Diebold technical system info with an analogy to cooking

Below is a post on dailykos to one of my technical comments, knocks my socks off.

The thing is, the more I discover on the overall architecture, security and system issues in these systems, the more I am shocked.

I think any engineer with a BS from an accredited US university has to know this is outrageously bad design. So bad in fact, it's beyond incompetence.

Nader, the green party, Kerry should get some damn engineers on this case.

I mean it's on the level of let's say we all know how to bake chocolate chip cookies....so, the government hires this guy to bake
cookies in the US and the guy goes out and gets mud, and pebbles
and then mixes it with flour and baking soda, bakes them and asserts that these are cookies. I don't know how else to explain it in layman's terms...


http://www.dailykos.com/story/2004/11/10/1172/9052#126

One being the electronic voting machines, many of which are made by Diebold, but there are also other players.

The other being the GEMS central tabulation system made by Diebold. Or more accurately, made by a company that was started by convicted felons and sold to Diebold. GEMS is written on top of MS Access, contains a back door, and has a function for keeping an extra set of books. It also has audit logs that can be deleted AND renumbered with a simple script. As a former systems architect, it is ludicrous. This is where the real fraud can happen, out of sight. See http://www.blackboxvoting.org for more information on the GEMS system.

For the machines, there have been serious problems with the companies, notably Diebold, applying unverified patches on the machines before elections. It is all well and good to certify the code, but if you don't know which code is on the machine at the time of the vote, you don't know what it is programmed to do. The certified code can then be reinstalled after the election.

This is not a Windows vs. Whatever situation. Secure code is written in Windows all the time. This is an issue of bad, and possibly fradulent, code being installed in these systems.

and appreciate your explanation. We can go on and on about the stupid eVoting machines, but the GEMS Tabulator is like the mothership. States can have the best systems in the world and not be able to get an accurate vote if the collector for all the votes is crooked.

Maybe you can answer this question...someone on another blog I frequent thought there must be a telephone line or some such communication link for these GEMS-to-voting media data transfers. Couldn't we summon the phone records? I mean, at some point, someone's machine had to call someone else's machine, right?

The more I learn about Microsoft and its holes, the more I want to learn Linux.

I'm a member at dKos, but frankly, I have a hard time figuring out how to use that blog.

What is GEMS?
Whether you vote absentee, on touch-screens, or on paper ballots with optical scan machines, the vote tallies from each precinct are ultimately brought to the GEMS central tabulator at the county level. Each precinct sends in one number for each candidate, representing how many votes the candidate received from the voters in that precinct. GEMS totals these precinct vote tallies and creates a report of the vote tallies for the whole county.
http://www.wheresthepaper.org/BBV_GEMSreport.htm

==================================================================
it does appear that modems were used in 11/2004
http://www.tomflocco.com/modules.php?name=News&file=print&sid=101
=================================================================
Much of this was reported in 2003 in addition to evidence for the CA
lawsuit against Diebold. Software is released in revisions, so I do not know which revision the below analysis is referring to. but it's quite clear to me (and obviously many engineers and computer scientists too from all the technical blogs on the web about it)
that this system is like standing naked in Alaska during winter and expecting not to get sick, i.e. it's completely vunerable and even has a built in helper application for a hack! (2003 analysis)
==================================================================

PCMCIA slots in the tabulators (which means a potential access via another added on modem)

modem is used to access tabulator, but 2 way so tabulator can zap
out the county totals and reset them

talking about using cell phones to transmit votes (this is unbelievable, total interception possible)

if there is a differential in the votes it is "reconciled in the transmission" ...this is really horrific right here, vunerability

She's also saying in here analysis it appears the GEMS server is also connected to the Internet
http://www.topplebush.com/blackbox_voting/bbv_chapter-10.pdf

===================================================================

Unbelievable: open anonymous ftp access to GEMS
http://www.scoop.co.nz/mason/stories/HL0302/S00052.htm

Overview article with ftp addresses to examine code
http://bushout.blogspot.com/2004_11_01_bushout_archive.html

article talking about a 2 byte code (magic special number)
to unlock and change the vote tally
http://washingtondc.craigslist.org/pol/48151999.html
"Black Box Voting: Diebold GEMS central tabulator contains a stunning security hole. Manipulation technique found in the Diebold central tabulator -- 1,000 of these systems are in place, and they count up to two million votes at a time.By entering a 2-digit code in a hidden location, a second set of votes is created. This set of votes can be changed, so that it no longer matches the correct votes. The voting system will then read the totals from the bogus vote set. It takes only seconds to change the votes, and to date not a single location in the U.S. has implemented security measures to fully mitigate the risks."
explains why BBV is claiming outright fraud to me.

engineer's test results
http://www.equalccw.com/dieboldtestnotes.html

just to see if I could play around with it a bit (I'm no pc geek)but I was curious. Did you hear about a code within GEMS that was found in Max Cleland campaign that was blatently named "defeat Cleland" or something to that nature, I heard this on Randi Rhodes today.

had been certified and BEFORE the 2002 elections that was in a file called "rob-georgia." It turns out that there was a Rob who worked as a contractor for Diebold in Georgia and in fact at least one of the GA activists talked to him at length, as did Bev Harris.

I wanted to make sure I had the correct information, and btw I have been following your posts and I wanted to say THANK YOU for your efforts.

SPACE TO KERRY CAMPAIGN SPACE TO KERRY CAMPAIGN

Listen to more than your attorneys! Listen to all of your technical experts and if you don't have any...get some...real quick!

Thanks for the information and making me laugh. Just remember, Kerry's 17,000 lawyers are only there to assure us Reynolds Wrap Hat wearers that the election was fair.

You really clarified some issues for me.:yourock:

I would really be interested to find the technical root of the problem that caused machines to way over-count the Bush vote-which ultimately be came visible when some precincts turned in total vote counts far above the registered voters they had!