Reposted from:
http://www.democraticunderground.com/discuss/duboard.php?az=show_mesg&forum=203&topic_id=402426&mesg_id=402426CEPN's CA Diebold Hearing Report (11/21/05)
CALIFORNIA ELECTION PROTECTION NETWORK
A non-partisan organization of over 25 groups across California
coming together to achieve their mutual election integrity goals
Diebold in CA: Machinations Behind Closed Doors
November 21, 2005.
Sacramento. Today was an exhilarating day in Sacramento. Deja vu of the last Diebold hearing, this new attempt to certify Diebold wares once again raised the near-unanimous ire of concerned citizens. The passion and dedication of the people attending was palpable. To witness more than 125 citizens, journeying great distances--on short notice and on a short holiday week--who all came together to defend the integrity of our democratic processes, was to witness the real "Patriot Act."
Without the dedication and vigilance of these activists, other concerned citizens would never have known that behind closed doors, the machinery of the Secretary of State’s office was in high gear ready to certify Diebold.
Testing Diebold
Diebold suffered some setbacks earlier this year trying to meet the new state requirement for a voter verified paper audit trail. In its initial test this summer, the AccuView printer attachment to the TSx model touch screen voting machine had a staggering 30% performance failure rate. Diebold made adjustments, resubmitted, and reportedly passed a second test in September, clearing the way for rectifying the Tsp machines in four counties where they've been suspended since spring 2004.
Test Results: Passing With a Weak Thumb’s Up
California's official voting equipment certification tester, Steve Freeman, issued a slightly qualified "thumbs up" for Diebold. Freeman applied his stamp of approval despite the fact that he did not run tests on the specific security holes revealed by computer security experts Avi Rubin, Herbert Thompson and Harry Hursti, which Blackboxvoting.org later applied in demonstrations of undetected vote-switching conducted under simulated election conditions. As one election official (who asked not to be identified) said of the State’s passing grade on the testing results, “Isn’t it like examining a patient for small pox and proudly announcing that their teeth are clean?”
Aces Up Sleeves?
Jim March of Blackboxvoting.org provided the most riveting and colorful overview of the various new ways recording and tabulation can be hacked on Diebold equipment. His gift for explaining technical intricacies kept the audience on the edge of their seats. After detailing uncorrected software and hardware defects in Diebold voting systems that remain standing invitations to vote fraud, March noted Diebold continued refusal to release its source code for testing, or to identify the authors responsible March concluded his remarks with this advice to public officials promoting the use of Diebold voting machines, "If you don't want to be accused of cheating at cards, don't let aces fall out of your sleeves at every step."
The Seven Reason NOT to Certify Diebold
Numerous members of the California Election Protection Network (CEPN) delivered spoken testimony. The CEPN also entered into the record their press advisory titled “Seven Reason NOT to Certify Diebold.” .
SB370: Cart Before the Horse
Michelle Gabriel of the Voting Rights Task Force and CEPN, raised an excellent point about the recent passage of SB370. (SB370 will allow voters to read their hard earned and soon to be required accessible voter verified paper trail upon the event an audit.) Yet to satisfy the impending SB370 Gabriel something to the effect of, No one has yet bothered to test under real life conditions, whether its practical, or even possible to do an audit using Diebold's AccuView printer and its roller-fed, thermal-paper tape. Let’s test this equipment for all its required tasks BEFORE certifying it, because the Secretary of State’s Office has NO right to risk the security of our next election with untested election machines.
Diebold Groups Surprising About-Face
In a surprise about-face, all of the disabled groups represented at Monday's hearing went on record against certifying the Diebold equipment, stating that it simply does not meet their specific needs. Over the past two years many disabled groups have lobbied and litigated forcefully for the adoption of Diebold-type voting systems. There has been much speculation about the motives behind such pro-Diebold efforts, considering that the Diebold campaigning began AFTER Diebold made a six-figure contribution to the largest national association of the blind.
Disabled Groups & HAVA
The reversal by disability groups at Monday's hearing is very significant, because the most forceful influence driving county elections officials to the purchase of DRE (touch screen) voting machines like the Diebold TsX has been the threat of lawsuits brought by the disabled against election officials resisting the switch to DRE voting systems. There is a pervasive misconception, actively promoted by DRE vendors and supporters, that the Help America Vote Act (HAVA) requires touch screen (DRE) voting systems as the only suitable means to address disabled voting needs. HAVA merely requires that voting systems enable disabled persons to vote independently, and there are non-computerized voting solutions that meet this condition.
http://www.votersunite.org/info/accessibility.asp > Further, last year a federal court decision clearly stated that the rights of the disabled cannot come at the expense of the majority of voters. < See
http://evotingcase.notlong.com >
HAVA: “Use it or Lose it”
The major threat driving voting system purchasing decisions has been the HAVA funds’ “Use it or Lose it” deadline, set for the stroke of midnight at the end of this year. County elections officials who have found the voting equipment options offered them unacceptable, given the confusion about which federal standards may eventually be required, wish to avoid hasty purchases they may later regret. Many would prefer to forego the one-time federal funding bonanza and wait for better voting systems to be developed under clear federal standards.
HAVA & DOJ Enforcement
But now a new pressure is being applied to force purchase decisions for DRE equipment. At the time of last summer’s second Carter-Baker Commission, which addressed the public's eroding confidence in our voting systems, the U.S. Department of Justice issued a statement announcing that state election departments that failed to make arrangements for equipment upgrades effective by Jan. 1, 2006 would be visited by Department of Justice (DOJ) investigators. Marin County election official Madelyn DeJusto recently said, “And when you get a visit from them they don’t go away.”
Hold on HAVA
Megan Matson of Mainstreet Moms Operation Blue (MOB) <
http://www.themmob.com > eloquently presented her organization’s idea for a “Hold on HAVA” campaign, in solidarity with the National Alliance of County Officials (NACO). This national elections official organization seeks to extend the HAVA deadline for two years. In a recent impassioned plea to members of Congress, NACO explained that they have no “crystal ball” to see what equipment will be certified. Further, the Election Assistance Commission--the four-person panel charged with supervising the enactment of HAVA--is months behind its own deadlines for setting these standards.
The “No Hearing Hearing”
Much has already been written about the peculiar nature of today's certification hearing
http://tinyurl.com/c6g4v > The hastily assembled delegation of Election Division officials before whom the citizens spoke on Monday has no decision-making role. Those officers do not even have an advisory role in this certification decision. Under former Secretary of State Kevin Shelley, there had been a Voting Systems and Procedures Panel expressly charged with advising the Secretary of State. No longer. Those sitting in chairs on stage Monday were props in a show of minimal compliance with the certification procedure's hearing requirement. Our good citizens who pleaded for election integrity can only hope that perhaps Secretary McPherson or someone he designates may possibly read and consider any of their remarks before issuing a decision on Diebold certification. California Sen. Koretz (Dem) is the first legislator to question this break with previously established protocol for seriously considering citizen comment.
Media Coverage of Today’s Events?
Given the nearly total blackout in the mainstream press on questions raised by recent elections, citizen activists were heartened to see an unprecedented turnout by the news media for Monday's voting system certification hearing. Longtime Sacramento media consultant Cress Vellucci exclaimed, “I’ve never seen this much media show up for this kind of event.” TV camera crews were dispatched by two local NPR television affiliates and Sacramento's Channel 3. Radio reporters from KQED, KPFA, KPFK and a CNN affiliate recorded and conducted interviews during the demonstration. Writers were assigned by the AP wire, Stockton Press, Oakland Tribune, Sacramento Bee, and Sacramento Reporter.
Where’s the Media on Election Integrity?
Curiously, to date, not a single news agency of national stature has even mentioned the highly critical 117-page report issued by the Government Accountability Office (GAO) of October 12, 2005, which catalogs widespread electronic voting failures and warns of continuing, unattended security risks in the nation's voting systems.
http://tinyurl.com/bv6f6 >
New Opportunities for Coverage
The first articles breaking the events of earlier today have ssidestepped the issues of Diebold voting systems' insufficiencies and the company's history of election law violations, choosing instead to feature the State's contention that the systems have the passed the requisite tests.
Where in the World is Bruce?
The integrity of California elections is now in the lap of Governor Schwarzenegger's appointed Secretary of State Bruce McPherson (Rep). He did not bother to descend from his upstairs office to hear the testimony of citizens in the auditorium. But two others interested in his job--State Sen. Debra Bowen (Dem) and Forrest Hill (Grn) were both present and keenly attentive to the Diebold hearing issues.
What’s Next Behind Closed Doors? “Good Night and Good Luck”
What’s Next will take place Behind Closed Doors: There is a closed meeting next week in Sacramento, to be held at the Hyatt Regency on November 27-28. < See,
http://www.ss.ca.gov/elections/elections_vst_summit.htm > Its stated agenda is to discuss the conditions of certification and “best practices." Some of the invited officials are known to be those who have openly flouted election code and zealously supported relaxed election integrity standards. Yet, on balance, no one was invited from our steering committee, despite the fact that we are a non-partisan organization of over 25 groups across California dedicated to election integrity. We have been tipped off by an election insider that we will are blacklisted from participating in this summit. While we would like to believe that it is a misunderstanding only time will tell. In the meantime, we do have rejection letters from Bruce McDannold of McPherson's office stating that we cannot attend, but that we may rest assured that our views will be represented. We wonder how Bruce McDannold can make that assurance? After reviewing the summit's agenda, we know that there are three attendees, computer scientists, who share our concerns. But they speak from a computer expert perspective--not ours.
We Can Do It Right!
If the Secretary of State is indeed blacklisting the CEPN, an organization who has demonstrated its desire, ability and knowledge in the discussion voting integrity, we respectfully ask for reconsideration. Democracy is at a critical juncture: At the November 27-28 Summit California will determine its future election practices for years to come, and attendance by our informed citizens is not only desirable, but necessary.
__________________________________________
Seven Reasons NOT to Certify Diebold
1. The GEMS Defect
Reported by BOE Harris and Dr. Herbert Thompson, and independently confirmed by the security consultant firm Compuware on commission from the state of Ohio, the GEMS Defect concerns the central vote tabulating database that accumulates all the precinct and absentee votes for all Diebold optical scan and touch-screen voting systems. Despite assurances by Diebold, records obtained by Black Box Voting show that this issue has not been resolved in either California or Ohio, or apparently any of the other 1,200 jurisdictions that use Diebold. A critical set of Compuware documents confirming this was suppressed by Ohio Secretary of State Ken Blackwell.
Votergate the Movie available for free download <
http://www.votergate.tv > contains footage from a national TV broadcast of Bev Harris instructing Howard Dean how to hack GEMS and untraceably alter vote tallies in under two minutes. Additional vulnerabilities have since been found and publicized at
http://www.blackboxvoting.org .
"By successfully directing Canvas at the GEMS modem interface, the team was able to remotely upload, download and execute files with full system administrator privileges. All that was required was a valid phone number for the GEMS server."
--Trusted Agent Report, Diebold AccuVote-TS Voting System,January 20, 2004
Prepared for the Maryland General Assembly by: RABA Innovative Solution Cell (RiSC)
2. Stuffing the Electronic Ballot Box with Diebold Memory Cards
Finnish computer expert Harry Hursti, in cooperation with the elections administration of Leon County, Florida, has demonstrated in real-world voting conditions that executable code on the memory cards integral to the operation of Diebold optical scanners and touchscreens can be quickly manipulated to change vote counts without detection.
Brief account:
http://www.bbvforums.org/forums/messages/1954/5921.html... Full report:
http://www.blackboxvoting.org/BBVreport.pdf California's voting systems testing consultant Steve Freeman has confirmed that Diebold's proprietary programming language AccuBasic writes "report files used to configure AccuVote-OS and AccuVote-TS report contents and printing in precinct count mode. They are actually loaded into the memory cards for the AV-OS and AV-TS where their logic is executed.
. . . The risk occurs in the opportunity to replace the verified file with some other .abo file . . . or by replacing the current code with rewritten code performing other operations."
Commenting on Freeman's report, Black Box Voting notes that it is possible to insert fraudulent code onto the memory cards that is date-specific, so that it will pass Logic & Accuracy testing pre- or post-election but trigger pre-planned manipulations on election day.
Invoking California Election Code 19202, Black Box Voting formally requested Secretary of State McPherson to conduct a replication of the Hursti memory card exploits for the Diebold touchscreen and optical scan systems. Six months later, California still has not performed this test.
3. Inauditable Absentee Ballots on Diebold Optical Scanners
Just prior to the recent statewide election, technical experts assigned by the Libertarian Party to inspect Diebold systems in San Joaquin, Marin, and Alameda counties found that in the Diebold "central count" optical scanners, "a critical paper audit component is missing for all absentee and mail-in ballots, and also for recounts."
Diebold's central count scanners are unable to write backup data to memory storage, instead passing all vote counting directly to the notoriously insecure GEMS tabulator. No "poll tapes" or secondary source of data is retained, and there is no way to check whether the GEMS security defect was exploited without obtaining the GEMS vote data files. Diebold refuses to release these files.
4. The Secretary of State's Own Tech Advisors Are Warning Against Diebold
Below are excerpts from a technical review commissioned by Secretary McPherson concerning the AVVPAT printer module added to the TSx machines. The report, titled "Analysis of Volume Testing of the AccuVote TSx/AccuView" is available at
http://ss.ca.gov/elections/voting_systems / vstaab_volume_test_report.pdf
p. 7: "... It is possible that these failures are a sign of a large number of other latent software defects."
"... this issue warrants further investigation before any modified versions of the TSx are certified."
"The fundamental barrier to analysis of these software errors is the lack of access to source code ... we have no way to perform such an independent evaluation. This is a very unsatisfying position to be in."
p. 8: "We believe these failures constitute one of the strongest arguments for the State of California to take possession of, or otherwise arrange for unfettered access to, the full source code and binary executables for all electronic voting machines." ... there is no way to know whether the defects have been fixed satisfactorily (as opposed to just hidden), or whether they represent symptoms of more serious architectural flaws, without access to the source."
5. The Federal and State Voting System Certification Process is Broken
Two testing labs in Huntsville, Alabama --Ciber Labs, run by Shawn Southworth, and a Wyle Labs office supervised by Jim Dearman--are responsible for repeatedly certifying defective voting machines that violate Federal Election Commission (FEC) standards.
The limited functionality testing performed by these federally contracted "independent testing authorities" (that derive at least a third of their funding directly from the voting system vendors they are inspecting) and by California's consultant Steve Freeman, does not test for the known security vulnerabilities of the Diebold voting systems, including Dr. Herbert Thompson's VBA script attack, and Hursti's electronic ballot box stuffing and memory card swapping techniques.
Diebold Software Comes with a Criminal Pedigree
6. Convicted Computer Embezzler Authored GEMS Software
Jeff Dean was Senior Vice-President of Global Election Systems when it was bought by Diebold in 2002. Even though he had been convicted of 23 counts of felony theft in the first degree, Jeff Dean was retained as a consultant by Diebold and was largely responsible for programming the optical scanning software now used in most of the United States.
http://www.scoop.co.nz/mason/stories/HL0312/S00191.htm http://www.chuckherrin.com/HackthevoteFAQ.htm#how http://www.blackboxvoting.org/bbv_chapter-8.pdf Diebold consultant Jeff Dean was convicted of planting back doors in his software and using a "high degree of sophistication" to evade detection over a period of 2 years.
http://www.chuckherrin.com/HackthevoteFAQ.htm#how http://www.blackboxvoting.org/bbv_chapter-8.pdf DIEBOLD CONTINUES TO PERJURE AND VIOLATE ELECTION LAWS
7. Records obtained by Black Box Voting show that Diebold executives lied to the Arizona Secretary of State, the Cuyahoga County Board of Elections, and to hundreds of elections officials throughout the U.S. about the existence of specific defects. Most famously of all, Diebold lied to the State of California in 2003 about illegally installing uncertified voting software in all 17 counties in which Diebold had contracts.
http://www.ss.ca.gov/elections/ks_dre_papers/diebold_re... CALIFORNIA ELECTION PROTECTION NETWORK
a non partisan organization of over 25 groups across California
coming together to achieve their mutual election integrity goals
http://www.califelectprotect.net Portions of this paper reprinted with acknowledegment and links to
http://www.blackboxvoting.org __________________________________________
Noveneber 21, 2005
The Honorable Bruce McPherson
California Secretary of State
1500 11th Street
Sacramento, CA 95814
FAX916-653-3214
Dear Secretary McPherson:
I am writing to express my concern about the hearing to determine whether Diebold should be recertified. I believe that the voters of California are entitled to be able to choose their representatives with the confidence that their votes are recorded and counted accurately. It is the duty of the Secretary, as the chief elections officer of the state, to make sure that voting systems are approved in the interests of California, not the voting system
It has been brought to my attention that you have disbanded the Voting Systems Panel (VSP) a panel of advisors, which has historically conducted hearings on voting systems used in the state. It is of great concern that the VSP has been disbanded without hearings about what will replace it and without any type of due process.
I am respectfully requesting that you reverse your decision to abandon established procedures and to allow people to provide meaningful input on the voting systems approve for use in the state.
In light of this concern I also respectfully request you postpone any decisions to re-certify Diebold for use in the state. Without adequate public input as to whether Diebold has met all the requirements to be certified for use in the state, I believe that it is premature to move forward at this time with the re-certification.
There as still many reasons to have reservation about making such a hasty decision without proper input from all interested parties.
.
It is my understanding that Diebold failed to comply with the April 30, 2004 decertification orders and cannot permit a meaningful recount. The proprietary closed source code complexity, secrecy and protection status of the software of the Diebold system precludes and prevents any meaningful legal thorough forensic analysis and recount of any election run on Diebold equipment. There have been many numerous litigation filings against Diebold, and the discovery process for forensic examination of Diebold software is nothing but an extension of the basic recount procedure.
It is for these reasons that I request that you delay recertifying Diebold at this time.
Sincerely,
PaulKoretz
______________________________________
To: McDannold, Bruce
Subject: Request for Invitation to Voting Systems Testing Summit
Dear Mr. McPherson and Mr. McDannold,
I am writing to request an invitation to the November
28-29 Voting Systems Testing Summit.
I am a member of the Steering Committee of the
California Election Protection Network and have been
working on Election Protecion issues since March of
2004.
I believe the Summit you are holding is a much needed
event and will be invaluable toward better informing
people of the concerns/vision/solutions regarding our
voting systems in California and most likely the
nation.
Thank you for your consideration. I look forward to
hearing back from you soon.
Sincerely,
XXXXXXX
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
California Election Protection Network
E: Request for Invitation to Voting Systems Testing Summit
Date:
Thu, 10 Nov 2005 20:30:21 -0800
From:
"McDannold, Bruce" <bmcdanno@ss.ca.gov >
To:
<XXXXXXXXXXXXXXXXX>
Thank you for your interest in the Summit on voting system testing. We invited elections
officials from across the country to participate, since this is a Summit designed specifically
to discuss state-level testing of voting machines and to develop a best practices document
on that specific subject. We've had a very good response; registrations are filling up fast
so we are having to limit attendance to those already invited. The panels and panelists
reflect the widest array of credible views, from outright skeptics to industry. Interested
parties are encouraged to contribute written documents to the Summit to be reviewed as
part of the final recommendations for testing to the states. They should send their written
input to VotingSystemComment@ss.ca.gov .
_______________________________________________________
For more information:
http://www.califelectprotect.net