http://www.blackboxvoting.org/
BREAKING -- SUNDAY Nov. 7 2004: Freedom of Information requests at
http://www.blackboxvoting.org have unearthed two Ciber certification
reports indicating that security and tamperability was NOT TESTED and that
several state elections directors, a secretary of state, and computer
consultant Dr. Britain Williams signed off on the report anyway,
certifying it.
Black Box Voting has taken the position that fraud took place in the 2004
election through electronic voting machines. We base this on hard
evidence, documents obtained in public records requests, inside
information, and other data indicative of manipulation of electronic
voting systems. What we do not know is the specific scope of the fraud. We
are working now to compile the proof, based not on soft evidence -- red
flags, exit polls -- but core documents obtained by Black Box Voting in
the most massive Freedom of Information action in history.
---
SUNDAY Nov. 7 2004: We.re awaiting independent analysis on some pretty
crooked-looking elections. In the mean time, here.s something to chew on.
Your local elections officials trusted a group called NASED -- the
National Association of State Election Directors -- to certify that your
voting system is safe.
This trust was breached.
NASED certified the systems based on the recommendation of an .Independent
Testing Authority. (ITA).
What no one told local officials was that the ITA did not test for
security (and NASED didn.t seem to mind).
The ITA reports are considered so secret that even the California
Secretary of State.s office had trouble getting its hands on one. The ITA
refused to answer any questions about what it does. Imagine our surprise
when, due to Freedom of Information requests, a couple of them showed up
in our mailbox.
The most important test on the ITA report is called the .penetration
analysis.. This test is supposed to tell us whether anyone can break into
the system to tamper with the votes.
.Not applicable,. wrote Shawn Southworth, of Ciber Labs, the ITA that
tested the Diebold GEMS central tabulator software. .Did not test..
Shawn Southworth .tested. whether every candidate on the ballot has a
name. But we were shocked to find out that, when asked the most important
question -- about vulnerable entry points -- Southworth.s report says .not
reviewed..
Ciber .tested.whether the manual gives a description of the voting
system. But when asked to identify methods of attack (which we think the
American voter would consider pretty important), the top-secret report
says .not applicable..
Ciber .tested. whether ballots comply with local regulations, but when Bev
Harris asked Shawn Southworth what he thinks about Diebold tabulators
accepting large numbers of .minus. votes, he said he didn.t mention that
in his report because .the vendors don.t like him to put anything
negative. in his report. After all, he said, he is paid by the vendors.
Shawn Southworth didn.t do the penetration analysis, but check out what he
wrote:
.Ciber recommends to the NASED committee that GEMS software version
1.18.15 be certified and assigned NASED certification number
N03060011815..
Was this just a one-time oversight?
Nope. It appears to be more like a habit. Here is the same Ciber
certification section for VoteHere; as you can see, the critical security
test, the .penetration analysis. was again marked .not applicable. and was
not done.
Maybe another ITA did the penetration analysis?
Apparently not. We discovered an even more bizarre Wyle Laboratories
report. In it, the lab admits the Sequoia voting system has problems, but
says that since they were not corrected earlier, Sequoia could continue
with the same flaws. At one point the Wyle report omits its testing
altogether, hoping the vendor will do the test.
Computer Guys: Be your own ITA certifier.
Here is a copy of the full Ciber report (part 1, 2, 3, 4) on GEMS 1.18.15.
Here is a zip file download for the GEMS 1.18.15 program. Here is a real
live Diebold vote database. Compare your findings against the official
testing lab and see if you agree with what Ciber says. E-mail us your
findings.
TIPS: The password for the vote database is .password. and you should
place it in the .LocalDB. directory in the GEMS folder, which you.ll find
in .program files..
Who the heck is NASED?
They are the people who certified this stuff.
You.ve gotta ask yourself: Are they nuts? Some of them are computer
experts. Well, it seems that several of these people suddenly want to
retire, and the whole NASED voting systems board is becoming somewhat
defunct, but these are the people responsible for today's shoddy voting
systems.
If the security of the U.S. electoral system depends on you to certify a
voting system, and you get a report that plainly states that security was
.not tested. and .not applicable. -- what would you do?
Perhaps we should ask them. Go ahead. Let's hold them
