Forum Navigation
Topics
Log In
Log Out
Forum Search
New Today
New This Week
Advanced Search
Tree View
Forum Account
Edit Profile
Register
Forgot Password
Forum Tools
Help/Instructions
Contact Moderators
Administration
|
| 2-6-06: Diebold agrees to waive propr... |
|
| Author |
Message |
    
Bev Harris
Board Administrator
Username: Admin
Post Number: 3555
Registered: 12-2004
Best of Black Box? 
Votes: 1 (A keeper?) | | Posted on Monday, February 6, 2006 - 3:17 pm: | 
|
"Hello. We just received a letter in today's mail from the Division of Elections stating that Diebold has agreed to waive its proprietary rights to the GEMS database files," wrote Kay Brown, Alaska Communications Director for the DNC.
You can see the letter that she's referring to here:
http://bbvdocs.org/diebold/alaska-surrenders.pdf
There is one minor point of contention left concerning the public accessibility of the usernames of the election staff who use GEMS. We feel that's public record.
This marks the first time Diebold itself has agreed to treat the main database files for all their election products as public records. Rapid access to these files on election night is the next frontier, as it will allow rapid oversight of both vote results and election configuration by citizens, party observers and the press.
This is an integral part of our civil right to observe elections. This file is of the same type that San Diego County refused to release to Black Box Voting investigator Jim March during the mayoral primaries of 2005.
More on Jim March's arrest in San Diego for attempting to view vote tallying:
http://www.bbvforums.org/forums/messages/1954/8556.html
This will also free up the Volusia County database files, hopefully shedding light on the bizarre discrepancies in its election records.
Volusia County anomalies:
http://www.bbvforums.org/forums/messages/2197/15675.html
Permission granted to copy, distribute, reprint, or cite only if any further dissemination includes the link http://www.blackboxvoting.org and credit given for the source of the information. |
Joseph Hall
Voting Rights Forum Participant
Username: Joehall
Post Number: 50
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, February 6, 2006 - 4:10 pm: |
|
That is great news. I'm glad they decided to do that. I can't seem to access the letter, though... would love to read the letter. best, Joe |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3558
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, February 6, 2006 - 4:23 pm: |
|
Whoops, Joe -- I just fixed that link. Thanks for catching that. |
John Howard
Frequent Voting Rights Forum Participant
Username: Harmonyguy
Post Number: 256
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, February 6, 2006 - 4:39 pm: |
|
Yee Haaaaa !!!!!!!!!!!
Wonderful News.
HG |
Jim March
Frequent Voting Rights Forum Participant
Username: Jimmarch
Post Number: 116
Registered: 01-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, February 6, 2006 - 6:55 pm: |
|
My guess is that the Anchorage Daily News can take a bit of the credit  . Their initial reporting was quite good but then the follow-up editorial against the idea that Diebold owns the data files was almost certainly a factor.
The paper's stance was cutting-edge for mainstream media BUT not terribly surprising. At it's core this little battle was about public records access and journalists at every level support sunshine laws.
* * * * * *
* * * * * *
* * * * * *
* * * * * *
TRIPLE PROTECTION FOR ELECTION 2006 - STARTING NOW:
(1) Use Freedom of Information, public records requests ("All American Paper Chase")
(2) Try Dumpster Diving for Democracy
(3) Candid America Project - Don't leave home without your camcorder
HOW TO DO IT: http://www.bbvforums.org/forums/messages/6/6.html
|
Edward Robles
Voting Rights Forum Participant
Username: Tedeger
Post Number: 29
Registered: 11-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 7:37 am: |
|
I would not for the world suggest that anyone do anything illegal, but wouldn't it be FUN for someone who knows how to do it to break into the GEMS software in Ohio in 2006 after the vote, and turn in a 90% vote for the Democrats in every contest? Just to prove it could be done? There is a very interesting account starting at bradblog (talking about DIEBTHROAT) which indicates that it could be done - and don't you think that, if it WAS done, that the machines would suddenly be "Discovered" to be "Faulty" and something done about it? Like calling for repeat elections on PAPER ballots? Apparently all you need is a telephone and some knowhow. Which points up exactly what DID happen in Ohio, Florida, Georgia, and elsewhere in the last couple of elections. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3642
Registered: 12-2004
Best of Black Box?
Votes: 4 (A keeper?) | | Posted on Saturday, February 11, 2006 - 8:45 am: |
|
Edward,
It isn't true that all you need is a telephone and some know-how. To hack GEMS remotely you need to do a little more than that -- but the Alaska decision is important for that, too. What Jim March has been suggesting is that we get an electronic copy of EACH ITERATION of the GEMS files. They save backups every 30 minutes or so. Thus, if there was tampering during the middle of the election, it would be more detectable, and if these files were released promptly throughout election counting, it might even be caught on the spot by reporters, party observers or citizens.
And did you know: Election officials don't have to report to the public if they think their election was hacked. They can quietly fix the "glitch" so they can report only the "correct results." As long as they attribute it to a glitch rather than a hack, they really don't have to report it at all.
The true scariness of the Herbert Thompson GEMS hack
More compelling is what Dr. Herbert Thompson did when he hacked the GEMS tabulator in Leon County on Feb. 14 and May 2 last year. Now that was scary, for these reasons:
1) It took less than 60 seconds
2) You don't need a GEMS password. You never need to even open GEMS! You just slip a small script onto the hard drive, where it sits quietly waiting for the trigger to do its hidden work.
3) It could be set up by anyone with 60-second access to the tabulator IN ADVANCE. In fact, you could rig the 2008 election right now, and even if they upgraded the software in the mean time, as long as your trojan horse is still buried in the hard drive and as long as they didn't fundamentally rewrite the architecture of the tables themselves, you're in.
4) With Thompson's trojan horse, he created a program that makes intelligent guesses at the ballot choices. For example, race sounds like "pres", choice within race sounds like like "rep", look for the these totals in the vote category that sounds like "abs" [absentee]"
In other words, you can own the election in advance, even if you don't know the candidate's name or even the exact spelling of the race or party on the ballot!
5) With Thompson's trojan horse, you can also create any math formula you want, of any complexity, including IF-THEN statements and triggers. Example:
- IF at 11:59 p.m. on Nov. 4 2008 a race that sounds like "pres"
- has totals such that a choice that sounds like "rep" is less than the choice that sounds like "dem,"
- THEN calculate the percentage of the spread
- THEN for vote category that sounds like "abs"
- select totals for the post-Nov. 4 absentee batches
- apply the formula to the following absentee ballot batches "1st, 9th, 10th, 12th, 15rd, 24th, 29th, 36th"
- alter the input for each of those absentee ballot batches by using random variations between 18 and 26 percent of the amount of the spread as of 11:59 p.m. Nov 4 .
In other words, with 60 seconds of pre-work you can do any damn thing you want, any formula, with any trigger, implemented at any specific time, for any race, major party choices, precincts and vote category. You can do it years in advance on a federal election. And if your manipulation gets caught? Call it a "glitch."
Mail-in votes are especially vulnerable to GEMS central tabulator tampering
You could also run such a formula only on absentee ballots entered BEFORE election day. Note San Diego mayoral, which had a vast difference between absentee and poll votes, which they attributed to mailings.
Note that the absentee votes do NOT have a poll tape, a protective feature that Diebold removed fairly recently. Why? Why is no one asking about this, especially now that so many places are increasing the mail-in voting? And why did California examiners approve this change for certification?
The poll tapes aren't being used properly to audit GEMS either
Even assuming the poll tapes aren't falsified (Hursti hack), field work by Black Box Voting has revealed that they aren't being used except to "spot check." In Alameda County, they spot check one percent of the poll tapes against GEMS.
When you are told that poll tapes are compared against GEMS, ask very detailed follow up questions, preferably on videotape. Ask if 100% of the ballot choices are compared against 100% of the GEMS results. Most places, you'll find out that is not the case. Not only do they not do a meaningful hand count of the ballots, they don't even do a meaningful canvass comparing the results reports from voting machines against GEMS.
PERMISSION TO COPY, CITE (MUST PROVIDE LINK TO http://www.blackboxvoting.org ) |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3643
Registered: 12-2004
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Saturday, February 11, 2006 - 9:29 am: |
|
We'll be highlighting this shortly, no later than Monday, in connection with something Jim March is working on.
And bear in mind, the true nature of the testing and certification scandal: Going all the way back to 1990, the FEC guidelines instruct the vendor to provide an analysis of any potential unauthorized changes in the way the program should function, and a Visual Basic Script hack is one such penetration -- and the FEC standards specify identifying such penetration ability for "ANY PERSON'. The FEC guidelines do not say "an unauthorized person" or "an outside person." (Thanks to Bruce Sims for that find).
It says ANY PERSON.
As testing expert John Washburn has pointed out, 13 consecutive versions of Diebold products have passed federal testing and state certification.
- 0 for federal/state examiners, 13 for Hursti
- 0 for federal/state examiners, 13 for Thompson.
- Hursti spotted the memory card design flaw in 24 hours.
- Thompson identified the GEMS design flaw in less than 5 minutes.
And GEMS is STILL CERTIFIED and these problems have NOT BEEN MITIGATED.
The certification scandal
Even AFTER the vulnerabilities with GEMS were pointed out publicly by Black Box Voting (July 8, 2003) and Dr. Thompson's diabolical but simple Visual Basic Script hack (Sept. 2004 at the National press club, with the Associated Press and members of congress's congressional staff there), these examiners are STILL recommending GEMS for certification.
You will soon see another bombshell
Key witnesses are notifying the Calif. Senate committee on elections that they will refuse to show up at the hearing on how certification scheduled for next week. They don't want to be questioned.
Shawn Southworth -- Ciber Labs -- has notified the senate committee holding the hearing that he will decline to appear. Jim Dearman -- Wyle Labs -- has notified the committee that he will decline to appear. No word yet from Steve Freeman and David Jefferson, who have accepted at least $150,000 and $50,000, respectively, of Calif. taxpayer money for their role in testing and certification and recommendation.
I say, put them all under subpoena, and while we're at it, subpoena the documents that Calif. Sec. State Bruce McPherson has withheld from the Calif. Senate Elections Committee despite their formal requests under Calif. public records law. Compel their attendance and then put them under oath.
When you hear that GEMS vulnerability is not a problem due to the existence of the poll tapes, if it comes from a scientist, that is just plain horrifying. There is no poll tape for absentee. You can hack the poll tapes. And regardless, that's irrelevant: state law requires that the system be secure. GEMS is not secure.
I think the real reason scientists are minimizing the importance of the GEMS defect is that they know they recommended it for certification, and they're having a damn hard time explaining that, because they knew better. That, and they wanted to focus on getting the VVPAT and they thought that attacking the GEMS program would dilute that. But their job is supposed to be science, not politics. And if you are paid to do a job -- for example, Freeman was paid to do testing specifically on the RABA report findings and the CompuWare report findings -- well then, you'd better report what you find. As recently as Nov. 2005, Freeman recommended GEMS for certification saying they PLAN TO find a way to mitigate the problems. I am a thoroughly inadequate public speaker, hate it, but I testified in this hearing that they need to mitigate the problems FIRST before certifying.
The certification scandal is appalling. It needs to be dealt with formally, and that should start with subpoenas and questioning under oath. Citizens have a right to this. It's the taxpayers who are footing the bill for the voting machine examiners and certifiers.
----------------
As usual, you heard it here first. Please cite the source if you use this material. It is professional courtesy to provide a link to http://www.blackboxvoting when you use information learned from Black Box Voting to develop your own stories. We want the information to get out! By all means use it, but only if you credit the source that first broke the information. |
Marian Beddill
Voting Rights Forum Participant
Username: Uu7thprinciple
Post Number: 21
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 12:50 pm: |
|
Several years ago, I testified to the WA State Legislature, using a spreadsheet model, showing a crude way that this same hack could work. It inserted a few IF-THEN program functions into the tally process, shifting a percentage of votes from one candidate to another, while doing the grand totals derived from the individual votes and batches like precinct subtotals.
In my example, a single voter could trigger the shift within the batch where that ballot was processed. The Method? Cast only two votes (leave all the other races blank). One vote would be for a determined race (whatever, just that the malicious voter knew which one), and the other vote would be for the race to be corrupted. That combination: Only-two, one of them the trigger, was all the information the trojan-horse needed to work its shift.
Which is why I continue to demand a v.v.p.a.t. - with a voter-verifiable paper ballot AND an audit procedure which hand-counts ENTIRE PRECINCTS at the finish of the tally work, just before certification of the election. This might add ONE day to the election results reporting, and the random selection at the last minute is the deterrent needed - a hacker might desist, knowing that the vote-shuffle has a high likelihood of being caught.
That demo is still downloadable from
http://noleakybuckets.org/files/votedemo.xls .
The trigger votes are 1 for Pedro Caballero and 1 for Yvonne Ward. Yvonne then wins.
Marian
http://NoLeakyBuckets.org
|
Bev Harris
Board Administrator
Username: Admin
Post Number: 3649
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 1:00 pm: |
|
Marian -- Yes, I saw your demonstration with my own eyes. And for those who don't know, Marian Beddill was one of the very early advocates of increased citizen oversight, and increased audits.
In fact, Marian, remember when you did your demonstration in a public meeting, and a vendor-friendly someone chided you, saying it wasn't a real system?
And now, what Dr. Thompson did was on a real system, proving your point.
Marian, you've got a knack for explaining and demonstrating technology so that non-techies can understand it. I also liked your diagram from a panel you were on in Bellingham, involved circles and things showing security issues. And the crowd always gasps when you explain that computers have a date and clock function which is always going automatically, and that date and clock function can be used as a trigger.
For example, WHEN it is 9 a.m. on the second Tuesday of November, TRIGGER this event.
Another fascinating potential trigger, of course: WHEN the ender card is run through, TRIGGER this recalculation of the results. That was brought to my attention very early in 2003, by a campaign official who'd seen that ender cards -- a certain type of ballot -- execute a function, supposedly to stop the machine from recording any more votes. If a particular ballot configuration can trigger that function, other functions could be triggered by ballot configurations as well.
Thanks for participating here at Black Box Voting, Marian. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1725
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 1:11 pm: |
|
Thanks for the link to the vote demo. It's really good! |
Marian Beddill
Voting Rights Forum Participant
Username: Uu7thprinciple
Post Number: 22
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 1:38 pm: |
|
Thanks for the kudos, Bev.
After all, I was writing programs in machine language and IBM Assembler, in the 1960's, way before MicroSoft.
When you're working with direct machine commands, and things like the push-pop-stacks and the "C"-register, and assembler instructions which over-write other machine instructions, then re-write the original code before ending, you can really appreciate the power of a few lines of code. Those things can get so convoluted that it is near-impossible for any source-code reviewer to really determine what a program will do, in the real world with outside influences.
Which is why I still, adamantly, argue for a v.v.p.a.t and hand-counted audits of significant portions of ballots.
After all: "If you cannot trust the way your votes are counted, nothing much else in politics matters!" (MGB 2001)
Marian
http://NoLeakyBuckets.org
|
|
|
