Navigation
Topics
Log In
Log Out
:
Special Search
New Today
New This Week
Advanced Search
Tree View
Your Account
Edit Profile
Register
Forgot Password
Tools
Help/Instructions
Policies
...
|
| 5-27-05: Optical scan system hacked (... |
|
| Author |
Message |
    
admin
Board Administrator
Username: admin
Post Number: 536
Registered: 12-2004
Best of Black Box? 
Votes: 73 (A keeper?) | | Posted on Friday, May 27, 2005 - 5:03 pm: | 
|
Tallahassee, FL: "Are we having fun yet?"
( SEE TECHNICAL REPORT HERE: http://www.blackboxvoting.org/BBVreport.pdf)
This is the message that appeared in the window of a county optical scan machine, startling Leon County Information Systems Officer Thomas James. Visibly shaken, he immediately turned the machine off.
Diebold's opti-scan (paper ballot) voting system uses a curious memory card design, offering penetration by a lone programmer such that standard canvassing procedures cannot detect election manipulation.
The Diebold optical scan system was used in about 800 jurisdictions in 2004. Among them were several hotbeds of controversy: Volusia County (FL); King County (WA); and the New Hampshire primary election, where machine results differed markedly from hand-counted localities.
New regs: Counting paper ballots forbidden
Most states prohibit elections officials from checking on optical scan tallies by examining the paper ballots. In Washington, Secretary of State Sam Reed declared such spontaneous checkups to be "unauthorized recounts" and prohibited them altogether. New Florida regulations will forbid counting paper ballots, even in recounts, except in highly unusual circumstances. Without paper ballot hand-counts, the hacks demonstrated below show that optical-scan elections can be destroyed in seconds.
A little man living in every ballot box
The Diebold optical scan system uses a dangerous programming methodology, with an executable program living inside the electronic ballot box. This method is the equivalent of having a little man living in the ballot box, holding an eraser and a pencil. With an executable program in the memory card, no Diebold opti-scan ballot box can be considered "empty" at the start of the election.
The Black Box Voting team proved that the Diebold optical scan program, housed on a chip inside the voting machine, places a call to a program living in the removable memory card during the election. The demonstration also showed that the executable program on the memory card (ballot box) can easily be changed, and that checks and balances, required by FEC standards to catch unauthorized changes, were not implemented by Diebold -- yet the system was certified anyway.
The Diebold system in Leon County, Florida succumbed to multiple attacks.
Ion Sancho: Truth and Excellence in Elections
Leon County Elections Supervisor Ion Sancho and Information Systems Officer Thomas James had already implemented security procedures in Leon County far exceeding the norm in elections management. This testing, done by a team of researchers including Black Box Voting, independent filmmakers, security expert Dr. Herbert Thompson, and special consultant Harri Hursti, was authorized by Mr. Sancho, in an unusual act of openness and courage, to identify any remaining holes in Leon County's election security.
The results of the memory card hack demonstration will assist elections supervisors throughout the U.S., by emphasizing the critical importance of accounting for each and every memory card and protecting access.
Findings:
Computer expert Harri Hursti gained control over Leon County memory cards, which handle the vote-reporting from the precincts. Dr. Herbert Thompson, a security expert, took control of the Leon County central tabulator by implanting a trojan horse-like script.
Two programmers can become a lone programmer, says Hursti, who has figured out a way to control the entire central tabulator by way of a single memory card swap, and also how to make tampered polling place tapes match tampered central tabulator results. This more complex approach is untested, but based on testing performed May 26, Hursti says he has absolutely no reason to believe it wouldn't work.
Three memory card tests demonstrated successful manipulation of election results, and showed that 1990 and 2002 FEC-required safeguards are being violated in the Diebold version 1.94 opti-scan system.
Three memory card hacks
1. An altered memory card (electronic ballot box) was substituted for a real one. The optical scan machine performed seamlessly, issuing a report that looked like the real thing. No checksum captured the change in the executable program Diebold designed into the memory card.
2. A second altered memory card was demonstrated, using a program that was shorter than the original. It still worked, showing that there is also no check for the number of bytes in the program.
3. A third altered memory card was demonstrated with the votes themselves changed, showing that the data block (votes) can be altered without triggering any error message.
How to "Roll over the odometer" in Diebold optical scan machines
Integer overflow checks do not seem to exist in this system, making it possible to stuff the ballot box without triggering any error message. This would be like pre-loading minus 100 votes for Tom and plus 100 votes for Rick (-100+100=ZERO) -- changing the candidate totals without changing the overall number of votes.
A more precise comparison would be this: The odometer on a car rolls over to zero after 999,999. In the Diebold system tested, the rollover to zero happens at 65,536 votes. By pre-loading 65,511 votes for a candidate, after 25 real votes appear (65,511 plus 25 = 65,536) the report "rolls over" so that the candidate's total is ZERO.
This manipulation can be balanced out by preloading votes for candidate "A" at 65,511 and candidate "B" at 25 votes -- producing an articifial 50-vote spread between the candidates, which will not be obvious after the first 25 votes for candidate "A" roll over to zero. The "negative 25" votes from the odometer rollover counterbalance the "plus 25" votes for the other candidates, making the total number of votes cast at the end of the day exactly equal to the number of voters.
While testing the hack on the Leon County optical scan machine, Hursti was stunned to find that pre-stuffing the ballot box to "roll over the odometer" produced no error message whatsoever.*
*We did not have the opportunity to scan ballots after stuffing the ballot box. Therefore, the rollover to zero was not tested in Leon County. This integer overflow capability is discernable in the program itself. We did have the opportunity to test a pre-stuffed ballot box, which showed that pre-loaded ballot boxes do not trigger any error message.
Simple tweaks to pass L&A test and survive zero tape
Though the additional tweaks were not demonstrated at the Leon County elections office, Hursti believes that the integer overflow hack can be covered up on the "zero tape" produced at the beginning of the election. The programming to cover up manipulations during the "logic & accuracy test" is even simpler, since the program allows you to specify on which reports (and, if you like, date and time of day) the manipulation will affect.
The testing demonstrated, using the actual voting system used in a real elections office, that Diebold programmers developed a system that sacrifices security in favor of dangerously flexible programming, violating FEC standards and calling the actions of ITA testing labs and certifiers into question.
In the case of Leon County, inside access was used to achieve the hacks, but there are numerous ways to introduce the hacks without inside access. Outside access methods will be described in the technical report to be released in mid-June.
Security concerns
Putting an executable program into removable memory card "ballot boxes" -- and then programming the opti-scan chip to call and invoke whatever program is in the live ballot box during the middle of an election -- is a mind-boggling design from a security standpoint. Combining this idiotic design with a program that doesn't even check to see whether someone has tampered with it constitutes negligence and should result in a product recall.
Counties that purchased the Diebold 1.94 optical scan machines should not pay for any upgraded program; instead, Diebold should be required to recall the faulty program and correct the problem at its own expense.
None of the attacks left any telltale marks, rendering all audits and logs useless, except for hand-counting all the paper ballots.
Is it real? Or is it Memorex?
For example, Election Supervisor Ion Sancho was unable to tell, at first, whether the poll tape printed with manipulated results was the real thing. Only the message at the end of the tape, which read "Is this real? Or is it Memorex?" identified the tape as a tampered version of results.
In another test, Congresswoman Corrine Brown (FL-Dem) was shocked to see the impact of a trojan implanted by Dr. Herbert Thompson. She asked if the program could be manipulated in such a way as to flip every fifth vote.
"No problem," Dr. Thompson replied.
"It IS a problem. It's a PROBLEM!" exclaimed Brown, whose district includes the troubled Volusia County, along with Duval County -- both currently using the Diebold opti-scan system.
This system is also used in Congressman John Conyers' home district, in contentious King County, Washington, and in Lucas County, Ohio (where six election officials resigned or were suspended after many irregularities were found.)
Diebold optical scans were used in San Diego for its ill-fated mayoral election in Nov. 2004.
- - - - - - - - - - -
Optical scan systems have paper ballots, but election officials are crippled in their ability to hand count these ballots due to restrictive state regulations and budget limitations.
The canvassing (audit) procedure used to certify results from optical scan systems involves comparing the "poll tapes" (cash register-like results receipts) with the printout from the central tabulator. These tests demonstrate that both results can be manipulated easily and quickly.
Minimum requirements to perform this hack:
1. A single specimen memory card from any county using the Diebold 1.94 optical scan series. (These cards were seen scattered on tables in King County, piled in baskets accessible to the public in Georgia, and jumbled on desktops in Volusia county.)
2. A copy of the compiler for the AccuBasic program. (These compilers have been fairly widely distributed by Diebold and its predecessor company, and there are workarounds if no compiler is available.)
3. Modest working language of any one of the higher level computer languages (Pascal, C, Cobol, Basic, Fortran...) along with introductory-level knowledge of assembler or machine language. (Machine language knowledge needed is less than an advanced refrigerator or TV repairmen needs. The optical scan system is much simpler than modern appliances).
The existence of the executable program in the memory card was discernable from a review of the Diebold memos. The test hacks took just a few hours for Black Box Voting consultants to develop.
Nearly 800 jurisdictions conducted a presidential election on this system. This system is so profoundly hackable that an advanced-level TV repairman can manipulate votes on it.
Black Box Voting asked Dr. Thompson and Hursti to examine the central tabulator and the optical scan system after becoming concerned that not enough attention had been paid to optical scans, tabulators and remote access.
Thompson and Hursti each found the vulnerabilities for their respective hacks in less than 24 hours.
"Open for Business"
When it comes to this optical-scan system, as Hursti says, "It's not that they left the door open. There is no door. This system is 'open for business.'"
The question now is: How brisk has business been? Based on this new evidence, it is time to sequester and examine the memory cards used with Diebold optical scans in Nov. 2004.
The popularity of tamper-friendly machines that are "open for business" in heavily Democratic areas may explain the lethargy with which Democratic leaders have been approaching voting machine security concerns.
The enthusiasm with which Republicans have endorsed machines with no paper ballots at all indicates that neither party really wants to have intact auditing of elections.
The ease with which a system -- which clearly violates dozens of FEC standards going back to 1990 -- was certified calls into question the honesty, competence, and personal financial transactions of both testing labs and NASED certifiers.
Revamp and update hand-counted paper ballot technology?
Perhaps it is time to revisit the idea of hand-counted paper ballots, printed by machines for legibility, with color-coded choices for quick, easy, accurate sorting and counting. We should also take another look at bringing counting teams in when the polls close, to relieve tired poll workers.
This report is the "non-techie" version of a more formal technical report, which can be found at: http://www.blackboxvoting.org/BBVreport.pdf
PERMISSION TO REPRINT GRANTED AS LONG AS YOU PROVIDE A LINK TO http://www.blackboxvoting.org
Discuss this article here: http://www.bbvforums.org/forums/messages/72/5936.html |
rightfoot
Voting Rights Forum Participant
Username: rightfoot
Post Number: 4
Registered: 05-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, June 1, 2005 - 9:01 pm: |
|
This story is awesome. What is the next step? |
brantl
Voting Rights Forum Participant
Username: brantl
Post Number: 21
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 4:46 am: |
|
Well done! Now let's see if we can prove where they've done it.
Exactly. You GET IT. So glad to see you here at Black Box Voting! -- Bev Harris |
mac_in_mass
Voting Rights Forum Participant
Username: mac_in_mass
Post Number: 7
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 6:19 am: |
|
Bev, you and the gang are a national treasure.
Someday, you will get the Congressional Medal of Honor...
Thank you. |
spayeur
Voting Rights Forum Participant
Username: spayeur
Post Number: 1
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 9:35 am: |
|
The statement about Washington procedures is misleading. This directly from Sam Reed's office:
"King County is the government entity that made that argument.
There is a point after the cavassing of votes where state law says the ballots shall be sealed and maitained securely in case of a recount or litigation."
There is a point *after* canvassing votes. It seems that this is how it should be done, to prevent tampering.
Spayeur:
My source, who was the supervisor of elections for King County, quoted Sam Reed directly on this. Now, the "canvassing of the votes" consists of comparing the poll tape result to the central tabulator result. The hacks we demonstrated knocked out both these canvassing tools, manipulating them to be false.
If the canvassing procedures use only the poll tapes (which we succeeded in manipulating) and the tabulator report (which we succeeded in manipulating) and the ballots must be kept sealed, at what point can anyone check the only evidence left?
I think we have a problem. -- Bev Harris |
admin
Board Administrator
Username: admin
Post Number: 549
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 1:53 pm: |
|
THE NEXT SEVERAL POSTS ARE CARRIED OVER FROM OTHER FORUMS -- SEE RESPONSES. (We can't post on Daily Kos until tomorrow, and then we'll be on a plane. Look forward to seeing you Ohioans in Cleveland). |
admin
Board Administrator
Username: admin
Post Number: 550
Registered: 12-2004
Best of Black Box? 
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 2:16 pm: |
|
Post from Daily Kos, response:
CalbraithRodgers - This doesn't make sense
In the aftermath of the 2004 election there was a huge amount of diary space given over to Bev and BBV. What I got from it was that the group was probably well-intentioned, but was unwilling or unable to "put up or shut up" when it came to proving many of their claims.
Like Judicial Watch, the group that counted Florida's ballots, but didn't finish for nearly a year, Black Box Voting is doing hard core research and sorry, we didn't pull out a magic bullet in 10 days or less. Our objective has always been to get at the truth -- not to make sure any particular candidate wins.
Unfortunately, alot of money was sent to this group by Kossacks and others in the blogosphere.
Actually, this keeps getting repeated, but the primary source of our funding has always been donations in response to coverage of our work by mainstream media -- Vanity Fair, Time Magazine, CNN, Good Morning America, the New York Times, PBS broadcasting, and many more. That accounts for about 55 percent of our funding, with another 40 percent coming from grants and about 5 percent from all Internet sources combined.
Now we have a diary that provides a bunch of interesting content with a number of links to show the legitimacy of the content, but guess what? All the links are to BBV. It's deja vu all over again.
"Links?" Our research is primarily field research, not surfing the Internet for links. The formal report is due out in mid-June, and it will contain source code etc. to back up what's in the article. This was for the general public, and source code plus technical specs would confuse, rather than enhance, the article.
... this diary is sadly lacking in verifiable content. I say "sadly" because I think this diary (without any non-BBV links) hurts the cause.
The "hurts the movement" talking point is frequently cited by people who are into turf wars. The point is not to beat our chests and say who got there first, or who's the bestest activist of all. The point is to develop solid research.
The following can be verified from the information provided in the article: The credentials of the experts, whether they participated in tests, whether a congressperson observed the tests, when and where the tests took place, and -- because the complete set of Diebold memos are online -- the existence of the executable program in the memory card can also be verified. Far from "hurting the movement," this important report is moving the ball forward in a very tangible way. We now know where one of the most manipulatable programs is and we now know how it works.
Next we need to examine the memory cards used on Nov 2, 2004. Thanks for the feedback, glad to straighten this out. -- Bev Harris
|
admin
Board Administrator
Username: admin
Post Number: 551
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 2:19 pm: |
|
by joan reports, from Daily Kos --
No. the tabulators for opti-scans can be corruptible.
If the state laws discourage or impede hand counts of the paper ballots as a check (like Washington state), then opti-scan tabulating needs the same scrutiny as touchscreens.
Opti-scans make sense as long as they're watched, audited – and not black-boxed.
Unfortunately, what this testing showed was that the auditing won't work, because we hacked the audit tools themselves. "Watching" or "auditing" won't work if you do the memory card hack correctly. The only workaround is hand-counting the ballots themselves. -- Bev |
admin
Board Administrator
Username: admin
Post Number: 552
Registered: 12-2004
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Thursday, June 2, 2005 - 2:33 pm: |
|
from Daily Kos - by format flip
this diary is bogus ...
first, i live in new hampshire. there has been no "hotbed of controversy" with the optical scanning machines in our state.
Actually, the Kerry win in the primary raised eyebrows when machine results had Kerry ahead by a large margin, but hand counts had Kerry and Dean neck and neck.
in fact, secretary of state bill gardner has performed numerous recounts and the results from optical scanning machines are usually the same as the hand recounts correct.
Actually, almost all recounts are done by running the ballots through the optical scan machine again. The memory card hack, combined with the tabulator hack, will just result in a hacked result again during the recount. Only hand counting ALL the paper ballots will work, because the double set of books (and ballot chain of custody issues) easily offset a spot-checked hand count.
the problems usually stem from human errors on the ballots - not rigged optical machines. this has been proven again and again and again, recount after recount. gardner has said in interviews that the recounts in the state have proven the machines complete mistake proof.
I'd like to see the studies cited that "prove it again and again." Secretary of State Gardner is using Diebold optical scan software in New Hampshire that has never passed federal certification at all -- even less oversight than most states -- and the federal testing labs really fell apart on this one anyway.
gardner, by the way, is a registered democrat.
This is the single most problematic myth facing the voting integrity movement today. It is NOT a Republican vs. Democrat issue -- it is an issue of maintaining power and it is driven by money, which has infected the system from top to bottom. From all appearances, the hack built into the Diebold optical scans has been there for at least a decade, and has been "open for business" for both parties.
ralph nader also proved that the machines are correct when he went and had a number of precincts around the state recounted. again, the machines were accurate; the only new votes gained for nader, bush, and kerry were human errors and marks on the paper ballots.
Actually, the reason we didn't go to New Hampshire for Nader's recount is that they did not follow any of the reporting, document requests, or chain of custody procedures needed to ensure an accurate recount. The spot-check methodology, combined with lack of documentation on chain of custody, combined with inability to review even basic computer logs, much less the memory cards themselves, rendered the recount pretty useless for proving anything. |
admin
Board Administrator
Username: admin
Post Number: 553
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 2:39 pm: |
|
From - Daily Kos, posted by J4K:
The fact that every precinct doesn't have its own scanning machine to "check" the validity of the ballot is the real problem with optical scan voting. What I'd like to know is why hasn't every precinct demanded they have a scanner?
Not really. The memory card hack, done correctly, will impact every precinct-based optical scan. Understand this: The memory cards in each precinct optical scan are created by the "election management software" (GEMS, Central Tabulator). This program runs on an office PC using Windows. The program needed to rewrite all the memory cards can be replaced simply by going into the Windows directory and overwriting it with a new one. You don't even need to go into GEMS. That new program, which can be designed to trigger only on a certain date, will then infect every memory card when you use GEMS to create the memory cards in the first place.
Therefore, you'll have hacked memory cards in every precinct. (Or, in the desired precincts, which would be a more subtle way to do it.) |
admin
Board Administrator
Username: admin
Post Number: 554
Registered: 12-2004
Best of Black Box?
Votes: 18 (A keeper?) | | Posted on Thursday, June 2, 2005 - 2:45 pm: |
|
From Daily Kos - by Jacob Wi
who wrote this message board post? personally, i immediately disregard anything without an author, even a handle or a pseudonym of some sort.
i'm surprised at how eager people are to accept this. is it this same thomas james...http://archive.salon.com/politics/feature/2000/12/04/voter_file/index2.html
The article is written by Black Box Voting. The specific authors are Bev Harris and Kathleen Wynne with guidance and edits by Harri Hursti and Russell Michaels.
Yes, I'm pretty sure it is the same Thomas James. -- Bev |
admin
Board Administrator
Username: admin
Post Number: 555
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 2:51 pm: |
|
From Daily Kos - by Eternal Hope
All this proves is the possibility of fraud.
To prove fraud, you must show who, where, what, when, and how.
This article does not prove vote fraud. It does prove certification fraud. The system proved to be in obvious violation of FEC standards. We will point out the specific and obvious FEC violations in the technical report.
Vote fraud not proven, certification fraud proven, and this research now puts us in a position to request the memory cards, and gives us the exact information to look for on them, so that we can prove whether anyone committed election fraud using this built-in feature. |
admin
Board Administrator
Username: admin
Post Number: 556
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:01 pm: |
|
From Daily Kos -- this is important: Three points of view --
Or ditch the electronic machines and and count the paper ballots...Hand counts - only.
-------------
I agree that this would be the prefered method but there are too many millions of dollars involved at this time to try and go back now. Technology marches on.
------------
HAVA money is just more Federal waste. Think of that Federal funding as just more money thrown down the drain ...
After these hacks, ONLY the paper ballots were left standing.
To simplify: The optical scan system has:
paper ballot --> poll tapes --> tabulator report
We knocked out the poll tapes and the tabulator report. Only paper ballots were left.
It is cheaper and safer to do all hand counts. It would not take "lots of employees" -- a lively discussion under the "Lynn Landes, you were right" thread in our General Discussion forum describes how hand counts can be used. |
admin
Board Administrator
Username: admin
Post Number: 557
Registered: 12-2004
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:02 pm: |
|
From Daily Kos - by politology.us:
unfortunately, ohio showed us that even spot-checking rules would be abused. you're supposed to pick a random representative sample totalling 1% (or whatever) of the vote. So rather than random, they cherry-picked ballots totalling 1%. We just didn't have the strength to put a stop to it.
BINGO! Another one who "gets it"! |
admin
Board Administrator
Username: admin
Post Number: 558
Registered: 12-2004
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:05 pm: |
|
from Daily Kos by pigpaste --
Is the opening about "Are we having fun yet" in reference to something that was part of the demonstration, or did it happen during the election?
The "Are we having fun yet" line was inserted by Harri Hursti in the rogue program that he successfully introduced into the optical scan machine via the memory card. It was not from the 2004 election. When Thomas James got startled, Harri quickly explained to him "that's my program, not yours."
Well, of course, that's not really so reassuring, is it? -- Bev |
admin
Board Administrator
Username: admin
Post Number: 559
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:10 pm: |
|
From Daily Kos -- here are the most important comments on the whole thread:
by Kaleja -- Hypothetical, but extremely damn suspicious -- From a system design standpoint, leaving a hook for an executable program on a memory card that's supposed to be for tally purposes in an application where security is an issue stinks to high heaven. It should not be easy for an end user to change the behavior of the system. The fact that it is that easy is a lot like finding needles, scorched spoons, and rubber tubing in someone's bedroom.
--------------
by blue florida -- agreed. It's a compelling bit of fact- that the software goes to a removable card for code. It's sure a good answer to why someone would think they could get away with it. It would leave no trace behind.
-------
by Fernando Poo -- True -- And any speculation would be nothing more than a "Conspiracy Theory". Of course, putting somthing like a backdoor into a large volume release would involve a conspiracy by its very nature. And there would be nothing to prove it even happened, only that it was possible.
-------
by technopolitical -- Bingo. There is no legitimate reason for that hook to be there, and no half-way competent code review could miss it. The only reason to give control to a removable card is to subvert the machine's internal programming.
Note that the programmers for this are highly skilled and quite sophisticated, with at least two decades of hard core programming experience -- they are not bumblers. I hope we have room in the technical report to show you what we've learned about the skill sets possessed by the programmers, based on other programs they have written for other employers. -- Bev |
admin
Board Administrator
Username: admin
Post Number: 560
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:12 pm: |
|
From Daily Kos -- by speranza
proof of concept" hack does not prove a malicious hack took place out in the field...
Correct. |
admin
Board Administrator
Username: admin
Post Number: 561
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:15 pm: |
|
From Daily Kos -- by Fernando Poo
But an inside hack can't be proven when its inbedded in the code
We think it is most likely provable, if we can obtain 100 percent of the memory cards from a few counties with suspicious results -- and I don't care if the anomaly was for Dems, Republicans, or the dogcatcher. Actually, it might be easier to get the cards if we suspect the dogcatcher... -- Bev |
admin
Board Administrator
Username: admin
Post Number: 562
Registered: 12-2004
Best of Black Box? 
Votes: 2 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:16 pm: |
|
From Daily Kos - by Pennacchio for Pennsylvania
ONE PROGRAMMER - All the idiots who kept screaming about how you'd need a conspiracy of thousands to pull this off need to be forced to re-read that line a few hundred times.
One programmer who writes the code. One election official who drops the code (possibly without knowing what it does) into whatever central machine is normally used for programming these cards. One Republican party official to instigate the operation.
Total "mind-bogglingly massive conspiracy" size: three people.
There's no good reason for the program to make this call to the memory card. None at all. Either Liebold's programmers are totally incompetent... Or this was designed to be easy to crack.
Bingo. |
admin
Board Administrator
Username: admin
Post Number: 563
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:21 pm: |
|
From Daily Kos -
Legitimate Reason: Well, on a piece of consumer electronics hardware, you'd want that kind of flexibility, so you could put expansions, plugins, or patches on memory cards. It'd be limited somehow, or have access to a restricted API, or something. But you'd want that kind of thing.
But for a voting machine, where the code and machine are supposedly certified and sealed? Where the integrity of the machine is of paramount importance? No ••••••• way. You do not want that kind of open access unless you want someone to be able to trivially insert uncertified, unverified code into the machine.
--------------
Like updating your BIOS, yes but from what I read, the programmer could replace an executable module. Vote tabulation is not rocket science, sales forecasting, or payroll. The only flexibility required is the number of rows and choices to be counted, and the verbage associated with each. No logic changes should be required.
--------------------
Exactly... For other things, it can make sense.
For vote tabulation? Nope. No way, no how. Like you say, it's dead simple. The memory card should be completely passive, used just to read data from and write data to. The only reason I can see for doing this is to install uncertified code on the machines.
Bingo. Exactly. and Precisely.
Now you see why I took the time to carry these discussion points over here. This is important stuff, folks, and when you put this together with the concept of "Independent testing labs" and "violations of FEC standards" and "nationally certified" the meaning of the term "conspiracy" starts to take on a new light -- RICO. Racketeering is in the statutes because it happens. |
admin
Board Administrator
Username: admin
Post Number: 564
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:25 pm: |
|
from Daily Kos - by space
How to get to the bottom of this -- In my opinion there is only one way to solve this issue.
Democratic officials in a blue state need to sue Diebold for providing faulty machines. Then they need to depose every possible person involved in the development of the code. Once you find the smallest evidence of wrongdoing, you bring criminal charges until someone starts talking.
There is ZERO doubt in my mind that these machines were designed to be hacked. The sloppy code merely exists for plausible deniability. And it is working. See how many ••••••• Democrats demand PROOF before they get off their asses to do anything. Despite the fact that the machines were clearly designed to erase the evidence of wrongdoing.
My God, there is a REASON that ATM machines and slot machines don't make "mistakes" like this.
Myth: Blue states are solid citizens when it comes to clean elections. The Diebold optical scan system is extremely popular in urban areas and blue states. Consider the possibility that there might be a reason for that before counting on the Democrats to help solve this. |
admin
Board Administrator
Username: admin
Post Number: 565
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, June 2, 2005 - 3:34 pm: |
|
And now we meet fwiffo the troll...
He shows up after a few posts, from Daily Kos:
by Hummingbird -- Do you really think They FORGOT? Don't be naive.
------------
by Jon Meltzer -- Yes, I do think they "forgot" or never knew in the first place, because the company, trying to maximize its own corporate profits, hired incompetent programmers and gave them obsolete tools.
Try this: The programmers on this bad boy are stockholders and founders that started working on this system in 1987. The tools are obsolete, but deliberately chosen to be obsolete. They selected systems that were already obsolete before they built the system, and we're talking circa 1990.
The 65536 error is the kind of mistake that very inexperienced people make. The programmer didn't have a clue, and no one bothered to test the finished product - because testing costs money, and that expense once again detracts from corporate profit. And everyone expects that the magic code should work all the time, under every condition, without any kind of verification or testing.
Well, actually, no. The programmers are hardly "inexperienced." The system was "tested by Wyle Laboratories" and certified by computer scientists including Dr. Brit Williams.
Every programmer I've talked to about this knows exactly what happened - and all of them know the number without my having to tell them. And none of them think that electronic voting is a proper use of the technology.
--------
by fwiffo -- Natural limit -- 65535 is the natural limit for an unsigned, 16-bit integer. Most small processors and microcontrollers for this type of device at 16-bit proccessors (some are even 8-bit). Each voting machine never counts more than a few thousand votes (most states have a maximum precinct size of like 1500). It's an elementary programming error and a very common one, and is not likely to be found when testing under ordinary circumstances, because you'd never count that high.
It is an error, and an oversight, but by itself, is not evidence of malice. An intentional security flaw (i.e. a back door) would look much different.
fwiffo goes on to come up with these enlightening comments: I see no reason to work with cranks. I don't care if they're on our side. Bev Harris, from all indications, is a quack. You can't work with people like that. They're crazy. ... Dealing with irrational people is too exhausting for me to bother with.
Serious, real concerns about these voting machines have been transformed into tin-foil hatted loonery. I want the machines fixed, and these people are only hurting that cause!}}
He goes on to state that things like printing a zero tape will protect us. Well, here's the point: The memory card provides a mechanism to hack all of the reports, because it contains the executable program that produces the reports. In fact, that's the main point here: You can change the votes, OR you can hack the way the reports are calculated, or you can do both.
Fwiffo, could you please limit your activities to fixing my appliances, not my elections?Thanks! -- Bev |
bluemanvoter
Voting Rights Forum Participant
Username: bluemanvoter
Post Number: 1
Registered: 06-2005
Best of Black Box? 
Votes: 9 (A keeper?) | | Posted on Thursday, June 2, 2005 - 7:49 pm: |
|
Hello,
As a software professional with 30 years of programming experience, I find this news extremely disturbing - not just because of the obviously sloppy and incompetent programming, but because in my judgement there is no legitimate reason for choosing the wide-open, totally insecure architecture they went with. I can only conclude that the Diebold machines were designed to cheat state certification tests. The state inspector can only test the base code that resides on the ROM chip inside the machine. The machine can be programmed to pass the certification tests, then behave in a totally different way when a RAM memory card is inserted. If I had my way, all Diebold machines nationwide would be decertified pending a thorough investigation by each state's attorney general, with criminal charges a possibility. |
pacific_alien
Voting Rights Forum Participant
Username: pacific_alien
Post Number: 35
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, June 3, 2005 - 5:53 am: |
|
Thanks for posting all that Bev. Helped my understanding on several points.
PA |
george_lobuono
Voting Rights Forum Participant
Username: george_lobuono
Post Number: 1
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, June 3, 2005 - 9:48 am: |
|
The solution to local reluctance to inspect the machines? A federal law. We need a federal law or a consitutional case that requires that all votes be done and counted fairly, with a paper record that can be recounted and stored for a minimum of ten years.
Short of that, we aren't a democracy anymore, just a decaying empire. If allowed to continue as such, we become increasingly dangerous to the rest of the planet. |
pacific_alien
Voting Rights Forum Participant
Username: pacific_alien
Post Number: 38
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, June 4, 2005 - 6:02 am: |
|
Greetings George,
A federal law would indeed be an appropriate tool, but I have grave doubts that this is achievable in the current environment.
New/revised vote legislation/contracts proposed in recent months at any level has appeared to be nearly as flawed as what it is meant to replace, perhaps even worse in some cases.
Look at machine purchase decisions alone, there's enough spin (lies) going on there to pretend that black is white. Robust solutions to the real problems are very hard to find in the propositions.
Hell we are in the middle of 2005. To ensure that the 2006 poll is not corrupt, new laws, systems and oversight will all need to be in place and tested/proven before the campaign begins. Even with my rose tinted spectacles on I can't see this as realistic. I also have concerns regarding whoever might be found responsible for any past bad behaviour is likely to still be driving the bus and determining it's route. I suspect there are preconditions to be met before proper change can occur at all.
I'm thinking it is now looking like the entire electronic system should be tossed out until some time when it is properly sorted and the people can be confident. Allowing another election to procede using a system proven to be seriously unsafe is plain dumb. It is time to call for a return to paper and pen with human counting, while all the research continues and durable remedies are sought. Right now it is even difficult to imagine a healthy machine system available for 2008. How many more crooked elections are enough?
If a car, a drug, food, or anything else was as unsafe as a voting machine it would be ordered off the market and recalled immediately with full refunds by the manufacturer. That is what is required nationally if there is to be a clean election in '06.
What do you think?
Cheers
PA |
jennewein
Voting Rights Forum Participant
Username: jennewein
Post Number: 1
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 6, 2005 - 6:05 am: |
|
Thank you Bev Harris, for working so diligently to protect our right to vote. Your point about dismissing the myth about one party being more likely than the other to maniuplate the vote count is well taken. I have always wondered why Kerry conceded so quickly, then disappeared from the scene. We have to get to the bottom of this, and as quickly as possible.
Thanks again for all your hard work, and congratulations for this stunning example of progress in your investigation. |
admin
Board Administrator
Username: admin
Post Number: 566
Registered: 12-2004
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Monday, June 6, 2005 - 4:25 pm: |
|
Blueman: I enjoyed your post -- have a comment or two.
As a software professional with 30 years of programming experience, I find this news extremely disturbing - not just because of the obviously sloppy and incompetent programming, but because in my judgement there is no legitimate reason for choosing the wide-open, totally insecure architecture they went with. I can only conclude that the Diebold machines were designed to cheat state certification tests. The state inspector can only test the base code that resides on the ROM chip inside the machine. The machine can be programmed to pass the certification tests, then behave in a totally different way when a RAM memory card is inserted. If I had my way, all Diebold machines nationwide would be decertified pending a thorough investigation by each state's attorney general, with criminal charges a possibility.
Another thing we found, but I want to confirm this with the source code when we do the technical report: It appears that there is a function written into the code to correct "rounding errors." (Which can only occur when votes that have fractions are added up -- and the only way that can occur is vote-shaving, as far as I know.)
Can you think of any legitimate reason to have a function like that in the software?
Thanks,
Bev |
dave_comstock
Voting Rights Forum Participant
Username: dave_comstock
Post Number: 1
Registered: 06-2005
Best of Black Box? 
Votes: 7 (A keeper?) | | Posted on Monday, June 6, 2005 - 8:35 pm: |
|
First off, I wish to thank the folks at Black Box Voting for all of the incredible work that you are doing.
space from Daily Kos wrote:
>My God, there is a REASON that ATM machines and slot machines
>don't make "mistakes" like this.
Well, actually, that's not exactly true -- or, at least, wasn't true in the 1990's -- about slot machines.
A episode of The History Channel's "Breaking Vegas" series a few months ago detailed the story of Nevada Gaming Control Board whiz kid Ron Harris, who went from verifying the code in slot machines to reprogramming them on casino floors right under the casino employees' noses.
Casinos have to submit their code to the NGCB, which confirms the payouts and then archives the code. NGCB agents then show up in casinos, pick random slot machines, plug what is essentially an EPROM comparator into a diagnostic port inside the machine, and verify that the slot machine vendor (or casino) hasn't reprogrammed it to pay out less than often than in the submitted code. The NGCB apparently regularly finds slot machines that were tampered with, although it's nearly impossible to prove the slot machine vendor is guilty of a crime.
Ron Harris not only was one of those agents, he also wrote a lot of the NGCB's EPROM comparator code and regularly analyzed tampered code to understand its effect on payoffs.
The issue is, the NGCB's EPROM comparator wasn't just a reader. And the EPROMs in most of the slot machines were really EEPROMs (or maybe flash memory by now)...
I think you can guess where this is going... Harris took slot machine code submitted to the NGCB, modified it to pay off a jackpot when a certain pattern of multiple coins was deposited in the machine over a series of pulls, and changed the EPROM comparator so that it would write the new code to a machine while ostensibly comparing it to version registered with the NGCB. Then he had friends go around to the slots he'd reprogrammed (NGCB agents not only would be recognized, they're forbidden to gamble in casinos), bet that particular odd sequence of coins, and collect the jackpots.
Harris and his main confederate got caught after he successfully characterized the pseudo-random number generator that was used in a particular manufacturer's keno system and crunched the previous keno game's winning numbers on a laptop in an Atlantic City hotel room to successfully predict the winning numbers for the next game. His confederate won something like a million dollars on a single keno card; since the payoff was so unusual and the confederate was so nervous, the casino checked whom the room was registered to... Because of a flight mixup, Harris had arrived first and checked in under his own name, and despite the fact the he was far away from Vegas, "Ron Harris" was recognized as the name of a NGCB agent by someone at the New Jersey casino.
So, at one point anyway, slot machines DID make this kind of mistake...
(For more info about the Breaking Vegas series, go to http://www.historychannel.com/global/listings/series_showcase.jsp?EGrpType=Serie s&Id=10629541. The episode, which included interviews with both Ron Harris and his main confederate, is listed in the Episode Archives as "Slot Buster". So far, this is the best episode of the series that I've seen.) |
dave_comstock
Voting Rights Forum Participant
Username: dave_comstock
Post Number: 2
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 6, 2005 - 8:39 pm: |
|
I just noticed: The History Channel will rebroadcast the "Slot Buster" episode of Breaking Vegas on Tuesday, June 28th at 9PM ET. |
catherine_a
Frequent Voting Rights Forum Participant
Username: catherine_a
Post Number: 353
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 6, 2005 - 9:40 pm: |
|
Very interesting. It shows the inevitability of inside jobs. It also shows the vulnerability that comes with trusting even highly-trusted staff.
This has implications re: voting machine equiment. It demonstrates the ill-advisdedness of introducing any system which demands more trust of inside staff even in counties as rigorous in their security precautions as Ion Sancho's was. It begs the question, why introduce a system that 1) requires much tighter--and more expensive--security precautions, 24/7/365 with NO exceptions; and 2) that even with this security precaution a trusted insider could still throw the whole system with little or no chance of being caught. Why indeed--unless you wanted to "throw" the system?!
One of my relatives did some work with a computer security company for a couple of years. He told me the vast majority of computer-related crime was from inside jobs. I think the percentage due to insiders was about 75% or more. He also said most of these crimes go unreported because companies do not want to let the public know about their vulnerabilities. |
catherine_a
Frequent Voting Rights Forum Participant
Username: catherine_a
Post Number: 354
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, June 6, 2005 - 9:51 pm: |
|
Bev, re: http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=1954&post=7154#POST7154
The only circumstance in which fractional votes might be relevant would be in a few voting systems not found in the USA. (E.g., in some kinds of STV/IRV it could be used to distributed second- or third- or fourth- preference votes.)
This was one of the arguments made for introducing electronic voting in Ireland--that this distribution could be more accurate (and fairer) than the current procedures (which divide up only the last-counted bundles of a successful candidate's "surplus" votes among remaining contenders, according to their percentage of 2nd preferences). A curious "feature" of the proposed Irish e-voting system (NEDAP and PowerVote) is that it didn't have this function, even though having it had been touted as one of the potential advantages of moving to electronic voting!
While I am not a programmer I find it impossible to imagine any legitimate reason for incorporating rounding of fractional votes. Hopefully someone who is a programmer will respond as well. |
joehall
Voting Rights Forum Participant
Username: joehall
Post Number: 5
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, June 7, 2005 - 11:01 am: |
|
While it may be a function to correct rounding errors and this would
be obviously inappropriate for votes (which are integers), it may only
be used when calculating percentages of the vote to print on total
tapes and other such aggregate information. (although I don't know
enough about op-scan aggregate data printing and total tapes to say
more.)
(tried to post via email but mailbox was full) |
admin
Board Administrator
Username: admin
Post Number: 570
Registered: 12-2004
Best of Black Box?
Votes: 4 (A keeper?) | | Posted on Wednesday, June 8, 2005 - 8:31 am: |
|
(from "Allosaurs_r_us" at Free Republic
Nope. never heard another word after I asked her if having obviously protected government code, if she herself was not committing a crime.
Your grasp of facts is not impressive. The code is not "government code." It is claimed to be owned by a corporation. However, that is not the code we used to hack the system. (Which should be even more disturbing -- any ol' person can write their own program and stick it in place of the voting machine program. Nice.)
After researching it, I found she has been "working on this report" for better than a year.
Oh? Post link. "This report" is ambiguous. We post many reports. We are working on THIS report, meaning the one regarding the memory card hack of the Diebold optical scan machine (which is different from the central tabulator hack, and the one we did in Leon County is a different central tabulator hack than we did a year ago -- yes, these machines are as full of holes as swiss cheese...)
After googling the possibility of embedded code in the diebold machines, every article on the net with this accusation has her name on it somewhere.
Well, that's progress. At least now we are being credited for our research.
It is all supposition.
The Leon County Election Supervisor corroborated the report on the Leon County Web site. So now it is Black Box Voting (Bev Harris and Kathleen Wynne) AND the documentary film guy AND professor Herbert Thompson AND European computer expert Harri Hursti AND Leon County Supervisor of Elections Ion Sancho, all conspiring to make up a story. Sounds like you are a conspiracy theorist.
I would think if there were any truth to it every DemonRat with any 'puter experience at all would get involved.
As pointed out in the story, the system we hacked is especially popular in democratic jurisdictions.
After close to a year of the first time she made this accusation, she is the only one doing any research.
"This accusation" -- you are mixing your accusations. We are talking about specific hacks, in this case an optical scan memory card hack, which is new. By the way, the central tabulator hack you are referring to was published by me two years ago, not "a year ago." For what it's worth, you have me going under six different names: "Bev Harris" "Kathleen Wynne" "Professor Herbert Thompson" "Harri Hursti" "Thomas James" and "Ion Sancho".
That sure makes it look like a tin foil hat, left wing, moon bat, piece of propaganda to me.
So, acting in the capacity of these six names, I then convinced a television reporter from Tampa and a newspaper reporter from the Tallahassee Democrat that these discoveries are real. Apparently I am a linguist (some of the people in this have foreign accents) and also I do excellent voice impersonations, including being able to switch between men's and women's voices. I also faked the physical voting machine tapes, and did this on camera in front of six witnesses, while being videotaped by two different groups. Wow. I'm very impressive. (And you say I'm the one wearing a tinfoil hat?)
Bev Harris
|
bluemanvoter
Voting Rights Forum Participant
Username: bluemanvoter
Post Number: 2
Registered: 06-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, June 8, 2005 - 6:10 pm: |
|
Another thing we found, but I want to confirm this with the source code when we do the technical report: It appears that there is a function written into the code to correct "rounding errors." (Which can only occur when votes that have fractions are added up -- and the only way that can occur is vote-shaving, as far as I know.)
Can you think of any legitimate reason to have a function like that in the software?
Bev, sorry for the delay in replying. I don't have a whole lot to add to what other posters have said. The number of votes is an integer, which can be represented exactly, subject to fitting in the number of bits available. So rounding errors don't apply. If the machine is tabulating vote percentages and the like, then you are dealing with floating-point numbers (as we geeks call numbers with decimal points) and rounding can be an issue. So at this point I can't say this is definitely suspicious. I'm still floored by the idea of the base software transferring control to code that resides on a memory card that has zero security. The only time I've seen this technique used is in space software, where you need to change an unmanned spacecraft's programming while it is in space, so you would send up new instructions by radio, which would be stored in RAM, and the ROM-resident code would have been programmed to periodically check for new code and execute it if it is properly formatted, has the correct checksum etc. Even then there is more security than Diebold seems to have implemented. |
linda_franz
Voting Rights Forum Participant
Username: linda_franz
Post Number: 120
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, June 14, 2005 - 8:57 am: |
|
Picking your primary candidate-
Vote manipulation potential goes way beyond a presidential election.
From the beginning, I've been curious about Kerry's sudden surge in the primaries, at least, it seemed sudden to me. Of course at the same time, the press took the offensive against Dean.
How about the other side for a moment-
Going back to 2000, were there anomolies in the primary races of McCain/Bush? There was the smear campagin against McCain by the Bush camp. But were there also some voting results that just made no sense?
I remember McCain as being pretty popular with Independents I know and I always thought he was the more logical candidate to run against Gore. |
garybeck
Voting Rights Forum Participant
Username: garybeck
Post Number: 1
Registered: 06-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, June 28, 2005 - 9:02 am: |
|
Dear BBV,
the original report said that there would be a followup report in mid June, with more details of how outside hacks could be done. Can you let us know if this report is still coming and if so, when?
Report will be released on the Internet no later than Fourth of July. I have the draft in front of me; with appendices and illustrations it is about 30 pages. So as not to confuse the issue, we have made a decision to separate the report pertaining to the memory card exploits from reports on central tabulator and remote access exploits, which will take place after this one is out the door. However, in between this report and those reports lies completion of the Palm Beach and Snohomish County audits, which address the Sequoia system.
The Black Box Report is going through vetting by a DMCA lawyer and a limited peer review right now, and we have a couple more hoops to jump through to do this right.
Thanks, garybeck. By the way, I always look forward to your perspectives. -- Bev Harris
Thanks |
bozosforbush
Voting Rights Forum Participant
Username: bozosforbush
Post Number: 93
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, June 28, 2005 - 7:06 pm: |
|
Gary, I'd like to second Bev's comments about you and the work you are performing. You're a good man. I am anxiously awaiting your "seedplanters" CD so I can start passing it out all over the place.
And Bev, you just keep going no matter what...you're fighting the honorable fight, and many people are starting to wake up and see the disinformation for what it is ...
John
Hi, John. I edited your post slightly because I want to keep this thread on topic. But thanks very much for your kind words!
I, too, look forward to the seed planters CD. I've been reading about it. -- Bev
Deserter, brain is fried, no WMDs, yada yada yada. No wonder we clowns laugh.
|
dave_comstock
Voting Rights Forum Participant
Username: dave_comstock
Post Number: 3
Registered: 06-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, June 28, 2005 - 11:31 pm: |
|
Bev, If you need another set of eyes to peer review the memory card report, I suddenly find myself with some time: I was caught in the Applied Biosystems layoff...
Thanks, Dave! Now I need to go look up your e-mail... -- Bev
Dave Comstock
Senior SQA Engineer (Firmware Test Lead) |
macavity
Voting Rights Forum Participant
Username: macavity
Post Number: 2
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, June 29, 2005 - 6:51 am: |
|
Bev, you might want to drop one of my CounterNet buddies a line - she goes by the nickname of Doodle, and she's in Klan Decker (they're CounterNet's programming/information-security people - hackers in the truest sense of the word, as they'll hack apart any software they can get their grubby little nubbies on to find out if there are any potential security holes people should know about).
If she can't help you with the peer review, she should know someone who can. Her email's sp00f.w32(SPLAT)gmail.com - tell her Mac sent ya  |
wwwill
Voting Rights Forum Participant
Username: wwwill
Post Number: 1
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, June 29, 2005 - 11:19 am: |
|
Greetings.
I have been following electronic voting issues for quite some time, even before the recent 'election' fracas and the existence of the BlackBoxVoting organization. I have never been trusting of technology. From too much experience, technology bites, and can too easily turn on you.
Another thing, you can call me a conspiracy freak or whatever, but I just don't trust anyone who -wants- the job of lording it over on me. (I think the desire for that sort of power disqualifies anyone from being capable of wielding it properly and for anyone's good but their own.) I cannot trust that the people in power will not try to manipulate the system to stay there, whatever political label they assign to themselves.
In any case, I do have a few years and a couple of degrees in the computer business. I need to make certain that you all understand one thing about your quest for the actual memory cards that were used in elections, which you see as "the next step."
You are correct, that is the next logical step, but please don't kid yourself that you will find anything on those cards, openly and patiently awaiting your examination. You have stated that you consider the programmers to be competent. To allow the fraudulent programming to remain on the data cards and to be found later would be a sign of a slip-shod and incompetent programmer.
DO however have them forensically analyzed for deleted files. The LAST instruction that will be in the deleted file that you will likely find, will certainly find if your suspicions are correct, will be to restore the original, valid, pure, and clean-as-the-driven-snow program that should have been there and delete or overwrite the malicious one.
Also, you need to be certain to use fairly subtle analysis techniques. Again, if I was writing the thing I would use some anti-forensic techniques to overwrite the data area in question several times in sequence, to frustrate the recovery of the overwritten data.
That's how I would have written such a thing, and I do not even consider myself a programmer. (I'm a hardware and information security specialist.)
You are encroaching on the thrones of the mighty, and they don't like folks shining lights onto the cockroaches under those thrones.
Good luck, and watch out for thugs in dark alleys.
Thanks very much for your comments, wwwill. In fact, there are some subtleties already appearing during further analysis of their central tabulator software. It, too, appears poorly written (MS Access without passwords, etc) but beneath that layer, it appears to have something VERY sophisticated. The clumsiness on one hand does not match the sophistication on the other hand. Reminds me of one of the telltale signs of an embezzling accounting: neat the tidy handwriting, precise little habits, combined with sudden messiness in filing key records.
Your input is enthusiastically recieved, and welcome to Black Box Voting. -- Bev |
wwwill
Voting Rights Forum Participant
Username: wwwill
Post Number: 2
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 30, 2005 - 8:23 am: |
|
"... appears to have something VERY sophisticated. The clumsiness on one hand does not match the sophistication on the other ..."
Probably just the unique 'signatures' of two different programmers; one doing the up-front and easy stuff, the other taking care of the details in the back. Look for a small group project effort, likely not more than three programmers and one manager total involved in the entire logic portion.
Many more people will have been involved working on the 'front end' or user interface portion, but this sort of project is usually done in sections, for ease of management. Somebody to do the up-front pretty-work, somebody else to make the back end logic come out the way its supposed to.
The common thread will be the project manager.
--
www |
wwwill
Voting Rights Forum Participant
Username: wwwill
Post Number: 3
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 30, 2005 - 1:56 pm: |
|
Oh, forgot one small item.
If you want to improve your odds on finding things in the memory cards, try to get one that was -never used-. A spare one. Then copy it verbatim and in toto, including the 'blank' parts. (It would be called a 'sector copy' if it was a real disk with spinning platters, but the electronic analogue of the same thing is available for solid-state storage media.)
Insert it into a machine set up for the election in question (date changed to the election day, etc.) and then start inputting votes to see what happens. Compare the contents of the card post-election with the image from pre-election.
This kind of thing not only is what I have all this 'spensive eddikayshun fer, it's the sort of thing I call "fun." (Yes, I'm one of those weirdo-hippy-freak geek types.) I keep trundling possibilities around in my head during the slow times at the office, and this is one of the ones that popped out.
--
www
wwwill -- You are not understanding the true problem with the architecture of the Diebold op-scan system. The master program is in the card, and it is the card that controls the machine, not the other way around. (Yes, really.)-- Bev |
catherine_a
Frequent Voting Rights Forum Participant
Username: catherine_a
Post Number: 378
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, June 30, 2005 - 2:24 pm: |
|
Spare blank memory cards--that could make for an interesting FOIA request. I hope BBV follows through with this suggestion.
The issue is the executable program on the credit card-sized, removable, swappable memory card -- the optical scan machine places a call to the memory card, and asks it "what do you want me to do now?" Harri simply wrote his own program -- it had nothing to do with Diebold -- and stuck it into the memory card. You can put whatever you want on the card. There is no checksum to prevent it and a card programmed for one precinct or machine works just fine in any other precinct or machine. It is the memory card that controls the machine. And furthermore -- the optical scan machine cannot process the election WITHOUT asking the memory card what to do. A staggeringly inappropriate design for a voting system, don't you think?
The question to ask now of every certifier and every scientist who had these files is this: WHEN did you know this? -- Bev) |
catherine_a
Frequent Voting Rights Forum Participant
Username: catherine_a
Post Number: 379
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, July 1, 2005 - 12:55 am: |
|
The intriguing possibility raised by wwwill is--if I understood it correctly--that it may also be possible to embed certain kinds of functions within the hardware itself. Since wwwill is a techie and I am not, maybe he could confirm my understanding and say more about the technical possibilities of tampering that could happen affecting the manufacture of the memory cards (before any executable software is put onto the memory card). BBV has already proven that the memory cards can be hacked by putting an executable program onto the memory cards. (And Bev's last comment implies that the scanner's MUST access the memory card and possibly query for an executable in order to process the election results on the card.) I think wwwill is just saying one should also check for the potential of yet another way of impacting the memory card--by embedding certain functions within the hardware itself.
Maybe this doesn't seem obvious since evidently the Diebold code shows a mandatory query to a program of some kind software executable on the memory card. But might it not be possible that the very act of accessing the memory card (to query any executable that could have been put on the memory card) might not also "trigger" something hidden in the hardware itself? I think wwwill is also saying that one should check this, too--in addition to the proven case of putting a software program onto the memory card.
Yes. Definitely there are other intriguing possibilities. For example, the interpreter is something that should be looked at, and there are some indications that a program exists to act on the machine language. -- Bev |
chayotemu
Voting Rights Forum Participant
Username: chayotemu
Post Number: 1
Registered: 07-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, July 4, 2005 - 7:27 pm: |
|
I believe what wwwbill was suggesting was to see if the hardware itself does anything to the card as well. Compare the memory card before using it to the one after it's used. This way if they are different the hardware (machine itself) changed what's on the card OR the memory cards were designed from the beginning to tamper with themselves. Also if you run the same votes through a machine with non-used "factory" state card and get a different output then with the card that was in when the votes were first counted you KNOW that the card that was in there when the votes first went through was tampered with at some point. |
sagitta
Voting Rights Forum Participant
Username: sagitta
Post Number: 1
Registered: 07-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Friday, July 8, 2005 - 3:35 pm: |
|
wwwill's fear, as he explained last Wednesday, is that the malicious code will destroy itself after use, rather like a stealth virus. It is therefore necessary to examine a doctored but unused card, and in particular to look for sectors that get erased at the end of the process.
Understood - BBV. |
randwolfe
Voting Rights Forum Participant
Username: randwolfe
Post Number: 1
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, July 13, 2005 - 4:30 am: |
|
Wow! What a lot of one upsmanship by Daily Kos trying so fervently to make a case for fair and accurate electronic voting. It is so clearly demonstrated how dangerous black box voting is for our democracy. If my bank can handle millions of electronic transactions per day, and at least in my case, never make a mistake, and also provide a paper printout to prove I made my transaction, then the voting machine companies can provide a paper printout. I don't even understand why there is an argument about it. The only reason they would be hesitant is one that indicates a nefarious purpose. |
paniq
Voting Rights Forum Participant
Username: paniq
Post Number: 1
Registered: 07-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, July 28, 2005 - 3:39 pm: |
|
The systems structure could still be legit if the validity of the code on the card could be proven before and after the election.
If the system originally was designed to behave like that, the choices in system design that were made for these machines might have been made based on security concerns, ironically.
It might be that the company decided that keeping the actual program inside the machine was too dangerous, as it would be (compare to the slot machine EPROM hack) possible to switch that program.
Therefore they put the program on a memory card, and intended this memory card to be protected and certified before it was being used with the voting machine, becoming a sophisticated "key card".
Somewhere along this path, the original intent might have been "forgotten".
What speaks against this theory is that the machine does not care if the program is switched while it is running. Or maybe they thought it always requires someone who keeps an eye on the machine. |
admin
Board Administrator
Username: admin
Post Number: 1021
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, July 28, 2005 - 3:44 pm: |
|
Hi, paniq, and welcome to Black Box Voting.
I think another thing that speaks against it is the content of the memos we have from the programmers. Clearly, they do not see the design as a flaw, but they do see it as a way to have flexibility to change things on the fly.
Of course, if you want to change things on the fly, that throws certification out the window since it currently takes 8 months to certify a voting system.
Glad to see your comments,
Bev Harris |
pat_vesely
Frequent Voting Rights Forum Participant
Username: pat_vesely
Post Number: 1857
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, July 28, 2005 - 4:12 pm: |
|
Hi paniq, I second that welcome!
I have to go with Bev on this one. The combination of statements taken from both the 'comments' written into the original source code by the programmers and the internal company memos go a long way to giving one an understanding of what they "might" have been thinking. It sure wasn't about security!
PAV ;-) |
paniq
Voting Rights Forum Participant
Username: paniq
Post Number: 2
Registered: 07-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, July 29, 2005 - 12:47 am: |
|
what about saving costs? in case a voting procedure gets changed by law, they could easily provide new "firmware"?
i guess i'm just too philantropic here. |
admin
Board Administrator
Username: admin
Post Number: 1030
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Friday, July 29, 2005 - 8:34 am: |
|
I like the effort to come up with valid reasons -- we have to have that to make sure our arguments are valid. Here's my response to using a fundamentally tamper-friendly architecture to save costs:
Let's save costs. I think we should skip the step of installing locks on the election office doors. In fact, let's not have doors. Saves a lot of money.
Thanks, paniq. Without a foil to duel with, we end up preaching to ourselves and our arguments will not be as sharp. Keep it up.
Bev |
paniq
Voting Rights Forum Participant
Username: paniq
Post Number: 3
Registered: 07-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, July 29, 2005 - 5:12 pm: |
|
well, i'm not sure if that comparison fits.
let's save costs. those government loonies like to change voting regulations all the time (true?), and they have a service contract with us (true?), so we have to exchange programs in the machines whenever they please at our own expenses (true?). but we could also store the programs neccessary to run the voting machine on a plugin card so we dont have to actually recall the machines or send someone there, but just modify the cards and send them the new data by courier (true?). sure we could make up some tin foil hat theories about exchanging the programs, but heck, its the government. they wouldnt try to hack our system, would they. |
admin
Board Administrator
Username: admin
Post Number: 1041
Registered: 12-2004
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Friday, July 29, 2005 - 10:12 pm: |
|
Well, not really.
"those government loonies like to change voting regulations all the time (true?),"
If a changed regulation requires a change in programming, the requirements are that the whole system needs to be recertified. So putting the change on a card, or in the election management software on the server, or in the chip in the optical scanner won't change the biggest expense -- recertification, not just nationally but state by state.
"and they have a service contract with us (true?),"
Diebold charges extra for services in connection with changed government requirements. A good example was the $2 million charge they hit the state of Georgia with when the state wanted to do an election on the state flag. (By the way, I'm grabbing that $2 million figure from memory. I think that's the correct amount.)
" so we have to exchange programs in the machines whenever they please at our own expenses (true?)."
Not true. First, in most states it is illegal to exchange programs without going through a formal reapproval process, and second, Diebold has a nasty habit of charging for such things even when the upgraded program is required due to problems with their original program. An example of this happened in King County in 2004.
"but we could also store the programs neccessary to run the voting machine on a plugin card so we dont have to actually recall the machines or send someone there, but just modify the cards and send them the new data by courier (true?)."
Not really. See above. And also, the GEMS tabulator program is updated simply by sending the patch on CD. I spoke with a county elections chief in Washington state who said she'd receive a CD in the mail from Diebold, with instructions to install it, that it was an "upgrade" or a "patch." Diebold wasn't supposed to do it, but they did do it without properly recertifying the changes, and that's one of the things they got in trouble for in California in 2003 and 2004.
"sure we could make up some tin foil hat theories about exchanging the programs, but heck, its the government. they wouldnt try to hack our system, would they."
Well, it's not the government. It's a private vendor that keeps its code secret from its customers. And there's not much money in selling voting machines. (As Daniel Hopsicker pointed out in his film "The Big Fix 2000", there may not be much money in selling election machines, but there would be a lot of money in selling the elections themselves.)
Bear in mind that the company that Diebold acquired in 2002, the company that designed this architecture in the first place, Canada's Global Election System, was founded by stock market manipulators, two of whom went to jail, and that the senior vice president of research for this company had been in prison for four years on 23 counts of felony embezzlement. The method he used to embezzle was creating back doors in the accounting software.
Now, as for tinfoil hat -- I do believe in "conspiracy theories," at least, in the racketeering sense of the word. RICO charges were designed for situations where two or more people conspire to commit a corrupt act. RICO cases are called "conspiracy" cases in the legal world, and a brief perusal of convictions on these cases prove that RICO cases are not figments of anyone's imagination.
-- Bev |
paniq
Voting Rights Forum Participant
Username: paniq
Post Number: 4
Registered: 07-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, July 30, 2005 - 2:16 am: |
|
oh, i was impersonating diebold with the last sentence, not us, but nevermind ;)
ok, seems there is not much defense left for them. you have me convinced. i'm looking forward to the detailed analysis that you promised to release later.
good work. |
admin
Board Administrator
Username: admin
Post Number: 1054
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Saturday, July 30, 2005 - 8:28 am: |
|
Voila -- here is the detailed analysis (It was released on July 4
http://www.blackboxvoting.org/BBVreport.pdf |
Ben Kjelshus
Voting Rights Forum Participant
Username: Beng
Post Number: 1
Registered: 11-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, November 20, 2005 - 1:17 pm: |
|
Bev and BBV staff, you are performing a highly valuable service. Much appreciated. I find Harri Hursti's report "Critical Security Issues with Diebold Optical Scan Design" particularly useful.
Does BBV have information on Sequoia's optical scan design? To what extent is Sequoia's design open to maniputlation? The city in which I live is giving consideration on the purchase of Sequoia voting machines -- the Sequoia Optech Insight Voting Machine and the Sequoia AVC Edge. We, a group of concerned citizens, want to supply the election board with materials dealing with solid factual information. Your input will be much appreciated. Thank you |
AstroGirl S.
Voting Rights Forum Participant
Username: Astrogirl
Post Number: 1
Registered: 08-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, August 8, 2006 - 12:47 pm: |
|
I just voted on a Diebold optical scan system in Ann Arbor, MI. I had a nice little argument with the pollworker about the reliability of that type of machine. I didn't remember what specific things I had read about it, but I could tell there was no way I could verify that it was counting my vote correctly. I googled "Diebold optical scan voting machine" afterwards and found this page. Is there any reason to believe these machines have been improved since this report was issued? |
V. Kurt Bellman
Frequent Voting Rights Forum Participant
Username: Formerelecdir
Post Number: 520
Registered: 04-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, August 8, 2006 - 12:57 pm: |
|
Not really. At the end of the day, it all boils down to "How much trust do you have in the honesty and competence of your election officials, and the people they associate with?"
I wish I could offer you more, but I can't.
In fact, I'm not sure I could offer you more, regardless of what you cast your vote on. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3150
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, August 8, 2006 - 1:23 pm: |
|
AstroGirl,
It's not just the election officials you have to trust. It's everyone who's had any access to memory cards, or been in a room where memory cards were used for pollworker training, or whoever at Diebold had access to the memory cards before they were shipped to Ann Arbor. Typically the security surrounding these memory cards has been relaxed or nonexistant.
There may also be a central counting computer running GEMS used to count up all the votes, which can be hacked as well.
You're doing a great job to have a discussion with the pollworker. Most are not informed about the Diebold optical scan's vulnerabilities despite the widespread publication of the first Hursti Report. Diebold tells the election officials that everything's ok, and the pollworkers believe what their bosses tell them. |
Dan Oetting
Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 22
Registered: 07-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, August 8, 2006 - 11:15 pm: |
|
Follow the paper! The first thing to do is visit the polling locations after the election and record photograph or videotape the closing tape that should be posted at each location. You only need to get the numbers for your own precinct but if you can easily visit other precincts do that too (just don't waste too much $3 gas driving all over town). Ideally you should be at your own polling location at the time the polls close to witness the closing procedures. Even better, talk to your party or candidates about becoming an election judge or poll watcher.
(BTW, The poll workers are not the place to complain about general election issues. They are just another eligible voter like yourself but they have committed their time so that you and I can vote.)
Next, check with your local elections department to see where they post the precinct summaries for all the precincts within your county. It should be online but if not you may need to call or visit in person. You want to check that what is reported in the county summary matches what was printed in the precinct. If you are up to it, you can also check that the counties numbers add up properly. Then with the county totals, do the same check at the state level. This is the way any concerned citizen can verify the tallies in an open election. If you cannot follow these procedures because the numbers are not made available to the public you do not have an open election.
If you follow these procedures and you find a discrepancy, don't go to the elections department, you may not have standing to file a complaint. Contact the campaign staff of the candidate that was adversely affected (or the issue advocacy group) to bring the discrepancy to their attention. The group will have the resources and incentive to verify your findings and the legal console to guide the next step. Then let us know what you found.
The above steps will catch the problems with central tabulation software (except in locations that don't have open elections). But you asked specifically about the optical scanner. The only way to verify the integrity of the scanners is through random audits (or better, to hand count every vote and use the machines to do the audit).
Fortunately you are in a location that has paper ballots that can be counted. Not every voter is so blessed. And Michigan law allows candidates to request recounts (but it is up to the elections commission as to wether the count will be by hand or again by machine). |
Bev Harris
Board Administrator
Username: Admin
Post Number: 5527
Registered: 12-2004
Best of Black Box?
Votes: 4 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 4:29 am: |
|
Dan -- those are nice procedures but as we learned, won't necessarily work.
The Black Box Voting projects with the Hursti attacks on the Diebold op-scan machine hack the poll tape. The second one, which he did on Dec. 13, 2005, did a one-step manipulation of both the poll tape and the central tabulator results, using ONLY a memory card.
Also, you generally can't get the Statement of Votes Cast (the detail report from GEMS that breaks results out polling place by polling place -- the only way you can match up results from poll tapes to central tabulator. The SOVC is often not released at all unless you pay for it in a public records request, and generally they won't give it to you until AFTER the election is certified. There are some exceptions to this. In a large metro location that report is very large.
Random audits will not verify necessarily verify integrity either. One of the very dangerous things about the double set of books in GEMS is that it is possible to make the results wrong while any individual precinct you select will use the real numbers. That's because it allows you to de-couple the precincts with the totals. While it is true that the total does show up on the very last page of the SOVC report, as mentioned before that report is not made available in full until AFTER the spot checks are done, and besides, since the total is on the last page, they can easily say "we don't want to print out 1,000 pages, we're just printing the page that has the precinct result for the area we're spot-checking."
As is being seen in San Diego, even when you have ALL the reports they still don't necessarily match, nor do the spot-checks match (see Los Angeles, Judy Alter report) but they typically do not announce to either the candidates or the public that the spot check didn't match, nor do they seem to do anything about it.
We requested all the poll tapes back in the 2004 election. Small locations had them all, but the metro areas never had them all, due to poll worker error and also due to poor training of poll workers.
Astrogirl -- Welcome to Black Box Voting. If you will do one thing for us: We require real names here. Consider it an act of citizen leadership. I have enabled the "edit profile" function so you can go edit in your real name. Thanks.
* * * * *
"Regardless of size, just 1-3 people do all the work in any group. Better to have 10 groups of 10 people than one group with 100 people. That way, at least 10 people will get things done."
(-- John Brakey, an Arizona citizen)
You own your government, not the other way around. This is your task: Pick 1 thing and just DO IT. Then lead, mentor or organize 9 people to do the same thing.
Citizen Tool Kit to Take Back Elections:
http://www.blackboxvoting.org/toolkit.pdf
Begins 8/1/06
|
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 751
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 4:36 am: |
|
Fwiffo said: "by fwiffo -- Natural limit -- 65535 is the natural limit for an unsigned, 16-bit integer. Most small processors and microcontrollers for this type of device at 16-bit proccessors (some are even 8-bit). Each voting machine never counts more than a few thousand votes (most states have a maximum precinct size of like 1500). It's an elementary programming error and a very common one, and is not likely to be found when testing under ordinary circumstances, because you'd never count that high." This is an ignorant statement; it isn't an elementary error only, it is a logical error that no moderately competent programmer would make. A signed integer would still give you more than 32,000 votes (more than adequate for a single voting machine, don't you agree? A signed integer uses the most significant bit (the left-most bit, like the leftmost digit in decimal, except this is binary) and warns you (in all code beyond assembler) when the sign changes by the result of math operations, which happens when you set that highest bit. Every programmer in his first class is warned of this.
Admin said: "It is an error, and an oversight, but by itself, is not evidence of malice. An intentional security flaw (i.e. a back door) would look much different. " It's evidence of incompetence, at least.
How does this schmuck explain that zero checking on these machines is done by adding together all the candidates vote totals to see that they add to zero instead of each individual count being zero, as anybody knows it must be to be legitimate? |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 752
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 4:40 am: |
|
I'm sorry, I guess Fwiffo said the second part as well. If Fwiffo is pretending to be a code/programming expert, he's not a very good one; anybody perpetrating a security flaw on purpose would rather have the security flaw look accidental, DUH! Because bozos like him will claim it can only be accidental. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 5529
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 4:45 am: |
|
One more comment: Regarding Kurt's answer that this all boils down to trusting the election officials and those they consort with:
Let's accompany that statement, which is basically true, with the next statement: Elections didn't used to be based solely on trusting elections officials, and they cannot be based on trusting elections officials any more than the safety of the bank vault can be based on trusting the night watchman.
When we had hand counted paper ballots, the nature of the checks and balances made it very difficult (not impossible, but difficult) for an insider to tamper. With computerized voting and insider owns the election, should he choose to.
That's a not-so-subtle change that elections officials don't want to talk about. When you had commercially printed, serial-numbered ballots, all of which had to be accounted for, and you had strong chain of ballot custody, plus public hand counting at the polling place BEFORE the voted ballots were transported back to headquarters, and the poll workers also accounted for every ballot by serial number, it was darn hard for even an insider to game the system.
* * * * *
"Regardless of size, just 1-3 people do all the work in any group. Better to have 10 groups of 10 people than one group with 100 people. That way, at least 10 people will get things done."
(-- John Brakey, an Arizona citizen)
You own your government, not the other way around. This is your task: Pick 1 thing and just DO IT. Then lead, mentor or organize 9 people to do the same thing.
Citizen Tool Kit to Take Back Elections:
http://www.blackboxvoting.org/toolkit.pdf
Begins 8/1/06
|
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3154
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 5:21 am: |
|
Brant, where's that "fwiffo" post you're referring to?
Bev, on the registration page would it be any help mention the date when BBV began to require real names? Otherwise it's confusing--when a person sees an older thread like this with most posters using screen names, it's natural they'd register and use a screen name, too. Might you say something like, "Since (month) (date) 2005 BBV has required that all members post using their real names etc." |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 755
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 5:24 am: |
|
'Fwiffo' is quoted in an Admin post upstream, I was responding to the quote. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3155
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 5:36 am: |
|
Thanks, Brant.
I did a dumb thing when I was trying to "Find" the text (it only searched downstream from the last couple of posts; I didn't realize it hadn't searched the whole thread) and in my scroll through I was only looking at the posters' names.
(Message edited by Catherine_a on August 09, 2006) |
Dan Oetting
Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 24
Registered: 07-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 7:14 am: |
|
Bev, I recognize the conditions where my procedures don't work and said so in the post. This was a direct response to a voter that wanted to know where her vote went and I offered a procedure that an individual could use to follow their vote from the ballot to the state result. But if the election system is not open at any level then even a 100% hand count isn't going to offer any better result.
I left one big gap in my procedures for verifying an election and that is the counting of the votes to get the precinct results. The best way to make this step open is if the voters can watch the ballot box being opened and the votes counted in front of their eyes. Recounts at any later time get into chain of custody issues.
Our elections must be open so that every number going into every tally can be verified. Once you have the tally process in the open, audits and recounts can detect where errors have occurred.
Election officials that don't make the election process open are either ignorant or corrupt. If they are simply ignorant they can be shown the light. If they are corrupt they must be brought to light. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 5538
Registered: 12-2004
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 8:28 am: |
|
Dan -- The thing is, we've actually gone through the procedures you mention. So it's sort of "been there, done that." The proposed methods you mention were what Black Box Voting was recommending back in 2004, but after actually following the procedure through, we learned that it does not work.
Counting of the actual votes in public at the precincts eliminates most of the problems.
Elections officials have been trained not to make the election process open. Their training comes from the quasi-public elections official organizations and from The Election Center. In some ways, they are responding to peer pressure and social conditioning from colleagues and industry perps.
It is going to take the citizenry itself to change the thinking of public officials back to what it should be.
* * * * *
"Regardless of size, just 1-3 people do all the work in any group. Better to have 10 groups of 10 people than one group with 100 people. That way, at least 10 people will get things done."
(-- John Brakey, an Arizona citizen)
You own your government, not the other way around. This is your task: Pick 1 thing and just DO IT. Then lead, mentor or organize 9 people to do the same thing.
Citizen Tool Kit to Take Back Elections:
http://www.blackboxvoting.org/toolkit.pdf
Begins 8/1/06
|
AstroGirl S.
Voting Rights Forum Participant
Username: Astrogirl
Post Number: 2
Registered: 08-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 9:24 am: |
|
Thanks for all of the responses. They give me lots to think about and confirm to me that I should be concerned that my city is using these machines. I should note that, other than the utter vulnerability and fallibility of these machines, I don't have any particular reason to suppose that there was a problem with the election. But that's a big "other than."
Bev, I'm sorry, but I don't post my real name on public internet forums. It's a matter of privacy and with all the illegal spying on private citizens that's been in the news lately, I'm sure you understand. I use my real name when contacting my elected officials, etc., but my private info is on a "need to know basis." So, while I really appreciate the work you're doing, I will refrain from participating further on this forum if real names are absolutely required. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 756
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, August 9, 2006 - 11:06 am: |
|
But Bev, the 'insiders' still game the system with falsely challenging voters, getting them knocked of ballot rolls, getting ballots disqualified (or made 'provisional', hell they might as well be disqualified!), covering ballot choices over with dots and re-making the choices, subverting legal recounts, the list goes on and on, and that's just Ohio! This is happening in Mexico now. What did Palast say, "The simplest, most idiot-proof ballot ever."?
Whatever the system is, the voters (each and every one of them) should be able to ascertain that their vote at least, was recorded as it was cast, and watch the ballots be counted. It should also be a 'published poll books' election, so that anyone can go see if someone who's ballot's been counted actually exists. |
|
|
