Diebold Internal Mail Confirms U.S. Vote Count Vulnerabilities

http://www.scoop.co.nz/mason/stories/HL0309/S00106.htm

Scoop has obtained internal mail messages from Diebold Election Systems which clearly and explicitly confirm security problems in the GEMS vote counting software that were highlighted in reports published on Scoop.co.nz and widely elsewhere in July.

In the internal mail Diebold Election Systems principal engineer R&D Ken Clark - then working for Global Election Systems before Diebold took the company over - responded to an internal query over a security problem. The official certification laboratory responsible for assessing the voting technology company software's robustness had noticed a problem, and a staff member was seeking Clark's advice.

way to go bev harris!

I wonder when the major media will start paying attention.

When there's abolutely nothing else to cover?

When 90% of the American people already know about it?

When hell freezes over? Pigs fly?

:bounce:

Eloriel

but I envision this being covered about like yesterday, as a followup "More problems found", etc. Enough shoes dropping would give it legs.

And there's plenty of shoes to drop on this centipede.

:dem:

Bev Harris is the woman that changed the way America looks at voting.
Let's all email Secretary of States for each State and do everything we can to help her and ourselves get a fair election and have our votes counted legally without Microsoft Access remotely changing the vote totals on the GEMS system. Come on people. Our country is at stake here.

http://www.blackboxvoting.org

AND THERE'S NOT JUST SMOKE COMING OUT OF IT, IT'S IN THE ACT OF FIRING!!!!

It's amazing that Bev came up with not just a smoking gun, but a firing gun!

counts? I'm beginning to think NObody wants this story told on either side of the political aisle. Hmmmm....

Oh, Jesus Christ.

And now with wireless transmission. If 3 million people without a job were allowed to have their votes counted then the money would not continue to go where it is going now. Think about it.

like not letting people use the computer, for example. Or the NT security like the man says in those emails.

Since when was that Access password the last line of defense, or even a significant line of defense, against fraud?

The file I examined and tested had no password attached to it. In fact, it even allowed me to replace the encrypted form of a password on a new database I created in GEMS, and replace the admin password with it via a simple copy/paste.

Yes, the passwords are encrypted in Access, but that's not the point. The encryption means exactly dick when you can a) see the encryption and more importantly b) copy and paste said encryption to any other field in the database, including another password field.

There's no password set up in these Access databases, and people have to have access to GEMS, which means the admin computer, in order to perform routine and legit election tasks.

The software sucks and shouldn't ever have been used. Oh yeah- did you read the whole article? The writer of the internal email talks about 'fancy footwork' in actual elections, and it's well-known in election supervisor circles. Imagine that...

Since when was that Access password the last line of defense, or even a significant line of defense, against fraud?

Let's see? How about since Katherine Harris and Jeb Bush proved that the people with the NT password can't necessarily be trusted?

But you are right, the Access password is a joke - there are ways around it. What ISN'T a joke is the fact that Diebold is not even interested in taking this rudimentary security measure, let alone the slightly more complex, yet still simple, step of encrypting the contents of the database.

Nope, Diebold DOESN"T WANT security in their election software. I wonder why?

Local legislators? Senators? Congress? Someone with more knowledge than I in this kind of thing help me out. Who's cage do we all need to start rattling to get this out there, and prevent Diebold from (sic) 'delivering the electoral votes to the President next year'.

And thanks for the direction!

and pass it on.... http://blackboxvoting.org/

:bounce:

Secretary's of State you put out a few weeks ago on a post ? I got the Tx SOS for me, but I didn't keep the whole list ?

....Are available in the Activism / Events forum, just click on the Black Box Voting 'TAKE BACK THE VOTE!' Tool Kit! link. :evilgrin:

Thanks to you, and everyone else for the info, links, and direction! I've sent it to everyone on my email list, and am clicking madly on the links. This is one tree that needs shakin'!

There is so much to do and the elections are not far enough away to get everything done we want to in time. If everyone really starts pushing this then we can at least get some things changed if not everything.

.....will contain contact info for Governors, the Congress and Senate! :evilgrin:
Look for it sometime late next week. ;-)

For the activist arm of BBV.

See you there!

Eloriel

Bev Harris broke the story. We all need to email our Represntatives,
Senators, Secretary of States, Governors, and every and any other person you can think of to make this front page news. Can anyone please forward this to the Global Free Press ? I have written several letters to the Secretary of State of Tx but all have been ignored. I wrote an editorial about being ignored by the SOS of Tx and Diebold to the Austin American Statesman. Ignored also. Do as much as you can. This is extremely inportant. Really. Don't you want there to be something left for your kids and grandchildren of this country ? I do.

http://www.blackboxvoting.org

http://www.blackboxvoting.com

from the memo:
<snip>
Now, where the perception comes in is that its right now very *easy* to change the contents. Double click the .mdb file. Even technical wizards at Metamor (or Ciber, or whatever) can figure that one out.

It is possible to put a secret password on the .mdb file to prevent Metamor from opening it with Access. I've threatened to put a password on the .mdb before when dealers/customers/support have done stupid things with the GEMS database structure using Access. Being able to end-run the database has admittedly got people out of a bind though. Jane (I think it was Jane) did some fancy footwork on the .mdb file in Gaston recently. I know our dealers do it. King County is famous for it. That's why we've never put a password on the file before.
,
,
,
There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever.

By the way, all of this is why Texas gets its sh*t in a knot over the log printer. Log printers are not read-write, so you don't have the problem. Of course if I were Texas I would be more worried about modifications to our electronic ballots than to our electron logs, but that is another story I guess.
</snip>

So ballot security apparently is a pretty frivilous matter to these guys.

Honestly, these machines are not designed to count your vote, they are designed to make dirty elections look clean and polished.

It's a feature, not a bug.

These voting machine companies have a very incestuous relationship. The folks involved move from co. to co. and are even kin (note Urosevich (sp?) brothers.
There is plenty of reason to believe that all the TS machines, the counting units (Gems or other), and the software operating them are all basically the same.


:argh:

I'm reposting this incase it was missed

This is the main voting systems certification lab.

1:38pm 09/08/03 Ciber top percentage NYSE decliner, off 11.3% - CBS MarketWatch.com

10:12am 09/08/03
Ciber tumbles on poor Q3 outlook (CBR) By Michael Baron
New York (CBS.MW) -- Ciber (CBR) shares lost more than 15 percent to $9.13 after the Geenwood Village, Colo., provider of systems intergration consulting services forcast $175 million to $177 million in revenue and earnings per share of 7 to 9 cents for the third quater. Analysts polled by Thomson First Call were looking for earnings of 10 cents per share on revenue of $179 million. The company also cut about 140 jobs in its software consulting operations as an unidentified telecommunications company reduced its business with Ciber.

posted by DanSpillane on Mon Sep-08-03

I really want to spread this stuff all around.
I will tell my reps, SOS, local news , entire email list etc etc etc.

I think this is the difference between life and death - really.
I even will go far to say that I think myself to be brighter than your average joe or jane.

Trouble is, I don't really understand it.
If I am going to try to tell others about this issue, and this new firing gun, I need very succinct, easy , blurb talking points.

This stuff is so fcked up that it sounds very tinfoil to your average person.

In letters and emails of course I can add links to the bigger, more detailed stuff but I need to have the elevator shat version so I don't sound stupid or conspiracy-crazed.

Thanks!

That's something we need to work on, and will be working on.

Eloriel

and I will be happy to explain it for you and answer you questions.

David Allen
Publisher, CEO, Janitor
Plan Nine Publishing
1237 Elon Place
High Point, NC 27263
http://www.plan9.org

This Web site is a simulated voting machine. Run in test mode, eneter your vote, check your totals. All will be fine!

Then, set it to a Real Election, enter your vote, verify it, then check the totals. It will have changed and will now have incorrect totals.

http://www.wheresthepaper.org/

Dr Mercouri says something like this "I can program a machine to display one thing, add to the count of something else, and print something entirely different in the totals list."

And she's right. I can do that and so can just about any programmer, there fore a voter verified ballot that can be hand counted if desired is an absolute requirement.