portland independent media center  
images audio video
newswire article commentary united states

election fraud

Security flaws in Diebold Software, and sudden Republican election winners

"A quiet revolution is taking place in US politics. By the time it's over, the integrity of elections will be in the unchallenged, unscrutinised control of a few large and pro-Republican corporations."
Something very odd happened in the mid-term elections in Georgia last November. On the eve of the vote, opinion polls showed Roy Barnes, the incumbent Democratic governor, leading by between nine and 11 points. In a somewhat closer, keenly watched Senate race, polls indicated that Max Cleland, the popular Democrat up for re-election, was ahead by two to five points against his Republican challenger, Saxby Chambliss.

Those figures were more or less what political experts would have expected in state with a long tradition of electing Democrats to statewide office. But then the results came in, and all of Georgia appeared to have been turned upside down. Barnes lost the governorship to the Republican, Sonny Perdue, 46 per cent to 51 per cent, a swing of as much as 16 percentage points from the last opinion polls. Cleland lost to Chambliss 46 per cent to 53, a last-minute swing of 9 to 12 points.

Shortly after the election, a Diebold technician called Rob Behler came forward and reported that, when the machines were about to be shipped to Georgia polling stations in the summer of 2002, they performed so erratically that their software had to be amended with a last-minute "patch". Instead of being transmitted via disk a potentially time-consuming process, especially since its author was in Canada, not Georgia the patch was posted, along with the entire election software package, on an open-access FTP, or file transfer protocol site, on the internet.

That, according to computer experts, was a violation of the most basic of security precautions, opening all sorts of possibilities for the introduction of rogue or malicious code. At the same time, however, it gave campaigners a golden opportunity to circumvent Diebold's own secrecy demands and see exactly how the system worked. Roxanne Jekot, a computer programmer with 20 years' experience, and an occasional teacher at Lanier Technical College northeast of Atlanta, did a line-by-line review and found "enough to stand your hair on end".

"There were security holes all over it," she says, "from the most basic display of the ballot on the screen all the way through the operating system." Although the programme was designed to be run on the Windows 2000 NT operating system, which has numerous safeguards to keep out intruders, Ms Jekot found it worked just fine on the much less secure Windows 98; the 2000 NT security features were, as she put it, "nullified".

Also embedded in the software were the comments of the programmers working on it. One described what he and his colleagues had just done as "a gross hack". Elsewhere was the remark: "This doesn't really work." "Not a confidence builder, would you say?" Ms Jekot says. "They were operating in panic mode, cobbling together something that would work for the moment, knowing that at some point they would have to go back to figure out how to make it work more permanently." She found some of the code downright suspect for example, an overtly meaningless instruction to divide the number of write-in votes by 1. "From a logical standpoint there is absolutely no reason to do that," she says. "It raises an immediate red flag."

Mostly, though, she was struck by the shoddiness of much of the programming. "I really expected to have some difficulty reviewing the source code because it would be at a higher level than I am accustomed to," she says. "In fact, a lot of this stuff looked like the homework my first-year students might have turned in." Diebold had no specific comment on Ms Jekot's interpretations, offering only a blanket caution about the complexity of election systems "often not well understood by individuals with little real-world experience".

But Ms Jekot was not the only one to examine the Diebold software and find it lacking. In July, a group of researchers from the Information Security Institute at Johns Hopkins University in Baltimore discovered what they called "stunning flaws". These included putting the password in the source code, a basic security no-no; manipulating the voter smart-card function so one person could cast more than one vote; and other loopholes that could theoretically allow voters' ballot choices to be altered without their knowledge, either on the spot or by remote access.

The full article is found here
... 05.Nov.2003 09:37

this thing here

what happens when you hand over or entrust something really important to you to someone who doesn't care? hmm? what happens?

we're losing our rights because we don't care that we have them. because we give them away as if they were so much expendable junk. inalienable? no, expendable. might as well rewrite the consitution.

we take a sacred public right and entrust it to a private, secret system that has no oversight, and expect that everything will majically turn out just fine. as much as i get angry that our right could be a victim of fraudsters, as much as it get angry at the fraudsters, i'm beginning to get just as angry at those people who gladly and idiotically and naively handed away our right, as if it was some sacrificial offerring, to become the victim that it has become. what the hell were they thinking. what the hell are we doing LETTING them do it. what, are we helpless babies? what, we don't know anything about voting and politics, so better to just sit on our hands? then aren't we just getting what we deserve? i cannot understand the blase, utterly asleep at the wheel attitudes that would allow this to happen.

"i brought my child over to this daycare place. i asked to see their resumes and references and certificates and stuff, but they said how they do business is a proprietary secret . anyways, i completely trust them with my child." this kind of thinking is mystery to me...

and i really hope it isn't surprising to people out there that a lot of powerful, conniving people in this country KNOW that we don't care, and they KNOW that because we don't give a shit, they can take advantage of us. and get away with it.

!!! 05.Nov.2003 09:52

mr. bob

What happens when you get ripped off enough times? You fight back. When the public at large has gotten rippped off enough times, and enough public exposure of the rip-off has occurred

 http://www.cnn.com/2003/ALLPOLITICS/10/30/elec04.election.worries/index.html ... this isn't nearly enough coverage but is a damn good start

..and legislators start using proactive means like something beyond HR 2239:

 http://www.verifiedvoting.org/fair_elections.asp ... but it's an awesome start

..then you're witnessing CHANGE. People who vote do give shit. I'll wager one or both gubernatorial elections in Kentucky and Mississippi were rigged by Diebold/ES&S/Sequoia machines, Local Area Networks or VNS/League of Women Voters-type saboteurs. Read Victoria Collier's bit at votescam.com.

If every vote counts, then COUNT EVERY VOTE.

Maybe... 05.Nov.2003 10:47

gus specialagentbeavertonhonda@earthlink.net

But how is the "public at large" supposed to know they're getting ripped off if the scam itself is overwhelmingly portrayed as nothing out of the ordinary by the media at large?