Book Reviews | Gordon Campbell | News Flashes | Scoop Features | Scoop Video | Strange & Bizarre | Search

 


U.S. Election Integrity Flaw Discovered At Diebold

SYSTEM INTEGRITY FLAW DISCOVERED AT DIEBOLD ELECTION SYSTEMS


-- By Bev Harris, author of Black Box Voting
( http://www.blackboxvoting.com)

(NOTE: See an earlier version of this article here… )

Walk right in, sit right down. Replace vote-counting files with your
own.

Recently, technicians and programmers for Diebold Election Systems, the company that supplied every single voting machine for the surprising 2002 results in the state of Georgia, the company that is preparing to convert the state of Maryland to its no-paper-trail computerized voting, admitted to a file-sharing system that amounts to a colossal security flaw.

"Technology transfer for updates!" This is among the benefits in the Diebold PowerPoint sales presentation given to the State of Georgia. Easy updating -- too easy, apparently.

The files on the Diebold FTP server are sensitive. If you want to tamper with election results, you either want to change the program or change the data file. That is why the program files, which control how the votes are tabulated, and the data files, which contain the actual vote count, should not be available for swapping back and forth like recipes on a cookbook site.

In "Black Box Voting: Ballot-Tampering in the 21st Century," I am examining the integrity of current electronic voting systems, and in connection with this I installed a Whistleblowers page at the Black Box Voting web site ( http://www.blackboxvoting.com/whistle.html). We've been getting about four new reports a day, and some of them are quite serious. Like this:

Diebold Election Systems, which builds the AccuVote machines, both optical scan and touch-screen, has been parking files on an unprotected public Internet location. Thousands of files were available: election files, hardware and software specifications, program files, voting program patches.

Though the address is obscure, people found the FTP site using a simple Google search. A Global Election Systems web site, located at http://www.geocities.com/Tokyo/Towers/2256/ (Now Dead..) contains a list of links like "History," "Press Releases," "Staff" and -- amazingly -- "FTP."

The FTP button gave total access to anonymous users, allowing anyone to download and apparently, upload to the server. The FTP site contained no copyright statement, asked for no user name, put locks on no directories. Visitors from anywhere in the world could simply walk in the front door. (Have a look at part of the file directory: http://www.blackboxvoting.com/WalkRightIn.html)

"Sometimes our customers use the FTP site to transfer their own files," explains Guy Lancaster, whose web site, http://www.guylancaster.com/guylancaster.html, says that he developed and maintained the intranet web site for Global Election Systems, now called Diebold Election Systems. "It has been up quite some years. It started when it was Global."

"People go there from counties, cities, sometimes there is stuff there for state certification boards, federal certification, a lot of test material gets passed around," Lancaster explains. Here is part of my interview with Guy Lancaster on Feb. 4, 2003:

Harris: "Do you know if your FTP site has ever had a security breach?" Lancaster: "I'm trying to think, for a security breach, I think it got shut down by someone…Recently someone shut it down." Harris: "Would you know if someone came to your FTP, or replaced files at your FTP?" Lancaster: "Well, we have recently just discontinued what's considered anonymous access, so people could before, yes, but now we use a different means…" Harris: "It was available during the 2002 election?" Lancaster: "I think so."

In fact, Diebold Election Systems' FTP site was unprotected as recently as January 29, 2003. And, according to an e-mail that I obtained dated October 3, 2000 written by Lancaster, ( http://www.mail-archive.com/cryptography-digest@senator-bedfellow.mit.edu/msg04030.html ) he expressed concern about lack of security in this file-sharing method more than two years ago. Even computer guys, apparently, don't always connect the wires: Lancaster talked with colleagues about his company's security issues using an open listserve forum that anyone can read.

In this e-mail, Lancaster admits that his company was allowing people to access a service over "an untrusted network," the Internet. He pointed out that the information could easily get redirected by a third party to another server. Apparently in both Election 2000 and Election 2002, Diebold / Global Election Systems had not devised any way to make the file-sharing system secure.

I wondered how easy it might be to download a file, alter it, and upload it. Apparently that idea hadn't occurred to Lancaster, who ran the site. "The site is just a means for transferring stuff between people," he said. I called James Rellinger, the independent contractor who built the Georgia computer network for Diebold. "It's part of the interoffice transfer of files as they are being worked on…That FTP server is like a garage or workbench," said Rellinger.

The AccuVote files, freely shared and sometimes snagged from the FTP and e-mailed to election workers and technicians, included hardware and software specifications, election results files, the vote-counting program itself, and "replacement files" for Diebold's GEMS vote-counting system and for the Windows software underlying the system. In fact, anyone with a modem could have hunkered over a computer to download, upload or slightly change and overwrite the files on Diebold's FTP site.

While not all of us use words like "FTP" and "program patch" around the house, the high tech community instantly understood the implications of this kind of file swapping.

"The ability to install patches or new software that wasn't certified has many risks, including the introduction of new bugs and more opportunities for tampering. It is even more risky if different patches can be installed at the last minute in particular jurisdictions," says David Dill, professor of computer science at Stanford University.

"This opens the possibility of customized tampering by people who know exactly which races they want to affect, or bugs that are even less likely to be caught because they only occur in a small number of locations," says Dill. "Of course, even if the certified code is frozen, it is easy to think of ways that undetectable back-doors could be installed in the software so that someone at the election site could choose the winner of the election." Dill has put out an urgent call for voting machine reform ( http://verify.stanford.edu/evote.html), recently endorsed by 115 leading computer scientists. (Here's the list: http://verify.stanford.edu/dill/EVOTE/endorsements.html)

Some files at Diebold's FTP site had simple "zip" passwords attached to them, but dozens had no protection at all. And even the passwords, Lancaster admitted in his October, 2000 e-mail, were easy to guess. "I can find no way of authenticating a PIN without revealing enough information to crack it," he says, adding that he was beginning to think it was impossible to make the system secure.

Sources familiar with the site voiced concerns about many of the files. Unfortunately, I can't read a lick of code, but apparently computer enthusiasts have been surreptitiously downloading the Diebold files and examining them quietly. When the "Black Box Voting" whistleblower page wentlive recently, geek-reports began flowing.

One source who had seen the hardware manual called in with a terse question: "Why would we want a utility that can duplicate memory cards in optical scan voting machines? Are the cards serialized? Are they serialized internally? Is it hard-wired into the card?" Apparently something he'd read in those FTP files had gotten him all riled up about a memory card duplication utility.

According to a source familiar with Windows security issues, file names on the Diebold FTP site indicate that some AccuVote software runs on the Windows 95/98 platform. "No one who is seriously concerned about security would run an application on that platform," says David Allen, an accredited Microsoft systems engineer. Even Microsoft recommends using other platforms when security is at issue.

Our attention was drawn to a curiously named file named rob-georgia. Our first thought was that a Georgia technician must be named Rob. I asked various Diebold employees if anyone named Rob works at the company. Lancaster thought there might be a salesman in California with that name. A Diebold employee named Kerry Martin told me that there was no technician in Georgia named Rob.

Another source pointed out that one of the names on the Diebold FTP files, Kerry Martin, happens to be the same name as the poll worker who did press interviews after the flubbed Florida primary election in September 2002, when ES&S machines (Diebold's main competitor) did not operate properly.

So I spoke with Kerry Martin at Diebold's McKinney, Texas site. He initially denied being a technician, telling me he was in sales, but when I asked him about the folders named "Kerry Martin" on the FTP site, he admitted that he also does technical support. Martin said he was in Norfolk Virginia, not Florida, last September, and I have so far been unable to locate the poll worker named Kerry Martin in Florida.

Some of the folders named "Kerry Martin" have files in them that say things like "Replace GEMS files with these." So I asked Martin about program patches:

Harris: "Don't all the programs used in these machines need to be certified? It seems that people are uploading and downloading files at this FTP site and using them in elections." Martin: "Certain hardware things and certain software things, most of them, you only are allowed to use the certified version." Harris: "Why, then, would you have files that say 'replace the files with these?'" Martin: "Replace all the files with these -- normally that could be a Windows thing." Harris: "…you guys have a file on your FTP that says "Replace the GEMS files with these." Martin: "Replace the GEMS files … I don't know what that would be."

Well, GEMS is the main program. It stands for Global Election Management Systems, and it contains the vote-counting program itself. I called Bob Urosevich, CEO of Diebold Election Systems (also founder of ES&S, a competing voting machine company). After my third call to ask for his comments, his assistant said Urosevich had the message. "If he wants to talk to you, he'll call you," she said. Apparently Urosevich had nothing to say about the election security glitch.

Tech-savvy citizens, however, have a lot to say about the risks of an open FTP site, and the files it contains.

One thing is certain: No matter what our political affiliation, no matter which issues we support, we are unanimous on the fact that voting must be at the heart of a democratic system. And to achieve that, our vote-counting program must be trustworthy.

****************

© Bev Harris

(Bev Harris is the author of "Black Box Voting: Ballot-Tampering in the 21st Century." www.blackboxvoting.com This article is copyright by Bev Harris, but permission is granted for reprint in print, email, or web media so long as this credit is attached.)


© Scoop Media

 
 
 
 
 
Top Scoops Headlines

 

Valerie Morse: Key And NZ Police At G20: What A Contribution

While 200 New Zealand police officers are helping to repress protests outside of the G20 in Brisbane this week, John Key has been inside pushing the interests of giant multinational corporations to fast track the World Trade Organization (WTO) ... More>>

ALSO:

Gabriela Coutiño: Ayotzinapa Caravan Meets With EZLN In Oventic

In their visit to Zapatista Territory, parents of the 43 students disappeared from Ayotzinapa Guerrero, agreed with the Zapatista National Liberation Army (EZLN), to articulate a national grassroots movement that would question forced disappearances ... More>>

Ramzy Baroud: Talk Of A Third Intifada: Where To From Here, Palestine?

When a journalist tries to do a historian’s job, the outcome can be quite interesting. Using history as a side note in a brief news report or political analysis oftentimes does more harm than good. More>>

ALSO:

David Swanson: Who Says Ferguson Can't End Well

Just as a police officer in a heightened state of panic surrounded by the comfort of impunity will shoot an innocent person, the Governor of Missouri has declared a state of emergency preemptively, thus justifying violence in response to something ... More>>

Melanie Duval-Smith: Homeless Is Where The Heart Is

So, you are not allowed to feed the homeless on the streets of Florida. Last week, a 90 year old man and two Christian ministers were arrested for doing just that. I can hear the cries of the right wingers from here. “Not in our back yard”, ... More>>

John Chuckman: What We Truly Learned From the Great War and the Absurdity of Remembrance Day

No matter what high-blown claims the politicians make each year on Remembrance Day, The Great War was essentially a fight between two branches of a single royal family over the balance of power on the continent of Europe, British foreign policy holding ... More>>

Redress Information: A European Call To Suspend EU-Israel Association Agreement

More than 300 political parties, trade unions and campaign groups have called on the European Union to suspend its “association agreement” with Israel. The agreement, which came into force in 2000, facilitates largely unrestricted trade with Israel ... More>>

Ramzy Baroud: The Age Of TV Jokers: Arab Media On The Brink

As I was finalizing my research for this article, I found myself browsing through a heap of hilarious videos by mostly Egyptian TV show hosts Tawfiq Okasha and Amr Adeeb. More>>

Get More From Scoop

 
 
 
 
 
 
 
Top Scoops
Search Scoop  
 
 
Powered by Vodafone
NZ independent news