Home About us Comments Webmaster Links Books To Read Movies Archives Shop
BLACK BOX VOTING
-----------------------------------------------------------------------------------------------------------------
04-03-06Please
forward to your local elections officials:
Credible first-hand reports have been received from multiple states
recently that Diebold is making unannounced visits to counties, sometimes
when the elections supervisor is out of town. Diebold has prevailed
on assistants and managed to gain access to the voting equipment.
Elections employees have reported to Black Box Voting that their questions
to Diebold are not being answered to their satisfaction.
HERE IS WHAT TO LOOK FOR AND WHY IT IS IMPORTANT:
1. Program changes: Watch very carefully whether Diebold puts a
card into your machine and boots it up. Alert your staff to be on the
lookout for this. By inserting one card, either the operating system or
the voting software can be altered. Inserting two cards can change both.
Such changes can hide evidence of the kind of security vulnerabilities
found by Harri Hursti and Security Innovation Inc. in Emery County, Utah.
However, replacing the operating system and programs does not ensure
the integrity of your machines, since the security vulnerabilities found
appear to be able to survive overwriting both the operating system and
the programs.
2. Swapping out equipment or components: We have credible reports that
Diebold has been swapped out motherboards in multiple counties. We have
less firm reports that Diebold has made reference to repartitioning memory
and/or other adjustments. Either swapping the motherboard or repartitioning
could obscure evidence of programming that shouldn't be there, and/or
introduce new vulnerabilities to your system.
3. Swapping or recording serial numbers. The Diebold serial numbers do
not appear to be burned into the machine/motherboard itself, but are simply
affixed with a plate that can be swapped.
You should, immediately, photograph each of your machines' serial numbers.
Diebold denies that they have sold used equipment. However, a recent
response from Deborah Seiler, the former Diebold sales rep who is now
Elections Registrar for Solano County, California, gives a perception that
someone is not being forthcoming.
Solano County used the Diebold TSx for one election and then rejected the
system. Seiler, who took office shortly after Solano rejected the Diebold
equipment, has reportedly responded to a public records request for Solano
County TSx serial numbers by claiing that they were given back to Diebold
and that Solano County no longer has them.
Diebold's odd explanation in Utah, that there were perhaps Chinese or Asian
fonts on touch-screens delivered to Utah, would be consistent with selling
machines from California. There were some 800 to 900 TSx machines,
apparently, rejected by Solano County.
Black Box Voting encourages all recipients of "new" Diebold TSx
machines
to log serial numbers immediately, photograph or videotape them, and do so
before Diebold arrives to visit your machines if at all possible.
REQUIRE A SPECIFIC WRITTEN WORK ORDER
This is your right and responsibility as a public official. Do not allow anyone
to intimidate you.
It would be a good idea to take the keys to the voting machine storage
facility with you when you are not in the office. Advise your staff not to
allow Diebold to access your machines without your presence.
If Diebold comes to visit your machines, you are advised to tape record,
videotape, and have several witnesses present to observe exactly what they do.
Better yet, tell them you need a WRITTEN WORK ORDER specifying what they
will be doing in detail before you authorize it, and stand over them to observe
during any access to any part of your system. If the work order will involved
putting in cards and booting up the system, before Diebold is allowed to place
any card in the machine, take a photograph of each screen, including the first
screen with the OS and B/L number at the top. Bear in mind that in the past,
some Diebold changes kept the reported number the same.
Diebold is a private company. As soon as you take delivery on your system, you
have the responsibility to be in control of it at all times. You are under no
obligation
to allow a vendor access (even if your state has mandated that you take these
machines).
The upcoming security report, along with the testimony of Wyle Labs at the
California Senate Elections Committee hearing last week, provide clear
indications
as to why preservation of your system AS IT WAS DELIVERED TO YOU should
remain "as is" until there is an opportunity to have the appropriate
authorities
replicate the new security report.
* * * * *
Black Box Voting is a nonpartisan, nonprofit 501c(3) organization focused on
protecting the fairness and accuracy of elections.
We are supported entirely by citizen donations. If you wish to donate to support
efforts like the security testing in Leon County and Emery County, you can do so
by clicking: http://www.blackboxvoting.org/donate.html
or by mail:
Black Box Voting
330 SW 43rd St Suite K
PMB 547
Renton WA 98055Black Box Voting
03-20-06 Please
forward to your lists and blogs, must include link to http://www.blackboxvoting.org.
Now would be an excellent time to express your support
for Bruce Funk with a letter or email, to demonstrate to
county officials that he has the support of the nation.
Bruce C. Funk - Clerk/Auditor
Fax: (435) 381-5183
95 East Main
Castle Dale, Emery County
Utah 84513
funk@co.emery.ut.us
Emery County Clerk Bruce Funk has been running elections for 23 years.
He was quite content with his optical scan system. The state of Utah thought
otherwise: On Dec. 27, Funk took delivery on 40 Diebold TSx touch-screen
machines, part of a statewide directive.
"I had concerns about Diebold," says Funk, "but I thought, 'If
the state is going
to mandate it, then I guess they'll assume responsibility if anything goes
wrong.'"
Not so. He soon learned that he will be responsible but the state will decide
what election system will count the votes.
"YOU'RE GOING TO HATE MY GUTS ON ELECTION DAY"
Funk's concerns escalated when he heard a particularly unusual statement
by Diebold sales rep Dana LaTour.
"Some of you are going to hate my guts on Election Day," she said to
the
assembly of elections officials. Later, another Diebold representative named
Drew was asked what LaTour meant when she said "Some of you are going
to hate my guts..."
"We're going to have problems on Election Day, and we're just going to have
to
work through them," he said.
FAILURES RIGHT OUT OF THE GATE
Shortly after Funk received his "brand new" TSx machines, Diebold
helped him
do acceptance testing. Two of the 40 machines promptly failed the test. Diebold
arranged to take them away.
The remaining machines showed several defects -- crooked paper feeds that jam,
memory card bay doors that wouldn't close, parts getting stuck, coming loose,
falling off.
TAKING A CLOSER LOOK
Funk thought it might be a good idea to take a closer inventory.
He booted each machine up to check the battery. Some of the machines were
marked with little yellow dots, and he got to wondering about that, too. He
studied
the screen messages, and noticed something very odd.
Most machines had about 25 MB of memory available, but some had only 7 MB of
free memory left. One had only 4 MB of available memory. For perspective, the
backup election file generated by the Diebold TSx is about 7.9 MB. Now why would
brand new voting machines have used-up memory?
TIME TO GET A MORE IN DEPTH EVALUATION
This prompted Funk to seek an evaluation. He asked Black Box Voting to help
him analyze his voting system.
After several consultations, Black Box Voting determined that the nature of the
problems in Emery County might be systemic and might be national in scope.
Therefore, we arranged for and underwrote the services of Harri Hursti and
also Security Innovation, Inc.
Neither Funk nor Black Box Voting were prepared for the depth and breadth of the
problems discovered. Based on these discoveries we will begin with a series of
articles followed by concise, but more formal reports.
PART I
Hursti quickly determined the three most likely causes of the low memory
problem:
1. There might be completely different software in the machines with low memory.
2. Some machines might contain different external data
3. Or, some of the machines might have been delivered with natively different
amounts of memory available.
Hursti approached issue #2 first. If the used memory was due to external data or
archived election files stored on the system, he reasoned, removing any such
files
would clear the memory. He discovered that some of the machines did contain test
election data, and he deleted the extra data. This produced only a small
improvement
in available memory, however.
As for issue #1, different programs on the machines -- or, the existence of
something
stored in memory which is hidden, such a find would obviously be disturbing.
Issue #3, the possibility that some machines had different amounts of memory
left in
their life cycle, is particularly troubling. The technology choice Diebold made
-- memory
storage consisting of flash memory, which is known to degrade over time --
carries
with it a possibility that used machines will be near the end of their memory
life cycle.
If such machines were delivered to Emery County as "new," this would
be like buying
a "new" car with 100,000 miles already on it.
The only thing that was known about the cause of this problem was that there
were
different amounts of memory. The reason remained to be discovered. In the course
of
evaluating the reason for the low memory, we learned much more about the TSx.
IS THERE AN INFRA-RED PORT FOR REMOTE COMMUNICATIONS?
Hursti also examined the remote communications capabilities of this system. He
found
no infra-red (IrDA) ports.
"The whole thing here is that it's network aware even when RAS is not
running. You're
not dialing out and it's network aware. And it's actually configured to use an
Ethernet board..
.It's all the time network aware...Perhaps all you need is this Ethernet cord
and a wireless
cord inserted and off you go."
Of course, the software would need to be installed for this kind of
communications.
Unfortunately, we could find no way for elections officials to find out whether
inappropriate
software is in the touch-screen.
"I haven't asked any 'pins' (Personal ID Number). It hasn't been hostile to
me at all.
It's a very friendly guy," Hursti reports.
Hursti made a number of observations about the touch-screen, and connected it to
his laptop for further "conversation."
In the interest of brevity, we will return to this issue in a later article in
this series.
A "SHOCKING" DISCOVERY
It's common for polling places to have too few outlets for a bank of voting
machines.
The normal cure is to set up hook the computers up in a daisy-chain
configuration, with
one plug to the wall, and the rest of the plugs linking voting machines
together.
Diebold's output plug falls out readily, exposing live 110 volt wall outlet
power on
bare wires.
This happened on every TSx we tested, and presents a significant safety hazard
for
poll workers, especially the elderly. According to Hursti, the electrocution
might only
result in a burned hand, and probably wouldn't be fatal.
This is a design flaw worthy of a general recall for standard consumer and
office electronics.
DIEBOLD: DOWN FOR THE COUNT?
While analyzing the memory storage problem, Hursti discovered a critical
security
hole in the foundation of the touch-screen. Then he found another in the
"lobby,"
and another on the "first floor." Taken together, these present a
potentially catastrophic
security hole.
These are not programming errors, but architectural design decisions.
Black Box Voting is turning the "road map" of the most dangerous
security findings
over to the proper authorities. We won't let anybody sit on this for very long
because
elections are looming and elections officials need to know what to do now.
A concise and more formal report will be released in a few weeks, and this will
discuss the procedures for preparing a recovery path for these security holes.
TWO THINGS WE HAVE LEARNED ALREADY:
1. Source code reviews alone are NOT sufficient. Access to fully functional
systems MUST accompany source code reviews.
2. Honest election officials and citizens again take the lead in learning the
truth
about voting machines. We ask for maximum public support for Bruce Funk, who
showed courage and commitment to responsible elections. The important and
effective work of Utah voting integrity advocates Kathy Dopp
(http://www.uscountvotes.org) and
Jocelyn Strait should be applauded by fellow
activists. They have played an important role to inspire this study in Utah,
which may
in turn assist with efforts in many other states.
* * * * *
Black Box Voting is a nonpartisan, nonprofit 501c(3) organization dedicated to
investigating issues of election accuracy and fairness.
Conducting testing like this carries a particularly staggering expense load for
a small nonprofit. If you wish to support these efforts, and more like them, you
can donate by:
clicking http://www.blackboxvoting.org/donate.html
or mail check to:
Black Box Voting
330 SW 43rd St. Suite K
PMB 547
Renton WA 98055
02-20-06 Please
take action and forward to your contacts.
This has national implications. For the first time ever, we have the
opportunity to subpoena key voting industry witnesses to get them under oath in
front of a senate hearing to investigate what the Sam Hill they were doing when
they created and recommended tamper-friendly voting systems.
We're sure by now you're aware that Calif. did an about face and certified
Diebold's entire line of products -- hackable touch screens, hackable optical
scanners, and extremely hackable GEMS tabulators -- despite 100% public
opposition and numerous attacks proving the sytems' fatal flaws and
insecurities.
But this isn't just California. Get these people under oath in California, and
you get them questioned for the whole nation.
Everything is at stake.
We are putting some very important phone numbers and emails here along with
simple instructions for what we all need to do.
We have everything to lose if we don't all take a few simple steps immediately.
EVERY STATE is experiencing issues with secret, privatized voting equipment
examined by mysterious private contractors who won't answer any questions at all
about what they do.
Here is the most efficient, easiest strategy to counteract shoving illegal and
insecure systems that we never asked for down our throats. This action is the
culmination of years of hard-core work by Black Box Voting and others. JUST DO
IT.
Here are the simple, painless suggestions. See below for why they are so
important.
This comes down to only FIVE emails, FIVE faxes, FIVE calls.
Do you have one good excuse for not being able to make five contacts? On
second thought-- don't think one up. Just do it, please.
Remember; your tax dollars are paying not only for this equipment, but for the
voting machine examiners who refused to answer any
questions in last week's Calif. Senate Elections Committee hearing.
WHAT'S DIFFERENT ABOUT THIS CALL TO ACTION:
1) All we need is three out of five senators.
2) All five are interested and willing to listen
3) This is the FIRST time Black Box Voting has issued a call to action.
We believe grass roots calls to action lose their punch when overused. We have
waited until now because, like the Black Box Voting Hursti project, we know THIS
effort is highly strategic and can create real change, quickly.
WHO TO CONTACT:
California Senate Rules Committee. Only they have the power to authorize
subpoenas.
WHY DO WE NEED SUBPOENAS?
Key voting industry witnesses, including all federal testing lab personnel,
chickened out of Calif. Senate Election Committee's Feb. 16 hearing on how this
stuff got certified in the first place. They don't want to answer questions.
Subpoenas will legally compel them to show up so they can be questioned under
oath. Black Box Voting believes that perjury will follow. A plan is in the wings
for what to do if/when key witnesses perjure themselves.
By the way, documents can also be subpoenad - like the NONDISCLOSURE AGREEMENTS
signed by voting system examiners, which reportedly have prevented them from
telling what they know. And like the documents requested under Calif. public
record law by the Senate Elections Committee which the current secretary of
state -- in violation of the law -- has failed to answer or provide.
HERE IS THE CONTACT LIST FOR THE FIVE RULES COMMITTEE MEMBERS:
Urge support for subpoenas of election industry and certification insiders.
(Among those who chickened out of testimony on Feb. 16: Diebold, ES&S,
Sequoia and Hart Intercivic; Ciber labs, Wyle labs, and voting system
examiners).
IT'S ONLY 5 EMAILS/FAXES/CALLS. MAKE THEM ALL.
Senator Don Perata (Chair) D
(916) 651-4009
District office (510) 286-1333
Senator.Perata@sen.ca.gov
Fax (510) 286-3885 Perata
Senator Jim Battin (Vice-Chair) R
(916) 651-4037
Jim.Battin@sen.ca.gov
Fax: (951) 653-9524 Battin
Senator Roy Ashburn R
(916) 651-4018
senator.ashburn@sen.ca.gov
Fax: (661) 323-0446 Ashburn
Senator Debra Bowen D - She is on the rules committee and
is also the chairperson of the Senate Elections Committee.
EMAIL ONLY
Debra@debrabowen.com -
(Ms. Bowen is mounting this case and will be busy preparing,
emails are welcomed-- See below*)
Fax (310) 318-6733 Bowen
Senator Gilbert Cedillo D
(916) 651-4022
Fax (916) 327-8817 Cedillo
This is about volume of calls logged, emails sent.
Make the contacts and make sure this goes out to your list.
~~~~~~~~~~~~~~~~~
WHAT TO SAY:
Be concise, be polite, be professional. Here's your message:
You want Rules Committee support for subpoenas of election industry and
certification insiders to answer the Elections Committee's questions about
voting machine programming, examination and certification.
A sample letter is provided below in this email.
That's it. Short and simple. Polite, professional, firm. Short clear message.
~~~~~~~~~~~~~~~~~
WHO ARE THE KEY WITNESSES?
Diebold head programmers, federal testing labs (Ciber, Wyle) that repeatedly
certified flawed systems, voting system examiners who took taxpayer money, spent
hours on so-called "security exams" on systems a 12-year old can
hack, repeatedly recommending for certification.
BACKGROUND
The Calif. Secretary of State's office decided to certify Diebold -- again --
despite the new UC Berkeley report.
QUOTES FROM THE LATEST REPORT, COMMISSIONED BY THE STATE
OF CALIFORNIA:
"Harri Hursti's attack does work: Mr. Hursti's attack on the AV-OS (Optical
scanner)is definitely real. He was indeed able to change the election results by
doing nothing more than modifying the contents of a memory card. He needed
no passwords, no cryptographic keys, and no access to any other part of the
voting system, including the GEMS election management server."
-- (Comment from Black Box Voting: Note that Diebold has lied repeatedly
to election officials and secretaries of state about this. We have videotape and
documents from Diebold documenting this posted at our Web site) --
...and:
"Interpreted code is contrary to standards: Interpreted code in general is
prohibited by the 2002 FEC Voluntary Voting System Standards, and also by the
successor standard, the EAC's Voluntary Voting System Guidelines due to take
effect in two years. In order for the Diebold software architecture to be in
compliance, it would appear that either the AccuBasic language and
interpreter have to be removed, or the standard will have to be changed."
-- (Comment from Black Box Voting: Note that California can only run software
certified by the Federal ITA process, by state law. The "Berkeley
team" is saying flat-out that such certification was not done correctly. It
follows that the entire Diebold product line should be illegal under state law.)
~~~~~~~~~~~~~~~~
WHAT'S ALL THIS ABOUT KEY WITNESSES CHICKENING OUT?
The Feb. 16 California Senate Elections Committee hearing on certification was
hit with no-shows by ALL FOUR major vendors (Diebold, ES&S, Sequoia and Hart
Intercivic). Representatives from Wyle and Ciber testing labs also declined to
appear. The Secretary of State's office is now "legally
late" on a series of public records requests made by California Elections
Committee Chairperson Debra Bowen.
Sen. Bowen has to get permission from the California Senate Rules Committee to
have subpoenas issued.
Only three of the Rules Committee Senators are needed to invoke port subpoenas.
~~~~~~~~~~~~~~~~~
SAMPLE LETTER
Senator ____,
California Senate Election Committee
Dear Senator ____,
I urge you to take a courageous stand to issue port subpeonas to
key representatives and officials from Diebold, ES&S, Sequoia and Hart
Intercivic, as well as Wyle and Ciber Testing Labs and state voting system
examiners who fail to appear for your hearings on this matter.
I also urge you to subpoena documents as needed, including the non-
disclosure agreements signed between examiners and vendors, and
all other documents needed to assess the integrity of the certification
process.
Voters must be able to ensure that voting systems are secure from tampering,
either by outsiders or by insiders. If the citizenry cannot see for itself that
elections are secure, that our votes are being counted as we cast them, it is
only a matter of time before the very fabric of our nation is torn to pieces.
Flawed, hackable systems have been approved that violate FEC guidelines.
Some of these systems are so deeply flawed that they defy common sense.
It is imperative that the elections industry insiders who were party to the
design,
examination and recommendation of these systems appear before California's
Senate Election Committee in open hearings under oath to answer questions
and address these serious concerns.
Sincerely,
[name]
~~~~~~~~~~~~~~~~~~
FROM CALIF. SENATE ELECTIONS COMMITTEE CHAIRPERSON BOWEN:
"We are going to need an enormous amount of people power in the next couple
of weeks. Together we can change this whole pathetic mess. Let's
stand up for our democracy RIGHT NOW."
"Email is great because it is easy for us to log and report -- and we can
actually prove how many emails we've received!"
"Please email me in support of issuing subpoenas rather than calling
you will save my staff a great deal of time logging calls, and you know what
kind work we have to do right now. You can always call and fax
later!"
Debra Bowen
~~~~~~~~~~~~~~~~~~~
THANKS EVERYONE, IN ADVANCE, FOR MAKING FIVE EXTREMELY IMPORTANT CONTACTS FOR
DEMOCRACY.
Thanks to M.S. English for collaborating with Black Box Voting to craft this
message quickly and effectively. Her Web site is recommended for those who want
to get up to speed on the history of the voting machine issue:
http://www.whoscounting.net
Recommend the Chapters on "Technology" and "The Companies"
as a Primer.
For more information, see the free online chapters of Black Box Voting:
Available in .pdf format on the home page at http://www.blackboxvoting.org
(scroll down, look in right hand column)
~~~~~~~~~~~~~~~~~~~
HERE ARE MORE LINKS YOU MAY FIND OF INTEREST:
Here is a copy of the Diebold GEMS program. Thirty million votes will be counted
on GEMS in the brutal battle for control of congress in 2006. Be your own
"federal testing lab" -- see for yourself:
http://www.bbvforums.org/forums/messages/2197/10519.html
(Is this not ridiculous? You could teach a pigeon to hack the audit log. Your
12-year-old sister and all her giggly friends can change
administrative passwords and election results.)
Details: The true scariness of the Herbert Thompson GEMS hack: With Visual Basic
script, a one-minute access by anyone -- even years ahead of time -- can implant
a trojan horse. Thompson's script demonstrated May 2 in Leon County, Florida was
able to make "intelligent guesses" to find names and ballot questions
and then manipulate them.
http://www.bbvforums.org/forums/messages/1954/19304.html?1140298038#POST17506
Article: Key Witnesses chickening out on hearing:
http://www.bbvforums.org/forums/messages/2197/10519.html
More extensive article on Calif. certification issues:
http://www.bbvforums.org/forums/messages/1954/19353.html
Voting system examiners blocked from telling what they know:
http://www.bbvforums.org/forums/messages/1954/17717.html
Electronic voting machines: Who cooked this turkey?
http://www.bbvforums.org/forums/messages/1954/14337.html
~~~~~~~~~~~~~~~~~~~
IF YOU WANT TO DO MORE:
Now comes gathering evidence in the form of public records.
Black Box Voting will work with any who volunteer to send customized public
records request letters. We will help you learn the ropes, will suggest
strategic records to start collecting NOW to protect Election 2006.
This year, it is all about mentoring individuals to regain their power as
citizens. It takes no more effort to write a public records letter than to write
your congressman -- but when you write for public records, you end up with
something tangible: Evidence.
To participate in the 2006 Election Cleanup Crew, email crew@blackboxvoting.org.
Please allow a few days to respond, due to
our heavy schedules -- this is a one-on-one, personalized project, and we are so
very proud of the many citizens who are stepping up to the plate.
We are quietly developing leaders in "cells" throughout the country,
helping citizens learn the skills to oversee their own government.
~~~~~~~~~~~~~~~~~~~
Black Box Voting is a nonpartisan, nonprofit 501c(3) organization that is
teaching citizens how to take back oversight of our own
electoral process.
We do not accept funding from any vendor or anyone associated with any
corporation that stands to benefit from electronic voting.
We are funded solely by citizen donations.
Our expenditures right now are dedicated to further work with Hursti and
specific one-on-one empowerment and training of local
citizens, mentoring how to take effective action to collect evidence that will
help protect Election 2006.
We need to make sure we can survive into the 2008 presidential election cycle.
If you believe our work is important and should continue, here's how:
To donate by credit card: http://www.blackboxvoting.org/donate.html
To donate by check:
Black Box Voting
330 SW 43rd St Suite K
PMB 547
Renton WA 98055
-Black Box Voting
02-01-06 Permission
granted to copy, distribute, reprint, or cite if you include the link http://www.blackboxvoting.org
and credit source.
Voting system examiners in several states have reportedly been prohibited from
revealing voting system flaws to the public due to nondisclosure agreements they
signed with the vendors.
With the future of democracy is at stake, just what agreements were signed by
examiners like Steve Freeman (CA), Brit Williams
(GA, MD, VA), Paul Craft (FL), Doug Jones (IA), and David Jefferson (CA)?
Black Box Voting has learned that vendors have been requiring nondisclosures to
block release of information of critical importance to the public. Secretaries
of state have failed to protect their voting system examiners, reportedly
requiring administrative rules that prevent proper analysis and evaluation of
voting systems by state examiners.
Black Box Voting has filed public records requests to obtain all nondisclosure
agreements signed by Paul Craft, David Drury, David Jefferson, Steve Freeman,
Doug Jones, Brit Williams, Merle King, and Michael Shamos.
We have already obtained one of the Diebold nondisclosure requirements. Diebold
attempts to block everything that should be revealed -- even if the contractor
is served with a subpoena or court order!
BLACK BOX VOTING IS INVESTIGATING THE FOLLOWING ISSUES:
1) Whether voting system examiners have been provided with indemnification.
Failure to provide indemnification allows the vendor to sue the examiner for
damages if the examiner happens to discover or expose something harmful to the
vendor.
2) Whether voting system examiners were protected by their secretaries of state.
It appears that secretaries of state have left it to the scientists who examine
voting software to negotiate their own terms of engagement with vendors. Some
scientists, who understandably are not experts in intellectual property law,
have signed the agreements provided by vendor attorneys. These agreements can
later prove to be unduly restrictive, preventing the examiner from revealing
what he knows even to the secretary of state.
3) Whether state voting system examiners were prohibited from examining the
testing reports provided by Ciber and Wyle, the federal testing labs. Documents
provided to Black Box Voting by Joan Quinn, a citizen in Sacramento, Calif.,
indicate that California examiner Steve Freeman may not have had access to key
portions of the federal testing reports when examining voting systems for the
state of California.
4) Whether examiners were prohibited from examining the source code and/or
testing the equipment themselves.
5) Whether examiners were prohibited from asking the vendors follow up questions
by rules or administrative procedures .
6) Whether examiners were ever prohibited by rules or administrative procedures
from communicating with others on voting system panels or certification boards
during deliberations over certification recommendations, or during/after voting
system examinations.
7) Whether examiners are ever allowed to examine escrowed information -- source
code and/or "penetration analysis"?
Black Box Voting has requested copies of the rules, escrow procedures, and any
indemnifications, nondisclosures or administrative procedures that apply to the
certification, examination and deliberation process in Florida, Pennsylvania,
Georgia, California, and Iowa.
PLEASE DO NOT LIMIT THESE IIMPORTANT INQUIRIES TO BBV EFFORTS
- Citizens are urged to gather evidence independently of Black Box Voting,
through Freedom of Information and public records requests, to determine exactly
what procedures, nondisclosures, restrictions, rules and guidelines are in place
for each state's voting system examiners and certifiers.
- State senators and legislators, especially in the above-named states, are
urged to launch formal hearings, with subpoena power
and witnesses under oath, to investigate exactly what restrictions were placed
on voting machine examiners by vendors and secretaries of state.
ANOTHER BREAKDOWN IN VOTER PROTECTION
Bruce Sims of San Diego, Calif. caught this problem:
According to 1990 FEC standards section 5.3, "Access Control", voting
machine manufacturers are required to provide federal testing labs with a
"penetration analysis" (hacking analysis). Did Diebold, Sequoia and
ES&S provide this to testing labs?
If so, why didn't the labs identify the massive Diebold holes exploited by a
Finnish security expert in the 2005 Black Box Voting "Harri Hursti"
projects, and by Dr. Herbert Thompson and Black Box Voting with the Diebold GEMS
central tabulator, and by Jeremiah Akin with the Sequoia WinEDS central
tabulator?
"All software (including firmware) for all voting systems SHALL incorporate
measures to prevent ... unauthorized operations by ANY PERSON. Unauthorized
operations include, but are not limited to: MODIFICATION OF COMPILED OR
INTERPRETED CODE..."
This is exactly the "unauthorized operation" that Hursti performed in
Leon County on May 26 and Dec 13 2005 in the Black Box Voting projects.
Thompson's Visual Basic GEMS hack was also an "unauthorized operation"
of the code, and the alterations in the Sequoia WinEDS code demonstrated by
Jeremiah Akin are also "unauthorized operations."
When public officials and vendors explain to you that these hacks are not
relevant because they require inside access, note that this FEC requirement
applies to both outsiders and INSIDERS.
DID THE VENDOR EVER SUPPLY ACCURATE "PENETRATION ANALYSES?"
"The vendor shall provide a penetration analysis," the standards say.
Setting aside for the moment the sheer stupidity of relying only on a
profit-seeking vendors assessment of their own product weaknesses, the Diebold
memos show that Diebold knew that its customized AccuBasic code could be altered
to "do just about anything." Therefore, unless Diebold identified this
in the "penetration analysis" it was supposed to provide to the labs,
it was out of compliance with FEC guidelines.
==============
From: Guy Lancaster
Date: Thu, 18 Nov 1999
"The 1.94w firmware does not keep a checksum on the Accu-Basic report
program stored on the memory card. It sounds like that area has been corrupted
on these but without a checksum, the Accu-Vote doesn't recognize the fact and
report the error..."
From: On Behalf Of Steve Knecht
Sent: Tuesday, February 05, 2002 9:54 AM
Subject: AccuVote Tapes Results Report
> could we get an AccuBasic Report Option that just printed out the label and
the ballots cast by precinct only for the zero and election night report...
Reply: "We can do just about anything."
==============
So, Diebold knew that the AccuVote results reports could be programmed to
"do just about anything" and Diebold also knew that "firmware
does not keep a checksum on the Accu-Basic report program stored on the memory
card."
Did Diebold include this KNOWN information in its "penetration
analysis"?
If so, why are the testing labs (Ciber and Wyle) still in the business of
examining elections software?
If not, why is Diebold still in the elections business?
Not only is the memory card exploit findable and documented in the public record
(at least since 2003 when the Diebold memos were released), but another
"unauthorized operation," the use of a Visual Basic script to hack the
GEMS central tabulator, has been widely known for years. The use of the MS
Access database to perform unauthorized functions was publicly revealed by Black
Box Voting in July 2003, but was documented by Diebold programmers back in Oct.
2001.
Aside from the memory card problems, were the GEMS penetration points documented
in the penetration test sent by Diebold to testing labs?
REGARDLESS, WHY DIDN'T STATE AND INDEPENDENT EXAMINERS IDENTIFY THE PROBLEMS AND
SPEAK UP?
Public records obtained by Joan Quinn reveal that California voting system
examiner Steve Freeman did a five-hour "security examination" of GEMS
after the exploit holes were documented publicly by Black Box Voting -- yet he
recommended certification of the system, even after a critical protective
measure for GEMS hacking was stripped out of the Diebold central counting
system.
What is in his report on this? Black Box Voting has requested a copy, but due to
the bizzaro-world nondisclosures, we believe we may be turned down for
"security" reasons (even though it was Black Box Voting that first
publicly identified the GEMS defects, on July 8, 2003!).
FEC standards:
"Such penetration analysis will be subject to strict confidentiality and
non-disclosure by the test authority. For security reasons, the penetration
analysis shall not be routinely distributed to the jurisdictions that program
elections. The penetration analysis, however, will be part of the escrow
deposit."
HOW MANY SECRETARIES OF STATE HAVE VIOLATED THEIR OWN STATE ELECTION LAWS?
Many states have election laws that state something similar to this:
"systems be safe from 'fraud or manipulation'."
Let us examine for a moment the responsibility of secretaries of state under
their own legal responsibility to ensure that their voting system is "safe
from fraud or manipulation."
- If the FEC standards requires that the ITA-examined and vendor-supplied
"penetration analysis" be submitted into escrow, does the secretary of
state have a duty to examine the penetration analysis?
- If a secretary of state authorizes a state examiner to look at the system,
does the secretary of state have a duty to enable said examiner to conduct an
unfettered examination, review federal testing lab reports, including vendor's
"penetration analysis" and any testing lab comments on it?
- If so, does the secretary of state have an obligation to obtain the report of
his own state examiner?
WHY WOULD A SECRETARY OF STATE HAVE THE CONTRACTOR NEGOTIATE/SIGN THE NDA WITH
THE VENDOR, RATHER THAN THE SEC. STATE'S OFFICE?
If a nondisclosure is used at all, would not the correct party for the
nondisclosure agreement (NDA) be the secretary of state, with the sec. state
then invoking his own NDA on the state examiner?
In other words, it seems that a strange breach of duty may have occurred in
locations where state examiners were forced into NDAs directly with vendors.
Because the Secretary of State has a fiduciary duty to the taxpayers to ensure
that voting systems are safe from manipulation, the examiner must be given free
rein to disclose any and all findings with the secretary of state.
Thus, any NDA should be between the secretary of state and the vendor, with an
employment or consultant's agreement executed between the secretary of state and
the examiner. It is the secretary of state's duty to protect his own examiner
from retaliation from the vendor.
Instead, it appears, the secretaries of state have stepped aside, have failed to
provide examiners with the materials and access to the voting system reasonably
required to perform an examination, have apparently failed to provide examiners
with access to the
penetration analysis, have failed to protect examiners from legal retaliation by
the vendor, and therefore have failed to obtain the necessary information to
"ensure that the system is safe from manipulation."
# # # # #
-Black Box Voting is a nonpartisan, nonprofit 501c(3) elections
watchdog group supported entirely by citizen donations.
To support our work, go to
http://www.blackboxvoting.org/donate.html
or mail to
330 SW 43rd St Suite K PMB 547 Renton WA 98055
-Black Box Voting
01-26-06 PERMISSION
TO REPRINT GRANTED, WITH LINK TO http://www.blackboxvoting.org
Convicted of 23 felonies for computer crimes, Jeffrey Dean was sent to prison
for four years. Shortly after his release from incarceration, his company was
awarded one of the largest ballot printing contracts in history.
In a 2003 deposition, Dean states that he was a scapegoat who was left holding
the bag in a series of unapproved payments from Culp, Guterson & Grader, one
of the most politically connected law firms in Washington state.
One of this firm's partners at the time was Egil "Bud" Krogh, who
headed the White House "plumbers" unit under Richard Nixon. Krogh
ordered the burglary of Pentagon Papers whistleblower Daniel Ellsberg.
Dean claimed that other persons from the firm were involved in a scheme, and
upon discovery of illicit payments (averaging $14,000/month) he was made to take
the blame. Krogh was a partner at Culp Guterson & Grader during the time
period that Dean was receiving illicit payments of approximately $15,000 per
month.
Like Jeffrey Dean, Krogh did time in prison -- four months for Watergate-related
crimes. He was disbarred, but after a fight
from a Culp Guterson & Grader attorney, his credentials were restored. At
the time, the firm was called "Culp Dwyer Guterson & Grader."
'He [Krogh] was hired on the merits of his character, intelligence and skills as
a lawyer,'' said William L. Dwyer, the firm's senior partner, who had
represented Mr. Krogh in his disbarment fight. Dwyer became a U.S. district
judge.
DEAN BECOMES A BALLOT PRINTER
Shortly after Jeffrey Dean was released from prison a company owned by his wife
(but run by Jeffrey Dean) was awarded one
of the largest ballot-printing contracts in history, with King County,
Washington. In SEC documents, this company (Spectrum Print & Mail Ltd.)
lists assets located in the Seattle area, British Columbia, San Francisco and in
the Norwalk (CA) location that houses the Los Angeles County Elections Division.
DEAN DEVELOPS COMPUTERIZED ELECTION SYSTEMS
According to depositions taken in 2003, Jeffrey Dean programmed the ballot
sorting software used to process incoming and outgoing mail-in ballots; he also
developed the Vote Remote software used to track and authenticate mail-in
ballots.
Key logs from King County Elections show that Jeffrey Dean was given intimate
access to the GEMS server (Diebold central tabulating software); internal memos
from Diebold refer to an ongoing consulting arrangement with Dean, and document
that he had management involvement in the touch-screens, the 1.96 version of the
optical scan, the votercard encoder and the Windows CE operating system used in
Diebold voting machines. In addition, during recent litigation Dean called Peter
G. Martin as a witness, indicating that he had worked closely with Martin, who
programmed the new upcoming High Speed Central Count system.
RECENT DEVELOPMENTS WITH THE DEAN FAMILY
Black Box Voting has learned that Jeffrey Dean and his wife Deborah have
recently been ordered into Chapter 7 bankruptcy by a trustee who become fed up
with their "gamesmanship" in recent attempts to obstruct discovery of
their assets.
A 25 YEAR HISTORY OF TROUBLE
Jeffrey Dean has a 25-year history of financial problems, tax liens and
litigation, going back to a company he formed while working for Boeing. Though
he refers to this company in recent depositions as "Astec," its real
name was Advanced Systems Technology, Inc., a company run by Dean and partner
Michael C. Redman. Dean represents that this company did aircraft design, and
says that he sold it to Raleigh-Durham Aviation in 1980. Legal documents show
that he had a $700,000 tax lien imposed on him in connection with the
"failed business" in 1984, and several creditors filed civil suits
against him in 1979 and 1980.
By 1982, Dean was a contractor for Culp, Guterson & Grader. Assets began
accumulating under his wife's names. When Dean divorced his first wife and
married wife #2, Lorimay, she began accumulating real estate under an entity
called "JAL Investments Inc." This entity and its real estate was
transferred to Dean's third wife, Deborah M. [Pederson] Dean.
These efforts failed when it was revealed that over $180,000 of inappropriately
received funds were spent on Deborah Dean's house, and that Deborah had been
cashing checks as large as $10,000 at a time from the illicit funds.
Although she was involved in litigation over restitution issues, Deborah Dean
was not prosecuted in the thefts from Culp, Guterson
& Grader.
Jeffrey Dean entered an Alford Plea admitting to 23 felony counts, and was
ordered to appear at the Shelton Correctional facility to begin his
incarceration. Instead, he failed to show up and went to Oregon, where he
apparently lived under a different name. Bench warrants were issued and he went
to prison.
Meanwhile, wife Deborah began "Spectrum Print & Mail Ltd."
According to depositions, this firm was mostly delivering newspapers to contract
deals like the Washington ferries.
Shortly after Jeffrey Dean got out of prison, however, Spectrum Print & Mail
got into ballot printing and designing software for elections.
This ballot printing plant, using software Dean claims to have developed,
handles ballot printing and mail-ballot processing for counties like King County
(WA) and Los Angeles County, Fresno County, San Diego County, Alameda County
(CA), and for the state of Georgia and many other locations.
The Deans were rewarded for Jeffrey Dean's ballot printing and election software
programming work in a $4 million buyout by
Global Election Systems shortly before election 2000. The Deans became the
largest stockholders of Global Election Systems, and Jeffrey Dean took a
position on the board of directors.
In January 2002, Diebold Inc. purchased Global Election Systems. Oddly, in a
2003 deposition, Jeffrey Dean claims that his contact with Global was always Pat
Green -- but Green is a Diebold employee, not a Global Election Systems
employee. Yet Diebold claims it hasn't worked with Jeffrey Dean.
The Dean's ballot printing company was acquired by Diebold in the Global
Election Systems acquisition.
WHY ARE WE DOING THIS?
The Vote Remote software and the absentee ballot processing software developed
by Jeffrey Dean was never submitted for
certification, has not been examined by anyone, and due to technicalities in the
certification regulations, is not subject to certification. Several counties
have recently announced plans to force voters into all mail-in voting, including
King County, Jeffrey Dean's first elections client.
Exactly what Jeffrey Dean was doing to the GEMS database program, what
"oversight" he was providing to the touch-screen
technology purchased by Diebold, and what expertise he provided for the
votercard encoder, the optical scan 1.96 series, and the
upcoming High Speed Central Count are not publicly known at this time.
DIEBOLD CLAIMS MERIT FURTHER SCRUTINY
Diebold claims that it did not work with Jeffrey Dean after acquiring Global
Election Systems in 2002. However, the Dean depositions reveal that in May and
June 2002, during the time the "rob-georgia" patch was created,
Jeffrey Dean was called back to do consulting for Diebold. The Deans have been
accused of obstructiveness and evasion by attorneys seeking to recover funds in
a pending bankruptcy case. Specifically, when asked to identify monies paid by
or due from Diebold Election Systems, they omitted answers.
YA'LL COME BACK NOW: DOCUMENTATION GOING UP SHORTLY
Depositions, documents, and supporting documentation will be posted on the Black
Box Voting Web site this week. These documents include depositions, bankruptcy
papers, criminal court records, SEC documents and civil litigation records.
Jeffrey Dean prison records:
http://www.bbvforums.org/forums/messages/2197/14323.html
by Black Box Voting investigators Bev Harris, Kathleen Wynne, and Jim March,
with assistance from Black Box Voting members Pat Vesely and John Howard.
NEW Citizen research & investigations section now available:
http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/17141/17141.html
(you must register and log in to use this)
-----------------------------------------
Black Box Voting is a nonprofit, nonpartisan 501c(3) elections group, supported
entirely by small citizen donations.
This story required the skills of our research staff, along with expenses for
two trips to Canada to review Canadian public records. There appears to be even
more to this story, and it is unraveling through our Canadian contacts. ;
If you believe Black Box Voting is doing important work, you may show your
support here:
http://www.blackboxvoting.org/donate.html
or mailing to:
330 SW 43rd St Suite K
PMB 547
Renton WA 98055
-Black Box Voting
01-22-05 (Permission
to reprint and distribute granted)
BBV just uploaded the biggest stash of documents yet! We have also created
resources to help you prepare for and monitor the
2006 Election.
During Election 2004, we did not have the infrastructure to handle the huge
influx of tips and leads coming in from citizens. This time, we have more
resources and we are preparing already! The following resources will help you
get started NOW to watchdog Election 2006:
1. New online members-only research and investigation area. You can upload your
documents, ask for help from other citizens to look at them, get personalized
coaching on how to investigate the integrity of your local election, and see
thousands of pages of documents that have not been released to the public, and
thousands more that have.
To visit this new area and see what's there already, go here:
http://www.bbvforums.org/cgi-bin/forums/discus.cgi
This is your workspace area. Log in (or register if you are a first-timer). When
you register, you will be able to see and use the
"Work Area: Citizen Investigations & Research " (members only) The
direct link to it is here:
http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/17141/17141.html
The direct link to register is here:
http://www.bbvforums.org/cgi-bin/forums/board-profile.cgi?action=register
2. Online coaching and mentoring for election activists: The truth is, the
amount of knowledge expected of voting activists is intimidating. We decided to
make being an activist much easier: You can just log on and ask for the
information YOU need. For example, a recent question we had was "I'm
meeting with my secretary of state, how can I prepare and what should I
say?"
Here's the guidance he received. His secretary of state decided to delay
purchasing voting machines, for now.
http://www.bbvforums.org/forums/messages/73/15514.html
Here is the direct link to the 1-on-1 consultation area:
http://www.bbvforums.org/forums/messages/73/73.html
This way, you don't have to learn it all at once. Just ask for what you need,
and we'll try to help you. If you have expertise, come
here and help others.
3. We have launched a triple protection program for Election 2006. As you know,
Black Box Voting focuses on empowering YOU, the voter, to take action. It isn't
always easy to know what to do, and the truth is, writing letters or passing
legislation won't help Election 2006 very much -- it's already late for that. So
what can you do?
First, Black Box Voting will not organize you, control you, monitor you or take
credit for your achievements. We will not tell you what to do, but we will
mentor and provide resources and expertise to help you take charge.
There are three things you can do that will make a real difference. In fact, if
even a handful of people take these strategies to heart it will make a
tremendous difference. The emphasis must be on gathering evidence. Evidence
consists of documents, public records, videotapes, and tape recordings.
Collecting evidence needs to start NOW, not two days before the election.
Each month, Black Box Voting is providing specific ideas for how to gather
evidence with documents and videotape.
This month, we are asking you to do a public records request to get the
expenditures of your local elections division. After you receive this document,
we are asking you to make a list of every entity that received a payment. This
information is important evidence, and provides clues about what to watch out
for in your area.
For example, citizens in DuPage County, Illinois have learned that their
elections board paid $30,000 to a Republican propaganda
specialist.
Here is a link to that story:
http://www.bbvforums.org/forums/messages/1954/15764.html
Here is a link to how to request the records:
http://www.bbvforums.org/forums/messages/6/17103.html
This will get you started on collecting documents. There are many kinds of
records requests you can ask for. We'll give you more suggestions as time goes
on.
Here is an interview with Armen Yousoufian, a citizen who was awarded $300,000
in punitive damages when his local county obstructed his records requests. He
fought back, and made public records history.
http://www.bbvforums.org/forums/messages/9954/9932.html
A second way to get documents sounds a bit more comical. However, do take a look
at the kinds of documents that can be obtained by "waste archeology"
(retrieving documents destined for premature demise in the trash):
In Pinellas County Florida, a citizen named Leonard Schmiege found shredded,
filled out absentee ballots in the trash. Here is an interview with Leonard:
http://www.bbvforums.org/forums/messages/9954/10019.html
Here are tips for "waste archeology":
http://www.bbvforums.org/forums/messages/6/17095.html
And more:
http://www.bbvforums.org/forums/messages/6/17105.html
Another way to get important evidence is to videotape. Telling someone what
happened doesn't get much done, no matter how dramatic the infraction was. Don't
leave home without your camcorder!
Here are tips for using your camcorder to protect Election 2006:
http://www.bbvforums.org/forums/messages/6/15733.html
Here is how you can get started this month:
http://www.bbvforums.org/forums/messages/6/17104.html
WHAT WILL THIS EVIDENCE BE USED FOR?
- Most important, it will help you foresee problems in time to do something to
protect your election.
- Also, we find that many elections officials run a tighter ship when they know
people are paying attention. Start now, continue all year, and you'll put into
action those wise words: "The price of democracy is everlasting
vigilance."
- If you uncover problems, your evidence will help the media take you seriously
and, if necessary, the prosecutors take action. Your evidence can help
candidates get recounts and poor election officials get recalled.
Take action. There are 10,000 elections jurisdictions in the United States, and
no group, coalition, or congressman can do what ordinary citizens everywhere
can: Oversee your own elections!
We're here to help, mentor, and provide resources should you need it.
=================================
Black Box Voting is fighting for your right as a citizen to oversee your own
elections.
We are a nonpartisan nonprofit group sustained entirely by small citizen
donations. Because federal elections take place only every two years, our fund
raising challenges are somewhat daunting -- but we've made it so far, and our
work has truly made a great difference!
If you wish to have an organization like us available to help watchdog
elections, donations make that happen. To donate, click here:
http://www.blackboxvoting.org/donate.html
or mail to:
Black Box Voting
330 SW 43rd St. Suite K
PMB 547
Renton WA 98055Black Box Voting
01-05-06
Permission to reprint granted, with link to http://www.blackboxvoting.org
Hold on to your lugnuts, ES&S and Sequoia may risk Hursti-style hack
Dec. 13, 2005: Harri Hursti performs devastating hack in Leon County Florida
with Diebold optical scan system, proving he could control votes by manipulating
a credit-card-sized memory card..
Jan. 3, 2006: Information received pointing to similar vulnerabilities in the
ES&S and Sequoia "Optech" optical scan machines.
In an exclusive interview by BBV investigator Jim March with Dr. Douglas Jones,
University of Iowa associate professor and a former voting machine examiner for
the state of Iowa, it was learned that one of the most widely-used voting
machines over the last 15 years may suffer from design flaws broadly similar to
Diebold's version 1.94 and 1.96 optical scan system.
The first problem is that memory chip contents can be modified with easy to
obtain reprogramming devices, in ways that could enable Hursti-style hacking.
The second problem is that Sequoia and ES&S have been able to force their
way into intimate access to the mechanics of democracy. The electronic ballot
controls were maintained exclusively by the vendors at the vendor's headquarters
rather than by county election staff.
Diebold took over total control of elections in counties that allowed it.
ES&S and Sequoia didn't give them a choice because of the system's design.
This effectively removed county officials from their proper oversight role.
ORIGINS OF THE OPTECH MACHINE
Two of the four major voting machine companies have been using an identical
machine, the Optech, originally produced by Business Records Corp (BRC).
BRC was the largest voting machine company in America when ES&S purchased it
in 1997. The SEC objected on anti-trust grounds, and in the resulting decision,
allowed ES&S to purchase BRC, splitting the Optech scanners up between
ES&S (service contracts for existing machines) and Sequoia Voting Systems
(sales of new machines).
Although now being phased out, Optechs have been used for 15 years without a
peep from the federal testing labs, and without the public ever being told of
their vulnerabilities, nor of the vendor's extraordinary level of control over
local elections.
SYSTEM DESIGN
According to Dr. Jones, the Optech machines are precinct optical scanners
originally developed in the late 1980s. They reflect the technology of that
period. They are broadly similar to the Global/Diebold optical scanners designed
around the same time: These voting machines store votes on removable electronic
memory devices and print out an "end of day ticker tape" on paper
similar to a cash register tape, providing a precinct total of votes for each
candidate and issue.
The Optech machines don't use a credit card-sized memory card - rather, they use
a memory pack about the size of a pack of cigarettes.
This cigarette pack-sized device plugs into the body of the scanner with a
proprietary connection. The memory pack provides three things:
- A chip ("ROM" memory) which is difficult to modify outside of a
factory and contains the programming for the machine ("firmware")
- An "EPROM" chip which is easier to modify (more on that to follow)
containing the ballot layout and precinct information
- Battery-powered memory chips to hold the vote totals
THE GOOD NEWS
As Dr. Jones points out, there's one advantage to this pack design. Honest
election officials can separate the scanner body from the pack and send the
large bulky scanner out to the field (precinct) days or weeks ahead of the
election. Tampering with scanners that are missing the pack isn't really
possible (other than to simply vandalize it) because the "brains"
aren't present to tamper with. It's the "memory pack" that needs to be
held in strict security. The memory pack can later be hand-carried to the
precinct by a group of poll workers and plugged into the scanner on election
morning.
THE BAD NEWS
One reason the Hursti hack in Leon County resulted in a failure is that
Diebold's memory device holding the votes and critical programs is both
read-write (tamperable) and reader/writer devices like the Crop Scanner are
available commercially to alter the cards.
The ES&S/Sequoia memory pack has a funky connector. It should be even more
secure, right? Not exactly.
JIM'S RIG-A-VOTE RECIPE
1. Unscrew the top of the pack.
The most critical chip holding the ballot/candidate/precinct layouts is sitting
right there in an easy-access socket.
2. Find a chip burner. Once the chip is out with a screwdriver, you can find
alteration devices (chip burner) for that chip even more easily that you can
find the Crop Scanner.
Tip for finding a read/write device: The chips is called an "EPROM" -
Electrically Programmable Read Only Memory .
Here are some examples:
http://www.stag.co.uk/products/EEprom_programmer.htm
http://www.action2k.com/topmax.htm
http://www.elettronicaceleste.com/celeste/programmatore_eeprom/sp280_uk.htm
3. Put the chip in the chip burner device connected to a PC and read the
contents. Edit at will using your PC.
4. Peel the sticker off the back of the EPROM, exposing a glass window. This
makes the actual silicon surface visible through the glass. It's a neat looking
critter, shiny and with lots of tiny circuits that geeks will love.
5. Put the chip in a tiny mouse-sized tanning booth. No, we're not kidding -
exposure to UV light for 25 minutes erases EPROMs. (Warning: We do not recommend
putting in an actual mouse unless you can find very small sunglasses for him.)
PICTURE: http://testequip.com//sale/used/pictures/HES2152.jpg
6. Put the sticker back on the chip's glass window and put it into the chip
burner connected to the PC, and download your tampered code from your PC back to
the chip.
7. Put the chip back into the "pack" and you're done.
We have no reason to think that the security of the chip's contents is any
better than in the Diebold environment. While this needs testing, it appears
that hacking could cause all votes to be switched between any two candidates
simply by altering the chip data.
Dr. Jones suggests the possibility of causing a minor party candidate's votes to
go to a major party candidate, in addition to the major party candidate's proper
votes. This would have the "benefit" of harming a small parties,
possibly denying them ballot access. Each major party has at least one smaller
party that tends to take a small chunk out of them - the Democrats always lose a
few candidates to the Greens, the GOP loses a few to the Libertarians. Each
major party would like to see their smaller more radical cousin go away, and
that sort of hacking could do it.
THE WORSE NEWS
While moderately advanced hackers should be able to alter the contents of these
packs fairly easily, county election officials can't. Therefore, by design, the
memory cards need to be programmed inside the vendor's corporate headquarters.
WILL THEY DO IT CORRECTLY?
Well let's see: ES&S was partially owned by now-Senator Chuck Hagel at the
time Hagel won his first major political victory to get into congress. Hagel's
victory in the primary was so stunning that it made national news. According to
CNN's "All Politics," Hagel hoped he could make lightening strike
twice by winning the big prize - and he did. He defeated popular Democratic
Governor Ben Nelson who led in the polls since the opening gun in what the
Washington Post called "The major Republican upset in the
November [1996] election." (more: http://www.blackboxvoting.org/BBV_chapter-3.pdf)
Louisiana state elections chief Jerry Fowler was convicted on felony charges of
taking bribes from Sequoia officials for system purchase decisions - one of
Sequoia's key people, Phil Foster, was indicted but the charges were dropped
after a judge concluded that his immunized grand jury testimony couldn't be used
against him. (more: http://www.blackboxvoting.org/BBV_chapter-8.pdf)
So, is turning over the very foundation of Democracy to ES&S and Sequoia a
good idea? We think not.
CONCLUSION
Nobody at the Federal or state testing labs seems to think like a hacker and
tries to find ways to defeat these things. For that matter, nobody is paying
attention to the basic ethics of the situation. No one ever asked the American
citizens whether we choose to remain a Constitutional Republic versus a
Corporate Republic.
Black Box Voting would like to do a "test hack" on the Optech with the
blessing of public officials in any jurisdiction. Because these machines are not
HAVA compliant, they are being phased out. We ask your help in facilitating this
opportunity.
"There is only one force in the nation that can be depended upon to keep
the government pure and the governors honest, and that is the people themselves.
They alone, if well informed, are capable of preventing the corruption of power,
and of restoring the nation to its rightful course if it should go astray. They
alone are the safest depository of the ultimate powers of government."
-- Thomas Jefferson - END
-------------------------------------------------------------------------------------
-Black Box Voting is a nonpartisan, nonprofit 501c(3) elections watchdog group
supported entirely by citizen donations.
To support our work, go to
http://www.blackboxvoting.org/donate.html
or mail to
330 SW 43rd St Suite K PMB 547 Renton WA 98055Black Box Voting
12-31-05 This Is A Very Important Post From Bev At Blackbox Voting .org She Needs Everyone's Help NOW...Please Take The Time To Read It And Pass It On To Everyone You Know. The Voting Machine You Stop Could Be In Your Home Town, Or On It's Way To Your Town. We Need To Take Back Our Voting System From Private Corporations Before The Next Election!
(Permission to forward and reprint granted, with link to http://www.blackboxvoting.org)
You might be the one to help us crack this
case.
At issue: A YES-NO question: Do Diebold touch-screens have a problem similar to
that identified in the Black Box Voting project in Leon County, Florida -- the
devastating hack of the Diebold optical scan system. Just a YES-NO question.
Black Box Voting has now obtained certain NEW specific information indicating
that the answer with the touch-screens will be "YES." One of our
researchers has identified an interpreter, which appears to be specifically
prohibited by 2002 FEC standards, inside a Diebold touchscreen system.
What is needed now is to confirm this finding with a "pedigreed"
Diebold touch-screen system - ie., one to which we are given legitimate access
with one of our publicly known experts. We will have to show that what our
protected source has found is also present in a system delivered by Diebold for
use in actual elections. This cannot be a stolen system, a specially souped-up
system (i.e. one that Diebold chooses), or a system used without authorization
of its custodians.
Please immediately make contact with those you know to see if you can facilitate
a quick YES-NO examination of an official Diebold touch-screen voting system
anywhere in the United States or Canada. We know what we're looking for. We know
where it is. We simply need to confirm that it is ALSO in one of the systems
delivered to public officials.
Note that in July, Diebold sent "threat" letters to its customers,
warning them not to allow examination of their systems. However, in December
Black Box Voting was shown to be correct when we alleged that there was
executable code and an interpreter in the optical scan machines/memory cards.
Diebold lied, under oath and in writing, to secretaries of state and purchasing
officials about this. Now, the entire Diebold product line has been called into
question, and we believe our findings will soon spill over into other vendors'
products as well.
Following our demonstration in Leon County, Florida, California refused to
certify Diebold. Pennsylvania has now refused to certify Diebold. Diebold has
now been dropped from counties in Florida and Missouri. Diebold has refused to
give its source code to North Carolina, most likely due to the NC requirement
that allows POLITICAL PARTIES to examine the source code, which would risk
revealing the problems exposed by the Black Box Voting projects conducted with
Harri Hursti and others.
If you may be able to help with this project, please call Bev at (206) 335-7747
or Kathleen at
206-354-5723 or the main office at (425) 793-1030 or send to bev@blackboxvoting.org.
Telephone or send an overnight letter (sent by Fed X but not U.S. Post Office,
to 330 SW 43rd
St Suite K PMB 547 Renton WA 98055) The contents of our e-mail was penetrated by
an
outsider in late November in connection with confidential plans for upcoming
testing,
so we do not recommend that you contact us by e-mail for this particular
endeavor.
The sooner the better. It is important to roll back use of ANY MACHINES WITH
PROHIBITED CODE well in advance of the 2006 elections, in order to allow
local jurisdictions to make other plans.
------------------------------------------------------
Black Box Voting is a nonpartisan, nonprofit 501c(3) elections watchdog group.
This organization is not affiliated in any way with any political party or any
vendor. The direct costs for the research in Leon County approached $100,000.
This work required very heavy international legal and travel expenditures.
Without your important support, these achievements could not have taken place.
We're at the tipping point, but we don't think it's a great idea to stop now.
Right? Keep the momentum going.
To donate:
http://www.blackboxvoting.org/donate.html
or mail to:
Black Box Voting
330 SW 43rd St. Suite K
PMB 547
Renton WA 98055
The formal Volusia County report, which led directly to Black Box Voting
producing the Herbert Thompson and Harri Hursti studies, will be released in
January 2006. New Volusia County documents are appearing in the Black Box Voting
document archives this week and for the next two weeks.
It is Black Box Voting that brought the voting integrity issue into mainstream
media. Original research by Black Box Voting and its founder, Bev Harris, has
now been covered by ABC, NBC, CBS, MSNBC, CNN, and Fox TV national news, as well
as by the New York Times, Time Magazine, The Associated Press, Reuters, USA
Today, Scripps Howard news service, the Washington Post, and many other major
news outlets in the U.S. and Europe. This media coverage is putting unstoppable
pressure on public officials to face up to the voting machine issue.
Black Box Voting has now uncovered over 137 sources within ES&S, Sequoia and
Hart Intercivic. We are beginning to release some of the technical and
procedural information we are learning about these vendors. Visit the FORUMS at http://www.blackboxvoting.org,
where we are doing small informal releases of information
on various vendors' voting products every few days.
We are becoming increasingly interested in finding out more about the Eagle
Op-Tech machines used by ES&S and Sequoia. Your tips, suggestions, donations
and contacts are much appreciated as we continue this important work.
In 2006, among other projects, Black Box Voting is publishing a new book,
focusing on the infrastructure that made this happen. We will delve into 21st
Century bribery techniques, and fill you in on the people and procedures that
produced the current boondoggle.
The title: "BLACK BOX AMERICA"
We thank all of you who continued to place your confidence in the work of Black
Box Voting in 2005. Have an excellent New Year's Holiday!
Now let's roll up our sleeves for 2006!Black Box Voting
12-20-05
California "Hack" test stalled as Diebold certification derails
BREAKING - Dec. 20, 2005: California Secretary of State Bruce McPherson has laid
a subtle and elegant trap. Today, California threw Diebold Election Systems'
pending certification into a tailspin, using Machiavellian logic designed to
cast doubt on the federal testing lab process, the upcoming HAVA deadline and
Diebold voting systems simultaneously (while standing neatly aside to watch the
house of cards collapse).
This move follows on the heels of a devastating hack demonstration by Harri
Hursti sponsored by Black Box Voting, which took place in Leon County, Florida
on Dec. 13. This hack manipulated memory cards by exploiting design defects and
Diebold's
customized "AccuBasic" program code.
Here's how the California trap works: In a terse letter to Diebold, State
elections chief Caren Daniels-Meade writes, "Unresolved significant
security concerns exist with respect to the memory card used to program and
configure the AccuVote-OS [optical scan] and the AccuVote-TSX [touch-screen]
components of this system because this component was not subjected to federal
source code review and evaluation by the Independent Testing Authorities (ITA)
who examined your system for federal qualification. It is the Secretary of
State's position that the source code for the AccuBasic code on these cards, as
well as for the AccuBasic interpreter that interprets this code, should have
been federally reviewed.
".we are requesting that you submit the source code relating to the
AccuBasic code on the memory cards and the AccuBasic interpreter to the ITA for
immediate evaluation. We require this additional review before proceeding with
further consideration of your application for certification in California."
And herein lies the trap. Federal testing authorities are supposed to rely on
standards set by the Federal Election Commission. The FEC standards prohibit
"Interpreted code" - thus, the AccuBasic "interpreter" is
illegal. (The entire AccuBasic source code tree is written in a home-brewed
language that Diebold programmers made up themselves, making it more difficult
for certifiers to examine.)
The Hursti memory card attack demonstrated in Leon County Florida manipulated
the voting system by passing code through -- drum roll please -- the Diebold
interpreter, using a set of programs called AccuBasic which was written in a
concocted computer language and (now it is revealed) was never examined at all
by federal testing labs.
The ITA dilemma: ITAs have the choice of either recommending code that
explicitly violates FEC standards (placing an unsupportable liability burden on
them) or admitting that the original certification was defective. If the ITAs
retract their recommendation, it will effectively strip Diebold of its federal
certification, and may also affect its older products.
The Diebold dilemma: Diebold can refuse to submit its code to the ITAs, but that
will lose the state of California, continuing a pattern initiated last week when
two Florida counties dumped their Diebold machines. Alternatively, Diebold can
submit its code and watch as the federal authorities sever their product line
from the U.S. market.
The position is made more unstable because Diebold is now fending off
stockholder suits by an armload of attorneys piling on to solicit clients for a
voting machine-related securities fraud lawsuit.
California Secretary of State letters to Diebold Election Systems:
http://www.bbvdocs.org/legal/Dumpty1.pdf
http://www.bbvdocs.org/legal/Dumpty2.pdf
Something terribly wrong has happened here. American citizens have been
commenting on the unacceptable performance of the
ITAs since before Black Box Voting was incorporated in 2004.
In November 2002, Dan Spillane (a former senior test engineer for VoteHere) met
with Black Box Voting founder Bev Harris.
"It's a house of cards," he said, showing her stacks of bogus ITA
reports. "The bottom card is the certification process." Spillane says
he flagged more than 250 system integrity errors in the touch-screen system he
evaluated, yet the system passed every level of certification. He was terminated
by VoteHere, he sued, and the case was settled by VoteHere with details kept
confidential.
Here are writings by computer programmer Jim March on this subject: "The Federal
testing process was subverted multiple times by Diebold staff. we're going to
need to study the Federal certification process, in public." http://www.equalccw.com/lewisdeconstructed.pdf
(Date 9/23/2003; Jim March)
Bev Harris's book, Black Box Voting, took the ITAs, NASED and the state
examiners to task: http://www.blackboxvoting.org/bbv_chapter-6.pdf
(Date 10/10/2003; Bev Harris). Harris published interviews with state voting
machine examiners exposing slipshod state certification that relies on the
flawed premise of strong federal certification: http://www.blackboxvoting.org/bbv_chapter-9.pdf
(Date 10/15/2003)
A Riverside (Calif.) computer programmer Jeremiah Akin writes of ITA failure
during testing of Sequoia voting software: "Failure of certification
process to catch major security flaws in software:. Riverside has run elections
on software that was later found to contain major security vulnerabilities that
were not spotted in the certification process." http://www.exit.com/RiversideVoteTest/letters/response_to_mudslinging.pdf
(Date 2/29/2004; Jeremiah Akin)
Black Box Voting published ITA reports from Ciber Labs for Diebold showing that
"penetration tests" (security evaluations) were marked "not
applicable" and "not tested." http://www.bbvdocs.org/general/ciber-reports.zip
(Date: Oct. 17, 2004; Black Box Voting, Inc.)
Susan Pynchon, an ordinary citizen who now runs the Florida Fair Elections
Coalition, wrote this analysis demonstrating a breakdown in Florida's state
certification process: http://www.bbvdocs.org/general/FFECreport.pdf
(Date July 11, 2005; Susan Pynchon)
Ordinary citizens led this investigation, gathering momentum and evidence
nationwide, resulting in the Thompson and Hursti security tests in Florida,
culminating in the California Secretary of State ordering Diebold and federal
testing labs to go clean up their room (while neatly diverting attention from
state-level certification failures).
And now, a word from one of our forefathers:
"There is only one force in the nation that can be depended upon to keep
the government pure and the governors honest, and that is the people themselves.
They alone, if well informed, are capable of preventing the corruption of power,
and of restoring the nation to its rightful course if it should go astray. They
alone are the safest depository of the ultimate powers of government."
-- Thomas Jefferson - END
-------------------------------------------------------------------------------------
-Black Box Voting is a nonpartisan, nonprofit 501c(3) elections watchdog group
supported entirely by citizen donations. To support our work, go to
http://www.blackboxvoting.org/donate.html
or mail to
330 SW 43rd St Suite K PMB 547 Renton WA 98055Black Box Voting
12-14-05
BREAKING : Due to contractual non-performance and security design issues, Leon
County (Florida) supervisor of
elections Ion Sancho told Black Box Voting that he will never again use Diebold
in an
election. He has requested funds to replace the Diebold system from the county.
He will issue a formal
announcement to this effect shortly. This comes on the heels of the resignation
of Diebold CEO Wally
O'Dell, and the announcement that a stockholder's class action suit has been
filed against Diebold by
Scott & Scott.
Black Box Voting: http://www.blackboxvoting.org
Leon County Election Supervisor Ion Sancho:
http://www.leonfl.org/elect/MeetTheSupervisor.htm
Finnish security expert Harri Hursti proved that Diebold lied to Secretaries of
State across the nation when
Diebold claimed votes could not be changed on the memory card.
A test election was run in Leon County Tuesday Dec. 13 with a total of eight
ballots - six ballots voted "no" on a ballot
question as to whether Diebold voting machines can be hacked or not. Two
ballots, cast by Dr. Herbert
Thompson and by Harri Hursti voted "yes" indicating a belief that the
Diebold machines could be hacked.
At the beginning of the test election the memory card programmed by Harri Hursti
was inserted into an
Optical Scan Diebold voting machine. A "zero report" was run
indicating zero votes on the memory card.
In fact, however, Hursti had pre-loaded the memory card with plus and minus
votes.
The eight ballots were run through the optical scan machine. The standard
Diebold-supplied "ender card"
was run through as is normal procedure ending the election. A results tape was
run from the voting machine.
Correct results should have been:
Yes:2
No:6
However, just as Hursti had planned, the results tape read:
Yes:7
No:1
The results were then uploaded from the optical scan voting machine into the
GEMS central tabulator.
The central tabulator is the "mother ship" that pulls in all votes
from voting machines. The results in the
central tabulator read:
Yes:7
No:1
This exploit, accomplished without being given any password and with the same
level of access given
thousands of poll workers across the USA, showed that the votes themselves were
changed in a one-step
process. This hack would not be detected in any normal canvassing procedure, and
it required only a single
a credit-card sized memory card.
On Oct. 17, 2005 Diebold Elections Systems Research and Development chief Pat
Green specifically told the
Cuyahoga County (Ohio) board of elections that votes cannot be changed using
only a memory card.
Video of Pat Green, Cuyahoga County
According to Public Records responses obtained by Black Box Voting in response
to our requests shows that
Diebold promulgated this misrepresentation to as many as 800 state and local
elections officials.
In other news, a stockholder suit was filed today against Diebold by the law
offices of Scott and Scott:
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/12-13-2005/0004233556&EDATE=
Diebold CEO resigns: http://www.informationweek.com/news/showArticle.jhtml?articleID=175001748
# # # # #
Black Box Voting is a nonpartisan, nonprofit 501c(3) elections watchdog group.
This organization is not affiliated in
any way with any political party or any vendor. Without your important support,
we do not exist. To donate:
http://www.blackboxvoting.org/donate.html
or mail to:
Black Box Voting
330 SW 43rd St. Suite K
PMB 547
Renton WA 98055
The original research of Black Box Voting and its founder, Bev Harris, has been
covered by ABC, NBC, CBS, MSNBC,
CNN, and Fox TV national news, as well as by the New York Times, Time Magazine,
and most other major news outlets in the U.S.
12-09-05
UPDATE ON CALIFORNIA DIEBOLD VOTING MACHINE "HACK" TESTING
Letter faxed and mailed Dec. 9, 2005
To: California Secretary of State, Bruce McDannold, cc: Bruce McPherson
From: John S. Baker, Atty at Law, Dorsey & Whitney So. Cal. Office
"I represent Black Box Voting, Inc., a non-partisan, non-profit 501c(3)
corporation. On June 16, 2005, Black Box Voting sent a request to examine
the Diebold Election Systems component: the programmed "electronic ballad
box" memory cards used in optical scan and touch screen voting systems
("Component"). This request was made pursuant to California
Elections Code Section 19202 ("19202 Request"), which provides:
ANY PERSON OR CORPORATION OWNING OR BEING INTERESTED IN ANY VOTING SYSTEM OR
PART OF A VOTING SYSTEM MAY APPLY TO THE SECRETARY OF STATE TO EXAMINE IT AND
REPORT ON ITS ACCURACY AND EFFICIENCY TO FULFILL ITS PURPOSE. THE SECRETARY OF
STATE SHALL COMPLETE HIS EXAMINATION WITHOUT UNDUE DELAY.
"In the 19202 Request, Black Box Voting asked that the Component be
evaluated for five possible flaws with respect to: the latest optical scan
systems (firm wear 1.96.4); the paperless touch screen, as used in Alameda
County on November 2, 2004; the new TSx system proposed for certification; and
any older optical scan model still in use in California. A copy of the
19202 Request is attached for your convenience.
"Even though Section 19202 requires the Secretary of State to complete his
or her examination without 'undue delay', Black Box Voting did not receive a
response to its Request until Saturday, November 19, 2005. In that e-mail
response, you indicated that the Secretary of State would afford Black Box
Voting an opportunity to demonstrate the vulnerabilities with the Diebold
AccuVote-Os, based on the exploits outlined in the Hursti report. You also
stated that Diebold agreed to make their equipment and their staff available for
such tests on November 30, 2005, at the California Secretary of State's office,
1500 11th Street, Sacramento. In connection with your response, you
attached a document that provided the "actual protocol and conditions"
("Protocols") for the proposed test.
"Unfortunately, the Protocols, which were written by Diebold, were
seriously flawed, because they contemplated testing equipment that was
specifically hand-picked by Diebold, rather than randomly sampling voting
machines that were currently in existence and being utilized. The proposed
test system (Optical Scan terminal 1.96.6) was of a type that had not been
certified or used in California and was not an item requested for examination in
my client's 19202 request. However, my clients would be willing to
evaluate this item, but only in addition to the requested items. The test also
contemplated that Diebold would control all of the conditions, despite the fact
that it had a vested interest in the outcome of the test and would stand to lose
millions of dollars if the test showed flaws in the voting systems created by
Diebold. My clients have other concerns with the initial
test protocols; for example the time limits were listed as "required"
but were left blank. We can discuss these issues once a proper dialog on
these issues is established. A copy of your response and the Protocols are
attached as Exhibit 2.
"On November 22, 2005, less than two business days after you sent your
response, you sent an e-mail at 5:11 p.m. stating that if Black Box Voting would
like to participate in the test it would have to respond by 10:00 a.m. the
following morning. You also said that the time of the test would be moved
from 8:00 a.m. to 10:30 a.m. A true and correct copy of your November 22,
2005 response is attached as Exhibit 3.
"Less than three hours after receiving your November 22 e-mail, Black Box
Voting responded by suggesting that the Protocols be changed by selecting
machines from certain County election offices which have not shown a bias for
Diebold. Unfortunately, you have never responded to this correspondence or
permitted the inspection, despite Black Box Voting's reasonable request under
California Election Code Section 19202. As such, the Secretary of State
has clearly violated Section 19202.
"Accordingly, please contact me upon receipt of this letter as to whether
the Secretary of State will allow Black Box Voting's 19202 Inspection and, if
so, which Protocols he is agreeable to. If we do not receive a response to
this letter by December 16, 2005, Black Box Voting will be forced to pursue
other available legal remedies."
# # # # # # # # # # # # # # #
END OF ATTORNEY LETTER
# # # # # # # # # # # # # # #
From Black Box Voting:
AT ISSUE
Procedures to be negotiated include:
1) The secrecy provisions written by Diebold -- Black Box Voting takes the
position that all facets of the test should be open to the public and to the
media
2) Access and time limits -- Diebold wrote that a time limit would be set but
did not specify whether it would be 30 seconds or two weeks. Diebold left a
"blank" after the time limit item
Diebold involvement in writing procedures sent to Black Box Voting by Calif.
Secretary of state:
The California Secretary of State provided written testing procedures to Black
Box Voting in the form of a Word Document.
A review of the "properties" feature on this electronic document
reveals that it was written by Steve Pelletier of Diebold Election Systems, then
sent to Black Box Voting from the Secretary of State's office as the Secretary
of State's proposed testing protocols.
It is the position of Black Box Voting that the vendor should not be involved in
nor control the testing of this system.
* * * END * * *Black Box Voting
12-07-05
Two recent stories indicate that a Diebold stockholder lawsuit is imminent.
When a stock drops significantly and cannot rebound for approximately two
months, a stockholder lawsuit can result.
Diebold's first "hit" was in late June this year, when the company
admitted to miss-stating ATM sales revenues in a stockholder conference call.
Diebold's stock dropped again in late September upon the release of a glum sales
forecast based on additional problems with its ATM division. http://biz.yahoo.com/ap/050921/diebold_outlook.html?.v=10
An impending stockholder's lawsuit was predicted by Black Box Voting
on July 3, with a full blown story on this topic at BBV on Oct. 8.
July 3: http://www.bbvforums.org/forums/messages/1954/6804.html
Oct. 8: http://www.bbvforums.org/forums/messages/1954/10448.html
Today, Blogger Brad Friedman expanded scrutiny of potential
stockholder litigation.
http://www.bradblog.com/archives/00002126.htm#comments
AMMO FOR LITIGATION
- Due diligence failure on Global Election Systems acquisition
- Destruction of the Diebold brand name
- Persistent violations of the public trust
DUE DILIGENCE FAILURE
"We expect the U.S. voting marketplace to generate $1.5 to $2.0 billion in
hardware revenue during the next four to five years," then-CEO Wally O'Dell
was quoted as saying in Diebold's June 25 2001 "425" SEC filing.
Sec Filing: http://www.bbvdocs.org/legal/GESNacquisition6-21-1.pdf
O'Dell has now been shuffled out of his CEO position following a series of
gaffes, beginning with a letter he sent to Ohio Republicans promising to
"deliver the election to Bush."
Diebold has collected less than one-eighth of the voting system revenue O'Dell
projected to stockholders.
The SEC documents refer to embarking on a process of due diligence during the
Global Election Systems acquisition. This due diligence is more fittingly
described as doo-doo diligence. What else can you say when you buy a company
whose product MUST elicit trust, yet the head programmer and, SEC documents
reveal, the LARGEST STOCKHOLDER is a 23-count convicted embezzler? Something
stinks.
Somehow Diebold let prison records for programmer and main stockholder Jeffrey
Dean get by them, and also forgot to look at the prison records of John Elder,
who they put in charge of their ballot printing facility.
Jeffrey Dean prison records: http://www.bbvforums.org/forums/messages/2197/14323.html
John Elder prison records: http://www.bbvforums.org/forums/messages/2197/14320.html
Their doo-doo diligence managed to miss some of the shoddiest voting software on
the market. Here's how Dr. Herbert Thompson, a security expert and adjunct
professor of computer science at the Florida Institute of Technology, describes
the software: When asked what he would do if one of his students turned in a
program like Diebold's, he said he would have to give
them an "F".
DESTRUCTION OF THE BRAND NAME
Diebold's brand name has become a source of mockery. The New York Times featured
a one-half-page photo of a chimpanzee altering a Diebold voting system -- yes,
the chimp actually achieved this after a one-hour training session
video of chimp hacking Diebold machine:
http://www.bbvforums.org/forums/messages/2197/2368.html
Diebold is lampooned in comic strips, bumper stickers and popular media. Hustler
magazine published a full-page satire ad lamenting Diebold's role in the loss of
democracy.
This is Diebold now. Just four years ago, this company had an untarnished brand
name dating back to the 1850s. For some reason, Diebold decided to expend its
excellent brand name on a tiny rogue division providing less than five percent
of its revenue.
PERSISTENT VIOLATIONS OF THE PUBLIC TRUST
- Poor security
- Secretive practices
- Ethical violations
Diebold's ethical failures include funky and improperly disclosed lobbying,
lying to at least three different secretaries of state, and bait and switch
tactics with its voting system customers.
Link to Rose & Kindel under-reporting:
http://www.bbvforums.org/forums/messages/1954/4447.html
Undisclosed lobbying by Juan Andrade:
http://www.bbvforums.org/forums/messages/1954/5595.html
It is Diebold's ethical violations that we will explore further in this article.
Let's look at "the story behind the story" on just one incident,
chosen from of a veritable cornucopia of selections.
Documents were provided by Black Box Voting's Bev Harris and Jim March to the
California Secretary of State's office and to the state Attorney General's
office (on behalf of a courageous source). These documents prove legal
misconduct, not just on Diebold's part, but on the part of their law firm, Jones
Day. In these legal documents, Jones Day writes of plans to lie to the
California secretary of state. Jones Day lies about votercard encoder (see #9):
http://www.bbvdocs.org/legal/JonesDayLies.pdf
Jones Day prepping Diebold to lie about San Luis Obispo Election Day database
leak :
http://www.bbvdocs.org/legal/JonesDaySLOprepLies.pdf
more about San Luis Obispo:
http://www.blackboxvoting.org/bbv_chapter-13.pdf
After delivering the documents to state law enforcement authorities, the Jones
Day documents were provided by Black Box Voting to Ian Hoffman of Ang
Newspapers.
Hoffman was brave enough to take on the story, though it led to an unsuccessful
lawsuit by Diebold's Jones Day law firm against his publication. Hoffman's
newspaper prevailed on First Amendment grounds. The information was of critical
importance to the public interest.
Harris also received a tip from an inside source from California named James
Dunn. It had that authentic feel, so she turned it over to March, who lived near
Dunn. March hopped on his motorcycle to take a declaration from Dunn(1). Dunn's
testimony, also delivered in person to the secretary of state's Voting Systems
and Procedures Panel (VSPP) proved that Diebold's lawyers lied about the
votercard encoder, that Diebold had been warned that it would fail in the March
2004 California primary. Of course, it DID fail, and it represented the THIRD
time Diebold used uncertified and unauthorized software after being explicitly
told not to by the secretary of state. Declaration from Dunn:
http://www.bbvdocs.org/legal/dunndeclaration.pdf
The California VSPP grilled Jones Day (Diebold's law firm). "Were you
lying, or simply trying to mislead us?" they asked.
Diebold lied. Jones Day lied. Diebold brought in a damage control expert, at a
cost of over $100,000 in just a single quarter.
Then-secretary of state Kevin Shelley decertified Diebold's TSx machines,
recommending the case to the California attorney general for prosecution.
Diebold directly caused the disenfranchisement of thousands of San Diego voters
during a presidential primary, yet this company
continues to ask for our trust.
The likely stockholder lawsuit is a positive sign. Attorneys for the
stockholders will cream Diebold, because we'll be able to prove that Diebold
failed to perform appropriate due diligence when they acquired Global Election
Systems, failed to follow their own lawyer's advice, failed to follow the law,
and marketed knowingly shoddy software using false claims.
If we do not consequate this kind of behavior, it will certainly result in civil
unrest. Stockholder litigation should be followed by a nationwide recall of
defective GEMS central tabulators. Also likely: A recall of the flawed optical
scan system, which provides the opportunity for poll workers and other election
officials to tamper with elections through credit-card-sized removable media.
---------------
FOOTNOTES:
(1) Take a moment to read the Dunn Declaration.
We would suggest that the Dunn Declaration be considered a blueprint for how a
genuine insider's information should be treated.
Even if not using a formal declaration format, the factual information has more
power when sticking with just the facts, rather than interspersing commentary
and opinion.
--------------------------
Black Box Voting is a nonpartisan, nonprofit 501c(3) elections watchdog. We are
fighting for your right to oversee your own elections, for removal of secrecy,
and for fair, honest and trustworthy elections. Black Box Voting is developing
evidence and documentation to help you, as a citizen, fight effectively for
clean elections.
Black Box Voting is supported entirely by citizen donations. To support our
work, go to http://www.blackboxvoting.org/donation.html
or mail to 330 sw 43rd St Suite K #547 Renton WA 98055Black Box Voting
11-30-05 What's going on with
California Secretary of State Bruce McPherson?
- He asks Black Box Voting to do a test, but tells the press he's asked Finnish
security expert Harri Hursti to do it, before he formally invites Hursti or
obtains any agreement from Hursti to do the test;
- He gives Black Box Voting a Nov. 30 deadline, then tells the press he has no
idea where the Nov. 30 date came from.
- He asks Black Box Voting to confirm they intend to do the test, they confirm.
BBV never hears from the sec. state's office again.
- The participants in the test learn by reading in the newspaper that the test
has been delayed (18 hours before it is scheduled to begin).
- In a related matter, while on the radio this week McPherson's office could not
answer the simplest of questions about what transpired at a Nov. 21 Diebold
hearing.
Here's the correspondence trail -- judge for yourself:
http://www.bbvforums.org/forums/messages/1954/15517.html
-----------------------------------------------------
Black Box Voting is a national nonpartisan nonprofit elections watchdog group,
supported
entirely by citizen donations; Black Box Voting is not associated with any
political group or vendor.
http://www.blackboxvoting.orgBlack
Box Voting ,Black Box Voting
11-25-05 From
We, the People to our public servants: This isn't what we ordered. Send it back.
WHO COOKED THIS TURKEY?
It's about the size of an elephant, and it took a long time to cook.
Preparations began in the 80s when some Texas powerbrokers went on an
acquisition spree, converting the elections industry from diverse locally-based
mom & pop businesses into a handful of firms peppered with criminal
indictments and salted with political connections.
THE ROASTING BAG
Elections officials had to be bagged up and propagandized. A privatization
advocate, the Council of State Governments, was run by Abe Frank, who became a
founding director for The Election Center in 1990.
The Election Center, which has been run by former used computer parts salesman
R. Doug Lewis since 1994, undertook the task of organizing and training local
elections officials.
At the same time, vendors flexed their influence in the pay-to-play National
Association of Secretaries of State (NASS) -- You pay your fees, you get your
face time. Secretaries of state, who often aspire to run for governor, cozied up
to the very people who -- literally -- can make that happen.
THE RECIPE: INGREDIENT LIST
- ONE SIX-MEMBER FEDERAL ELECTIONS COMMISSION:
The FEC makes the rules for voting machine certification, the so-called
"1990" and "2002" FEC standards (which have been removed
from the FEC site, but can be found here).
The FEC left themselves a loophole. They never codified the FEC standards into
regulations, so that the force of law cannot be applied to force voting machine
makers to comply. The FEC standards are "voluntary guidelines".
- TWO TESTING LABS, HUNTSVILLE ALABAMA BRAND
Test how ripe they are before using: Jam a pocket calculator halfway into a
banana, see if they'll certify it as a voting machine for the right money.
Three labs were authorized, but vendors chose to use only the Huntsville brand
-- Nichols/PSInet/Metamore/Ciber, a series of companies that repeatedly passed
the hot potato to a
tester named Shawn Southworth, and handed another portion of the testing to Wyle
Labs' Jim Dearman.
These labs were supposed to do source code and functionality reviews, but here's
the catch:
They are paid by the vendors.
The testing labs are called "ITAs" for "Independent Testing
Authorities" but there is nothing independent about them. According to
Shawn Southworth, in a taped interview conducted by Black Box Voting, the labs
don't like to write anything negative in the reports because the vendors don't
like it, and they're paying for it.
- One Voting Systems Panel from the National Association of State Elections
Directors (NASED).
This panel approves the voting machines after the ITAs recommend approval. They
are supposed to check over the ITA's paperwork, after which they assign a "NASED
number" signifying Federal certification.
The NASED panel sometimes issued cert numbers before reading the reports, and
has routinely certified systems with "not tested" and
"untested" notations on the recommendation forms.
NASED got some operational support via cash donations from the big vendors, and
apparently never saw anything odd in the fact that two old ladies and a gun nut
from Black Box Voting were running circles around the ITAs, exposing hard-core
voting system defects like the GEMS defect and fundamentally flawed memory card
architecture that the ITAs forgot to mention.
These defects were subsequently confirmed by reports commissioned by the
secretaries of state of Ohio and California, causing ITA labs and their
apologists to offer this excuse:
"THE FEC STANDARDS WERE TOO WEAK."
Not.
You don't need to be a computer scientist to understand plain English: Both 1990
and 2002 FEC standards prohibit something called "interpreted code."
The Diebold memory card architecture relies on interpreted code, executing logic
on the memory card by passing memory card code through -- drum roll, please --
the interpreter.
You also don't need to be a computer expert to understand that another item
forbidden in the FEC standards, "nonstandard computer language" is
being used. Diebold decided to make up its own language, calling it "AccuBasic."
Only Diebold uses it, no one else in the world. Apologists for the ITAs explain
that the AccuBasic language is similar but different to the C++ computer
language. That's like saying German is English because the languages are
"similar."
But the FEC standards are deficient in some areas. Here's something that doesn't
take a statistician to figure out: The FEC standards set a failure tolerance so
low that 10 percent of the voting machines are allowed to fail on the first day
of use. Would you buy a TV set if you knew there was a 10 percent chance it
would stop working the first day? Hello? This is good use of taxpayer money?
The NASED voting systems panel appears to have gone rogue years ago and their
certification oversight ability is being stripped from them and given to the new
Election Assistance Commission (EAC) -- which isn't functional yet.
That hasn't stopped the California Secretary of State from inviting many of the
most problematic members of the NASED voting systems panel in to an
invitation-only meeting on Nov. 28 and 29 to help California set "best
practices."
- Add to the mix: Various academics and "experts" who were supposed to
be checking this stuff out.
Even the best of them (Dr. Doug Jones of Iowa and Dr. David Jefferson of
California) didn't want to get too vocal about known problems, especially early
on. Others like Georgia's Brit Williams and Florida's Paul Craft cannot possibly
explain their unabashed cheerleading of systems which have now been proven to be
defective.
There were a small number of notable exceptions: The outspoken Dr. Rebecca
Mercuri who has been telling it like it is since 1989.
HAVA: WHO ORDERED THIS TURKEY?
The Help America Vote Act was lobbied in by defense contractors and
manufacturers looking to make a buck
on the backs of U.S. taxpayers. (Documentation: See Black Box Voting book,
chapter 16)
Demand a Hold on HAVA -- Megan Matson of Mainstreet Moms Operation Blue(MOB) has
the right idea:
"Hold on HAVA." The National Alliance of County Officials (NACO)
wants to extend the HAVA deadline, at
least until standards are set and adequate funding is available. The Election
Assistance Commission, charged
with supervising HAVA, is months behind its own deadlines.
IS ANYONE GOING TO BE HELD ACCOUNTABLE FOR THIS TURKEY?
The Election Center and NASED ignored ITA ommissions the size of the national
defecit for 10 years. When
this became undeniable, after the work of ordinary citizens to expose the flaws,
secretaries of state at first
commissioned independent studies, from the SAIC, RABA, CompuWare, and recently
Steve Freeman.
These studies became inconvenient, however, when they confirmed the GEMS defect,
the memory card
executables, and numerous other critical defects. So people like Ohio Secretary
of State Ken Blackwell simply
hid the reports, while California whispered suggestions into Diebold's ear,
encouraging it to quietly resolve the
issues. There was no investigation, and no one has put either the vendor or the
ITAs under oath to question
how this came to be.
Vendors like Diebold knew nobody was watching the store, so they acted like a
pack of Goths sacking Rome.
To criticize Diebold is to critique the WHOLE SORRY HOUSE OF CARDS who all act
like they were members of
the same happy club -- and in fact, they are. People from one part of this
structure typically relocate to other segments.
- Indicted vendors become election officials (Lance Gough, Chicago).
- Convicted felons who were vendors become elections consultants (John Elder,
Diebold ballot printing.)
- Regulators become vendors (Ralph Munro, Bill Jones, Sandra Mortham, Lou Dedier).
- State elections officials become convicted felons (Ark. sec. state Bill McKuen,
Louisiana elections director Jerry Fowler).
- County elections officials vacation with vendors (Los Angeles' Conny Drake
McCormack, Diebold's Deborah Seiler).
- Political powerbrokers become voting machine lobbyists (former DNC chairman
Joe Andrew, now Diebold lobbyist.)
- County elections officials hire PR firms and lobbyists who work for the
vendors at the same time (Riverside County/
Sequoia/O'Reilly PR; Ohio Association of county election officials share their
lobbyist with Diebold)
The interchangability of elections officials, regulators, lobbyists, indicted
personnel, and vendors is a gigantic
set of Tinker-Toys.
That's why companies like Diebold have been so protected. If Diebold goes down,
people might look too closely,
causing the whole thing to collapse in scandal.
- At Black Box Voting, we've been told that we need to leave these TinkerToy
Turkeys a graceful way out.
- We are told that it is rude to tell it like it is.
- We are told that the situation can't be fixed if we are politically incorrect.
That's probably true, if you leave this to legislation. But We, the People, can
never again leave it up to others to
fix our broken election system.
At some point, we've got to hold this turkey's feet to the fire. Now all the
people who cooked this turkey are
jockeying for position in the free pass line.
Is that what we want? Do We, the People, really need to be that polite to those
who took away our ability to oversee our own elections? Have we become a nation
of bootlickers, cowed to politeness before the very people whose corrupt
practices invaded our most fundamental right?
What our public servants brought to the table was not what we ordered. Send it
back.
Now have a happy Thanksgiving!
Black Box Voting
Permission to reprint granted, with link to http://www.blackboxvoting.org
-----------
Black Box Voting is a nonprofit, nonpartisan 501c(3) elections watchdog. We are
fighting for your right as
a citizen to view and oversee your own voting process. Our focus is on
increasing your access to the
elections process, obtaining crucial public records to document what is going on
in elections, and exposing
procedural problems that corrupt the integrity of the election.
Black Box Voting is supported entirely by citizen donations. You can support
this important work by
clicking here:
http://www.blackboxvoting.org/donate.html
or by sending to 330 SW 43rd St. Suite K, PMB 547, Renton WA 98055Black Box
Voting
-----------------------------------------------------------------------------------------------------------------
07-27-05 Viewing The Diebold Vote Tallying-Screen Prohibited Click Here
-----------------------------------------------------------------------------------------------------------------
07-25-05 Diebold To Now Count Absentee Ballots Click Here
-----------------------------------------------------------------------------------------------------------------
07-27-05 VIEWING THE DIEBOLD VOTE-TALLYING SCREEN PROHIBITED
Jim March, a member of the Black Box Voting board of directors, was arrested
Tuesday evening for trying to observe the Diebold central tabulator (vote
tallying machine) as the votes were being counted in San Diego's mayoral
election (July 26). (- online discussion: http:/www.blackboxvoting.org -)
According to Jim Hamilton, an elections integrity advocate from San Diego, he
and March visited the office of the registrar of elections earlier in the day.
During this visit, March made two requests, which were refused by Mikel Haas,
the San Diego Registrar of elections.
1) March asked that the central tabulator, the computer that tallies up the
votes from all the precincts, be positioned so that citizens could observe it.
According to Hamilton, this would have required simply moving a table a few
feet.
2) March also asked for a copy of the ".gbf" files -- the vote tally
files collected during the course of tabulation - to be provided for examination
after the election
During the tallying of the election, the Diebold computer was positioned too far
away for citizens to read the screen. Citizens could not watch error messages,
or even perceive significant anomalies or malfunctions.
Unable to see the screen, March went into the office where the tabulator was
housed. Two deputies followed him and escorted him out.
According to Hamilton: "He was not belligerent, not at all. After he went
inside the tabulator room he came [was escorted] out and he said clearly 'I'm
not resisting.' They handcuffed him, took him out of the building. They put him
in a squad car. They're going to take him to the police station, book him and
take him to jail," said Hamilton. "He's getting charged with a felony,
'interfering with an election official.'"
March's actions are the culmination of two years of increasing frustration with
the refusal of election officials to respond to security deficiencies in the
voting machines. The software that tallies the votes in San Diego is made by
Diebold Election Systems, a company that has already paid the state of
California $2.8 million for making false claims, due to a lawsuit filed by March
and Black Box Voting founder Bev Harris.
On July 4, a report was released by European computer security expert Harri
Hursti, revealing that the Diebold voting system contains profound architectural
flaws. "It is open for business," says Hursti, who demonstrated the
flaws on Leon County, Florida Diebold machines. He penetrated the voting system
in less than five minutes, manipulating vote reports in a way that was
undetectable.
Despite the critical security alert issued by Hursti, San Diego County sent 713
voting machines home with poll workers, increasing the risk that the
"memory cards" housed in the machines could be
hacked, and removing the argument that "inside access" was carefully
safeguarded.
The arrest of Jim March underlines a fundamental problem facing Americans today
as, increasingly, they lose the ability to monitor, verify, or watch any part of
the counting process.
The San Diego registrar of elections knew of the security flaws in the voting
system. Diebold has never denied the vulnerability identified in Hursti's
report, found at http://www.blackboxvoting.org/BBVreport.pdf.
Despite knowledge of the increased risks, Haas made the decision to create
additional vulnerability by sending the machines home with hundreds of poll
workers.
While San Diego officials will no doubt point to a small seal on the compartment
housing the memory card (the component exploited in Hursti's study), Black Box
Voting has interviewed a former San Diego poll worker, who reported that all
that is necessary to dislodge and then reaffix the seal is a small pair of
pliers.
IN A NUTSHELL:
- The machines have been demonstrated to be vulnerable to undetected tampering
- The San Diego registrar of voters chose not to take appropriate precautions
- The main tally machine was placed in a location that was impossible for
citizens to observe
- Many voting integrity advocates have come to believe that voting machine
reform now rivals the urgency of the Civil Rights movement in the 1960s.
Jim March acted on those beliefs.
* * * * *
If you share the feelings that Jim March has expressed about voting system
secrecy, please forward this message to your lists and to online blogs as
appropriate. Permission granted to reprint, with link to http://www.blackboxvoting.org.
-----------------------------------------------------------------------------------------------------------------
07-25-05 Black Box Voting Exclusive:
NEW UNCERTIFIED DIEBOLD "VOTE REMOTE" PROGRAM --
REMOVING HUMANS FROM ABSENTEE VOTE AUTHENTICATION
System allows election officials to set acceptance for the ballots high, low, or
anywhere they want. This system is not certified. It interacts with the voter
registration system, which also contains party affiliation of voters. It may
never be tested or certified, since it slips through a loophole in the
certification language. Financial documents obtained by BLACK BOX VOTING show
completed billings for Vote Remote, indicating that it is already in use.
Here is a link to documents obtained by Black Box Voting:
http://www.bbvdocs.org/diebold/voteremote.pdf
(Note: If you experience problems loading these documents, go here and do a free
update on your Adobe Acrobat reader:
http://www.adobe.com/products/acrobat/readstep2.html)
VOTE REMOTE, for the most part, uses old technology like automated
envelope stuffing and bar coding. What is new, though, is the use of automated
signature comparison.
When you vote by mail, the signature on the envelope is matched with the
signature on your voter registration card. Vote Remote automates this process. A
thermometer- like acceptance level can be set wherever the election official
wants to put it.
WE HAVE FOUND NO PROCEDURES, NO STANDARDS, NO AUDITING TOOL FOR HOW ACCEPTANCE
IS SET, BY WHOM, OR EVEN WHETHER THE SYSTEM IS ACCURATE OR CONSISTENT.
A quick Google on "Vote by mail" will reveal that cookie-cutter
legislation has made its way into many states, switching many counties to an all
vote-by mail system.
Many of these mail-in voting bills have already passed. (Just in time for
Diebold.)
* * * *
Video: EXPERTS CONFIRM --
ELECTION OFFICIALS ARE AVOIDING SECURITY REPORTS
Ion Sancho and Dr. Doug Jones report what they've learned. Ion Sancho is the
Leon County elections official who allowed Harri Hursti to test the security of
his Diebold system (Hursti quickly penetrated the system: See Hursti's report: http://www.blackboxvoting.org/BBVreport.pdf)
Sancho reports that the Florida Election Supervisors meetings have not been
covering the topic of security.
Dr. Doug Jones is the former Chair of the Iowa State Voting Machine Examiners.
He describes election officials refusal to look at security reports.
Here is the 3 minute clip, taken by Kathleen Wynne:
http://www.bbvdocs/videos/security-obscurity2.mpg
* * * *
WE NEED YOUR HELP ON THIS MYSTERY
$20,450 was paid by Diebold to an obscure entity. This is according to an
"open payables" ledger from Diebold
(http://www.bbvdocs.org/diebold/accts-payable1.pdf).
ALL OF THE FOLLOWING IS A RESULT OF ORIGINAL
INVESTIGATIVE WORK BY BLACK BOX VOTING:
-- Note that the same document shows a similarly coded $144,000 payment to
"Lottery Services of Georgia," a firm which has previously been found
to be involved in "pass through payments." (Payments for which no
apparent work was done).
-- The amount is similar to the amount paid to Juan Andrade. That money turned
out to be traveling through ACG Group, LLC in Illinois/Ohio, and $10,000 of it
made its way through the Franklin County Elections Director into the pockets of
the Franklin County Republican Party.
-- Another document shows that Diebold is working with a Louisiana lobbyist,
Darrell Hunt, who discovered was tied into the bribery investigation of Senator
Larry Bankston.
YOU CAN'T HAVE LARGE SCALE ELECTION FRAUD WITHOUT BRIBES.
Here is more information about the mechanics of bribery:
(http://www.bbvforums.org/forums/messages/1954/8458.html)
In a nutshell, bribes are getting more elegant. In the 1980s, they consisted of
stuffing a wad of cash into an envelope and handing it to a politician.
Nowadays, bribes tend to hide in gray areas of the law, using clever ideas to
slip through disclosure nets. Like this:
-- Politician buys fancy condo.
-- Lobbyists fork out premium prices to "rent the condo," a week at a
time.
-- Check out a condo rental by the current Diebold guy, Darrell W. Hunt, in
Louisiana shortly before a senator was convicted for using that condo as a
conduit for bribery.
DO YOU KNOW WHO THIS MIGHT BE?
The $20,450 to "'DMJ Systems' (Diodato, Ruben)" is probably completely
legitimate. However, we've not been able to locate the identity of this vendor
yet. If anyone has a tip for us, we're all ears.
* * * *
100 pages of Diebold documents were released by Black Box Voting on July 22. On
July 25, another 58 pages were released. All of these documents were obtained
through the original investigative work of Black Box Voting investigator
Kathleen Wynne.
Among them:
Urosevich son, emails about foreign investments:
http://www.bbvdocs.org/diebold/Urosevich--banking.pdf
(Bob Urosevich was the president of Diebold Election Systems)
A very pricey employment litigation matter in Canada
http://www.bbvdocs.org/diebold/employment--litigation.pdf
Smoking gun: Juan Andrade check stub
http://www.bbvdocs.org/diebold/Andrade.pdf
(Andrade has not filed the dicslosure documents on expenditures and payments
recieved, as required by law. Fine for failure to file: $100 per day. Anyone
want to call the Chicago Trib about this?)
More documents, including sales strategy memos, a general Ledger page and trial
balance printouts are now posted here:
http://www.bbvforums.org/forums/messages/2197/8541.html
Information on Diebold vendors (parts, staffing, more)
http://www.bbvforums.org/forums/messages/2197/8467.html
* * * *
All investigations, actions, and the Web site Black Box Voting itself are funded
solely by citizen donations.
To donate: Send check to 330 SW 43rd St Suite K, PMB 547,
Renton WA 98055 or donate by credit card:
http://www.blackboxvoting.org/donate.html
* * * *
NEWS REPORTERS:
Contact info - 425-793-1030, 206-354-5723, or 206-335-7747
bev@blackboxvoting.org or
Kathleen@blackboxvoting.org
July 25, 2005 -- Please forward to your lists
and to online blogs as appropriate. Permission granted to reprint, with link.
-----------------------------------------------------------------------------------------------------------------
07-04-05
SECURITY ALERT: Critical Security Issues
with Diebold Optical Scan Design
Executive Summary
BLACK BOX VOTING TO ISSUE SECURITY ALERT for a critical vulnerability tracing back at least a decade, kept quiet by certifiers, who knew or should have known. The upcoming report explains the likely mechanism whereby minus 16,022 votes for Al Gore showed up from a replacement Volusia County memory card, and is also implicated in the 57 poll tape anomalies (and 57 extra memory cards) discovered in Volusia County in Nov. 2004.}
EXCERPTS FROM THE REPORT:
Incorporated into the foundation of the Diebold Precinct-Based Optical Scan
1.94w system is the mother of security holes, and no apparent cure will produce
infertility, or system safety.
...the removable media (memory card), which should contain only the ballot box,
the ballot design and the race definitions, but also contains a living thing –
an executable program which acts on the vote data. Changing this executable
program on the memory card can change the way the optical scan machine functions
and the way the votes are reported. The system won’t work without this program
on the memory card. Whereas we would expect to see vote data in a sealed,
passive environment, this system places votes into an open active environment.
With this architecture, every time an election is conducted it is necessary to
reinstall part of the functionality into the Optical Scan system via memory
card, making it possible to introduce program functions (either authorized or
unauthorized), either wholesale or in a targeted manner, with no way to verify
that the certified or even standard functionality is maintained from one voting
machine to the next.
Download Full Report With This Link http://www.blackboxvoting.org/BBVreport.pdf
source: http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/6805.html
-----------------------------------------------------------------------------------------------------------------
07-04-05
Think Those Electronic Voting Machines are without flaws, than read this?
Documents obtained by Black Box Voting in a Nov. 2, 2004 Freedom of Information
action do not substantiate the Palm Beach County election results. The Sequoia
Voting System records show thousands of anomalies, all of the poll tapes lack
signatures, and internal voting machine logs show an abundance of malfunctions.
Some results were run BEFORE election day. Several important records are missing
altogether.
Black Box Voting sued former Palm Beach Supervisor of Elections Theresa LePore
to obtain the records, and obtained them from her successor, Arthur Anderson.
You be the judge -- Audit records can be found HERE: http://www.bbvforums.org/forums/messages/2197/6620.html
Summary of anomalies: http://www.bbvforums.org/forums/messages/2197/6627.html
-----------------------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------------------------
07-27-05 Viewing The Diebold Vote Tallying-Screen Prohibited Click Here
-----------------------------------------------------------------------------------------------------------------
07-25-05 Diebold To Now Count Absentee Ballots Click Here
-----------------------------------------------------------------------------------------------------------------
07-27-05 VIEWING THE DIEBOLD VOTE-TALLYING SCREEN PROHIBITED
Jim March, a member of the Black Box Voting board of directors, was arrested
Tuesday evening for trying to observe the Diebold central tabulator (vote
tallying machine) as the votes were being counted in San Diego's mayoral
election (July 26). (- online discussion: http:/www.blackboxvoting.org -)
According to Jim Hamilton, an elections integrity advocate from San Diego, he
and March visited the office of the registrar of elections earlier in the day.
During this visit, March made two requests, which were refused by Mikel Haas,
the San Diego Registrar of elections.
1) March asked that the central tabulator, the computer that tallies up the
votes from all the precincts, be positioned so that citizens could observe it.
According to Hamilton, this would have required simply moving a table a few
feet.
2) March also asked for a copy of the ".gbf" files -- the vote tally
files collected during the course of tabulation - to be provided for examination
after the election
During the tallying of the election, the Diebold computer was positioned too far
away for citizens to read the screen. Citizens could not watch error messages,
or even perceive significant anomalies or malfunctions.
Unable to see the screen, March went into the office where the tabulator was
housed. Two deputies followed him and escorted him out.
According to Hamilton: "He was not belligerent, not at all. After he went
inside the tabulator room he came [was escorted] out and he said clearly 'I'm
not resisting.' They handcuffed him, took him out of the building. They put him
in a squad car. They're going to take him to the police station, book him and
take him to jail," said Hamilton. "He's getting charged with a felony,
'interfering with an election official.'"
March's actions are the culmination of two years of increasing frustration with
the refusal of election officials to respond to security deficiencies in the
voting machines. The software that tallies the votes in San Diego is made by
Diebold Election Systems, a company that has already paid the state of
California $2.8 million for making false claims, due to a lawsuit filed by March
and Black Box Voting founder Bev Harris.
On July 4, a report was released by European computer security expert Harri
Hursti, revealing that the Diebold voting system contains profound architectural
flaws. "It is open for business," says Hursti, who demonstrated the
flaws on Leon County, Florida Diebold machines. He penetrated the voting system
in less than five minutes, manipulating vote reports in a way that was
undetectable.
Despite the critical security alert issued by Hursti, San Diego County sent 713
voting machines home with poll workers, increasing the risk that the
"memory cards" housed in the machines could be
hacked, and removing the argument that "inside access" was carefully
safeguarded.
The arrest of Jim March underlines a fundamental problem facing Americans today
as, increasingly, they lose the ability to monitor, verify, or watch any part of
the counting process.
The San Diego registrar of elections knew of the security flaws in the voting
system. Diebold has never denied the vulnerability identified in Hursti's
report, found at http://www.blackboxvoting.org/BBVreport.pdf.
Despite knowledge of the increased risks, Haas made the decision to create
additional vulnerability by sending the machines home with hundreds of poll
workers.
While San Diego officials will no doubt point to a small seal on the compartment
housing the memory card (the component exploited in Hursti's study), Black Box
Voting has interviewed a former San Diego poll worker, who reported that all
that is necessary to dislodge and then reaffix the seal is a small pair of
pliers.
IN A NUTSHELL:
- The machines have been demonstrated to be vulnerable to undetected tampering
- The San Diego registrar of voters chose not to take appropriate precautions
- The main tally machine was placed in a location that was impossible for
citizens to observe
- Many voting integrity advocates have come to believe that voting machine
reform now rivals the urgency of the Civil Rights movement in the 1960s.
Jim March acted on those beliefs.
* * * * *
If you share the feelings that Jim March has expressed about voting system
secrecy, please forward this message to your lists and to online blogs as
appropriate. Permission granted to reprint, with link to http://www.blackboxvoting.org.
-----------------------------------------------------------------------------------------------------------------
07-25-05 Black Box Voting Exclusive:
NEW UNCERTIFIED DIEBOLD "VOTE REMOTE" PROGRAM --
REMOVING HUMANS FROM ABSENTEE VOTE AUTHENTICATION
System allows election officials to set acceptance for the ballots high, low, or
anywhere they want. This system is not certified. It interacts with the voter
registration system, which also contains party affiliation of voters. It may
never be tested or certified, since it slips through a loophole in the
certification language. Financial documents obtained by BLACK BOX VOTING show
completed billings for Vote Remote, indicating that it is already in use.
Here is a link to documents obtained by Black Box Voting:
http://www.bbvdocs.org/diebold/voteremote.pdf
(Note: If you experience problems loading these documents, go here and do a free
update on your Adobe Acrobat reader:
http://www.adobe.com/products/acrobat/readstep2.html)
VOTE REMOTE, for the most part, uses old technology like automated
envelope stuffing and bar coding. What is new, though, is the use of automated
signature comparison.
When you vote by mail, the signature on the envelope is matched with the
signature on your voter registration card. Vote Remote automates this process. A
thermometer- like acceptance level can be set wherever the election official
wants to put it.
WE HAVE FOUND NO PROCEDURES, NO STANDARDS, NO AUDITING TOOL FOR HOW ACCEPTANCE
IS SET, BY WHOM, OR EVEN WHETHER THE SYSTEM IS ACCURATE OR CONSISTENT.
A quick Google on "Vote by mail" will reveal that cookie-cutter
legislation has made its way into many states, switching many counties to an all
vote-by mail system.
Many of these mail-in voting bills have already passed. (Just in time for
Diebold.)
* * * *
Video: EXPERTS CONFIRM --
ELECTION OFFICIALS ARE AVOIDING SECURITY REPORTS
Ion Sancho and Dr. Doug Jones report what they've learned. Ion Sancho is the
Leon County elections official who allowed Harri Hursti to test the security of
his Diebold system (Hursti quickly penetrated the system: See Hursti's report: http://www.blackboxvoting.org/BBVreport.pdf)
Sancho reports that the Florida Election Supervisors meetings have not been
covering the topic of security.
Dr. Doug Jones is the former Chair of the Iowa State Voting Machine Examiners.
He describes election officials refusal to look at security reports.
Here is the 3 minute clip, taken by Kathleen Wynne:
http://www.bbvdocs/videos/security-obscurity2.mpg
* * * *
WE NEED YOUR HELP ON THIS MYSTERY
$20,450 was paid by Diebold to an obscure entity. This is according to an
"open payables" ledger from Diebold
(http://www.bbvdocs.org/diebold/accts-payable1.pdf).
ALL OF THE FOLLOWING IS A RESULT OF ORIGINAL
INVESTIGATIVE WORK BY BLACK BOX VOTING:
-- Note that the same document shows a similarly coded $144,000 payment to
"Lottery Services of Georgia," a firm which has previously been found
to be involved in "pass through payments." (Payments for which no
apparent work was done).
-- The amount is similar to the amount paid to Juan Andrade. That money turned
out to be traveling through ACG Group, LLC in Illinois/Ohio, and $10,000 of it
made its way through the Franklin County Elections Director into the pockets of
the Franklin County Republican Party.
-- Another document shows that Diebold is working with a Louisiana lobbyist,
Darrell Hunt, who discovered was tied into the bribery investigation of Senator
Larry Bankston.
YOU CAN'T HAVE LARGE SCALE ELECTION FRAUD WITHOUT BRIBES.
Here is more information about the mechanics of bribery:
(http://www.bbvforums.org/forums/messages/1954/8458.html)
In a nutshell, bribes are getting more elegant. In the 1980s, they consisted of
stuffing a wad of cash into an envelope and handing it to a politician.
Nowadays, bribes tend to hide in gray areas of the law, using clever ideas to
slip through disclosure nets. Like this:
-- Politician buys fancy condo.
-- Lobbyists fork out premium prices to "rent the condo," a week at a
time.
-- Check out a condo rental by the current Diebold guy, Darrell W. Hunt, in
Louisiana shortly before a senator was convicted for using that condo as a
conduit for bribery.
DO YOU KNOW WHO THIS MIGHT BE?
The $20,450 to "'DMJ Systems' (Diodato, Ruben)" is probably completely
legitimate. However, we've not been able to locate the identity of this vendor
yet. If anyone has a tip for us, we're all ears.
* * * *
100 pages of Diebold documents were released by Black Box Voting on July 22. On
July 25, another 58 pages were released. All of these documents were obtained
through the original investigative work of Black Box Voting investigator
Kathleen Wynne.
Among them:
Urosevich son, emails about foreign investments:
http://www.bbvdocs.org/diebold/Urosevich--banking.pdf
(Bob Urosevich was the president of Diebold Election Systems)
A very pricey employment litigation matter in Canada
http://www.bbvdocs.org/diebold/employment--litigation.pdf
Smoking gun: Juan Andrade check stub
http://www.bbvdocs.org/diebold/Andrade.pdf
(Andrade has not filed the dicslosure documents on expenditures and payments
recieved, as required by law. Fine for failure to file: $100 per day. Anyone
want to call the Chicago Trib about this?)
More documents, including sales strategy memos, a general Ledger page and trial
balance printouts are now posted here:
http://www.bbvforums.org/forums/messages/2197/8541.html
Information on Diebold vendors (parts, staffing, more)
http://www.bbvforums.org/forums/messages/2197/8467.html
* * * *
All investigations, actions, and the Web site Black Box Voting itself are funded
solely by citizen donations.
To donate: Send check to 330 SW 43rd St Suite K, PMB 547,
Renton WA 98055 or donate by credit card:
http://www.blackboxvoting.org/donate.html
* * * *
NEWS REPORTERS:
Contact info - 425-793-1030, 206-354-5723, or 206-335-7747
bev@blackboxvoting.org or
Kathleen@blackboxvoting.org
July 25, 2005 -- Please forward to your lists
and to online blogs as appropriate. Permission granted to reprint, with link.
-----------------------------------------------------------------------------------------------------------------
Home About us Comments Webmaster Links Books To Read Movies Archives Shop