THE REAL SCOOP ON DIEBOLD
25th July, 2003 by Fintan Dunne,
On 24th July, 2003 an important story link to www.nytimes.com
broke. Johns Hopkins University researchers http://avirubin.com/vote.pdf found that electronic voting machines are full of security flaws which can allow fraudulent election results. A scandal indeed.
But like many reported 'scandals' this is a pseudo-investigation. In truth, the news was two weeks old. Alternative media site Scoop.co.nz first broke the unabridged full story http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm
, by Bev Harris --back in early July, 2003.
The Johns Hopkins team only decided to commence their investigation precisely when the Scoop story hit the Internet. Now, in double-quick time they are in print in the New York Times (followed by Yahoo News and MSNBC) with what the NYT called "the first review of the software by recognized computer security experts." Author of the Scoop articles, Bev Harris, although a world leader in this field, is sadly unrecognized --by the NYT at least. So the NYT coyly ignores the explosive content of her prior Scoop story.
Why? Note this remark by Aviel Rubin, of Johns Hopkins University, who led the team which examined Diebold software used in voting machines across the USA. When asked to comment on allegations by Bev Harris that the Diebold software may have been designed to facilitate fraud, Rubin described the claim as "ludicrous."
Rubin could dismiss the allegation of deliberately fraudulent design in Diebold software, because his team never examined the Diebold software in question. They only looked at security flaws in the touchscreen terminals and smart cards used by voters. It's true, these are deeply flawed, but not criminally flawed.
The jaw-dropping revelations in the Scoop story did not relate to the touchscreens, but the Diebold software running on the servers http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm which collate the results from many individual touchscreens. It is here that the smoking gun was found.
Incredibly, this software keeps not one, but two Microsoft Access data tables of voting results http://www.blackboxvoting.org/access-diebold.htm#votes It's like a business keeping two sets of account books. The two tables are notionally identical copies of the votes collated from all polling stations. The software uses the first table for on-demand reports which might uncover alteration of the data --such as spot checks of results from individual polling stations.
And here's where it got scary. The second of the two tables is the one used to determine the election result. But the second table can be hacked and altered to produce fake election totals without affecting spot check reports derived from the first table. These will still check out.
The election officials using menu-driven Diebold software are never aware there are two underlying data tables.
Finally, alterations to the second table can be accomplished by dialing into the Diebold server across the Internet through a maintenance port. Whew!
Is this software designed with criminal intent? Consider this: If the IRS called to a business and found two sets of books -one used for IRS spot checks and a second, alterable set used to make IRS returns, do you think they might be a little bit annoyed?
Yet even though the Johns Hopkins team sourced their data from Scoop and surely knew of the full implications of Bev Harris's discoveries, by only looking at touchscreen stations in their investigation, they can with straight faces dismiss the deliberate intent allegations as "ludicrous."
The real Diebold story may have been so hot, that some in US media and academia have co-opted the controversy and have masked it's full scope. It's not the first time this tactic has been used. For the straight dope on Diebold, go to the people who got the scoop!