Re: Backdoor found in Diebold Voting Tabulators

2004-08-31 Thread John Young 
No problem accessing blackbox.org and Parts 1 and 2 of 
the file at 5:15 PM EST.

Perhaps there are blocks on some incoming routes.

Re: Backdoor found in Diebold Voting Tabulators

2004-08-31 Thread Major Variola (ret) 
http://www.blackboxvoting.org/?q=node/view/77 is up

Seems its due to an intentional, insider job, and not just as
an "engineering backdoor" (c) Cisco

Consumer Report: Part 2 - Problems with GEMS Central Tabulator

Submitted by Bev Harris on Thu,
08/26/2004 - 11:38. Investigations
This problem appears to demonstrate
intent to manipulate elections, and
was installed in the program under the
watch of a programmer who is a
convicted embezzler.

According to election industry
officials, the central tabulator is
secure, because it is protected by
passwords and audit logs. But it turns
out that the GEMS passwords can easily
be bypassed, and the audit logs can be
altered and erased. Worse, the votes
can be changed without anyone knowing,
including the officials who run the
election.

Multiple sets of books

(Click "read more" for the rest of
this section)

The GEMS program runs on a Microsoft
Access database. It typically recieves
incoming votes by modem, though some
counties follow better security by
disconnecting modems and bringing
votes in physically.

GEMS stores the votes in a vote
ledger, built in Microsoft Access. Any
properly designed accounting program
will allow only one set of books. You
can't enter your expense report in
three different places. All data must
be drawn from the same place, and
multiple versions are never
acceptable. But in the files we
examined, we found that the GEMS
system contained three sets of
"books."

The elections official never sees the
different sets of books. All she sees
is the reports she can run: Election
summary (totals, county wide) or a
"Statement of Votes Cast" (totals for
each precinct). She has no way of
knowing that her GEMS system uses a
different set of data for the detail
report (used to spot check) than it
does for the election totals. The
Access database, which contains the
hidden set of votes, can't be seen
unless you know how to get in the back
door -- which takes only seconds.

Ask an accountant: It is never
appropriate to have two sets of books
inside accounting software. It is
possible to do computer programming to
create two sets of books, but dual
sets of books are prohibited in
accounting, for this simple reason:
Two sets of books can easily allow
fraud to go undetected. Especially if
the two sets are hidden from the user.

A hidden trigger The data tables in
accounting software automatically link
up to each other to prevent illicit
back door entries. In GEMS, however,
by typing a two-digit code into a
hidden location, you can decouple the
books, so that the voting system will
draw information from a combination of
the real votes and a set of fake
votes, which you can alter any way you

Re: Backdoor found in Diebold Voting Tabulators

2004-08-31 Thread Sunder 
A-Yup:

"We're sorry, the server is currently experiencing load issues. We 
apologize for the inconvenience. Please try again later."

Got the above off this blog:

http://www.boingboing.net/2004/08/31/diebold_voting_machi.html

related links:

http://www.technorati.com/cosmos/search.html?rank=&sub=mtcosmos&url=http://www.boingboing.net/2004/08/31/diebold_voting_machi.html



Here's the text of part 1:

Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator 
contains a stunning security hole
Submitted by Bev Harris on Thu, 08/26/2004 - 11:43. Investigations
Issue: Manipulation technique found in the Diebold central tabulator -- 
1,000 of these systems are in place, and they count up to two million 
votes at a time.

By entering a 2-digit code in a hidden location, a second set of votes is 
created. This set of votes can be changed, so that it no longer matches 
the correct votes. The voting system will then read the totals from the 
bogus vote set. It takes only seconds to change the votes, and to date not 
a single location in the U.S. has implemented security measures to fully 
mitigate the risks.

This program is not "stupidity" or sloppiness. It was designed and tested 
over a series of a dozen version adjustments.

Public officials: If you are in a county that uses GEMS 1.18.18, GEMS 
1.18.19, or GEMS 1.18.23, your secretary or state may not have told you 
about this. You're the one who'll be blamed if your election is tampered 
with. Find out for yourself if you have this problem: Black Box Voting 
will be happy to walk you through a diagnostic procedure over the phone. 
E-mail Bev Harris or Andy Stephenson to set up a time to do this.

For the media: Harris and Stephenson will be in New York City on Aug. 30, 
31, Sep.1, to demonstrate this built-in election tampering technique.

Members of congress and Washington correspondents: Harris and Stephenson 
will be in Washington D.C. on Sept. 22 to demonstrate this problem for 
you.

Whether you vote absentee, on touch-screens, or on paper ballot (fill in 
the bubble) optical scan machines, all votes are ultimately brought to the 
"mother ship," the central tabulator at the county which adds them all up 
and creates the results report.

These systems are used in over 30 states and each counts up to two million 
votes at once.

(Click "read more" for the rest of this section)

The central tabulator is far more vulnerable than the touch screen 
terminals. Think about it: If you were going to tamper with an election, 
would you rather tamper with 4,500 individual voting machines, or with 
just one machine, the central tabulator which receives votes from all the 
machines? Of course, the central tabulator is the most desirable target.

Findings: The GEMS central tabulator program is incorrectly designed and 
highly vulnerable to fraud. Election results can be changed in a matter of 
seconds. Part of the program we examined appears to be designed with 
election tampering in mind. We have also learned that election officials 
maintain inadequate controls over access to the central tabulator. We need 
to beef up procedures to mitigate risks.

Much of this information, originally published on July 8, 2003, has since 
been corroborated by formal studies (RABA) and by Diebold's own internal 
memos written by its programmers.

Not a single location has yet implemented the security measures needed to 
mitigate the risk. Yet, it is not too late. We need to tackle this one, 
folks, roll up our sleeves, and implement corrective measures.

In Nov. 2003, Black Box Voting founder Bev Harris, and director Jim March, 
filed a Qui Tam lawsuit in California citing fraudulent claims by Diebold, 
seeking restitution for the taxpayer. Diebold claimed its voting system 
was secure. It is, in fact, highly vulnerable to and appears to be 
designed for fraud.

The California Attorney General was made aware of this problem nearly a 
year ago. Harris and Black Box Voting Associate Director Andy Stephenson 
visited the Washington Attorney General's office in Feb. 2004 to inform 
them of the problem. Yet, nothing has been done to inform election 
officials who are using the system, nor have appropriate security 
safeguards been implemented. In fact, Gov. Arnold Swarzenegger recently 
froze the funds, allocated by Secretary of State Kevin Shelley, which 
would have paid for increased scrutiny of the voting system in California.

On April 21, 2004, Harris appeared before the California Voting Systems 
Panel, and presented the smoking gun document showing that Diebold had not 
corrected the GEMS flaws, even though it had updated and upgraded the GEMS 
program.

On Aug. 8, 2004, Harris demonstrated to Howard Dean how easy it is to 
change votes in GEMS, on CNBC TV.

On Aug. 11, 2004, Jim March formally requested that the Calfornia Voting 
Systems Panel watch the demonstration of the double set of books in GEMS. 
They were already convened, and the time for Harris was alre

Re: Backdoor found in Diebold Voting Tabulators

2004-08-31 Thread sfurlong 
Quoting Eric Murray <[EMAIL PROTECTED]>:

> On Tue, Aug 31, 2004 at 11:30:35AM -0400, Sunder wrote:
> > Oops! Is that a cat exiting the bag?
> > 
> > 
> > http://www.blackboxvoting.org/?q=node/view/78
> 
> 
> Apparently so.  Going to www.blackboxvoting.org now just gives:

Don't break out the tinfoil hats yet. Maybe they exceeded their
bandwidth because that link was spread around.

Re: Backdoor found in Diebold Voting Tabulators

2004-08-31 Thread Eric Murray 
On Tue, Aug 31, 2004 at 11:30:35AM -0400, Sunder wrote:
> Oops! Is that a cat exiting the bag?
> 
> 
> http://www.blackboxvoting.org/?q=node/view/78


Apparently so.  Going to www.blackboxvoting.org now just gives:

This Account Has Been Suspended
Please contact the billing/support department as soon as possible.


Interestingly, while the whois info is gone, the DNS records are 
still around:

% dig blackboxvoting.org any

; <<>> DiG 8.3 <<>> blackboxvoting.org any 
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 3
;; QUERY SECTION:
;;  blackboxvoting.org, type = ANY, class = IN

;; ANSWER SECTION:
blackboxvoting.org. 4H IN A 69.73.175.26
blackboxvoting.org. 4H IN NSns4.nocdirect.com.
blackboxvoting.org. 4H IN NSns2.nocdirect.com.
blackboxvoting.org. 4H IN NSns3.nocdirect.com.
blackboxvoting.org. 4H IN SOA   ns3.nocdirect.com. admin.nocdirect.com. (
2004081101  ; serial
4H  ; refresh
2H  ; retry
5w6d16h ; expiry
1D ); minimum

blackboxvoting.org. 4H IN MX0 blackboxvoting.org.