Buzzflash IV With Black Box Author Bev Harris
Will the 2004 Election be Stolen With Electronic Voting Machines? An Interview with Bev Harris, Who Has Done the Groundbreaking Work on This Issue.
A BUZZFLASH INTERVIEW
September 29, 2003
BUZZFLASH: Electronic voting machines, including touch-screen voting, have been touted as the salvation of a fair voting process. Your tenacious research over the last year has shown that this idea may be the Trojan Horse of voting machine reform, allowing elections to be stolen more easily than in the past. What are the basic reasons that you argue that electronic voting machines pose a threat to democracy?
BEV HARRIS: Four reasons:
1. Secrecy: What has always been a transparent process, subjected to many eyes and belonging to all of us, has very recently become secretive and proprietary. This happened when voting systems, which should be considered part of the "public commons" were turned over to private companies. These companies now assert that the process underlying the vote must be held secret from the voters.
2. Ownership: When a system that belongs to the public becomes secret, it becomes doubly important to make sure we can completely trust those who run it. Voting machine companies are not required to tell us who owns them. Two of the top six firms have been foreign-owned: Election.com, owned by the Saudis until an acquisition by Accenture recently, and Sequoia, now owned by DeLaRue (Great Britain). Three of the top six firms have owners and/or directors who represent vested interests:
-- Election Systems & Software, the largest company. Main owner is a company owned by Senator Chuck Hagel's campaign finance director, Michael McCarthy. Hagel has owned shares in both the voting company itself and in the parent company run by his campaign finance director, and Hagel was the CEO and Chairman of the voting machine company while it built the machines that counted his votes.
-- Diebold, the second largest voting machine company. CEO is Wally O'Dell, who recently visited George W. Bush at his Crawford ranch along with an elite group of Bush supporters called the "Rangers" and "Pioneers.” Days later, he penned a letter to Ohio Republicans promising to help "deliver the votes" for Bush. O'Dell sponsored a $600,000 fund raiser for Dick Cheney in July. Diebold director W.H. Timken is also a Bush Pioneer.
-- VoteHere, the company striving to get its cryptography software into all the other companies' machines (already has a contract with Sequoia), has as its Chairman a close Cheney supporter and member of the Defense Policy Board, Admiral Bill Owens. Former CIA director Robert Gates, who heads the George Bush School of Business, is also a director.
-- Voting companies also have a somewhat incestuous group of key players -- Todd Urosevich and Bob Urosevich founded ES&S, but Todd now is an executive with ES&S while Bob is president of Diebold Election Systems. Sequoia and ES&S share software and optical scan machines.
3. Disabling the safeguards: Voting systems have always had people trying to rig them, with varying degrees of success. What has changed is scale. Whereas it used to be that one had to run around bribing someone to shave the wheel on each lever machine, or collect up ballot boxes and stuff them in a trunk, nowadays a programmer can, essentially invisibly, create a back door into the vote system for millions of votes at once. Whereas vote-rigging has always required physical access before, modems and wireless communications devices now open up possibilities for remote vote rigging that no one can observe.
-- The audit trail is being taken away: An audit is simply the act of comparing two independent data sets that are supposed to match. Probably the most important understory to the voting issue right now is this: The voting industry is spending literally millions of dollars, and going through amazing feats of contorted logic that can best be described as marketing gymnastics, to convince us that we should discontinue proper auditing. They want us to eliminate the ballot which you verify, and trust the secret system instead. Even with the optical scan machines, which retain a paper ballot, some states have passed laws to prevent us from looking at the paper ballot to use it for a proper audit.
-- Incorrect programming: One thing we've never had until we got electronic vote-counting (which includes touch screens and optical scan machines), is bad software programming. A lever machine can be tampered with, but you don't have any software programming errors with it. Incorrect software programming has now been identified in over 100 elections, often flipping the race to the wrong candidate, even when the election was not close.
No one knows how many elections have actually been misprogrammed, and as we eliminate paper ballots, no one will ever know. We do know that errors as high as 25 percent are not uncommon, and software programming errors have been documented as high as 100 percent, and in one small Iowa county, a single machine miscounted by 3 million votes.
Incorrect software programming can take two possible forms: Accidental or deliberate. Either one takes away our right to have our vote counted as we cast it.
4. Secret certification and testing, which gives a passing grade to flaws -- The whole reason we are supposed to accept secret software and secret ownership is that, we're told, these systems go through extensive and rigorous certification and testing. However, this turns out not to be the case.
First of all, the certification officials refuse to say what tests they do.
No one quite knows what the certifiers’ credentials are or why they keep hiring the same guy, and we’re not allowed to ask that question.
It turns out that the states generally do not look at the secret programs at all; they simply ask some routine questions and do a "Logic & Accuracy test" that does not detect fraud, and has proven to miss huge software programming errors quite often.
We now know that the certification process is fundamentally flawed. The recent report by Scientific Applications International Inc. (SAIC) on the security of the Diebold voting system identified 328 flaws, 26 of which it deemed “critical.” The examination was ONLY done because, quite by accident, we got access to the voting program files and a report was written that exposed problems. But what this illustrates about certification is simply this: It doesn’t work!
BUZZFLASH: How could a company steal votes for one party and we would never know about it?
BEV HARRIS: Given inside access, which is available to software engineers and support techs, anything is possible. In California, according to internal memos we have obtained written by Diebold support techs and software engineers, in some elections no one looked at the software code AT ALL, except for a couple of programmers out of Canada. This is because the software that was certified and approved, and supposedly frozen and held in escrow, was replaced with different software for elections. All of the companies seem to do this: They allow their techs, and sometimes even elections officials, to replace or “update” programs, and you can’t count on these “updates” being tested by anyone. In Georgia they did this repeatedly.
Let me explain just how disturbing this is: The Diebold software that has been certified includes something called “GEMS” version 1.11.14 and also GEMS version 1.17.17. However, according to company memos, they rewrote “the guts of the program” when they made GEMS version 1.14.xx and then made even more changes, significant changes, with GEMS version 1.15.xx. (The last two numbers vary; none of these were certified.) These changes were made by programmers in Vancouver, Canada and stuck on an unprotected web site, where support techs went and retrieved them and put them on machines used in elections in California.
The story gets odder. The Canadian office, where the programmers come from, employs only a few people. Key software engineers actually come from Russia, Czechoslovakia, Poland, and Hong Kong, and often speak imperfect English and seem blissfully unaware of U.S. election law. Who knows what is in these programs? What is the background of these people? You can do anything you want to an election, if you write the commands that tell the computer what to do.
Getting into specifics requires some geek-speak, which is beyond the scope of an introduction like this. Several chapters in our soon-to-be-released book, "Black Box Voting," discuss this in more depth.
BUZZFLASH: What are the names of the manufacturers of the electronic voting machines, and which one is the biggest?
BEV HARRIS: These are the key players:
-- Election Systems & Software (ES&S) – currently
-- Diebold Election Systems – currently the fastest growing
-- Sequoia Voting Systems – Still controls a significant share of American voting machines.
-- Hart Intercivic – Like the others, their machines are not properly auditable.
-- VoteHere – This is a different kind of company. They have heavy ties to the defense industry. Their current focus is to get their encryption system into all the other manufacturers’ voting systems; their encryption concept is just another attempt to do an end run around an open transparent system with paper ballots.
-- Avante – This is a very interesting company, because it makes touch screens WITH a paper trail, and a secure ballot box is attached to every machine. Their machines have been used in Sacramento County and recently fared quite well in Connecticut.
-- AccuPoll – This is another company we should pay more attention to. It not only has touch screens with a voter verified paper ballot, but its software is also “Open source,” meaning anyone can examine it.
BUZZFLASH: You have charged that the owners of some of these companies have close connections with the Republican Party. The head of Diebold, for instance, publicly vowed to do everything possible to see that Bush wins in Ohio in 2004. Are you concerned that the Republican Party affiliation of some of these companies could result in voting results skewed toward the GOP, in short, as a result of manipulating the software?
BEV HARRIS: It’s a conflict of interest, just as having military defense contractors involved in our voting system is a conflict. “Conflict of interest” provides a motive to do something impure. Allowing secret code and combining it with conflict of interest is just playing with electoral fire.
BUZZFLASH: You have been the victim of having your website www.blackboxvoting.org shut down by Diebold. Briefly, why did they shut down your site and how were they able to do that? You refer to their use of "DMCA" to get your ISPN to clear your website. What is DMCA? What is the difference between www.blackboxvoting.org and www.blackboxvoting.com?
BEV HARRIS: The Digital Millennium Copyright Act (DMCA) laws, in the Internet world, are almost as controversial as the Patriot Act, because they tread on rights, contain draconian penalties, and can be abused in order to shut people up. What DMCA does is criminalize copyright issues. They were pushed in by the recording industry to prevent music piracy, but they have since been used for many other things.
The provision that was used against us was an abuse of the DMCA pull-down-demand- process. Using this, a company can claim they own copyright to something, write a letter to your Internet service provider (ISP), demand that the offending page be removed. The ISP must pull the page immediately or risk losing everything. These pull-downs almost always take place without a court order.
Now, in our case, Diebold didn’t even claim we had a copyrighted document on our site, they complained that we had a LINK to an unrelated site which, in turn, had LINKS to documents which they claimed copyright to. And in our case, our ISP overstepped its bounds. We do not know the extent to which it was pressured to do so by Diebold or whether there were other types of political pressure. Our ISP not only pulled the offending link, it pulled the page the link was on, then it pulled our whole site down, then it removed access to the files on our FTP site so that we couldn’t even relocate the files to another location. We have been told the site must remain down for 10 days, and we need to file a letter disputing their claim and bleed lawyer’s fees to litigate this. Fortunately, David Allen, who knows about these things, had a techie-to-techie conversation with a rep at the ISP, and they decided their attorney had been wrong and granted us access via FTP, though the site is still not up.
Now let me tell you what the Diebold didn’t want people to see: Memos leaked by an insider. It was not a Diebold page, it was an independent web site owned by someone else.
These memos show a pattern of allegedly breaking the law, starting with using uncertified software; Diebold insiders allegedly admit to doing “end runs” around the voting system, and in one of the most shocking sets of memos, they allegedly admit that a “replacement” set of vote totals was uploaded in Volusia County, Florida which took 16,022 votes away from Al Gore in Nov. 2000. The explanation for how a supposedly secure system can have replacement votes put on it, and the whereabouts of “card #3” which contained the second vote upload, are missing in action. (The votes were given back to Gore, but only because a Florida clerk noticed the tally going down and sent out an alert).
Now on the web sites: blackboxvoting.com is owned by David Allen, my publisher, with Plan Nine Publishing. It contains breaking news stories, a generous archive of articles, and commentary. I own the domain name blackboxvoting.org, but to be fair, a webmaster named Roxanne Jekot, of “Georgia hack challenge” fame, did all the work to create a very effective “self-serve” activism site, where people could go and get directly involved and post their work and set up meetings, both public and private. It is the .org site that was shut down, and I don’t know if I’ll set it up again; I don’t have the programming expertise to run it.
We are at “the tipping point” now. What brought us to this point, besides all the hard work by many people, was a kind of “drip,drip,drip” public education process, mostly using the Internet but also using radio quite a bit, and what has finally tipped things is the program files from the Diebold web site and the internal memos.
BUZZFLASH: Due to your work, states now seem to be reviewing electronic voting machines, but not necessarily doing anything about it? Is that accurate?
BEV HARRIS: We’re getting there. My skills are primarily in investigating, writing, and being a mouthpiece to get things into public attention. The set of skills for changing laws, getting injunctions, and confronting officials in an organized, systematic way is quite different. I have been eager to pass the torch, and I think we are at that point, and you will see citizens groups having a big impact in the very near future. The “Black Box Voting” book is designed to facilitate activism, because although we’ll start seeing action soon, we have a very long fight ahead of us. It’s a solid synopsis of what we know, to equip citizens to argue this issue persuasively.
BUZZFLASH: Okay, you've identified a problem that goes to the heart of how we choose our leaders in a democracy. You claim that the "salvation" of electronic voting is rife with potential for corruption? We are just over a year away from a national presidential election. Can anything be done in time to ensure an accurate vote count?
BEV HARRIS: It has to be. We should not do any more elections until we have trustworthy and fully auditable voting systems. The stakes are high and the timeline is short.
BUZZFLASH: You have described many of the relationships in the Black Box Voting industry as incestuous. Can you explain how a recent State of Maryland "investigation" into a touch-screen voting machine vendor illustrates that? [LINK]
BEV HARRIS: Yes. Check this out: The SAIC is charged with doing an “independent” investigation of the security of Diebold software. They then give us about 69 heavily redacted pages out of a 200-page report, and in this, they take whole sections of the voting system off the table for examination. Now, the SAIC has ties to the voting industry – specifically, Admiral Bill Owens is the Vice Chairman of the SAIC and he is the Chairman of VoteHere. SAIC has ties to the ITAA [LINK], and the ITAA just tried to thrust a $200,000 PR campaign on the voting industry to solve the “PR problem” caused by the Diebold revelations. And there’s more. You don’t even have time for how much more there is.
BUZZFLASH: You have a book coming out, "Black Box Voting." When is it going to be released? What does it cover? (We will be offering it as a BuzzFlash premium).
BEV HARRIS: Are you ready for this? Wednesday, Oct. 1, we will start releasing this book for free in electronic format. We know that some of the people most likely to be disenfranchised cannot afford a book, and we want the book to be available to everyone. We know that time is of the essence, and we want tools to be available to activists immediately. On Wednesday, we will release two chapters every two days in free electronic format until the book has been thoroughly propagated around the world. Then the paperback version will go to print. ([LINK], watch for the announcement at the top of the homepage)
A BUZZFLASH INTERVIEW
About BEV HARRIS: [LINK]
BuzzFlash Note: We are offering Diebold's response to Harris's charges as they appeared in a Seattle Times article [LINK]:
Diebold has steadfastly maintained that its elections machinery and software are safe. The company's position was bolstered yesterday by Maryland Gov. Robert Ehrlich Jr., who released an independent review of Diebold's touch-screen machines and said that, if properly used, they "can contribute to one of the safest, most secure election systems available."
Harris' Web site was shut down by her Internet service provider late Tuesday after a Diebold attorney said she was violating the company's copyright by posting a link to a New Zealand site that contained 15,000 pieces of Diebold e-mail.
Harris earlier removed Diebold e-mail from her site, www.blackboxvoting.org, in response to an earlier legal threat by the company. Her publisher's site, www.blackboxvoting.com, which does not contain links to the memos, was operating yesterday. Harris said she plans to put her Web site back on the Internet as soon as possible.
Harris said the e-mail supports her claims that Diebold's high-tech voting systems are subject to abuse. She said she was "stunned" the company acknowledged the authenticity of the potentially damaging documents.
Harris said she posted the memos after they were provided to her by a Diebold insider. She called the company's claim of copyright infringement "a flat-out attempt to shut somebody up. ... I still have a mouth, Diebold. Cease and desist my mouth."
A call to Diebold's public-relations department yesterday was not returned. Company spokesman Mike Jacobsen, who is on leave, was reached at his home last night. He said the memos were stolen from Diebold and the company wants them back.
Jacobsen said Harris also stole company property when she circulated numerous company files she found on an unprotected Web site. The files included source code for the company's touch-screen voting machines, which have recently been bought by election officials in Georgia, Maryland and other states.
Diebold insists its machines meet the security requirements of national and state certification and has dismissed as flawed a critical analysis by software experts from Johns Hopkins and Rice universities. (One of the study's authors later acknowledged he was on an advisory committee to Bellevue election-software company VoteHere and held VoteHere stock options.)