate
> would pay $1M to switch 5,000 votes, votes are worth $200 each.
> The actual value is probably closer to $500, but I figured
> conservatively here to reflect the additional risk of breaking the
> law.
> If a voting machine collects 250 votes (about 125 for each
> candidate), rigging the machine to swing all of its votes would be
> worth $25,000. That's going to be detected, so is unlikely to
> happen. Swinging 10% of the votes on any given machine would be
> worth $2500.
> This suggests that it is necessary to assume that attacks against
> individual voting machines are a serious risk.
> Computerized voting machines have software, which means we need to
> figure out what it's worth to compromise a voting machine software
> design or code, and not just individual machines. Any voting
> machine type deployed in 25% of precincts would register enough
> votes that malicious software could swing the balance of power
> without creating terribly obvious statistical abnormalities.
> In 2002, all the Congressional candidates together raised over
> $500M. As a result, one can conservatively conclude that affecting
> the balance of power in the House of Representatives is worth at
> least $100M to the party who would otherwise be losing. So when
> designing the security behind the software, one must assume an
> attacker with a $100M budget.
> Conclusion: The risks to electronic voting machine software are
> even greater than first appears.
> This essay was written with Paul Kocher.
> -------------------------------------------------------------------------------
> Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA 94303-4507
> tel +1(650)424-0202, fax +1(650)424-0424
> ------------------------------------------------------------------------
> _______________________________________________
> OVC discuss mailing lists
> Send requests to subscribe or unsubscribe to
>OVC discuss mailing lists
>Send requests to subscribe or unsubscribe to

OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Tue May 31 23:17:49 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:53 CDT