Diebold Internal Memos Admit Voting Machine Flaws
by CONSPIRACY PLANET
In a preemptive strike to discourage further negative publicity, Diebold Election Systems has demanded that voting activist site BlackBoxVoting.org remove internal memos which admit that Diebold's high tech voting machines are easily susceptible to vote fraud.
Dated Oct. 2001, the memo by Diebold's principal engineer Ken Clark concedes that it is quite simple to do an "end run" around the Diebold GEMS voting software, used in both touch screen and optical scan voting machines, and that this "back door" has already been used in elections. Diebold states that the memos are authentic, but claims copyright protection.
According to Black Box Voting.com's Bev Harris, this is what Clark has written --
CLARK: "Right now you can open GEMS' .mdb file with MS-Access, and alter its contents. That includes the audit log. This isn't anything new."
CLARK: "Being able to end-run the database has admittedly got people out of a bind though. Jane (I think it was Jane) did some fancy footwork on the mdb file in Gaston recently. I know our dealers do it. King County is famous for it. That's why we've never put a password on the file before."
Diebold's own memos authenticate the security flaw Harris wrote about on July 8, 2003 (http://www.blackboxvoting.org/access-diebold.htm).
In contrast to their rebuttal to the Johns Hopkins report,which confirmed serious flaws with the voting machine software, Diebold has never denied that Harris reviewed actual certified versions of its software used in real elections and never contended that her analysis is wrong.
Clark's memo explains that the ability to tamper with election results which was exposed by Harris was well known by senior programmers at Diebold.
According to Harris, the memos also show that Metamor (now Ciber), the Independent Testing Authority (ITA) entrusted with testing voting machine software, called attention to the security flaw in Oct. 2001 but was persuaded not to reveal it in their report:
NEL FINBERG: "Jennifer Price at Metamor (about to be Ciber) has indicated that she can access the GEMS Access database and alter the Audit log without entering a password. What is the position of our development staff on this issue? Can we justify this?"
Principal engineer Clark acknowledges the security weakness and replies:
CLARK: "If you don't bring this up you might skate through Metamor."
He goes on to say: CLARK: "Bottom line on Metamor is to find out what it is going to take to make them happy." Metamor agreed to overlook the flaw.
FINBERG: "For now Metamor accepts the requirement to restrict the server password to authorized staff in the jurisdiction, and that it should be the responsibility of the jurisdiction to restrict knowledge of this password. So no action is necessary in this matter, at this time."
Finberg's response says the software has been approved because the user of the software will have a password. However, Harris showed in the same July 8 report that the GEMS password can be overwritten in five minutes by any 14-year old.
This leaves only the Windows NT security which is altogether outside the Diebold voting system. Unfortunately, other memos indicate that the less secure Windows XP system is now being installed, moving away from a previous requirement for Windows NT, which had at least some built-in security.
The Diebold memos also demonstrate that the company made fraudulent claims to the state of Georgia when selling its system.
Georgia voting machine R.F.P. March 2002: IV. PHASE I, DIEBOLD TECHNICAL PROPOSAL: "Generated entries on the audit log cannot be terminated or interfered with by program control or by human intervention."
R.F.P. March 2002: IV. PHASE I, TECHNICAL PROPOSAL: "Beyond the standard array of Windows NT-based layered and encrypted security, GEMS application provides all the security measures necessary for complete system security." Principal engineer Ken Clark also notes that the security flaw has been in place for at least a decade:
CLARK: "This isn't anything new. In VTS, you can open the database with progress and do the same. This is all about Florida, and we have had VTS certified in Florida under the status quo for nearly ten years."
In her defense, Harris contends that her right to publish the memos, which were given to her by a Diebold employee, supercedes Diebold's right to copyright protection because:
1) The Ken Clark memo demonstrates intent to break the law. The flaw violates both FEC standards and most state statutes. In California, for example, it is against the law to sell a voting system that is not tamper-resistant.
2) The publication of the memos serves an overriding public interest.
3) Other memos provide additional evidence of failure to follow the law, and reveal new security flaws. Specifically:
At least two sets of memos discuss using cell phones to intercept and transmit vote data.
Most importantly, the memos document that Diebold has been using changed versions of software in elections, versions that were never submitted for certification at all. In other words, none of the testing and certification protections apply, and no one, not the ITA, the secretary of state, or any election official have any idea what is contained in the lines of code in those uncertified programs.
According to Harris, this means that only three people in the world know what's in the Diebold software code used to run several elections, particularly in California. Two of these individuals are Canadian and one is a Russian living in Canada. Their names: Ken Clark, Talbot Iredale (a stockholder), and Dmitry Papushin.
Harris provided a CD containing the memos to her congressman; at least two other members of congress in other states were also given the memos. A "rig-a-vote" CD from California activist Jim March containing step by step instructions with bona fide Diebold software showing how to change the audit log, overwrite the password, and change the votes during the midst of an election.
Over 500 activists in the USA, Canada, Europe and the South Pacific now have the Diebold memos.
* Diebold software is easy to tamper, according to Diebold's own principal engineer
* Diebold has been using untested, uncertified software in elections
* Diebold has been experimenting with insecure and unauthorized remote communications, including use of cell phones to intercept and transfer vote data during real elections.
* Diebold has submitted sales literature that misrepresents its system.
In conclusion, the Diebold memos demonstrate that the company made fraudulent claims to the state of Georgia when selling its system
and they prove that Diebold knew about the security flaws, and
admit to allowing election officials to alter the final audit log.
Actual copies of internal Diebold memos which show that uncertified software is being used in elections, and that Diebold programmers intentionally can be found at
scoop.co.nz - 45k - Sep 22, 2003 and at
why-war.com
equalccw.com. smashthetrifecta.com
According to Bev Harris, this is the conclusion of the Diebold voting machine debacle --
1. Diebold issued a pull-down demand under DMCA for the BlackBoxVoting.org web site, citing a link posted on a forum in the site and claiming that the link allowed web visitors to visit an unrelated page, containing Diebold internal memos, to which they say they own the copyright.
2. Not only was BlackBoxVoting.org pulled down, but ALL of the documents, databases and programming for approximately 500 pages of material, most of which did not relate to Diebold at all, was confiscated, upon the (incorrect) advice of a North Carolina attorney named James Baker.
Dozens of web pages were pulled down which had nothing whatever to do with the disputed information. First, the offending item was a post in a forum which contained a link. Nothing in DMCA allows Diebold to abuse the law to pull down unrelated web pages, but this is the direct result of their threat. To make matters more egregious, we were then prohibited from accessing the ftp server even to retrieve our files in order to place them elsewhere. After David Allen, the publisher of Black Box Voting, negotiated with the ISP, they decided to ignore their attorney's advice and reinstate access to the ftp server, and we have secured a First Amendment attorney to force the reinstatement of the site itself.
3. The confiscated pages included personal contact information for 200 activists, and the private strategy sessions for voting machine activists. BlackBoxVoting.org received no satisfactory explanation as to what authority they were confiscated under. We will demand a formal statement from the ISP that logs every single person who looked at them, accessed the files, or made copies of them.
"The .org site had an active discussion going on among people from all over the US and world about election security and flaws found in Diebold's voting system software. The idea that these discussion boards were confiscated is rather chilling. The discussions were password protected and not open for public view.
"In addition to the impact this action will have on the election security debate, it also may represent the first time the DMCA has been used to shut down a discussion. Although I don't know much about the DMCA, I do think it wasn't written with this kind of purpose in mind." -- Kim Alexander, California Voter Foundation
4. Does Diebold even have a legitimate claim to copyright? Most of the memos in question were written in Canada, and resided on a server in Canada up to and including 2003 after Diebold bought a Canadian company called Global Election Systems. In Canada, company correspondence, even internal memos, is not protected by copyright. To date we have been unable to find evidence, other than a claim in a letter, that Diebold even owns the copyright to these memos.
5. These memos are more properly termed "Evidence," because they contain evidence of a pattern of lawbreaking that dates back at least to 1999. An injunction needs to be filed immediately in California based on evidence contained in these memos, before forcing citizens in 14 counties to vote on these machines in the recall election in a few days.
6. Lexis-Nexis has turned up some interesting information pertaining to the origins of Global Election Systems, a wholly owned subsidiary of North American Professional Technologies, Inc., which was in turn a wholly owned subsidiary of MacroTrends Ventures International, Ltd.
Charles Hong Lee is one of the principals with these firms. He has been tied to participation in a scheme to bilk immigrants out of some $47 million; he is also connected with a scandal in which a Mr. Graye was prosecuted, relating to Vinex Wines.
Charles Hong Lee was also involved with something called "The Vancouver Maneuver," a stock pump & dump scheme that bilked investors out of millions in connection with an entertainment company and something called Beverly Development.
Charles Hong Lee was a principal with Global Election Systems, along with the late Clinton Rickards.
Talbot Iredale, currently the V.P. for Research and Development for Diebold Election Systems, began with the company in 1991, right around the time the Vancouver Maneuver was exposed in Barron's magazine. This is the pedigree from whence the Diebold Memos arose.
Sophia Lee, who may or may not be related to Charles Hong Lee, was in San Luis Obispo County, California on the day that a vote tally mysteriously popped up on the Internet five hours before the polls closed. She is the support tech for King County, Washington which Diebold principal engineer Ken Clark refers to as being "famous" for doing "end runs" around the voting system using a Microsoft Access hack, and her name is referenced in a strange series of memos for Volusia County, Florida in which programmers and techs discuss the unexplained appearance of an illicit set of votes that replaced the correct set.
This was the notorious 16,022 votes which were removed from Al Gore's tally on election night when a mysterious, and now "lost" memory card uploaded and overwrote the correct totals.
These disappearing votes were noticed by a clerk, who set alarm bells ringing and the tally was corrected, but Diebold programmers now say, in the memos, that the replacement vote upload can't be found.
They concede that an extra vote upload was done, and Vice President of Research Talbot Iredale says in the memos that it may have been illicit. |
