Book Reviews | Gordon Campbell | News Flashes | Scoop Features | Scoop Video | Strange & Bizarre | Search

 


BREAKING NEWS: Voting System Integrity Flaw


EXCLUSIVE BREAKING NEWS: Voting System Integrity Flaw

System Integrity Flaw Discovered At Diebold Election Systems

By Bev Harris, author of Black Box Voting www.blackboxvoting.com

Walk right in, sit right down. Replace vote-counting files with your own.

Feb 5, 2003: Yesterday, technicians and programmers for Diebold Election Systems, the company that supplied every single voting machine for the surprising 2002 results in the state of Georgia, the company that is preparing to convert the state of Maryland to its no-paper-trail computerized voting, admitted to a file-sharing system that amounts to a colossal security flaw.

"Technology transfer for updates!" This is among the benefits in the Diebold PowerPoint sales presentation given to the State of Georgia. Easy updating -- too easy, apparently.

In "Black Box Voting: Ballot-Tampering in the 21st Century," author Bev Harris examines the integrity of current electronic voting systems. She recently installed a Whistleblowers page at her web site ( http://www.blackboxvoting.com/whistle.html). "We've been getting about four new whistleblower reports a day," says Harris, "and some of them are quite serious." Like this:

Diebold Election Systems, which builds the AccuVote machines, both optical scan and touch-screen, was parking files on an unprotected public Internet location. Not a few files -- thousands of files; election files, hardware and software specifications, program files, voting program patches -- and sometimes, files with curious names.

Though the address is obscure, whistleblowers found the FTP site using a simple Google search. A Global Election Systems web site, located at http://www.geocities.com/Tokyo/Towers/2256/ contains a list of links like "History," "Press Releases," "Staff" and -- amazingly -- "FTP."

The FTP button gave total access to anonymous users, allowing anyone to download or upload to the motherlode. The FTP site contained no copyright statement, asked for no user name, put locks on no directories. Visitors (or vote-riggers) from anywhere in the world could simply walk in the front door. (Have a look at part of the file directory: http://www.blackboxvoting.com/WalkRightIn.html)

A person interested in tampering with an election would have to wonder why in the Sam Hill anyone would hand over what amounts to an instruction manual for vote-rigging to anyone who can navigate a Google search.

"Sometimes our customers use the FTP site to transfer their own files," explains Guy Lancaster, whose web site, http://www.guylancaster.com/guylancaster.html, says that he developed and maintains the intranet web site for Global Election Systems, now called Diebold Election Systems. "It has been up quite some years. It started when it was Global."

"People go there from counties, cities, sometimes there is stuff there for state certification boards, federal certification, a lot of test material gets passed around," Lancaster explains. Here is part of the interview between Bev Harris and Guy Lancaster on Feb. 4, 2003:

Harris: "Do you know if your FTP site has ever had a security breach?" Lancaster: "I'm trying to think, for a security breach, I think it got shut down by someone…Recently someone shut it down." Harris: "Would you know if someone came to your ftp, or replaced files at your ftp?" Lancaster: "Well, we have recently just discontinued what's considered anonymous access, so people could before, yes, but now we use a different means…" Harris: "It was available during the 2002 election?" Lancaster: "I think so."

In fact, according to "Black Box Voting" whistleblowers, Diebold Election Systems' FTP site was unprotected until around January 29, 2003. And, according to an e-mail that Harris obtained dated October 3, 2000 written by Lancaster, he expressed concern about lack of security in this file-sharing method more than two years ago.

In this e-mail, Lancaster admits that his company was allowing people to access a service over "an untrusted network," the Internet. He pointed out that the information could easily get redirected by a third party to another server. Apparently in both Election 2000 and Election 2002, Diebold / Global Election Systems had not devised any way to make the file-sharing system secure.

These files, freely shared and sometimes snagged from the FTP and e-mailed to election workers and technicians, included hardware and software specifications, election results files, the vote-counting program itself, and "replacement files" for Diebold's GEMS vote-counting system and for the Windows software underlying the system. In fact, anyone with a modem could have hunkered over a computer to download, upload or slightly change and overwrite the files on Diebold's FTP site.

Some files had simple "zip" passwords attached to them, but dozens had no protection at all. And even the passwords, Lancaster admitted in his October, 2000 e-mail, were easy to guess. "I can find no way of authenticating a PIN without revealing enough information to crack it," he says, adding that he was beginning to think it was impossible to make the system secure.

"Black Box Voting" whistleblowers voiced concerns about many of the files. Harris can't read a lick of code, but apparently computer enthusiasts have been surreptitiously downloading the Diebold files for some time now, examining them quietly. When the "Black Box Voting" whistleblower page went live recently, geek-reports began flowing.

One whistleblower called in with a terse question: "Why would we want a utility that can duplicate memory cards in optical scan voting machines? Are the cards serialized? Are they serialized internally? Is it hard-wired into the card?" Apparently something he'd read in those FTP files had gotten him all riled up about a memory card duplication utility. So Harris asked another of her sources, a voting machine engineer, about this.

"Oh no, no, no." He said. "That wouldn't meet FEC regulations!"

Another "Black Box Voting" whistleblower who had visited Diebold's FTP site wants urgently to find out if the company has an election technician named Rob. So Harris asked Guy Lancaster.

Harris: "Do you have a technician named Rob who works anywhere?" Lancaster: "There is a Rob doing some kind of West Coast sales." Harris: "Do the salespeople have access to this FTP site too?" Lancaster: "Yes, the salespeople have access to it. A lot of the purpose is to keep them up to date." Harris: So technicians, and salespeople, and counties, cities and states and election workers and all of the staff for Diebold…" Lancaster: "As needed."

Another whistleblower pointed out that one of the names on the Diebold FTP files, Kerry Martin, happens to be the same name as the poll worker who did press interviews after the flubbed Florida primary election in September 2002, when ES&S machines (Diebold's main competitor) did not operate properly.

>From the Miami Herald, Sept. 15, 2002: "When the touch screens died at Thena C. Crowder Elementary School in Miami, the precinct was closed for five hours until a troubleshooter arrived, poll worker Kerry Martin said," according to a Sept. 15 article in the Miami Herald.

>From the Sun-sentinel & The Associated Press: Sept. 10, 2002 - In a predominantly black Miami neighborhood, voting at one precinct didn't begin until 11:45 a.m., nearly five hours after polls were supposed to open. Officials said 500 people left without voting. At a nearby precinct, the touchscreen machines stopped working at 11:50 a.m. and were shut down for nearly five hours, causing more than 100 would-be voters to be turned away, election worker Kerry Martin said. So Harris asked Lancaster who Kerry Martin is.

Lancaster: "Kerry Martin, he's based in McKinney." Harris: "What is his position?" Lancaster: "I'll log in and look him up. He is an Election Support Specialist for Diebold." Harris: What does an Election Support Specialist do?" Lancaster: "Election support is mostly helping with software." Harris: "Was Kerry Martin in Florida last fall?" Lancaster: "I don't know."

So Harris called the McKinney, Texas headquarters of Diebold Election Systems and spoke with Kerry Martin.

Harris: "I have a couple questions and got your name…you are a technician, or a programmer?" Martin: "No, no, I handle the sales." Harris: "You don't do technical stuff? I've been told that you have tech files under your name on the FTP site." Martin: "I do sales and do tech support." Harris: "Were you in Florida last September?" Martin: "No, I was in Norfolk." Harris: "Don't all the programs used in these machines need to be certified? It seems that people are uploading and downloading files at this FTP site and using them in elections." Martin: "Certain hardware things and certain software things, most of them, you only are allowed to use the certified version." Harris: "Why, then, would you have files that say 'replace the files with these?'" Martin: "Replace all the files with these -- normally that could be a windows thing." Harris: "I got an e-mail that you guys have a file on your FTP that says "Replace the GEMS files with these." Martin: "Replace the GEMS files … I don't know what that would be."

GEMS is an acronym for Global Election Management System, and the GEMS files include the vote-counting program itself.

Harris: "Was there a guy named Rob working in Georgia?" Martin: "No that would be Keith Long, he's the guy who worked in Georgia."

Harris called Bob Urosevich, CEO of Diebold Election Systems (also founder of ES&S, a competing voting machine company). After her third call to ask for his comments, his assistant said Urosevich had the message. "If he wants to talk to you, he'll call you," she said. Apparently Urosevich had nothing to say about the election security glitch.

Tech-savvy citizens, however, have a lot to say about the risks of an open FTP site, and the files it contains. http://www.blackboxvoting.com/WalkRightIn.html is adding citizen comments and concerns about the Diebold security breach, and technicians continue to contribute file information to the site from Diebold's FTP files.


© Scoop Media

 
 
 
 
 
Top Scoops Headlines

 

Gordon Campbell: On The US Foreign Policy Somersaults Over Syria And Iran

Amidst the day-to-day reports about the military advances of the Islamic State fighters in Iraq and Syria, one remarkable aspect of this war has barely been mentioned. More>>

ALSO:

Daphne Lawless: The Whale Oil Leaks: Anti-Politics From Above

As we go to press, the election campaign has been turned upside down by a new book by investigative journalist Nicky Hager. Dirty Politics is based mainly on a leak of 2 gigabytes of emails and Facebook messages from “Whale Oil”, the vicious ... More>>

ALSO:

Branko Marcetic: When John Key Was Concerned About Dirty Politics

If Nicky Hager needs some support in the midst of a whirlwind of government criticism for his allegations of “dirty tricks” by the National Party, he may find one unlikely ally – John Key, six years ago. More>>

Jim Miles: Israeli War Crimes In Gaza

Israel reveals its true colours and true aspirations every time it attacks Gaza (or any other self-perceived enemy) as being the ethnic cleansing of Palestine, even to the degree - as the references above indicate - to the act of genocide. More>>

David Swanson: Top 9 Reasons To Stop Bombing Iraq

1. It's not a rescue mission. The U.S. personnel could be evacuated without the 500-pound bombs. The persecuted minorities could be supplied, moved, or their enemy dissuaded, or all three, without the 500-pound bombs or the hundreds of 'advisors' (trained ... More>>

Binoy Kampmark: Comedian’s Death: Robin Williams And The Virtues Of Suicide

The Grim Reaper never runs out of converts. Put another way, death never gets his full due. Comedians do not figure well in this – they are particularly attractive targets in the business of death. More>>

Suzan Mazur: "Oomph" & Origin Of Life At Hydrothermal Vents

The notion that life originated in hydrothermal vents was for a long time a sleepy area of scientific inquiry because the vents first found, known as 'black smokers,' were way too hot and acidic. But in 1989, Michael Russell, a British geochemist who ... More>>

Gordon Campbell: On The US Rescue Mission In Iraq

It isn’t often that unilateral US bombing raids within a foreign country can be supported, but the current US bombing campaign in northern Iraq is one such case. The fighters of the Islamic State (IS) appear to be intent on committing genocide against the Yezidis, Christians, Turkmen, Kurds and every other non-Sunni community in the region… More>>

ALSO:

Get More From Scoop

 
 
 
TEDxAuckland
 
 
 
 
Top Scoops
Search Scoop  
 
 
Powered by Vodafone
NZ independent news