Scoop has an Ethical Paywall
Licence needed for work use Learn More
Top Scoops

Book Reviews | Gordon Campbell | Scoop News | Wellington Scoop | Community Scoop | Search

 

Backdoor Found In Diebold Vote Counting Program

Backdoor Found In Diebold Vote Counting Program


By Bev Harris
BlackBoxVoting.Org Consumer Report - Investigations
Click To Donate To BlackBoxVoting.Org's Investigations

CONTENTS:
- Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator contains a stunning security hole
- Consumer Report: Part 2 - Problems with GEMS Central Tabulator
- Consumer Report: Part 3 - More GEMS problems, and why current solutions / explanations won't work
- Consumer Reports: Part 4 - Solutions to GEMS central tabulator problem


NEWS LINKS:
For further coverage of this issue see…
Vote Tabulator Security Hole Exposed – Slashdot.Org
Voting machine has hole, it's claimed - The Inquirer

**********


http://www.blackboxvoting.org
Read The Book…Support The Cause - Order Your Copy Today
Advertisement - scroll to continue reading

**********

Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator contains a stunning security hole
Submitted by Bev Harris on Thu, 08/26/2004 - 11:43. Investigations

Issue: Manipulation technique found in the Diebold central tabulator -- 1,000 of these systems are in place, and they count up to two million votes at a time.

By entering a 2-digit code in a hidden location, a second set of votes is created. This set of votes can be changed, so that it no longer matches the correct votes. The voting system will then read the totals from the bogus vote set. It takes only seconds to change the votes, and to date not a single location in the U.S. has implemented security measures to fully mitigate the risks.

This program is not "stupidity" or sloppiness. It was designed and tested over a series of a dozen version adjustments.

READ MORE:
http://www.blackboxvoting.org/?q=node/view/78

**********

Consumer Report: Part 2 - Problems with GEMS Central Tabulator
Submitted by Bev Harris on Thu, 08/26/2004 - 11:38. Investigations

This problem appears to demonstrate intent to manipulate elections, and was installed in the program under the watch of a programmer who is a convicted embezzler.

According to election industry officials, the central tabulator is secure, because it is protected by passwords and audit logs. But it turns out that the GEMS passwords can easily be bypassed, and the audit logs can be altered and erased. Worse, the votes can be changed without anyone knowing, including the officials who run the election.

READ MORE:
http://www.blackboxvoting.org/?q=node/view/77

**********

Consumer Report: Part 3 - More GEMS problems, and why current solutions / explanations won't work
Submitted by Bev Harris on Thu, 08/26/2004 - 11:33. Investigations

But do new security measures solve the problem?

The MS Access database is not passworded and can be accessed illicitly through the back door simply by double-clicking the vote file. After we published this report, we observed unpassworded access on the very latest, GEMS 1.18.19 system in a county elections office.

Some locations removed the Microsoft Access software from their GEMS computer, leaving the back door intact but, essentially, removing the ability to easily view and edit the file.

However, you can easily edit the election, with or without Microsoft Access installed on the GEMS computer. As computer security expert Hugh Thompson demonstrated at the Aug. 18 California Secretary of State meeting, you simply open any text editor, like "Notepad," and type a six-line Visual Basic Script, and you own the election.

Some election officials claim that their GEMS central tabulator is not vulnerable to this back door, because they limit access to the GEMS tabulator room and they require a password to turn on the GEMS computer.

However...

READ MORE:
http://www.blackboxvoting.org/?q=node/view/76

**********

Consumer Reports: Part 4 - Solutions to GEMS central tabulator problem
Submitted by Bev Harris on Thu, 08/26/2004 - 11:29. Investigations

Recommendations:

County officials should be required to maintain the following procedures to mitigate risk:

- Control access to the central tabulator through key logs and access cards

- Get rid of all modems and any wireless communications. The use of the digiboard modem bank attached to GEMS has got to stop.

- All corrective entries should be journaled and documented and publicly available, whether or not "they would change the outcome of the election."

- Maintain a list of everyone who enters the central tabulator room, with log in and out times and dates

- Any Diebold techs or county IT people who are allowed access the central tabulator room should be formally deputized or certified and sworn as election officials. Their names and credentials should be available to the public. The names of all individuals allowed access to central tabulators should be posted publicly during elections, and all individuals who have access the central tabulator should be available to citizens through public records requests.

READ MORE:
http://www.blackboxvoting.org/?q=node/view/75

### ENDS ###

Bev Harris is author of Black Box Voting: Ballot Tampering In The 21st Century … See http://www.blackboxvoting.org/


http://www.blackboxvoting.org
Read The Book…Support The Cause - Order Your Copy Today

For more background and live news links on this news subject see also Scoop's Special Feature – A Very American Coup…

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Top Scoops Headlines

 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.