Hi Folks,

I've excerpted part of an article by Bev Harris from Black box Voting below. For the entire article see: http://www.blackboxvoting.org/?q=node/view/78

Bill McAvinney

************ Excerpt of Article ************

Consumer Report Part 1: Look at this -- the Diebold GEMS central tabulator contains a stunning security hole
Submitted by Bev Harris on Thu, 08/26/2004 - 11:43. Investigations
Issue: Manipulation technique found in the Diebold central tabulator -- 1,000 of these systems are in place, and they count up to two million votes at a time.

By entering a 2-digit code in a hidden location, a second set of votes is created. This set of votes can be changed, so that it no longer matches the correct votes. The voting system will then read the totals from the bogus vote set. It takes only seconds to change the votes, and to date not a single location in the U.S. has implemented security measures to fully mitigate the risks.

This program is not "stupidity" or sloppiness. It was designed and tested over a series of a dozen version adjustments.

Whether you vote absentee, on touch-screens, or on paper ballot (fill in the bubble) optical scan machines, all votes are ultimately brought to the "mother ship," the central tabulator at the county which adds them all up and creates the results report.

These systems are used in over 30 states and each counts up to two million votes at once.

This problem appears to demonstrate intent to manipulate elections, and was installed in the program under the watch of a programmer who is a convicted embezzler.

According to election industry officials, the central tabulator is secure, because it is protected by passwords and audit logs. But it turns out that the GEMS passwords can easily be bypassed, and the audit logs can be altered and erased. Worse, the votes can be changed without anyone knowing, including the officials who run the election.

The GEMS program runs on a Microsoft Access database. It typically recieves incoming votes by modem, though some counties follow better security by disconnecting modems and bringing votes in physically.

GEMS stores the votes in a vote ledger, built in Microsoft Access. Any properly designed accounting program will allow only one set of books. You can't enter your expense report in three different places. All data must be drawn from the same place, and multiple versions are never acceptable. But in the files we examined, we found that the GEMS system contained three sets of "books."

The elections official never sees the different sets of books. All she sees is the reports she can run: Election summary (totals, county wide) or a "Statement of Votes Cast" (totals for each precinct). She has no way of knowing that her GEMS system uses a different set of data for the detail report (used to spot check) than it does for the election totals. The Access database, which contains the hidden set of votes, can't be seen unless you know how to get in the back door -- which takes only seconds.

A hidden trigger
The data tables in accounting software automatically link up to each other to prevent illicit back door entries. In GEMS, however, by typing a two-digit code into a hidden location, you can decouple the books, so that the voting system will draw information from a combination of the real votes and a set of fake votes, which you can alter any way you see fit.

That's right, GEMS comes with a secret digital "on-off" switch to link and unlink its multiple vote tables. Someone who tests GEMS, not knowing this, will not see the mismatched sets of books. When you put a two-digit code into a secret location can you disengage the vote tables, so that tampered totals table don't have to match precinct by precinct results. This way, it will pass a spot check -- even with paper ballots -- but can still be rigged.

How and when did the double set of books get into GEMS?

Black Box Voting has traced the implementation of the double set of books to Oct. 13, 2000, shortly after embezzler Jeffrey Dean became the senior programmer. Dean was hired as Vice President of Research and Development in September 2000, and his access to the programs is well documented through internal memos from Diebold. The double set of books appeared in GEMS version 1.17.7.

Almost immediately, according to the Diebold memos, another Diebold programmer, Dmitry Papushin, flagged a problem with bogus votes appearing in the vote tables. The double set of books remained, though, going through several tweaks and refinements. From the time Jeffrey Dean was hired in September, until shortly before the Nov. 2000 election, GEMS went through over a dozen changes, all retaining the new hidden vote tables.

For four years, anyone who has known how to trigger the double set of books has been able to use, or sell, the information to anyone they want.

Jeffrey Dean, according to his own admissions, is subject to blackmail as well as financial pressure over his restitution obligation. Police records from his embezzlement arrest, which involved "sophisticated" manipulation of computer accounting records, report that Dean claimed he was embezzling in order to pay blackmail over a fight he was involved in, in which a person died.

So now we have someone who's admitted that he's been blackmailed over killing someone, who pleaded guilty to 23 counts of embezzlement, who is given the position of senior programmer over the GEMS central tabulator system that counts approximately 50 percent of the votes in the election, in 30 states, both paper ballot and touch screen.

And just after he is hired, multiple sets of books appear in GEMS, which can be decoupled, so that they don't need to match, by typing in a secret 2-digit code in a specific location.

_______________________________________________
Evote-discussion mailing list
Evote-discussion@evote-mass.org
http://evote-mass.org/mailman/listinfo/evote-discussion_evote-mass.org