Backdoor found in Diebold Voting Tabulators

Sunder sunder at sunder.net
Tue Aug 31 12:49:28 PDT 2004 

A-Yup:

"We're sorry, the server is currently experiencing load issues. We 
apologize for the inconvenience. Please try again later."

Got the above off this blog:

http://www.boingboing.net/2004/08/31/diebold_voting_machi.html

related links:

http://www.technorati.com/cosmos/search.html?rank=&sub=mtcosmos&url=http://www.boingboing.net/2004/08/31/diebold_voting_machi.html



Here's the text of part 1:

Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator 
contains a stunning security hole
Submitted by Bev Harris on Thu, 08/26/2004 - 11:43. Investigations
Issue: Manipulation technique found in the Diebold central tabulator -- 
1,000 of these systems are in place, and they count up to two million 
votes at a time.

By entering a 2-digit code in a hidden location, a second set of votes is 
created. This set of votes can be changed, so that it no longer matches 
the correct votes. The voting system will then read the totals from the 
bogus vote set. It takes only seconds to change the votes, and to date not 
a single location in the U.S. has implemented security measures to fully 
mitigate the risks.

This program is not "stupidity" or sloppiness. It was designed and tested 
over a series of a dozen version adjustments.

Public officials: If you are in a county that uses GEMS 1.18.18, GEMS 
1.18.19, or GEMS 1.18.23, your secretary or state may not have told you 
about this. You're the one who'll be blamed if your election is tampered 
with. Find out for yourself if you have this problem: Black Box Voting 
will be happy to walk you through a diagnostic procedure over the phone. 
E-mail Bev Harris or Andy Stephenson to set up a time to do this.

For the media: Harris and Stephenson will be in New York City on Aug. 30, 
31, Sep.1, to demonstrate this built-in election tampering technique.

Members of congress and Washington correspondents: Harris and Stephenson 
will be in Washington D.C. on Sept. 22 to demonstrate this problem for 
you.

Whether you vote absentee, on touch-screens, or on paper ballot (fill in 
the bubble) optical scan machines, all votes are ultimately brought to the 
"mother ship," the central tabulator at the county which adds them all up 
and creates the results report.

These systems are used in over 30 states and each counts up to two million 
votes at once.

(Click "read more" for the rest of this section)

The central tabulator is far more vulnerable than the touch screen 
terminals. Think about it: If you were going to tamper with an election, 
would you rather tamper with 4,500 individual voting machines, or with 
just one machine, the central tabulator which receives votes from all the 
machines? Of course, the central tabulator is the most desirable target.

Findings: The GEMS central tabulator program is incorrectly designed and 
highly vulnerable to fraud. Election results can be changed in a matter of 
seconds. Part of the program we examined appears to be designed with 
election tampering in mind. We have also learned that election officials 
maintain inadequate controls over access to the central tabulator. We need 
to beef up procedures to mitigate risks.

Much of this information, originally published on July 8, 2003, has since 
been corroborated by formal studies (RABA) and by Diebold's own internal 
memos written by its programmers.

Not a single location has yet implemented the security measures needed to 
mitigate the risk. Yet, it is not too late. We need to tackle this one, 
folks, roll up our sleeves, and implement corrective measures.

In Nov. 2003, Black Box Voting founder Bev Harris, and director Jim March, 
filed a Qui Tam lawsuit in California citing fraudulent claims by Diebold, 
seeking restitution for the taxpayer. Diebold claimed its voting system 
was secure. It is, in fact, highly vulnerable to and appears to be 
designed for fraud.

The California Attorney General was made aware of this problem nearly a 
year ago. Harris and Black Box Voting Associate Director Andy Stephenson 
visited the Washington Attorney General's office in Feb. 2004 to inform 
them of the problem. Yet, nothing has been done to inform election 
officials who are using the system, nor have appropriate security 
safeguards been implemented. In fact, Gov. Arnold Swarzenegger recently 
froze the funds, allocated by Secretary of State Kevin Shelley, which 
would have paid for increased scrutiny of the voting system in California.

On April 21, 2004, Harris appeared before the California Voting Systems 
Panel, and presented the smoking gun document showing that Diebold had not 
corrected the GEMS flaws, even though it had updated and upgraded the GEMS 
program.

On Aug. 8, 2004, Harris demonstrated to Howard Dean how easy it is to 
change votes in GEMS, on CNBC TV.

On Aug. 11, 2004, Jim March formally requested that the Calfornia Voting 
Systems Panel watch the demonstration of the double set of books in GEMS. 
They were already convened, and the time for Harris was already allotted. 
Though the demonstration takes only 3 minutes, the panel refused to allow 
it and would not look. They did, however, meet privately with Diebold 
afterwards, without informing the public or issuing any report of what 
transpired.

On Aug. 18, 2004, Harris and Stephenson, together with computer security 
expert Dr. Hugh Thompson, and former King County Elections Supervisor 
Julie Anne Kempf, met with members of the California Voting Systems Panel 
and the California Secretary of State's office to demonstrate the double 
set of books. The officials declined to allow a camera crew from 60 
Minutes to film or attend.

The Secretary of State's office halted the meeting, called in the general 
counsel for their office, and a defense attorney from the California 
Attorney General's office. They refused to allow Black Box Voting to 
videotape its own demonstration. They prohibited any audiotape and 
specified that no notes of the meeting could be requested in public 
records requests.

The undersecretary of state, Mark Kyle, left the meeting early, and one 
voting panel member, John Mott Smith, appeared to sleep through the 
presentation.

On Aug. 23, 2004, CBC TV came to California and filmed the demonstration.

On Aug 30 and 31, Harris and Stephenson will be in New York City to 
demonstrate the double set of books for any public official and any TV 
crews who wish to see it.

On Sept. 1, another event is planned in New York City, and on Sept. 21, 
Harris and Stephenson intend to demonstrate the problem for members and 
congress and the press in Washington D.C.

Diebold has known of the problem, or should have known, because it did a 
cease and desist on the web site when Harris originally reported the 
problem in 2003. On Aug. 11, 2004, Harris also offered to show the problem 
to Marvin Singleton, Diebold's damage control expert, and to other Diebold 
execs. They refused to look.

Why don't people want to look? Suppose you are formally informed that the 
gas tank tends to explode on the car you are telling people to use. If you 
KNOW about it, but do nothing, you are liable.

LET US HOLD DIEBOLD, AND OUR PUBLIC OFFICIALS, ACCOUNTABLE.

1) Let there be no one who can say "I didn't know."

2) Let there be no election jurisdiction using GEMS that fails to 
implement all of the proper corrective procedures, this fall, to mitigate 
risk. 


----------------------Kaos-Keraunos-Kybernetos---------------------------
 + ^ + :"Our enemies are innovative and resourceful, and so are we.  /|\
  \|/  :They never stop thinking about new ways to harm our country /\|/\
<--*-->:and our people, and neither do we." -G. W. Bush, 2004.08.05 \/|\/
  /|\  :                                                             \|/
 + v + :    War is Peace, freedom is slavery, Bush is President.
-------------------------------------------------------------------------

On Tue, 31 Aug 2004 sfurlong at acmenet.net wrote:

> Quoting Eric Murray <ericm at lne.com>:
> 
> > On Tue, Aug 31, 2004 at 11:30:35AM -0400, Sunder wrote:
> > > Oops! Is that a cat exiting the bag?
> > > 
> > > 
> > > http://www.blackboxvoting.org/?q=node/view/78
> > 
> > 
> > Apparently so.  Going to www.blackboxvoting.org now just gives:
> 
> Don't break out the tinfoil hats yet. Maybe they exceeded their
> bandwidth because that link was spread around.

More information about the cypherpunks-legacy mailing list