posted at commongroundcommonsense online forum by brossignol
http://www.commongroundcommonsense.org/index.php?showtopic=2927I thought I would nip this in the bud because I know it is making rounds over at DU already.
First the story:
http://www.dailykos.com/story/2004/11/10/1172/9052The allegation is that there is a line in the source code that looks like this:
#defineDESKEY((des_KEY8F2654hd4
What is alleged is that Diebold used a DES (Dat Encryption Standard) key to protect its program and that the DES keys are no longer used because the encryption was cracked in 1997.
First, I will talk about DES.
It is absolutely not true that DES is no longer used. What I will do is refer to DES, as they mean it as single-DES. single-DES encryption is based on a 64-bit key, but really only uses a 56-bit length key. This encryption is still in use and is widely used in situations where absolute hack-proof encryption is not necessary. So, it is a false statement that signle-DES is no longer used.
In 1997, the encryption was first cracked in 3 days. In 1998, it was again cracked in a contest in just over 22 hours using a network of more than 100,000 computers. This is required for the 250 billion+ calculations per second that are required to crack this level of encryption.
It is HIGHLY unlikely that anyone could go to this level to crack the encryption in Diebold's software.
Now, as for the programming, I am working on getting my hands on that source code, but it is entirely possible that the defineDESKEY was actually used to refer to the creation of a triple-DES encryption object.
THAT is the current standard for encryption and is completely un-hackable.
Again, this is one of those articles that will sound great to the lay person, but to those with real knowledge of the technology, it is more speculation - at best.
---------------------------------------------------------------------
brossignol the freeper is wrong, let me point out a more certafiable study
http://www.scoop.co.nz/mason/stories/HL0307/S00064.htmThese people and computer professionals showed in great detail how "simple" the code was cracked, and scoff at anyone intermittently trying to say its secure. They have experience 30 more plus years and counting.
Additional evidence on blackboxvoting.org shows the current code is not only not secure, it may even be less secure given the tampering they succeeded with in the state races already..
---------------------------------------------------------------------
What you talk about in code and encryption is totally FALSE>
If you have the software and knowledge of reverse engineering it can be
hacked quickly. Many of my softwares use this technology and 2 kids can
hack it quickly. If it was so great there would be no FRAUD
---------------------------------------------------------------------
Sure you COULD, but it would be so obvious that a child could detect it.
Let me give you an example.
First, we will dumb it down to 100 precincts rather than the thousands there really are.
We will also dumb it down to only 2 candidates and 2 voting machines in each precinct.
In the GEMS database, the way the tabulations are stored is by candidate, by voting machine and by precinct.
That means, for example, in precinct 1, on machine 1, there are two records. One for each candidate that hold the counts for each machine.
So, let's say, in our imaginary precinct, that there are 100,000 voters and, strangely enough, they are spread across the machines exactly evenly and across precinct evenly.
That means you can have a maximum of 1,000 voters in each precinct and 500 voters on each machine.
Now, what you would get is something like one record on one machine with a count of 260 and another record for the same machine of 240.
These records, in the database table view (the one the Bev Harris showed) would be in two separate lines, like a spreadsheet. Under that would be the rest of the records. And there would be 400 total records, one for each candidate on each machine in each precinct.
Now, if you had something that looked like this:
Precinct, Machine, Candidate, Count
1, 1, A, 260
1, 1, B, 240
1, 2, A, 300
1, 2, B, 200
That would cover one precinct. Let's imagine that the percentages were pretty close to this across all of the precincts.
In order to change the total result to favor candidate B, you would have to change FAR more than 5 records! You would have to go through and pretty much flip flop all of them.
Now, 400 records is a sizable number, but could be do-able manually.
But, consider that the real number of records would actually be more than 30,000. It would require a program to do this.
Please trust me on this one. I have the GEMS software and a real election database (past election) to test my theories on. I am not just some person making speculations, I really do know what I am talking about and have absolute data to back me up.
---------------------------------------------------------------------
The GEMS runs on w2k or xp w/out all the patches updates or firewalls
installed many ports are open emulating a terminal window is nothing and
easy to be there w/out being there. changing the data is very simple if you
know the code this is not rocket science. Lebold make a fortune off every unit
and license they sell! otherwise these machines would have performed to a
undetectable level.!
---------------------------------------------------------------------
In a complex s/w system like this, it is hard to believe there is only ONE define statement that is security related. There may be differerent security protocols used for different reasons--and hence, numerous constant/macro definitions. The data flow from client/server may be protected with one type of security std, while the password database may have another, and the local vote database yet another.
There can be nothing suspicious about that definition statement unless, when considered with the other src code that it affects, something obviously wrong has occurred in the code (e.g. it creates a secret backdoor password). If you have a suspicious define statement, it should take 5 minutes to grep the rest of the src code and find any code that is truly suspicious.
Anyone saying "Oh, look! I found a define statement that MIGHT coorelate to a 56-bit DES key!" does not have my confidence they are on the right track in discovering the signs of voter fraud.
If these diebold people conspired to election fraud, then my guess is they intentionally coded a security flaw that will not be very apparent by reading the src code. Rather, they probably setup a means to allow non-administrators (people without root passwords) to rewite or read the password file, or created a subtle buffer overflow condition that allows an intruder to dynamically run a code snippet that is not even compiled in the main src code, or so forth. They could have even hardcoded the word "Bush" or "Kerry" somehow to have self-adapting algorithms to simply make math errors when dealing with certain people (though this is unlikely since it leaves evidence of fraud).
There are a million ways to provide an intruder a way to affect the vote outcome, and I doubt you'll find a piece of code like this:
#ifdef INTRUDER_LOGGED_IN
screw_kerry();
#endif
---------------------------------------------------------------------
Well, my company would be reluctant to hand out source code to a proprietary program too. And making public source code to a program that MUST NOT be hacked would be very irresponsible.
As for the backdoor theory, you do understand that, in order to use a backdoor, the computer must 1) be connected to some sort of communication system, and 2) the software with the alleged backdoor must be able to accept incoming connections, right?
Can you explain that how it would work in the absence of those 2 requirements?