The Cellar - Easy Voting Fraud Machines

The Cellar (http://cellar.org/index.php)

- Politics (http://cellar.org/forumdisplay.php?f=5)

- - Easy Voting Fraud Machines (http://cellar.org/showthread.php?t=11752)

Well, I for one think that this is just another liberal plot to undermine this great country of ours. Look where the study was done. Princeton??? A hotbed of left wingers if there ever was one. First the liberals claim there were no WMD's, then they say Bin Laden is NOT in Iraq, then Dick Cheney shoots some idiot connected with Halliburten, etc., etc.

The entire problem is the left wing press with Fox as a prime example. Did you know that Fox even reported on hurricane Katrina? Its true. Muzzle the press and the voting machines will no longer be a problem. Simple. :right:

I don't see the readily available key is a big problem. Anyone trying to pull this off would have to have skills and resources that could surmount the lock problem without skipping a beat.

The big problem is DiBold, their junk and their political clout. :mad:

Quote:

Originally Posted by xoxoxoBruce

The big problem is DiBold, their junk and their political clout.

Some basic security means that the 'paper' (memory card update) must be irrevocable. The memory card is written to only by incrementing a counter. Its only write function must be one that increments the counter. Count cannot be modified and cannot be decremented. The 'paper' also must be serial numbered (internally and electronically) with an encrypted security function so that memory card cannot be swapped. The 'paper' (that memory card) is used just once and then becomes a permanent record of the vote. An 'increment counter once' and 'read many times' nonvolatile memory chip.

Any electronic voting machine that does not contain this essential and minimal security function is flawed - insufficient as a voting machine.

Numerous ways exist to modify and pervert voting records when using a standard non-volatile memory chip/card. Conventional memory is totally unacceptable for vote recording.

Second - the 'paper ballot' must be readable by a completely separate and secure method. Same function performed when using paper and eyes. You can see exactly what is on that 'paper ballot' just before it drops into the ballot box - the 'memory card'. Anything less means voter fraud.

Quote:

Originally Posted by xoxoxoBruce

The big problem is DiBold, their junk and their political clout.

Whatever do you mean? It's not as if the President of Diebold (who also isn't a Republican Pioneer) guaranteed a win in Ohio for Bush in 2004 or anything...:right:

Ding Ding Ding...we have a winner. ;)

The fact that Diebold makes ATM machines should scare the hell out of anybody reading this.

Quote:

Originally Posted by Jebediah

The fact that Diebold makes ATM machines should scare the hell out of anybody reading this.

Without telling too much, I know the technical design of Diebold ATM machines. It was a first indication that bad things might be found in their voting machines.

The mere fact that Diebold thought it fit to use Windows® on some machines told me they wouldn't be secure in the least.

I think its cute how anyone thinks that the Diebold machines were created to do anything except control the outcome of elections. From what I'm reading, these things were basically designed to *be* insecure and manipulable.

And more fuel for the fire. Or at least hopefully there will be a fire at some point.

Quote:

Georgia law mandates that any change made in voting machines be certified by the state. But thanks to Cox’s agreement with Diebold, the company was essentially allowed to certify itself. “It was an unauthorized patch, and they were trying to keep it secret from the state,” Hood told me. “We were told not to talk to county personnel about it. I received instructions directly from Urosevich. It was very unusual that a president of the company would give an order like that and be involved at that level.”
According to Hood, Diebold employees altered software in some 5,000 machines in DeKalb and Fulton counties – the state’s largest Democratic strongholds. To avoid detection, Hood and others on his team entered warehouses early in the morning. “We went in at 7:30 a.m. and were out by 11,” Hood says. “There was a universal key to unlock the machines, and it’s easy to get access. The machines in the warehouses were unlocked. We had control of everything. The state gave us the keys to the castle, so to speak, and they stayed out of our way.” Hood personally patched fifty-six machines and witnessed the patch being applied to more than 1,200 others.

To tell the truth, I'm not sure I'd trust a patch even if they hadn't applied it covertly. How is a state government going to verify a patch does what they say it does?

Quote:

Originally Posted by Elspode

Once I looked into the company and it's past, I never thought anything else, even before the machine came out.

Quote:

Originally Posted by Happy Monkey

And more fuel for the fire. Or at least hopefully there will be a fire at some point.To tell the truth, I'm not sure I'd trust a patch even if they hadn't applied it covertly. How is a state government going to verify a patch does what they say it does?

Well, wouldn't a patch to correct a software glitch be necessary for every one of the 19000 voting machines. I'm going with the assumption that all the machines in the state should be running the same software.

Why patch only 1200 machines.....or was he saying he witnessed 1200 machines being patched but the rest were patched without him witnessing it?:confused:

Quote:

Originally Posted by xoxoxoBruce

If not, still, every machine must have software (even if different) that is certified. From IEEE Spectrum of October 2004:

Quote:

Yet certifying equipment even to the 2002 standard is proving to be problematic, since it is voluntarily adopted by the states, and not all have signed on yet. Only three companies are authorized to perform the commission's examinations, which are paid for by the vendors - an arrangement that many critics say compromises the testing.

Even after a system is certified, election officials must strive to ensure that the system that voters use on Election Day is the same as the system that was tested. Yet federal guidelines don't require any kind of electronic or digital signature to track software from certification to installation (although HAVA commissioners have lately said this would be a good idea).

This security hole and many others were identified by experts several years ago, in comments on the earlier 2002 Federal Election Commission certification guidelines. ...

... IEEE Voting Equipment Standards primary working group (P1583), and an attempt was made to push a draft of the standard through the acceptance process.

This first P1583 draft omitted any mention of requirements pertaining to voter-verified paper audit trails. The draft also included what some say is a major security loophole: a blanket exemption for all commercial off-the-shelf components, including operating systems such as Windows or Unix and standard hardware modules such as modems and wireless transceivers. The 2002 Federal Election Commission's guidelines have the same exemption. "The 2002 FEC standard was our starting point," Deutsch notes. "So our first draft was built on that, and we thought major improvements were made."

Protests by IEEE members, academicians, and other concerned individuals led to the submission of more than 1000 specific comments, which have taken nearly a year to resolve. The IEEE new draft does cover the issue of voter-verified paper audit trails, though it does not require them.

Why worry who is changing the software. There is no verifiable paper trail or anything that is equivalent. If that was not bad enough, IEEE even noted how entry to buildings where voting machines are stored was easy - almost routine.

Furthermore is the response of technically naive to the problem.

Quote:

Knowledgeable advice had been offered and spurned. Information-security expert Jeremy Epstein gave Fairfax officials a three-page list of questions after he attended a pre-election training session. A letter from Margaret K. Luca, who was then electoral board secretary, said that she couldn't respond on the grounds that "release of that information could jeopardize the security of that voting equipment." Critics say that Epstein's experience is typical of the way in which the election community has shut out scientists and engineers and made it impossible to independently test electronic voting systems.

So how did Princeton researchers obtain a machine? Subterfuge? What kind of confirmation is that? Powers that be fear that indepentent analysis might learn electronic voting machine concepts - the secrets of Windows or Unix? Sounds too much like Saddam again has WMDs.

Quote:

Hearings were held after the primary elections, and on 20 April, California Secretary of State Kevin Shelley released a report charging that Diebold marketed, sold, and installed its AccuVote systems in Kern, San Diego, San Joaquin, and Solano counties prior to full testing, prior to federal qualification, and without complying with the state certification requirements. These and other discoveries were subsequently turned over to the California attorney general's office for possible criminal investigation against Diebold.

Ten days later, Shelley issued a controversial decertification notice, withdrawing approval for all direct-recording electronic voting systems in California, deeming them defective or unacceptable. Because of this, the state required nearly 16 000 AccuVote machines in the four counties involved to be recertified to comply with tighter security and auditability measures ...

Certifying software patches does not even begin to question these machine integrities.

Quote:

Originally Posted by xoxoxoBruce

Why patch only 1200 machines.....or was he saying he witnessed 1200 machines being patched but the rest were patched without him witnessing it?:confused:

He's not saying anything about the machines that he didn't witness, as far as I can tell. They may or may not have been patched.