INDEPENDENT NEWS

Backdoor Found In Diebold Vote Counting Program

Published: Thu 2 Sep 2004 01:17 PM
Backdoor Found In Diebold Vote Counting Program
By Bev Harris
BlackBoxVoting.Org Consumer Report - Investigations
Click To Donate To BlackBoxVoting.Org's Investigations
CONTENTS:
- Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator contains a stunning security hole
- Consumer Report: Part 2 - Problems with GEMS Central Tabulator
- Consumer Report: Part 3 - More GEMS problems, and why current solutions / explanations won't work
- Consumer Reports: Part 4 - Solutions to GEMS central tabulator problem
NEWS LINKS:
For further coverage of this issue see
Vote Tabulator Security Hole Exposed – Slashdot.Org
Voting machine has hole, it's claimed - The Inquirer
**********


http://www.blackboxvoting.org
Read The Book…Support The Cause - Order Your Copy Today
**********
Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator contains a stunning security hole
Submitted by Bev Harris on Thu, 08/26/2004 - 11:43. Investigations
Issue: Manipulation technique found in the Diebold central tabulator -- 1,000 of these systems are in place, and they count up to two million votes at a time.
By entering a 2-digit code in a hidden location, a second set of votes is created. This set of votes can be changed, so that it no longer matches the correct votes. The voting system will then read the totals from the bogus vote set. It takes only seconds to change the votes, and to date not a single location in the U.S. has implemented security measures to fully mitigate the risks.
This program is not "stupidity" or sloppiness. It was designed and tested over a series of a dozen version adjustments.
READ MORE:
http://www.blackboxvoting.org/?q=node/view/78
**********
Consumer Report: Part 2 - Problems with GEMS Central Tabulator
Submitted by Bev Harris on Thu, 08/26/2004 - 11:38. Investigations
This problem appears to demonstrate intent to manipulate elections, and was installed in the program under the watch of a programmer who is a convicted embezzler.
According to election industry officials, the central tabulator is secure, because it is protected by passwords and audit logs. But it turns out that the GEMS passwords can easily be bypassed, and the audit logs can be altered and erased. Worse, the votes can be changed without anyone knowing, including the officials who run the election.
READ MORE:
http://www.blackboxvoting.org/?q=node/view/77
**********
Consumer Report: Part 3 - More GEMS problems, and why current solutions / explanations won't work
Submitted by Bev Harris on Thu, 08/26/2004 - 11:33. Investigations
But do new security measures solve the problem?
The MS Access database is not passworded and can be accessed illicitly through the back door simply by double-clicking the vote file. After we published this report, we observed unpassworded access on the very latest, GEMS 1.18.19 system in a county elections office.
Some locations removed the Microsoft Access software from their GEMS computer, leaving the back door intact but, essentially, removing the ability to easily view and edit the file.
However, you can easily edit the election, with or without Microsoft Access installed on the GEMS computer. As computer security expert Hugh Thompson demonstrated at the Aug. 18 California Secretary of State meeting, you simply open any text editor, like "Notepad," and type a six-line Visual Basic Script, and you own the election.
Some election officials claim that their GEMS central tabulator is not vulnerable to this back door, because they limit access to the GEMS tabulator room and they require a password to turn on the GEMS computer.
However...
READ MORE:
http://www.blackboxvoting.org/?q=node/view/76
**********
Consumer Reports: Part 4 - Solutions to GEMS central tabulator problem
Submitted by Bev Harris on Thu, 08/26/2004 - 11:29. Investigations
Recommendations:
County officials should be required to maintain the following procedures to mitigate risk:
- Control access to the central tabulator through key logs and access cards
- Get rid of all modems and any wireless communications. The use of the digiboard modem bank attached to GEMS has got to stop.
- All corrective entries should be journaled and documented and publicly available, whether or not "they would change the outcome of the election."
- Maintain a list of everyone who enters the central tabulator room, with log in and out times and dates
- Any Diebold techs or county IT people who are allowed access the central tabulator room should be formally deputized or certified and sworn as election officials. Their names and credentials should be available to the public. The names of all individuals allowed access to central tabulators should be posted publicly during elections, and all individuals who have access the central tabulator should be available to citizens through public records requests.
READ MORE:
http://www.blackboxvoting.org/?q=node/view/75
### ENDS ###
Bev Harris is author of Black Box Voting: Ballot Tampering In The 21st Century … See http://www.blackboxvoting.org/


http://www.blackboxvoting.org
Read The Book…Support The Cause - Order Your Copy Today
For more background and live news links on this news subject see also Scoop's Special Feature – A Very American Coup


Next in Comment

Doctors Call For Vaccine Development In New Zealand
By: Ian Powell
Dunne Speaks: What Has Happened To Tolerance?
By: Peter Dunne
Inflation Fears, Bullshit Costs, And Inappropriate Policy
By: Keith Rankin
Climate Explained: Is New Zealand Losing Or Gaining Native Forests?
By: The Conversation
Sydney Mockdown: The Delta Variant Strikes
By: Binoy Kampmark
On Why The J&J; Vaccine Isn’t An Ideal Back-up Option, And Haiti
By: Gordon Campbell
View as: DESKTOP | MOBILE © Scoop Media