BREAKING NEWS BULLETIN FOR MEDIA AND PUBLIC:
Electronic Voting Machines Blasted by Scientists, Hacked by
Author
From: Scoop Media (Scoop.co.nz) and Bev Harris
(Blackboxvoting.com)
http://www.blackboxvoting.com
Read The
Book…Support The Cause
Pre-Order Your Copy Today
SCOOP EDITOR'S NOTE: What follows is a set of
discoveries, the result of the first-ever public examination of a
secret, proprietary computer program used to count votes in 37 states. A
hundred dollar item allows anyone to stuff the ballot box; remote access
was left unprotected, encryption keys were made available to hackers,
and passwords, audit logs and votes were easily compromised.
This report, and all information not attributed to others here, was
provided by Bev Harris, author of "Black Box Voting: Ballot-Tampering in
the 21st Century."
CONTENTS
WHY
THE BIG DEAL?
WHO
TESTS AND CERTIFIES THESE SYSTEMS?
WHO
RUNS DIEBOLD ELECTION SYSTEMS? WHO WROTE THE PROGRAMS?
WHO
ELSE WRITES PROGRAMS FOR DIEBOLD?
IS
THERE MORE TO COME?
ENDNOTES
WHY THE BIG DEAL?
You can overwrite votes. You can vote more than once. The system is
vulnerable to both inside and outside attacks. Intruders can overwrite
audit logs. You can assign passwords to all your friends.
"Our analysis shows that this voting system is far below even
the most minimal security standards applicable in other contexts."
-- Researchers from Johns Hopkins and Rice Universities, in paper
just released: "Analysis of an Electronic Voting System" http://avirubin.com/vote.pdf
"Computer Voting Is Open to Easy Fraud, Experts Say" (New
York Times, July 24 2003) http://www.nytimes.com/2003/07/24/technology/24VOTE.html
These discoveries were made after examining Diebold voting system
files left on an open web site, in a security breach somewhat stunning
in magnitude. These files had been stored, unprotected, on a company web
site for several years. The site appeared to be in continuous use, with
new files added frequently, and its design invited visitors into an ftp
page, which was available with anonymous access and no password. On
January 29, 2003, shortly after Bev Harris found the site (which caused
her to interview Diebold employees about it) the web site was removed
from public access. By this time, its files had been downloaded by
several people in various locations around the world.
On July 8, 2003 an Internet publication called Scoop Media released
the location of a complete set of files. Alastair Thompson, the
publisher and editor of Scoop Media, says he believed that the files
were of critical importance in assessing whether Diebold officials and
certifiers have been telling the truth about voting machine security.
Diebold machines are used in 37 states; Maryland just spent $55
million on 11,000 of these machines, and the state of Ohio is
considering switching all counties to Diebold machines, a purchase
estimated to be as high as $150 million. The state of Georgia bought
Diebold machines in 2002, investing $55 million to purchase over 22,000
machines.
The files on the Diebold ftp site indicate that security flaws are
not limited to touch screen machines; the problems with Diebold's GEMS
software also exist in Diebold optical scan machines, like those used in
King County Washington. For a complete list of locations using Diebold
machines as of Feb. 2003, go to the list of Diebold locations found in:
http://www.blackboxvoting.org/mfr.pdf,
bearing in mind that many new purchases have been made since that time.
State laws typically allow only limited examination of the paper
ballots, taking tallies directly from Diebold optical scan machines,
even in recounts. Therefore, insecure optical scan software also poses a
grave risk to voting security, since tampering is unlikely to be
spotted. Under a previous company name (Global Election Systems) Diebold
machines counted 40 percent of Florida in election 2000.
Diebold systems go by the name "AccuVote" and "AccuTouch," and the
software program is called "GEMS."
[Electronic voting] "places our entire democracy at risk" say
experts:
"We highlight several issues including unauthorized
privilege escalation, incorrect use of cryptography, vulnerabilities
to network threats, and poor software development processes. For
example, common voters, without any insider privileges, can cast
unlimited votes without being detected by any mechanisms within the
voting terminal."
"Furthermore, we show that even the most serious of our outsider
attacks could have been discovered without the source code. In the
face of such attacks, the usual worries about insider threats are not
the only concerns; outsiders can do the damage. That said, we
demonstrate that the insider threat is also quite considerable. We
conclude that, as a society, we must carefully consider the risks
inherent in electronic voting, as it places our very democracy at
risk." More: http://avirubin.com/vote.pdf
Other security flaws:
- Bev Harris bypassed the Diebold voting system password in 10
minutes, using the officially certified version of the GEMS program. See
illustration:
http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm#password.
…OR…
http://www.blackboxvoting.org/access-diebold.htm#password.
Harris also:
- Switched votes on the Diebold voting system. See illustration:
http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm#votes
…OR…
http://www.blackboxvoting.org/access-diebold.htm#votes
- Compromised the audit log on the Diebold voting system: See
illustration:
http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm#audit
…OR…
http://www.blackboxvoting.org/access-diebold.htm#audit
The state of California, which is soon to have an election on the
recall of Governor Gray Davis, has Diebold machines in many counties,
including heavily populated Los Angeles and San Diego counties.
"I have called King County four times, trying to show the task force
where the problems are, including problems that I have not yet
published. They have yet to respond. They have not even asked me to send
them a report," says Harris, who lives in King County and must vote on
its Diebold machines.
Harris hopes to obtain a higher level of cooperation from Microsoft,
upon whose operating system the Diebold voting program is based.
"One of my sources reported a problem in the Windows code, apparently
a change made by the Diebold programmers that could affect security, and
I explained the urgency of the situation. I told Microsoft that these
machines are used in 37 states, and requested immediate help to identify
whether the Windows code had indeed been rewritten, and an opinion from
them as to whether it compromises security. I hope to obtain their
assistance as soon as possible."
According to Professor Douglas Jones, at an official examination in
Iowa, when asked about this, the representatives of Global [Global
Election Systems, now Diebold Election Systems] stated, firmly, that the
version of Windows they used was purely unmodified commercial
off-the-shelf software, and therefore not subject to a source code audit
under the FEC/NASED certification rules. He discussed potential problems
with this in his testimony before the U.S. Congress (House Science
Committee on May 22, 2001. See "Problems with Voting System Standards"
http://www.cs.uiowa.edu/~jones/voting/congress.html)
- See also: Misleading statements by Diebold about remote
communications in voting machines. If Diebold does not tell the truth
about a simple thing like "do these voting machines have modems," can we
believe the rest of what they have to say?
http://www.blackboxvoting.org/lies.htm
(contains photocopy of modem and internet communications with Wide
Area Network and Web servers, from the Diebold sales presentation made
to the State of Georgia); the touch screen machines also contain
wireless communications devices and land line connectivity.
- See also: Technical questions to ask Diebold, and technical
analysis of Diebold flaws, by Professor Doug Jones: http://www.cs.uiowa.edu/~jones/voting/dieboldftp.html
In the July 24 New York Times article, when asked about the
unprotected web site, Diebold spokesman Joe Richardson states that
"files were over a year old."
In fact, the files were being uploaded to the web site almost daily,
until it was taken down on Jan. 29, 2003. Experts indicate that
rewriting or correcting problems will not be a simple task, since the
problems are built into the architecture of the system itself, and any
revisions will require recertification before the machines can be used.
Here is an interview with the technician in charge of the Diebold
site: http://www.blackboxvoting.org/lies.htm#lancaster
Here is an interview with a technician who describes how the site was
used:
http://www.blackboxvoting.org/robgeorgia.htm
…Or…
http://www.scoop.co.nz/mason/stories/HL0307/S00078.htm
Here is a GEMS User's Manual that encourages election workers to
download from the unprotected Diebold web site:
http://www.blackboxvoting.org/GEMSmanual.pdf
(see page 221)
"This is a program that will have been set up by your Diebold Support
Specialist to connect directly into the Diebold FTP site. It is easy to
use and fun as well. Connect to the Internet the normal way…"
Note that Diebold officials have insisted that the machines do not
connect to the Internet, "for obvious security reasons." (See
statements at
http://www.blackboxvoting.org/lies.htm
..OR..
http://www.scoop.co.nz/mason/stories/HL0307/S00078.htm)
WHO TESTS AND CERTIFIES THESE SYSTEMS?
The story gets a bit odder here. An unelected person named R. Doug
Lewis runs a private non-profit organization called "The Election
Center." Lewis is possibly the most powerful man in the U.S.,
influencing election procedures and voting systems, yet he is vague
about his credentials and no one seems to be quite sure who hired him or
how he came to oversee such vast electoral functions. Lewis organized
the National Association of Secretaries of State (NASS, now heavily
funded by voting machine vendors); he also organized the National
Association of State Election Directors (NASED) and, through them, Lewis
told Harris he helps certify the certifiers.
Wyle Laboratories is the most talked-about voting machine certifier,
probably because it is the biggest, but in fact, Wyle quit certifying
voting machine software in 1996. It does test hardware: Can you drop it
off a truck? Does it stand up to rain?
Software testing and certification is done by Shawn Southworth. When
Ciber quit certifying in 1996, it was taken over by Nichols Research,
and Southworth was in charge of testing. Nichols Research stopped doing
the testing, and it was taken over by PSInet, where Southworth did the
testing. PSInet went under, and testing functions were taken over by
Metamore, where Southworth did the testing. Metamore dumped it, and it
was taken over by Ciber, where Southworth does the testing.
Here is a photo of Shawn Southworth:
What are Shawn Southworth's credentials? We are not allowed to ask.
The rules are set by R. Doug Lewis of The Election Center, which states
that the certifiers will not answer questions from the media, or from
anyone else.
According to Dr. David Dill of Stanford, formal questions were posed
to Wyle and Ciber about what is done to test these machines, but both
declined to answer.
Dr. Dill's statement on electronic voting has gained the endorsement
of several hundred computer scientists who agreed, even before the
problems were found in the Diebold system, that electronic voting is
inherently unsafe.
http://www.verifiedvoting.org/index.asp
"Computerized voting equipment is inherently subject to
programming error, equipment malfunction, and malicious tampering. It
is therefore crucial that voting equipment provide a voter-verifiable
audit trail, by which we mean a permanent record of each vote that can
be checked for accuracy by the voter before the vote is submitted, and
is difficult or impossible to alter after it has been checked. Many of
the electronic voting machines being purchased do not satisfy this
requirement. Voting machines should not be purchased or used unless
they provide a voter-verifiable audit trail; when such machines are
already in use, they should be replaced or modified to provide a
voter-verifiable audit trail. Providing a voter-verifiable audit trail
should be one of the essential requirements for certification of new
voting systems."
WHO RUNS DIEBOLD ELECTION SYSTEMS? WHO WROTE THE
PROGRAMS?
Bob Urosevich is the CEO of Diebold Election Systems. Urosevich
created the original software architecture for Diebold Election Systems,
and his original company, called I-Mark Systems, can be found in the
source code signatures.
Prior to programming for and taking over Diebold Election Systems,
Urosevich programmed for and was CEO of Election Systems & Software
(ES&S), which counts 56 percent of the votes in the United States.
When Urosevich left ES&S, Chuck Hagel took his position. (Hagel then
ran for the U.S. Senate, with ES&S machines counting his own votes,
but failed to disclose that he had been both CEO and Chairman of
ES&S on his disclosure documents).
Bob Urosevich, together with his brother Todd, founded ES&S. Bob
then went to run Diebold, while Todd still is a Vice President at
ES&S. Diebold and ES&S, together, count about 80 percent of the
votes in the United States.
WHO ELSE WRITES PROGRAMS FOR DIEBOLD?
Many of the Diebold code-writers are not in the United States, and
some are outside contractors, not employees. Talbot R. Iredale, who has
been a stockholder in the election company, is one of the key
programmers. The Windows files, which appear to have been changed, are
found in a file that is referenced to Iredale's own computer hard drive.
Another key programmer is Dmitry Papushin. Some of the optical scan
software was written by Guy Lancaster. Both Iredale and Lancaster live
in Vancouver, Canada.
IS THERE MORE TO COME?
Bev Harris is developing a follow-up story about Windows files used
in the Diebold voting machines. These files were reportedly changed
frequently prior to the 2002 general election, and sources say they came
out of Diebold's office, not from Microsoft. Programmers do make small
changes in Windows files sometimes, but in the case of voting machines,
any such changes must be reviewed, since only "off the shelf" software
that is identical to the standard version can go unexamined.
All 22,000 machines in Georgia received an unexamined, uncertified
program change immediately before the Nov. 2002 general election, and
some of those "updates" were on the Diebold web site, including a file
called "rob-georgia.zip" and an unusual file dated six days after the
election which refers to "repairing" some kind of database, in the same
format as the vote databases.
# # # # #
ENDNOTE: This is a multifaceted story that will unfold
continuously over the next year, but the urgent concern of many U.S.
voters is that their next votes will be secure. Already some citizens
are demanding an immediate moratorium on all electronic voting, until
all systems can be examined, voter-verified paper trails are in place,
remote access mechanisms are removed, and robust audits are required.
If you or your organisation want to help in coordinating the
communications drive on this issue the best place to start is:
http://www.blackboxvoting.org/
The publisher for Bev Harris's new book: "Black Box Voting – Ballot
Tampering In The 21st Century" is taking pre-publication orders now.
See..
http://shop1.got.net/plan9/Search.bok?category=Political+Commentary
Or Click On The Image Below:
http://www.blackboxvoting.com
Read The
Book…Support The Cause
Pre-Order Your Copy Today
# # ENDS # #
Home Page | Headlines |
Previous
Story | Next Story
Copyright (c) Scoop Media
.gif)
.gif){kind=tracking}