CALIFORNIA ELECTION PROTECTION NETWORK
A non-partisan organization of over 25 groups across
California
coming together to achieve their mutual election integrity
goals
Diebold in CA: Machinations Behind Closed Doors
November 21, 2005.
Sacramento. Today was an exhilarating day in Sacramento.
Deja vu of the
last Diebold hearing, this new attempt to certify Diebold
wares once
again raised the near-unanimous ire of concerned citizens.
The passion
and dedication of the people attending was palpable. To
witness more
than 125 citizens, journeying great distances--on short
notice and on a
short holiday week--who all came together to defend the
integrity of
our democratic processes, was to witness the real "Patriot
Act."
Without the dedication and vigilance of these activists,
other
concerned citizens would never have known that behind
closed doors, the
machinery of the Secretary of State’s office was in high
gear ready to
certify Diebold.
Testing Diebold
Diebold suffered some setbacks earlier this year trying to
meet the new
state requirement for a voter verified paper audit trail.
In its
initial test this summer, the AccuView printer attachment
to the TSx
model touch screen voting machine had a staggering 30%
performance
failure rate. Diebold made adjustments, resubmitted, and
reportedly
passed a second test in September, clearing the way for
rectifying the
Tsp machines in four counties where they've been suspended
since spring
2004.
Test Results: Passing With a Weak Thumb’s Up
California's official voting equipment certification
tester, Steve
Freeman, issued a slightly qualified "thumbs up" for
Diebold. Freeman
applied his stamp of approval despite the fact that he did
not run
tests on the specific security holes revealed by computer
security
experts Avi Rubin, Herbert Thompson and Harry Hursti, which
Blackboxvoting.org later applied in demonstrations of
undetected
vote-switching conducted under simulated election
conditions. As one
election official (who asked not to be identified) said of
the State’s
passing grade on the testing results, “Isn’t it like
examining a
patient for small pox and proudly announcing that their
teeth are
clean?”
Aces Up Sleeves?
Jim March of Blackboxvoting.org provided the most riveting
and colorful
overview of the various new ways recording and
tabulation can be hacked
on Diebold equipment. His gift for explaining technical
intricacies kept the audience on the edge of their
seats. After
detailing uncorrected software and hardware defects in
Diebold voting
systems that remain standing invitations to vote fraud,
March noted
Diebold continued refusal to release its source code for
testing, or to
identify the authors responsible March concluded his
remarks with this
advice to public officials promoting the use of Diebold
voting
machines, "If you don't want to be accused of cheating at
cards, don't
let aces fall out of your sleeves at every step."
The Seven Reason NOT to Certify Diebold
Numerous members of the California Election Protection
Network (CEPN)
delivered spoken testimony. The CEPN also entered into the
record their
press advisory titled “Seven Reason NOT to Certify
Diebold.”
.
SB370: Cart Before the Horse
Michelle Gabriel of the Voting Rights Task Force and CEPN,
raised an
excellent point about the recent passage of SB370. (SB370
will allow
voters to read their hard earned and soon to be required
accessible
voter verified paper trail upon the event an audit.) Yet to
satisfy the
impending SB370 Gabriel something to the effect of, No one
has yet
bothered to test under real life conditions, whether its
practical, or
even possible to do an audit using Diebold's AccuView
printer and its
roller-fed, thermal-paper tape. Let’s test this equipment
for all its
required tasks BEFORE certifying it, because the Secretary
of State’s
Office has NO right to risk the security of our next
election with
untested election machines.
Diebold Groups Surprising About-Face
In a surprise about-face, all of the disabled groups
represented at
Monday's hearing went on record against certifying the
Diebold
equipment, stating that it simply does not meet their
specific needs.
Over the past two years many disabled groups have lobbied
and litigated
forcefully for the adoption of Diebold-type voting systems.
There has
been much speculation about the motives behind such
pro-Diebold
efforts, considering that the Diebold campaigning began
AFTER Diebold
made a six-figure contribution to the largest national
association of
the blind.
Disabled Groups & HAVA
The reversal by disability groups at Monday's hearing is
very
significant, because the most forceful influence driving
county
elections officials to the purchase of DRE (touch screen)
voting
machines like the Diebold TsX has been the threat of
lawsuits brought
by the disabled against election officials resisting the
switch to DRE
voting systems. There is a pervasive misconception,
actively promoted
by DRE vendors and supporters, that the Help America Vote
Act (HAVA)
requires touch screen (DRE) voting systems as the only
suitable means
to address disabled voting needs. HAVA merely requires that
voting
systems enable disabled persons to vote independently, and
there are
non-computerized voting solutions that meet this condition.
http://www.votersunite.org/info/accessibility.asp ]
Further, last year
a federal court decision clearly stated that the rights of
the disabled
cannot come at the expense of the majority of voters. < See [br />http://evotingcase.notlong.com ]
HAVA: “Use it or Lose it”
The major threat driving voting system purchasing decisions
has been
the HAVA funds’ “Use it or Lose it” deadline, set for the
stroke of
midnight at the end of this year. County elections
officials who have
found the voting equipment options offered them
unacceptable, given the
confusion about which federal standards may eventually be
required,
wish to avoid hasty purchases they may later regret. Many
would prefer
to forego the one-time federal funding bonanza and wait for
better
voting systems to be developed under clear federal
standards.
HAVA & DOJ Enforcement
But now a new pressure is being applied to force purchase
decisions for
DRE equipment. At the time of last summer’s second
Carter-Baker
Commission, which addressed the public's eroding confidence
in our
voting systems, the U.S. Department of Justice issued a
statement
announcing that state election departments that failed to
make
arrangements for equipment upgrades effective by Jan. 1,
2006 would be
visited by Department of Justice (DOJ) investigators. Marin
County
election official Madelyn DeJusto recently said, “And when
you get a
visit from them they don’t go away.”
Hold on HAVA
Megan Matson of Mainstreet Moms Operation Blue (MOB) < [br />http://www.themmob.com ] eloquently presented her
organization’s idea
for a “Hold on HAVA” campaign, in solidarity with the
National Alliance
of County Officials (NACO). This national elections
official
organization seeks to extend the HAVA deadline for two
years. In a
recent impassioned plea to members of Congress, NACO
explained that
they have no “crystal ball” to see what equipment will be
certified.
Further, the Election Assistance Commission--the
four-person panel
charged with supervising the enactment of HAVA--is months
behind its
own deadlines for setting these standards. 2]
The “No Hearing Hearing”
Much has already been written about the peculiar nature of
today's
certification hearing http://tinyurl.com/c6g4v > The
hastily
assembled delegation of Election Division officials before
whom the
citizens spoke on Monday has no decision-making role. Those
officers do
not even have an advisory role in this certification
decision. Under
former Secretary of State Kevin Shelley, there had been a
Voting
Systems and Procedures Panel expressly charged with
advising the
Secretary of State. No longer. Those sitting in chairs on
stage Monday
were props in a show of minimal compliance with the
certification
procedure's hearing requirement. Our good citizens who
pleaded for
election integrity can only hope that perhaps Secretary
McPherson or
someone he designates may possibly read and consider any of
their
remarks before issuing a decision on Diebold certification.
California
Sen. Koretz (Dem) is the first legislator to question this
break with
previously established protocol for seriously considering
citizen
comment.
Media Coverage of Today’s Events?
Given the nearly total blackout in the mainstream press on
questions
raised by recent elections, citizen activists were
heartened to see an
unprecedented turnout by the news media for Monday's voting
system
certification hearing. Longtime Sacramento media consultant
Cress
Vellucci exclaimed, “I’ve never seen this much media show
up for this
kind of event.” TV camera crews were dispatched by two
local NPR
television affiliates and Sacramento's Channel 3. Radio
reporters from
KQED, KPFA, KPFK and a CNN affiliate recorded and conducted
interviews
during the demonstration. Writers were assigned by the AP
wire,
Stockton Press, Oakland Tribune, Sacramento Bee, and
Sacramento
Reporter.
Where’s the Media on Election Integrity?
Curiously, to date, not a single news agency of national
stature has
even mentioned the highly critical 117-page report issued
by the
Government Accountability Office (GAO) of October 12, 2005,
which
catalogs widespread electronic voting failures and warns of
continuing,
unattended security risks in the nation's voting systems.
http://tinyurl.com/bv6f6 ]
New Opportunities for Coverage
The first articles breaking the events of earlier today
have
ssidestepped the issues of Diebold voting systems'
insufficiencies and
the company's history of election law violations, choosing
instead to
feature the State's contention that the systems have the
passed the
requisite tests.
Where in the World is Bruce?
The integrity of California elections is now in the lap of
Governor
Schwarzenegger's appointed Secretary of State Bruce
McPherson (Rep). He
did not bother to descend from his upstairs office to hear
the
testimony of citizens in the auditorium. But two others
interested in
his job--State Sen. Debra Bowen (Dem) and Forrest Hill
(Grn) were both
present and keenly attentive to the Diebold hearing issues.
What’s Next Behind Closed Doors? “Good Night and Good Luck”
What’s Next will take place Behind Closed Doors: There is a
closed
meeting next week in Sacramento, to be held at the Hyatt
Regency on
November 27-28. < See, [br />http://www.ss.ca.gov/elections/elections_vst_summit.htm ]
Its stated
agenda is to discuss the conditions of certification
and “best
practices." Some of the invited officials are known to be
those who
have openly flouted election code and zealously supported
relaxed
election integrity standards. Yet, on balance, no one was
invited from
our steering committee, despite the fact that we are a
non-partisan
organization of over 25 groups across California dedicated
to election
integrity. We have been tipped off by an election insider
that we will
are blacklisted from participating in this summit. While
we would like
to believe that it is a misunderstanding only time will
tell. In the
meantime, we do have rejection letters from Bruce
McDannold of McPherson's office stating that we cannot
attend, but that
we may rest assured that our views will be represented.
Attachment 4] We wonder how Bruce McDannold can make that
assurance?
After reviewing the summit's agenda, we know that there are
three
attendees, computer scientists, who share our concerns. But
they speak
from a computer expert perspective--not ours.
We Can Do It Right!
If the Secretary of State is indeed blacklisting the CEPN,
an
organization who has demonstrated its desire, ability and
knowledge in
the discussion voting integrity, we respectfully ask for
reconsideration. Democracy is at a critical juncture: At
the November
27-28 Summit California will determine its future election
practices
for years to come, and attendance by our informed citizens
is not only
desirable, but necessary.
__________________________________________
Seven Reasons NOT to Certify Diebold
1. The GEMS Defect
Reported by BOE Harris and Dr. Herbert Thompson, and
independently
confirmed by the security consultant firm Compuware on
commission from
the state of Ohio, the GEMS Defect concerns the central
vote tabulating
database that accumulates all the precinct and absentee
votes for all
Diebold optical scan and touch-screen voting systems.
Despite
assurances by Diebold, records obtained by Black Box Voting
show that
this issue has not been resolved in either California or
Ohio, or
apparently any of the other 1,200 jurisdictions that use
Diebold. A
critical set of Compuware documents confirming this was
suppressed by
Ohio Secretary of State Ken Blackwell.
Votergate the Movie available for free download < [br />http://www.votergate.tv ] contains footage from a national
TV broadcast
of Bev Harris instructing Howard Dean how to hack GEMS and
untraceably
alter vote tallies in under two minutes. Additional
vulnerabilities
have since been found and publicized at
http://www.blackboxvoting.org.
"By successfully directing Canvas
at the GEMS
modem interface, the team was able to remotely upload,
download and
execute files with full system administrator privileges.
All that was
required was a valid phone number for the GEMS server."
--Trusted Agent Report, Diebold AccuVote-TS Voting
System,January 20,
2004
Prepared for the Maryland General Assembly by: RABA
Innovative
Solution Cell (RiSC)
2. Stuffing the Electronic Ballot Box with Diebold Memory
Cards
Finnish computer expert Harry Hursti, in cooperation with
the
elections administration of Leon County, Florida, has
demonstrated in
real-world voting conditions that executable code on the
memory cards
integral to the operation of Diebold optical scanners and
touchscreens
can be quickly manipulated to change vote counts without
detection.
Brief account:
http://www.bbvforums.org/forums/messages/1954/
5921.html?1117238594#POST6997
Full report: http://www.blackboxvoting.org/BBVreport.pdf
California's voting systems testing consultant Steve
Freeman has
confirmed that Diebold's proprietary programming language
AccuBasic
writes "report files used to configure AccuVote-OS and
AccuVote-TS
report contents and printing in precinct count mode. They
are actually
loaded into the memory cards for the AV-OS and AV-TS where
their logic
is executed.
. . . The risk occurs in the opportunity to replace the
verified file
with some other .abo file . . . or by replacing the current
code with
rewritten code performing other operations."
Commenting on Freeman's report, Black Box Voting notes
that it is
possible to insert fraudulent code onto the memory cards
that is
date-specific, so that it will pass Logic & Accuracy
testing pre- or
post-election but trigger pre-planned manipulations on
election day.
Invoking California Election Code 19202, Black Box Voting
formally
requested Secretary of State McPherson to conduct a
replication of the
Hursti memory card exploits for the Diebold touchscreen and
optical
scan systems. Six months later, California still has not
performed this
test.
3. Inauditable Absentee Ballots on Diebold Optical Scanners
Just prior to the recent statewide election, technical
experts
assigned by the Libertarian Party to inspect Diebold
systems in San
Joaquin, Marin, and Alameda counties found that in the
Diebold "central
count" optical scanners, "a critical paper audit component
is missing
for all absentee and mail-in ballots, and also for
recounts."
Diebold's central count scanners are unable to write
backup data to
memory storage, instead passing all vote counting directly
to the
notoriously insecure GEMS tabulator. No "poll tapes" or
secondary
source of data is retained, and there is no way to check
whether the
GEMS security defect was exploited without obtaining the
GEMS vote data
files. Diebold refuses to release these files.
4. The Secretary of State's Own Tech Advisors Are
Warning Against
Diebold
Below are excerpts from a technical review commissioned by
Secretary
McPherson concerning the AVVPAT printer module added to the
TSx
machines. The report, titled "Analysis of Volume Testing of
the
AccuVote TSx/AccuView" is available at
http://ss.ca.gov/elections/voting_systems/
vstaab_volume_test_report.pdf
p. 7: "... It is possible that these failures are a sign of
a large
number of other latent software defects."
"... this issue warrants further investigation before any
modified
versions of the TSx are certified."
"The fundamental barrier to analysis of these software
errors is the
lack of access to source code ... we have no way to perform
such an
independent evaluation. This is a very unsatisfying
position to be in."
p. 8: "We believe these failures constitute one of the
strongest
arguments for the State of California to take possession
of, or
otherwise arrange for unfettered access to, the full source
code and
binary executables for all electronic voting machines." ...
there is no
way to know whether the defects have been fixed
satisfactorily (as
opposed to just hidden), or whether they represent symptoms
of more
serious architectural flaws, without access to the source."
5. The Federal and State Voting System Certification
Process is
Broken
Two testing labs in Huntsville, Alabama --Ciber Labs, run
by Shawn
Southworth, and a Wyle Labs office supervised by Jim
Dearman--are
responsible for repeatedly certifying defective voting
machines that
violate Federal Election Commission (FEC) standards.
The limited functionality testing performed by these
federally
contracted "independent testing authorities" (that derive
at least a
third of their funding directly from the voting system
vendors they are
inspecting) and by California's consultant Steve Freeman,
does not test
for the known security vulnerabilities of the Diebold
voting systems,
including Dr. Herbert Thompson's VBA script attack, and
Hursti's
electronic ballot box stuffing and memory card swapping
techniques.
Diebold Software Comes with a Criminal Pedigree
6. Convicted Computer Embezzler Authored GEMS Software
Jeff Dean was Senior Vice-President of Global Election
Systems when it
was bought by Diebold in 2002. Even though he had been
convicted of 23
counts of felony theft in the first degree, Jeff Dean was
retained as
a consultant by Diebold and was largely responsible for
programming the
optical scanning software now used in most of the United
States.
http://www.scoop.co.nz/mason/stories/HL0312/S00191.htm
http://www.chuckherrin.com/HackthevoteFAQ.htm#how
http://www.blackboxvoting.org/bbv_chapter-8.pdf
Diebold consultant Jeff Dean was convicted of planting
back doors in
his software and using a "high degree of sophistication" to
evade
detection over a period of 2 years.
http://www.chuckherrin.com/HackthevoteFAQ.htm#how
http://www.blackboxvoting.org/bbv_chapter-8.pdf
DIEBOLD CONTINUES TO PERJURE AND VIOLATE ELECTION LAWS
7. Records obtained by Black Box Voting show that
Diebold
executives lied to the Arizona Secretary of State, the
Cuyahoga County
Board of Elections, and to hundreds of elections officials
throughout
the U.S. about the existence of specific defects. Most
famously of all,
Diebold lied to the State of California in 2003 about
illegally
installing uncertified voting software in all 17 counties
in which
Diebold had contracts.
http://www.ss.ca.gov/elections/ks_dre_papers/
diebold_report_april20_final.pdf
CALIFORNIA ELECTION PROTECTION NETWORK
a non partisan organization of over 25 groups across
California
coming together to achieve their mutual election integrity
goals
http://www.califelectprotect.net
Portions of this paper reprinted with acknowledegment and
links to
http://www.blackboxvoting.org
__________________________________________
Noveneber 21, 2005
The Honorable Bruce McPherson
California Secretary of
State
1500 11th Street
Sacramento, CA 95814
FAX916-653-3214
Dear Secretary McPherson:
I am writing to express my concern about the hearing to
determine
whether Diebold should be recertified. I believe that the
voters of
California are entitled to be able to choose their
representatives with
the confidence that their votes are recorded and counted
accurately. It
is the duty of the Secretary, as the chief elections
officer of the
state, to make sure that voting systems are approved in the
interests
of California, not the voting system
It has been brought to my attention that you have disbanded
the Voting
Systems Panel (VSP) a panel of advisors, which has
historically
conducted hearings on voting systems used in the state. It
is of great
concern that the VSP has been disbanded without hearings
about what
will replace it and without any type of due process.
I am respectfully requesting that you reverse your decision
to abandon
established procedures and to allow people to provide
meaningful input
on the voting systems approve for use in the state.
In light of this concern I also respectfully request you
postpone any
decisions to re-certify Diebold for use in the state.
Without adequate
public input as to whether Diebold has met all the
requirements to be
certified for use in the state, I believe that it is
premature to move
forward at this time with the re-certification.
There as still many reasons to have reservation about
making such a
hasty decision without proper input from all interested
parties.
.
It is my understanding that Diebold failed to comply with
the April 30,
2004 decertification orders and cannot permit a meaningful
recount. The
proprietary closed source code complexity, secrecy and
protection
status of the software of the Diebold system precludes and
prevents any
meaningful legal thorough forensic analysis and recount of
any election
run on Diebold equipment. There have been many numerous
litigation
filings against Diebold, and the discovery process for
forensic
examination of Diebold software is nothing but an extension
of the
basic recount procedure.
It is for these reasons that I request that you delay
recertifying
Diebold at this time.
Sincerely,
PaulKoretz
______________________________________
To: McDannold, Bruce
Subject: Request for Invitation to Voting Systems Testing
Summit
Dear Mr. McPherson and Mr. McDannold,
I am writing to request an invitation to the November
28-29 Voting Systems Testing Summit.
I am a member of the Steering Committee of the
California Election Protection Network and have been
working on Election Protecion issues since March of
2004.
I believe the Summit you are holding is a much needed
event and will be invaluable toward better informing
people of the concerns/vision/solutions regarding our
voting systems in California and most likely the
nation.
Thank you for your consideration. I look forward to
hearing back from you soon.
Sincerely,
XXXXXXX
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -
- - - - - - - - - - -
California Election Protection Network
E: Request for Invitation to Voting Systems Testing Summit
Date:
Thu, 10 Nov 2005 20:30:21 -0800
From:
"McDannold, Bruce" <bmcdanno@ss.ca.gov>
To:
<XXXXXXXXXXXXXXXXX>
Thank you for your interest in the Summit on voting system
testing. We
invited elections
officials from across the country to participate, since
this is a
Summit designed specifically
to discuss state-level testing of voting machines and to
develop a best
practices document
on that specific subject. We've had a very good response;
registrations are filling up fast
so we are having to limit attendance to those already
invited. The
panels and panelists
reflect the widest array of credible views, from outright
skeptics to
industry. Interested
parties are encouraged to contribute written documents to
the Summit to
be reviewed as
part of the final recommendations for testing to the
states. They
should send their written
input to VotingSystemComment@ss.ca.gov.
_______________________________________________________
For more information: http://www.califelectprotect.net