Navigation
Topics
Log In
Log Out
:
Special Search
New Today
New This Week
Advanced Search
Tree View
Your Account
Edit Profile
Register
Forgot Password
Tools
Help/Instructions
Policies
...
|
| 11-13-06: Yes, the files on Slashdot ... |
|
| Author |
Message |
    
Bev Harris
Frequent Voting Rights Forum Participant
Username: Site_admin
Post Number: 183
Registered: 10-2006
Best of Black Box? 
Votes: 1 (A keeper?) | | Posted on Monday, November 13, 2006 - 1:17 pm: | 
|
They are on a different server but indeed, it was I that e-mailed the links to a fellow citizen for examination.
What are we talking about? ES&S program files have been posted for the "Unity" central tabulator, which need to be examined in the public interest, now that elections are melting down (again) on ES&S equipment.
"ES&S 'Unity' central tabulator software.
Software stash: three zip files --
http://www.blackbox1.org/ems.zip
http://www.blackbox1.org/un5.zip
http://www.blackbox1.org/Unity.zip
When you document 18,000 votes lost in Sarasota County, Florida, and more anomalies in several other states (which we are working on right now!) at some point it's a good idea to see for ourselves how the programmers think.
A wonderful citizen posted my e-mail message to him and some Florida and Ohio activists to Slashdot. Some respondents to the Slashdot article (here: http://it.slashdot.org/article.pl?sid=06/11/13/1843244&threshold=1 ) wonders if this is some nefarious plot by a fake Black Box Voting to put bogus software on the web containing a trojan horse.
Nope.
If the stuff was posted here at Black Box Voting, this whole site would slow down due heavy traffic downloading very large .zip files. That's all.
As mentioned in the previous lead story here, software from all of the big four manufacturers escaped into the wild.
Some ask what can be learned without source code. Remember that we did not have source code for the Diebold GEMS system, which corresponds with Unity for the Diebold system. Yet we learned that it uses Microsoft Access, with no referential integrity. We learned that the passwords are sitting right there in an MS Access table waiting to be replaced. We learned that there are two sets of books.
There may be a lot that can be learned just by installing the program and tinkering. Unity, like GEMS and WinEDS, runs on Windows. |
Tom Sweet
Voting Rights Forum Participant
Username: Tsweet
Post Number: 48
Registered: 06-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, November 13, 2006 - 7:51 pm: |
|
I can't find the story about the software escaping into the wild.
BTW,any company that does not password protect their installs, include a license agreement in the install, obfuscate their .NET code and provide for some sort of license key to be entered on first run really can't complain if someone gets a hold of it a publishes it everywhere. |
Bob Brown
Voting Rights Forum Participant
Username: Bzelbob
Post Number: 1
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, November 13, 2006 - 8:23 pm: |
|
Additional thoughts on the /. posted software:
- Exe's do not contain company name & other needed info in version info. 
- Poor code organization in directory
- Poor naming for some items (RTP?)
I noticed that this software appears to be the ancestor of the very software used in my own county (Clay in FL.) Yikes!
Thanks for posting this.
P.S. Saw "Hacking Democracy"; it was brilliant! |
Bev Harris
Frequent Voting Rights Forum Participant
Username: Site_admin
Post Number: 189
Registered: 10-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 14, 2006 - 6:11 pm: |
|
Here are some comments from Slashdot that I found particularly insightful:
This one from anonymous, for obvious reasons
quote:Some close-proximity insight for those evaluating ES&S. I'm an Omaha resident and have knowledge of ES&S's application development and information security environment.
1. Senior management does not see information security as ES&S's responsibility. The developers are under very tight schedules and are not given much in terms of time and resources to focus on the "apply security after dev is done" model ES&S uses. I discounted this a bit since nearly every programmer complains about not having enough time and resources, but believe there is some merit in the case of ES&S.
2. The codebase was never designed from a security perspective and is old legacy code that has been dragged along into newer OS platforms.
3. ES&S senior management believes that information security is the responsibility of their technology providers. For instance, they attribute OS and networking flaws to Microsoft and indicate they are not responsible for these issues as they're "only users." Unfortunately, in the shop I work in, we're aware Microsoft disagrees and expects us to harden our apps, OS, network and general environment.
4. ES&S security staff are not very well qualified. Internal audits are not performed unless a client requires it, and unfortunately, most governmental clients only know to ask for a SAS-70 (which is usually done by an accountant and says nothing material about information security). Internal security processes are seriously lacking.
5. Constructive criticism is not well tolerated within ES&S's business environment. Production schedules are tough and resource challenges are pushing people to the edge. Shortcuts with the promise of "coming back later to tighten up all these holes" is common practice.
I should note that many of the people that work there are well intentioned and are trying to do their best, but until clients expose these flaws and know how to demand better security (vs. the useless SAS-70), senior management won't realize it needs to allocate these resources. Presently, security is perceived as an unnecessary overhead cost that is the responsibility of others, not ES&S.
And this one a particularly astute analogy for the state of our current election system
by C10H14N2 (640033)
quote:I manage critical applications (of the 'people can die if the system breaks down' variety) and the key is the the "high-tech" bits are just PART of the system--and the most untrusted part of them to boot. When I saw this application, my first thought was "Good lord, this is FAR too vertical for the intended purpose." Trusting the same thing to collect, record, count, aggregate and report the same numbers? Crazy. In a proper system, each step of that process should be independently capable of validating the next, interchangeable with another component of arbitrary source, whether it is a collection of people, machines or combination of the above. If they cannot agree, the process should start again from the beginning until they DO.
That last bit is the most glaringly obvious problem in our system. When we have total disagreement, all it takes is a Secretary of State to sign off that we officially don't care.
In what I do, it would be akin to patient coming in and saying they have asthma, the doctor writing a scrip for Albuterol, the computer registering Preparation-H, the pharmacist dispensing Aspirin and the nurse administering Heroin, then everyone agreeing that the patient got the Albuterol and no one having the means to prove otherwise...then replacing the computer and saying everything's all better now, pity the patient is dead.
I'm glad to see you're going in the direction of correcting the system, not just the unnecessarily fancy blinkenlights.
It is truly inspiring, admirable work you are doing.
And this one for you techs out there
quote:The file un5.zip contains an installer for what appears to be ballot designing software. It can't be started up properly without patching the binary, though, because it checks for the presence of a specific printer driver. At least under Wine in Linux anyway -- I don't have a copy of Windows to test it on.
To fix the problem, open opt.exe in a hex editor and nop out 30 bytes starting at offset 0x30527. Save the file and rerun opt.exe. You can now play around with ballot software!
Interestingly, some of the data files contain locality information. OPTBATCH.DAT has references to several locations in Pennsylvania, but the software itself is licensed to Tarrant County, Texas. The string "Tarrant County" is part of the actual binary opt.exe, leading me to believe that the applications are built specifically for each municipality.
|
Aaron Conaway
Voting Rights Forum Participant
Username: Votingwebguy
Post Number: 1
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 14, 2006 - 7:20 pm: |
|
EMS's software has 2,000+ different files? Why? I know most are data files, etc., but it just seems like somebody went through a lot of trouble to over do it. Batch files? Process information with a lot of wildcard symbols? Okay. Something you'd expect to see from a freshman DOS 3.3 programmer in the early 90's.
Unity's contents, 38 meg zip file should set off a flag, why such a mass to do a tiny job? Unity and EMS's collections of files look like they were written to produce the same thing. A mess. Very easy by the way to modify one file to change everything in the process for later, isn't it?
And what about GEMS? 17 megabytes of bug tracks? Very suspicious. Something I'd do to fall back on when I plan to screw up or the software won't work right. "Well, we located the problem and are working on it"--kind of excuse for when it screws up because somebody planned on it. "We're planing to fail! But we have a back-up plan." Rumsfeld could of used this software to get us out of Iraq.
At least the structure/contents of "un 5.71" appear honest. I'm making virtual machines for these to test them tonight. I am truly,
Yours,
Aaron Conaway |
Bev Harris
Frequent Voting Rights Forum Participant
Username: Site_admin
Post Number: 192
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 14, 2006 - 10:20 pm: |
|
Aaron,
Honest software or not, we will be interested in your observations, even about basic structural issues. Good, bad, and simply informational.
(Message edited by site_admin on November 14, 2006) |
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 1
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Saturday, November 18, 2006 - 7:17 pm: |
|
http://www.google.com/search?num=100&hl=en&lr=&safe=off&q=CANDIDAT.DBF&btnG=Sear ch
This file, which resides in (al/most) every per-election path (\Unity\Unity\EDM\<election>\) (unity.zip)
Popped up on google. I was able to translate some of the pages but i cannot find a decent free online translator that does not expire (translation-guide.com expires)
It does appear the results are in romanian. Digging into the results we find a program called 'Adlic' (per program paths in some results) and if we do another search
http://www.google.com/search?num=100&hl=en&lr=&safe=off&q=adlic+election+softwar e&btnG=Search
We can see there does appear to be some odd tie to election related software.
http://en.wikipedia.org/wiki/DBASE appears to be a commonly used file type for importing/exporting data
Based on the filename 'canidat' it is not that difficult to assume one might find election related results. There may be nothing to this.
(Message edited by PiGGY on November 18, 2006) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3466
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 19, 2006 - 2:58 am: |
|
Hi Jed,
Good catch. This is a very interesting observation, because of some possible historical and personal connections with people involved with several election systems.
I hope that Bev will respond to your post.
Thanks very much for sharing this information, and welcome to BBV. |
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 2
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, November 19, 2006 - 9:46 am: |
|
Another file popped up when doing a search
http://www.google.com/search?num=100&hl=en&lr=&safe=off&q=TPHRAS.DBF&btnG=Search
Ok, so this is apparently a list of files that come with contained election-related software (Unity Ballot Image Manager & Election Data Manager being some of them) - the purpose of this file list, as stated via http://www.nsrl.nist.gov/votedata.html is apparently so one can verify the integrity of the software provided from the vendors. Although it does state "having other versions, or versions which have been altered for authorized reasons, will be unable to use this web site" & also states "voluntarily provided by voting software vendors"
If we open the file NSLRPROD.TXT (from the site or zip) it gives us a list of versions (i'm assuming) that are supported/reflected by the main list.
The highest version listed for Ballot Image Manager is 2.4.3 - however if we look @ the software BBV came up with, both versions are 2.8.5 ... Update: I was going by the versions reflected IN the application, however if we look at the version reflected by the executable file (opt.exe) they both say 2.8.0.0 ..
Update: The highest version listed for the Election Data Manager is 2.4.2 - again if we look @ the software BBV came up with both versions are 5.7.1 (5.7.1.0 @ bdm.exe) ..
Also note that the NIST web page is dated Nov 1st & Nov 6th 2006 so .. i'm not sure why they would have such old versions.
-------
I guess my question is, given the unity zip/software contained '99-04' election data, why wouldn't any of the versions be reflected by the NIST website? - Even if custom versions were provided for major & minor elections for specific areas, what would be the reason? (given the span of time the contained elect data covers)
I'm not so sure this file list (& more) should just 'be' on the internet. Given i found it via google. At the least, i would suggest putting some ~simple password protection on that section of the website. Wouldn't election ~officials be the only people who would be viewing this? That list of files, appears to also contain file names for what would be source code files.
(~unrelated) if you're bored this is kind of an interesting read:
http://josephhall.org/nqb2/index.php?title=guilford_ess_letter
(Message edited by PiGGY on November 19, 2006) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3470
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 19, 2006 - 11:43 am: |
|
More interesting finds, Jed.
I hope that you have downloaded all these files and filelists, and/or saved screenshots from the NIST website. These kinds of things have a way of disappearing off the internet. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 5828
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 19, 2006 - 1:09 pm: |
|
I tried to capture some of them but am on VERRRY slow access speed this weekend, so was unsuccessful. Hope all the pages can be captured. Thanks very much for the research you're doing, Jed, and I am following it. Looking forward to high speed access tomorrow.
GET BEHIND HB 6200. Requires public hand-counting of ballots for the 2008 presidential race, at the precinct, before the ballots leave the polling place.
(Say no to HR 550. It's dangerous.)
|
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 3
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, November 19, 2006 - 6:47 pm: |
|
Ok, what a mess - i decided to start archiving the files found in a dated/proper fashion and take some screen shots, something i overlooked last time:
http://www.google.com/search?hl=en&q=site%3Awww.nsrl.nist.gov%2Fvoting%2F*&btnG=Google+Search
Is the amount of pages this NIST web page has put out, which is reflected here:
http://www.nsrl.nist.gov/voting/
i've now fully stored every page, and every file from every page in appropriate/dated sections.
Where it takes a dive is, the VoteRDS20061106.zip is corrupted (4KB not 300KB like the site says, no files within, and cannot be opened) Which can be downloaded from here: http://www.nsrl.nist.gov/votedata.html or here: http://www.nsrl.nist.gov/voting/20061106/ - Both of which, i believe are the ~same page pointing to the same files. (because it's the most current *at this time)
Not a big deal (right?) given the files that are stored in each .zip are also directly available on each web page.
However if we compare the November 6th NSLRFILE.TXT to the November 1st NSLRFILE.TXT we'll notice that for some reason the November 6th file is 3KB smaller then the November 1st. From what i have gathered so far, this wouldn't make sense because every update of the file is supposed to contain more. Not less. Compared to all other NSLRFILE.TXT files, they are sequentially less or the ~same in size as you go back in dates. Even if you look @ the /voting/ page it's always mentioning 'added' never a mention of removed. Now we could give a vendor the benefit of the doubt and assume, the 'latest' version they provided may contain a ~few less files. Great, problem is.. does that mean the previous versions files get removed from these .txt files?? - That's not how this should work, nor had worked in the past based on the other files.
- This could essentially mean anyone trying to verify the integrity of their election software post or prior to the last election, would be faced with a corrupt zip file and an NSLRFILE.TXT that is for some reason smaller. - Though to be honest i have doubts many people used this site, if at all.
I checked every (dated) NSRLProd.txt i downloaded for versions 2.8* (BIM) & 5.7* (EDM) - nothing found.
----------
Given the amount of 'revisions' (much like the software) of these web pages. I cannot honestly believe that one could properly verify the integrity of election software. Updates of the pages (and thus i'm assuming files) are either days in a row, or only a few days apart. (if not one) - Additionally, as we already know, not every version is actually listed here. Given the dates of these files & web pages, one could possibly assume that the vendors have an absolute last-second 'deadline'.
@ ~9PM PST one of the file downloads (VoteRDS20061106.zip) (the corrupt one) (direct or via page, but not the html/pages themselves) @ NIST went down. I'm not sure if this is temprorary, or intentional, The error returned from the server is a 404 (file not found) ah... i just had some one in a diff city attempt to get that file (from http://www.nsrl.nist.gov/votedata.html ) via that page and it is also returning a 404 so it's not just me.
- I just went through and verified all of the other zip files are still available on their site EXCEPT for that one. I have little doubt some one just pulled it.
- I just noticed the digital signature file was also removed (VoteRDS20061106.txt)
(Message edited by PiGGY on November 19, 2006) |
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 4
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, November 19, 2006 - 7:25 pm: |
|
Oh and you were looking for interesting screen shots?
http://img133.imageshack.us/img133/8702/pray02gg7.png
This is a screen shot taken from within the IDA 5.0 (demo) decompiler program i grabbed and took a look @ the opt.exe - I just happened to run accross this portion of commented code. There is also other comments, and a few of which contain dates of revisions.
- I've not yet had time to look over BDM
(Message edited by PiGGY on November 19, 2006) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3477
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 20, 2006 - 2:28 am: |
|
What's the implication of the highlighted slashes?
The comment about adding specialized code is interesting. (Could this be completely innocuous, like the place to add a candidate name or precinct number?)
It sure doesn't look good that they've pulled a file dated the day before the election. . . Is this a red flag waving or what? |
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 5
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 20, 2006 - 3:02 am: |
|
The slashes in yellow mean nothing it was what is after the 2 gray highlighted slashes that i thought was 'funny'. In reference to the 'insert code' i've had some one else go over that with me and it occurs several times and may not actually 'mean anything'.
Regarding pulling the files down (which are still down). Ahh yeah. Who @ the .gov works on a sunday night?+
(Message edited by PiGGY on November 20, 2006) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3479
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 20, 2006 - 3:18 am: |
|
Jed: "Who @ the .gov works on a sunday night?+"
Wow. I hadn't even considered that twist. I wonder if ES&S can upload or download files to that website? My guess is that they can.
ES&S and other vendors probably monitor the BBV website very carefully--that's why I was eager for you to get what you could & document it asap. |
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 6
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 20, 2006 - 3:31 am: |
|
I'd like to think that the vendors do not have access to that site. They probably don't. There's no specific files per-vendor (to be changed) so i tend to doubt it. One thing i can say though, is that it is as if the site is being administrated remotely. |
Bev Harris
Frequent Voting Rights Forum Participant
Username: Site_admin
Post Number: 215
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 20, 2006 - 9:03 am: |
|
ES&S is thrashing about issuing demands about links that don't exist at Black Box Voting. Refer to new lead story for the details. |
Jed Vankrieken
Voting Rights Forum Participant
Username: Piggy
Post Number: 8
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 20, 2006 - 9:13 pm: |
|
Time for a rant.
I think i am throwing in the towel for a little while as i've really burned myself out, and at times i need the most simple & (blatently) obvious of help and there's no one.
I know there had to have been more+ then a few+ people who followed those files being pulled down ((which i have not even had the chance to properly check on today) (spent 2+ hours today inspecting publically available sig files)) and could've easily just have verified it (happend) for me. Yet no one even did that. Like that's even asking anything.
I've got an entirely unrelated 2+ year internet project going on that is the same story at the moment.
I think i've left plenty regarding the 'unknown' i don't understand why no one wants to help. Is everyone really that spineless? It's almost as if the /. users are here.
I am not defecting. I just cannot be doing blatently obvious work redundantly & exclusively on my own in the direct face of people just staring at me. This is rediculous, we're all using computers ffs. Click the damn link, verify it's dead. Download a couple public (NIST) files, back me up on what i've been saying. If i had the ball there's no one to pass it to, and no one is passing it to me. (this is not a spectator sport people) Maybe i screwed up somewhere? Who cares to note it? No one is scrutinizing or verifying anything. Do Anything, anything at all.
If i'm requested to do something specifically i will probably act on it.
ES&S will be happy to know i verified the integrity of some full election data found, that was correctly reflected by public records. (mmm #'s++) I spent 2 hours or more on this today. (see! i'm not all THAT bad)
Good or bad, and everything in between, i'm just here to note the differences & anomalies. If you knew what i 'do' you'd probably actually believe that.
At this time, i am just going to follow the forums.
(Bev this was not at all directed @ you, likely much of what i've just said you have been or are dealing with yourself, i do not envy your position) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3489
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 21, 2006 - 1:16 am: |
|
Hi Jed,
Sometimes it's hard to know what anyone else sees or doesn't see.
Like yourself I go through periods where I might be more intensely involved with a certain piece of the puzzle, and then I need to take a breather.
I assume there are technical folks following up on these things, but I don't know how thoroughly other people keep up with new threads/updates. (I use the "check for new posts since my last visit" option but maybe there aren't very many people who do that.)
Are you concerned because no one was downloading from the links, or because no one has posted replies here? (Lack of posts doesn't always = lack of activity) |
Joe Irrera
Voting Rights Forum Participant
Username: Jirrera
Post Number: 1
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, November 26, 2006 - 12:44 pm: |
|
I'm a Microsoft software developer/database administrator in Nashville. I've had a chance to install the ES&S Election Data Manager a bit. As was stated earlier, this appears to be the ballot definition file designer software. I wish it was the "Election Reporting Manger" software which supposedly stores and reports the vote totals.
In any case this software appears to store the data in dBASE format (.dbf) which is easily imported into MS Access, can be edited and then exported with the changes. It can also be opened and saved by MS Excel, if less than 65,000 rows.
I would imagine the database format would be the same for Election Reporting Manager as well.
During this past election I was a poll watcher and had the opportunity to not only witness the ES&S iVotronic PEB accumulation process, I was then able to see the Unity Election Reporting Manger import process as each voting district's PEB was imported via infrared reader into Unity on a standard Windows laptop, and then saved to a USB thumb drive for distribution to other PC users. These other users were then performing miscellaneous functions like posting totals to the county website, uploading to media outlets and projecting current totals on a screen in the room.
Interestling, I heard one helper bring a precinct PEB to the Unity PC operator say this particular PEB was blank as it somehow failed to store the vote totals and asked if Unity could instead import the totals off the memory card. The operator simply set that PEB asside. I don't know if later on they were able to import off the memory card as I left before then. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3509
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 26, 2006 - 3:14 pm: |
|
Hello Joe,
That is an outstanding--and revealing--report. ES&S will be getting a lot more attention in the days ahead, thanks to all the new information from folks like you.
Welcome to BBV! |
Bev Harris
Frequent Voting Rights Forum Participant
Username: Site_admin
Post Number: 237
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 27, 2006 - 6:48 am: |
|
Joe,
Great report. I'll be following up with you privately.
Bev |
|
|
