Technology Liberation Front - Latest Comments in Diebold Blasts Felten Study

Re: Diebold Blasts Felten Study

Dale — Tue, 19 Sep 2006 01:20:53 -0000

I live in Canada and have been following the ongoing electronic voting debacle that is happening in the USA (no insult meant) and I have but one thing to say to our paper based voting system.

YEEEEEEEEAAAAAAAAAAAAHHHHHHHHHHHHHHHH!!!!!! :-)

Re: Diebold Blasts Felten Study

Guy Hathaway — Sat, 16 Sep 2006 10:25:35 -0000

I've sent this URL to everyone in my "Voters" list (all citizens of voting age in my address book, regardless of party affiliation), with my
strongest recommendation that they do the same.
You and a few others merit promulgation by all means, to all citizens.

This election is the big
one, I think. We can't let those who are trying to steal our election process continue to gnaw away at the only means we have to employ public servants who may actually represent those of us who vote for them.

Thank you for what you do.

Re: Diebold Blasts Felten Study

Bev Harris — Fri, 15 Sep 2006 18:37:47 -0000

I was particularly interested in their claim to physical security. Our organization, Black Box Voting, examined voting machines that had just been delivered for use in Utah. These were delivered in January 2006, and were for use in the 2006 elections.

There were only 8 screws, and none of them were secured in any way. There were no seals.

What was especially curious is that one of our researchers, Jim March, also had the opportunity to examine a TS machine of the same vintage that the Princeton guys had. He noted that in designing the case for the older version, some attention was paid to securing the case. One screw was behind a panel that required a key to get in. This indicates that Diebold understood, at least in a rudimentary fashion, that security of the case was important.

The newer model had LESS security. In fact, absolutely no security to prevent getting inside the case, which has all kinds of goodies.

As an added bonus, the newer Diebold model's locking doors over the memory card bays literally fall out when you open the case.

When a couple of us ol' ladies at Black Box Voting recently penetrated the optical scan machine's case and memory card, Diebold's response was to "scoff" at the idea that anyone would be dishonest enough to take four minutes and spend $12 on tools (allen wrench, phillips-head screwdriver, needle-nosed pliers) to actually open the case (and thereby gain the only access needed to own the election).

I guess Princton has one up on us -- Diebold criticizes their technique. All we get is "scoffs."

Real answers would be nice.

Under penalty of perjury.

Re: Diebold Blasts Felten Study

Ben Fulton — Fri, 15 Sep 2006 11:58:52 -0000

Are there any studies concerning the Microvote machines that are being foisted off on Indiana residents? The company is so much smaller than Diebold that I doubt it gets the same scrutiny, but it's important to some of us :)

Re: Diebold Blasts Felten Study

MikeT — Fri, 15 Sep 2006 11:01:29 -0000

Count me among those who is neither surprised, nor particularly concerned about the death of democracy in America. It's not like universal democracy has done a damn thing to make this country freer. I fail to see how a benevolent dictator could be any worse than the democratic totalitarianism we have today. The more that democracy has spread its influence, the more that our constitutional republic has waned and the more that every aspect of life has been politicized.

As long as death squads and other related unpleasantries don't come the average voter's way, they won't care about these security holes. You can explain it to them, but it'll just be a theoretical problem until the day comes that it affects them.

The simplest solution to the problem is to treat voter fraud for what it is: a coup d'etat accomplished quietly. I would suggest at least a decade in prison for simple voter fraud, life in prison for those who organize small fraud campaigns and the death penalty for conspiracy to commit widespread voter fraud, but that would offend the sensibilities of upperclass America, which can't countenance the thought of executing people for a "white collar crime."

Re: Diebold Blasts Felten Study

Gary McGath — Fri, 15 Sep 2006 09:17:20 -0000

My analysis is here:
http://mcgath.blogspot.com/2006/09/diebolds-vot...

The study specifically explains how a "virus" (not a true virus, actually) can be spread through the use of memory cards, without being networked. Diebold apparently doesn't even grasp the issue.

Encryption doesn't help if the voting software can be modified, since it can just call the subroutine that adds a vote and it will perform the necessary encryption.

The real hole in the system is that the machines can be subverted by inserting a card in a slot. The bootstrap loader itself can be replaced. It doesn't matter how many chains and bolts are on the box, under the circumstances.

Re: Diebold Blasts Felten Study

mmasnick — Fri, 15 Sep 2006 03:50:08 -0000

Nice work, Tim.

One small addition that may be worth mentioning in response to their "Electronic machines are secured with security tape and numbered security seals that would reveal any sign of tampering" claim.

If you read Avi Rubin's recent report on working as an election judge, you see he points out that the security tape is useless. In many cases its removed by staff for other reasons and it's nearly impossible for anyone to notice if it's been broken.

The whole thing is worth reading, but the key section would be this:

For example, I carefully studied the tamper tape that is used to guard the memory cards. In light of Hursti's report, the security of the memory cards is critical. Well, I am 100% convinced that if the tamper tape had been peeled off and put back on, nobody except a very well trained professional would notice it. The tamper tape has a tiny version of the word "void" appear inside it after it has been removed and replaced, but it is very subtle. In fact, a couple of times, due to issues we had with the machines, the chief judge removed the tamper tape and then put it back. One time, it was to reboot a machine that was hanging when a voter was trying to vote. I looked at the tamper tape that was replaced and couldn't tell the difference, and then it occurred to me that instead of rebooting, someone could mess with the memory card and replace the tape, and we wouldn't have noticed.

Again, Diebold's response to yet another security problem is sickening.