UNDAY Nov. 7 2004: We're awaiting independent analysis on some pretty crooked-looking elections. In the mean time, here's something to chew on.
Your local elections officials trusted a group called NASED -- the National Association of State Election Directors -- to certify that your voting system is safe.
This trust was breached.
NASED certified the systems based on the recommendation of an "Independent Testing Authority" (ITA).
"Whuuut?"
What no one told local officials was that the ITA did not test for security (and NASED didn't seem to mind).
The ITA reports are considered so secret that even the California Secretary of State's office had trouble getting its hands on one. The ITA refused to answer any questions about what it does. Imagine our surprise when, due to Freedom of Information requests, a couple of them showed up in our mailbox.
The most important test on the ITA report is called the "penetration analysis." This test is supposed to tell us whether anyone can break into the system to tamper with the votes.
"Not applicable," wrote Shawn Southworth, of Ciber Labs, the ITA that tested the Diebold GEMS central tabulator software. "Did not test."
This is Shawn Southworth, in his office in Huntsville, Alabama.
He is the man who carefully examines our voting software.
Shawn Southworth "tested" whether every candidate on the ballot has a name. But we were shocked to find out that, when asked the most important question -- about vulnerable entry points -- Southworth's report says "not reviewed."
Americans want to know:
Ciber "tested"whether the manual gives a description of the voting system. But when asked to identify methods of attack (which we think the American voter would consider pretty important), the top-secret report says "not applicable."
Ciber "tested" whether ballots comply with local regulations, but when Bev Harris asked Shawn Southworth what he thinks about Diebold tabulators accepting large numbers of "minus" votes, he said he didn't mention that in his report because "the vendors don't like him to put anything negative" in his report. After all, he said, he is paid by the vendors.
"Hmmmm."
Shawn Southworth didn't do the penetration analysis, but check out what he wrote:
"Ciber recommends to the NASED committee that GEMS software version 1.18.15 be certified and assigned NASED certification number N03060011815."
Was this just a one-time oversight?
Nope. It appears to be more like a habit. Here is the same Ciber certification section for VoteHere; as you can see, the critical security test, the "penetration analysis" was again marked "not applicable" and was not done.
Maybe another ITA did the penetration analysis?
Apparently not. We discovered an even more bizarre Wyle Laboratories report. In it, the lab admits the Sequoia voting system has problems, but says that since they were not corrected earlier, Sequoia could continue with the same flaws. At one point the Wyle report omits its testing altogether, hoping the vendor will do the test.
Computer Guys: Be your own ITA certifier.
Here is a copy of the full Ciber report (part 1, 2, 3, 4) on GEMS 1.18.15. Here is a zip file download for the GEMS 1.18.15 program. Here is a real live Diebold vote database. Compare your findings against the official testing lab and see if you agree with what Ciber says. E-mail us your findings.
TIPS: The password for the vote database is "password" and you should place it in the "LocalDB" directory in the GEMS folder, which you'll find in "program files."
Who the heck is NASED?
They are the people who certified this stuff.
You've gotta ask yourself: Are they nuts? Some of them are computer experts. Well, it seems that several of these people suddenly want to retire, and the whole NASED voting systems board is becoming somewhat defunct, but these are the people responsible for today's shoddy voting systems.
If the security of the U.S. electoral system depends on you to certify a voting system, and you get a report that plainly states that security was "not tested" and "not applicable" -- what would you do?
Perhaps we should ask them. Go ahead. Let's hold them accountable for the election we just had. (Please, e-mail us their answers) They don't make it very easy to get their e-mail and fax information; when you find it, let us know and we'll post it here.
NASED VOTING SYSTEMS/ITA ACCREDITATION BOARD
Thomas R. Wilkey, Executive Director, New York State Board of Elections
David Elliott, (former) Asst. Director of Elections, Washington State
James Hendrix, Executive Director, State Election Commission, South Carolina
Denise Lamb, Director, State Bureau of Elections, New Mexico
Sandy Steinbach, Director of Elections, Iowa
Donetta Davidson, Secretary of State, Colorado
Connie Schmidt, Commissioner, Johnson County Election Commission, Kansas
(the late) Robert Naegele, President Granite Creek Technology, Pacific Grove, California
Brit Williams, Professor, CSIS Dept, Kennesaw State College, Georgia
Paul Craft, Computer Audit Analyst, Florida State Division of Elections Florida
Steve Freeman, Software Consultant, League City, Texas
Jay W. Nispel, Senior Principal Engineer, Computer Sciences Corporation Annapolis Junction, Maryland
Yvonne Smith (Member Emeritus), Former Assistant to the Executive Director Illinois State Board of Elections, Illinois
Penelope Bonsall, Director, Office of Election Administration, Federal Election Commission, Washington, D.C.
Committee Secretariat: The Election Center, R. Doug Lewis, Executive Director Houston, Texas, Tele: 281-293-0101
# # # # #
THURSDAY Nov. 4 2004: If you are concerned about what happened Tuesday, Nov. 2, you have found a home with our organization. Help America Audit.
Black Box Voting has taken the position that fraud took place in the 2004 election through electronic voting machines. We base this on hard evidence, documents obtained in public records requests, inside information, and other data indicative of manipulation of electronic voting systems. What we do not know is the specific scope of the fraud. We are working now to compile the proof, based not on soft evidence -- red flags, exit polls -- but core documents obtained by Black Box Voting in the most massive Freedom of Information action in history.
We need: Lawyers to enforce public records laws. Some counties have already notified us that they plan to stonewall by delaying delivery of the records. We need citizen volunteers for a number of specific actions. We need computer security professionals willing to GO PUBLIC with formal opinions on the evidence we provide, whether or not it involves DMCA complications. We need funds to pay for copies of the evidence.
TUESDAY Nov 2 2004: BREAKING NEWS: New information indicates that hackers may have targeted the central computers that are counting our votes.
Freedom of Information requests are not free. We need to raise $50,000 as quickly as possible to pay for records and the fees some states charge for them. We launched one major FOIA action last night, and have two more on the way, pell-mell. Now is the time. If you can't donate funds, please donate time. E-mail to join the Cleanup Crew.
Important: Watch this 30-minute film clip
Voting without auditing. (Are we insane?)
SEATTLE, WASHINGTON Nov 3 2004 -- Did the voting machines trump exit polls? There's a way to find out.
Black Box Voting (.ORG) is conducting the largest Freedom of Information action in history. At 8:30 p.m. Election Night, Black Box Voting blanketed the U.S. with the first in a series of public records requests, to obtain internal computer logs and other documents from 3,000 individual counties and townships. Networks called the election before anyone bothered to perform even the most rudimentary audit.
America: We have permission to say No to unaudited voting. It is our right.
Among the first requests sent to counties (with all kinds of voting systems -- optical scan, touch-screen, and punch card) is a formal records request for internal audit logs, polling place results slips, modem transmission logs, and computer trouble slips.
An earlier FOIA is more sensitive, and has not been disclosed here. We will notify you as soon as we can go public with it.
Such a request filed in King County, Washington on Sept. 15, following the primary election six weeks ago, uncovered an internal audit log containing a three-hour deletion on election night; "trouble slips" revealing suspicious modem activity; and profound problems with security, including accidental disclosure of critically sensitive remote access information to poll workers, office personnel, and even, in a shocking blunder, to Black Box Voting activists.
Black Box Voting is a nonpartisan, nonprofit consumer protection group for elections. You may view the first volley of public records requests here: Freedom of Information requests here
Responses from public officials will be posted in the forum, is organized by state and county, so that any news organization or citizens group has access to the information. Black Box Voting will assist in analysis, by providing expertise in evaluating the records. Watch for the records online; Black Box Voting will be posting the results as they come in. And by the way, these are not free. The more donations we get, the more FOIAs we are empowered to do. Time's a'wasting.
We look forward to seeing you participate in this process. Join us in evaluating the previously undisclosed inside information about how our voting system works.
Play a part in reclaiming transparency. It's the only way.
# # # # #
Public Records Request - November 2, 2004
From: Black Box Voting
To: Elections division
Pursuant to public records law and the spirit of fair, trustworthy, transparent elections, we request the following documents.
We are requesting these as a nonprofit, noncommercial group acting in the capacity of a news and consumer interest organization, and ask that if possible, the fees be waived for this request. If this is not possible, please let us know which records will be provided and the cost. Please provide records in electronic form, by e-mail, if possible -
[email protected].
We realize you are very, very busy with the elections canvass. To the extent possible, we do ask that you expedite this request, since we are conducting consumer audits and time is of the essence.
We request the following records.
Item 1. All notes, emails, memos, and other communications pertaining to any and all problems experienced with the voting system, ballots, voter registration, or any component of your elections process, beginning October 12, through November 3, 2004.
Item 2. Copies of the results slips from all polling places for the Nov. 2, 2004 election. If you have more than one copy, we would like the copy that is signed by your poll workers and/or election judges.
Item 3: The internal audit log for each of your Unity, GEMS, WinEds, Hart Intercivic or other central tabulating machine. Because different manufacturers call this program by different names, for purposes of clarification we mean the programs that tally the composite of votes from all locations.
Item 4: If you are in the special category of having Diebold equipment, or the VTS or GEMS tabulator, we request the following additional audit logs:
a. The transmission logs for all votes, whether sent by modem or uploaded directly. You will find these logs in the GEMS menu under "Accuvote OS Server" and/or "Accuvote TS Server"
b. The "audit log" referred to in Item 3 for Diebold is found in the GEMS menu and is called "Audit Log"
c. All "Poster logs". These can be found in the GEMS menu under "poster" and also in the GEMS directory under Program Files, GEMS, Data, as a text file. Simply print this out and provide it.
d. Also in the Data file directory under Program Files, GEMS, Data, please provide any and all logs titled "CCLog," "PosterLog", and Pserver Log, and any logs found within the "Download," "Log," "Poster" or "Results" directories.
e. We are also requesting the Election Night Statement of Votes Cast, as of the time you stopped uploading polling place memory cards for Nov. 2, 2004 election.
Item 5: We are requesting every iteration of every interim results report, from the time the polls close until 5 p.m. November 3.
Item 6: If you are in the special category of counties who have modems attached, whether or not they were used and whether or not they were turned on, we are requesting the following:
a. internal logs showing transmission times from each voting machine used in a polling place
b. The Windows Event Viewer log. You will find this in administrative tools, Event Viewer, and within that, print a copy of each log beginning October 12, 2004 through Nov. 3, 2004.
Item 7: All e-mails, letters, notes, and other correspondence between any employee of your elections division and any other person, pertaining to your voting system, any anomalies or problems with any component of the voting system, any written communications with vendors for any component of your voting system, and any records pertaining to upgrades, improvements, performance enhancement or any other changes to your voting system, between Oct. 12, 2004 and Nov. 3, 2004.
Item 8: So that we may efficiently clarify any questions pertaining to your specific county, please provide letterhead for the most recent non-confidential correspondence between your office and your county counsel, or, in lieu of this, just e-mail us the contact information for your county counsel.
Because time is of the essence, if you cannot provide all items, please provide them in increments as soon as you have them, and please notify us by telephone (206-335-7747) or email (
[email protected]) as soon as you have any portion of the above public records request available for review.
Thank you very much, and here's hoping for a smooth and simple canvass which works out perfectly for you. We very, very much appreciate your help with this, and we do realize how stressful this election has been.
If you need a local address, please let me know, and we will provide a local member for this public records request. In the interest of keeping your life simple, we thought it best to coordinate all records through one entity so that you don't get multiple local requests.
# # # # #
We now have evidence that certainly looks like altering a computerized voting system during a real election, and it happened just six weeks ago.
Stumble It!
Tweet This
Bookmark on Delicious
Share on Facebook
Share on MySpace