Hacker tells NC lawmakers he only trusts paper ballots

Hacker tells lawmakers he only trusts paper ballots

1/7/2005 4:16 PM
By: Associated Press

(RALEIGH) - A computer expert speaking to a legislative panel on Friday said he wouldn't trust a voting system that relies on computers.

Chuck Herrin spoke to a legislative panel trying to sort through the problems that plagued North Carolina in the November elections.

Calling himself a "certified ethical hacker," Herrin said he would never trust systems with computers because he breaks into them for a living. He says he only trusts paper ballots.

The legislative panel on electronic voting systems wants to give recommendations to the General Assembly when it convenes later this month. Interest in the panel grew after a touch-screen voting machine error caused 4400 votes to disappear in Carteret County.

The missing votes, which couldn't be recovered, threw the close agriculture commissioner's race into doubt. The State Board of Elections ordered a new statewide election, but that's being appealed.

http://rdu.news14.com/content/headlines/Default.asp?ArID=61839&SecID=2

...is the most compelling.

Two IT experts I know became physically ill voting touch screen on Nov. 2.

3 (1 Dem., 1 Rep., and 1 judge), minimum, at each polling place. When they agree on the vote count, sign and seal the ballots and take that count to the county level. County level then totals all those numbers and concurs...move to state. No outside corporations doing the counting!

You don't need some hacker telling you this; anyone with limited compute knowledge could tell you this. What amazes me is even after knowing this they didn't leave a paper trail.

educated. This is something I have learned working on this whole issue. There are those who know who are corrupt and use it to manipulate. There are those who know who have tried desperately to remedy the situation and have been blocked at every turn, and there are many who are simply clueless. We must educate them and this is what Herron is doing.

...probably never touch a keyboard.

You're right, they must be educated, starting with "Carefully remove the monitor from the box..."

asked about election reform, Smith said this election was much better than 2000 and HAVE has helped a lot. Wyden talked about the need for paper trails. Wyden is a good guy..he stood up Jan. 6.Part of the problem is that we have a good system in OR but they ALL have to be educated. THe Dean People in NJ talked about this also; the appalling level of ignorance about e-voting.

For the rest of Chuck Herrin's statement to the NC legislature, go to:

http://www.chuckherrin.com/paperballots.htm

Raleigh, NC 12/12/2004
My name is Chuck Herrin, and I'm going to start with something that you might not want to hear. --snip--
I've been following the electronic voting issue for a while now. I had been telling people for a long time that electronic voting was a bad idea, but as usual, no one really listened. --snip--

I am as big a computer geek as they come, and I hold multiple high-level industry certifications in the areas of networking, engineering, auditing, and security, and I am here today with one message. I want paper ballots.

There is no reason for computers to be involved in our electoral process. They have not solved any problems, but only created new ones. This is not surprising news to anyone involved in the tech industry, nor is it a surprise for criminals. --snip--

Before we started using computers, it was unthinkable that you wouldn't have a piece of paper that could be used in the event of a recount- now, when there's a request for a recount, all we hear about is bitching because somebody has to hook a printer up to the machine! And do you know what you get when you recount inaccurate results? A paper copy of inaccurate results.

Have we lost our frickin' minds? We don't even have paper receipts, much less ballots! And it's not just the touchscreens - that's something else that a lot of people are missing. You have to take a step one level back in the tabulation process to the computers that actually do the tallying. That's where votes from touchscreens, as well as optically scanned AND absentee ballots come together to be counted. Don;t get me wrong - these touchscreens suck- but the problem is bigger than just that. Lemme tell you about just one of these systems. It's the General Election Management Software, or GEMS, made by Diebold. You know Diebold, the folks who hired felons, the ones that make ATMs but say they can't put printers on voting machines?

These GEMS machines run on that most "secure" and stable operating system- Microsoft Windows. Mostly Windows 2000. GEMS is designed to work with Office - it says so on Diebold's site. These machines are connected by modem pools, network connections, or the Internet, and they receive the vote data from the reporting precincts, where it is then "counted". If you would like to see the security of this software, I'd like for you to go to www.chuckherrin.com/hackthevote. I will walk you through how easy it is to change tens of thousands of votes, then show you the time stamped reports and audit logs to prove that it doesn't leave a trace. It's so easy, it's not even really hacking.

Anyone who has used MS Office has done this before. It's incredible, and Diebold and elections officials have known about it for years. Internet memos reveal that being able to change votes in the backend databases "have gotten people out of a bind," and Gaston County, NC and King County WA are specifically mentioned as having done it in the past. This is known criminal activity, that has gone without action, for years. In my first demo of changing votes in a fictional election, I was able to change 11,963 votes in a couple of minutes, and in my second, called speed-hacking the vote, I changes over 1.6 Million votes in 6 minutes, while generating 3 timestamped "official" reports and audit logs showing no trace of wrongdoing. Computers made this possible. Computers enable criminals and those with evil intent to do more than ever before. Before we started using computers, you couldn't hack paper ballots at a distance. Well, now you can. (more)

I've heard Chuck speak twice. Most recently last week when he spoke to NC Elections Group and walked them through how to "Hack the Vote" with his laptop.

He is fantastic...and you can understand what he says, too. Chuck should be invited to speak to all Elections Commissions around the country or someone should film him and send the video to the Congress and the Elections Comissions.

His website is an excellent way to get the word out...though.

I've been following Chuck Herrin since he came out with all of this, quite a while back. He's spot on with his discussions of the potential/probability of election machine hacking.

You're right...we need to get him and Conyers together for some hearings. We need to let the Kerry team know about him, too, so they can invite him for Senate hearings.

And we need to get this rolling NOW, so that the meme is commonplace well in advance of the 2006 mid-term elections.

:kick::kick::kick:

I was thinking along these lines. Herrin seems to have a LOT to say on this subject, and he can get it across for non-geeks such as moi, and 99% of our legislators--or as my brother the geek (joking) calls us...you...you "users!" (That's his nicest term). Obviously there is a lotta geek pride in the computer industry. But Herrin is willing and capable of getting down to the level that's needed to communicate the specifics to legislators. How ironic that he goes all the way and advocates PAPER ballots!?! heresy.....

I see it two ways.
Either the government doesn't care about having a secure
election or they don't want to have a secure election.

Granted everyone is not a computer expert I still
think they are were aware of the dangers to running an
electronic election on simple computers.

I remembered seeing an interview maybe mid or early 2004
where an IT security specialized warning of the dangers
and said the systems were not ready as of yet. I think
he was with MIT or some another university.

Something is fishy here. Unless someone had an advantage
by leaving the systems so insecure I don't see why they'd
been OK leaving it this way. Simple computers running
windows unsecured by any security measures connected
to the Internet! In the black box voting video the
election count was stored in an excel file. Which
would Very easily be changed once your in the system.
I'm not very familiar with how Microsoft Access stores
data by I assume its in a standard unencrypted file.

The odds are in favor of a break-in. Scary.

A link to his website was posted here shortly after the election. For me, it "sealed the deal" on election fraud, since he showed, step-by-step, how to hack the vote.

I lived in NC in 2000, and had to vote on a touchscreen machine. I thought, "well, isn't this amazing?" Now, I won't touch one with a 10-foot pole. (and they aren't using them in WI).

It's entirely possible to stuff ballot boxes with paper ballots: election fraud is far older than electronic voting.

Electronic systems in principle can actually be more secure: anybody can stick papers into a box, but tampering with an electronic record requires access to the computer system. Most current electronic voting systems make that access much too easy, but it is in principle possible to build an electronic system much more secure than paper ballots.

I was on their website earlier and they have a plan of action laid out for election reform that includes a paper trail for electronic machines.

I still think we need to get rid of the machines altogether! I don't trust them as far as I can throw them (and since I probably can't even pick one up to throw it, that should tell you something about my trust level).


Link to news article about PDA election reform proposal:

http://www.commondreams.org/news2005/0111-03.htm

I was able to listen to the audio feed of part of the committee meeting and his talk was very good. :kick:

...and is an expert on hacking, let's promote him like hell to anyone in the media who might care about this topic.

;)

I watched him speak in Raleigh at the 51 Capitols March in December. He's got a very compelling message, and has a charismatic and confident speaking manner. I'm a software engineer with a fair amount of experience in the field, and I'll absolutely vouch for his comprehensive knowledge of the technical issues involved. It was inspiring to hear a real Republican with the integrity to speak out on election fraud and make it into the non-partisan issue that it really should be. His support helps to inoculate the movement against the "crazy x-files fringe" slurs. He's the kind of guy who is needed to buck up the moderate Republicans and get them to start standing up to the right-wing megalomaniacs in charge.