Slashdot Mirror

Gottesser writes with this excerpt from Bev Harris's Black Box Voting: "I have found and posted the actual voter list software used widely throughout the USA (TN, WI, PA, CO, KS...) for Accenture voter registration and voter histories. I located the files on a magnetic backup tape of the hard drive of a county elections IT employee, part of a 120-gig set of discovery files. The Accenture voter registration / voter history software is highly problematic, and has been reported switching voter parties in Colorado, and losing voter histories in Tennessee. Although it is now widely known that Accenture voter list software gets it wrong, just WHY the program misreports voter information so often has never been explained. I am hoping that by releasing this software to the public, it may shed light on what's really going on with our voter registration systems. I also posted a Tennessee file with work orders and release notes which shows the Accenture software has a history of tripling votes in certain ('random') voter histories, going back to 2004. Except it is not random: Other files I discovered prove it is with primarily suburban Republican precincts that votes are somehow being recorded twice and sometimes three times for certain voters in the voter history report, and this didn't just happen in 2004; it also happened in the 2008 presidential primary and in May and August 2010, and according to election commission notes in Shelby County, also in the 2012 presidential primary. Computer buffs, have at it. Much source code exists within the structure because it is built on MS Access. I do not read source code, though I can see some structural problems with the software (for example, it allows political party ID to be set differently from one precinct to another)."

Gottesser writes "Bev Harris over at Black Box Voting has done everyone a favor and released her 2008 Election Protection toolkit as an ebook. It's like Cliff notes of Bev's 8+ years of experience on the front lines of the modern voting rights movement. The ebook presents succinct information to get individuals actively involved in the full-contact sport that is democracy. The target audience is those who believe that the political process requires more than just showing up to vote once every four years those who know that something's up with those voting machines. You may remember Bev Harris from her Emmy-nominated HBO documentary 'Hacking Democracy.' I've been working on election integrity issues in Ohio for some time now and have met Bev several times. Her work is nothing less than groundbreaking. Please check it out."

Gottesser writes "Bev Harris over at Black Box Voting has done everyone a favor and released her 2008 Election Protection toolkit as an ebook. It's like Cliff notes of Bev's 8+ years of experience on the front lines of the modern voting rights movement. The ebook presents succinct information to get individuals actively involved in the full-contact sport that is democracy. The target audience is those who believe that the political process requires more than just showing up to vote once every four years those who know that something's up with those voting machines. You may remember Bev Harris from her Emmy-nominated HBO documentary 'Hacking Democracy.' I've been working on election integrity issues in Ohio for some time now and have met Bev several times. Her work is nothing less than groundbreaking. Please check it out."

A couple of weeks back we discussed the effort to require voting paper trails in US federal elections. Now WhiteBoxVoter writes: "Democrats and Republicans in the US House of Representatives agreed today on a compromise that will push through a bill banning paperless voting machines and requiring a voter-verified paper record for every vote in the country, after government sanctioned hackers showed how they could break into all three of the top voting systems used in California." The NYTimes reported on Thursday that even if it passes the House, voting-machine reform that would take effect before the 2008 elections may die in the Senate.

Gottesser writes, "Bev Harris of Black Box Voting has asked for the help of the Slashdot community. She would like people to take a look at ES&S's central tabulator software and start reporting on their impressions of it. This is a past release of the software but it is similar to the applications in production. Sorry, no source code." Read on for Bev's request and pointers to the code repositories. Update 23:38 GMT by SM Bev has confirmed that blackbox1.org is indeed owned by BlackBoxVoting making both a comment in the discussion and a post on the front page of blackboxvoting.org to help assuage reader fear/doubt.

From Bev:

"ES&S 'Unity' central tabulator software.

Software stash: three zip files --
http://www.blackbox1.org/ems.zip
http://www.blackbox1.org/un5.zip
http://www.blackbox1.org/Unity.zip

User Manuals for ES&S software can be found here:
http://www.bbvforum s.org/forums/messages/2197/2864.html

This is the ES&S central tabulator software, the ES&S counterpart to the Diebold GEMS central tabulator software. No source code, sorry, and no software for the precinct machines. This is reportedly one generation back, but from what I'm told has significant similarities to the new stuff. I would appreciate it if you can provide me with feedback on your impressions after looking at it. You may want to Slashdot it or whatever.

Best,

Bev Harris
Founder
Black Box Voting

goombah99 writes "Bev Harris of BlackBoxVoting.org has acquired an actual Diebold Acu-vote ballot scanner. Rummaging through King County's trash, she managed to get her hands on some of their tags and seals. She has since demonstrated a successful penetration of the seals without breaking them ... all in under 4 minutes with no training or technical skills required. There's a nice how-to with photos over at Verified Voting New Mexico." More from goombah99 below. "The demo is particularly relevant in light of the recent experience in Ohio in which there were large discrepancies between the electronic record and the paper trail, and also since many counties still permit the machines to be taken home by individuals before voting day (as a means of distributing them to precincts). These 'sleepover' machines were involved in the contentious narrow-margin San Diego Election, and are in continued practice in many states. Moreover, it's common practice for counties to contract out deliveries to third parties, such as in New Mexico where in one election, unlicensed delivery drivers took the machines on an unauthorized field trip and only got caught when they crashed the delivery truck after a stop at Hooters. The good news here is that the penetrated Diebold system in the photo essay is an optical scan system. It's not a touchscreen electronic voting system, so there is a paper trail. What hack really shows is that without mandatory random spot checks on the paper ballots, these may be as potentially vulnerable as the touchscreen direct recording electronic voting systems. It's perhaps worth noting that the open source voting system being developed by the Open Voting Consortium features a 100% reconciliation of every single paper ballot with an independent electronic record."

Philip K Dickhead writes "After numerous ethical lapses and much controversy, Diebold CEO, Wally O'Dell resigned to the applause of the markets. Diebold's price improved more than 5% today, as the story broke. Business Week is reporting that O'Dell is leaving for "personal reasons", although the news blog Raw Story cites board action on imminent securities fraud litigation, and legal challenges by states claiming fraudulent certification of Diebold voting machines. Latest vulnerability tests show an impossibly negligent attention to vote security and privacy." Not overly surprising, considering their recent childish antics in NC.

Doc Ruby writes "The California Secretary of State has invited Black Box Voting to hack away at some Diebold voting systems. The testing is set for Nov. 30, 2005. Evaluations conducted by Black Box Voting in San Joaquin, Marin, and Alameda counties (Calif.) reveal that a critical paper audit component is missing for all absentee and mail-in ballots, and also for recounts. (Black Box personnel were hired by the Libertarian Party to conduct inspections.)"

l2718 writes "Two economists have just posted a paper online, showing a small correlation between counties' use of paperless electronic voting systems and voting results in the recent presidential election (after controlling for other factors). They found no evidence for systematic fraud by testing several potential indicators. Rather, the voting method seems to affect the relative turnout of different voter demographies. Thanks to Election Law Blog for the pointer."

aacool writes "Blackboxvoting.org has raised the largest Freedom of Information request in history. At 8:30 p.m. Election Night, Black Box Voting blanketed the U.S. with the first in a series of public records requests, to obtain internal computer logs and other documents from 3,000 individual counties and townships. Networks called the election before anyone bothered to perform even the most rudimentary audit. Among the first requests sent to counties (with all kinds of voting systems -- optical scan, touch-screen, and punch card) is a formal records request for internal audit logs, polling place results slips, modem transmission logs, and computer trouble slips."

Dachannien writes "Capital News Service reports that the Maryland State Board of Elections has staged a test of its Diebold touch-screen voting machines in an effort to demonstrate their security and accuracy. A machine randomly selected from Maryland's voting machine warehouse was tested in a mock vote against two human vote-counting counterparts, and after counting fifty votes, the human vote counters had made several errors versus zero for the voting machine. But is this a legitimate test of the concerns of voting machine activists, or does it merely support a logical fallacy?"

rbuysse writes "A million monkeys can write Shakespeare, but it only takes one to mess up an election. Scoop here." Blackboxvoting is behind this demonstration; there's also a lengthy thread on the Bugtraq mailing list.

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."

Doc Ruby writes "Investigating a crack of eVoting company VoteHere, the FBI is said to be issuing a subpoena for the traffic logs of journalist Beverly Harris' BlackBoxVoting website. The FBI is pursuing Harris on the theory that her site is the connection between incriminating memos leaked from (VoteHere competitor) Diebold and the intrusion into VoteHere's servers. Are you on the list?"

Slashback tonight brings you word on the less-spectacular-than-advertised solar storm earlier in the week, Mandrake's response (a good one) to the problems their new release had with LG brand CD drives, more Diebold madness, and more, including a lengthy rebuttal to Slashdot's review of Eclipse in Action. Read on for the details, and check your costume in the mirror before leaving the house.

Copies files in under 17 minutes, I bet. Eug writes "The latest supercomputer list (Oct. 26) has Apple/VT's G5 Power Mac cluster at 9555 Gflops/s, which puts it into third place overall. This list is hosted here. This new score is interesting for a number of reasons, besides placing them in third place:

1. It is now ahead of the 1.5 GHz Itanium 2 cluster, which is composed of 1936 CPUs and which achieves 8633 Gflops/s.
2. On a per CPU basis, the G5 2.0 is also ahead of the Itanium 2. The G5 2.0 scores 4.52 Gflops/s per CPU, while the Itanium 2 1.5 scores 4.46 Gflops/s per CPU.
3. If one extrapolates from the score of NetworX's Xeon 2.4 cluster (2304 CPUs at 7623 Tflops/s), a G5 2.0 would be as fast as a Xeon 3.28 GHz.
4. Efficiency of the G5 clusters is now at 57%, which is considerably higher than the IBM POWER4 clusters in the top twenty. (The G5 is a derivative of the POWER4.)
5. Virginia Tech's cluster is now in shouting distance of 10 Teraflops/s, and there are still a few weeks left to optimize the system. (They've gained over 2 Teraflops/s in the last 2 weeks.
6. They have utilized only 2112 CPUs (1056 dual Power Macs), despite having supposedly purchased 2200."

eGovOS 3 cancelled due to EC funding withdrawal jaruz writes "Due to the unexpected withdrawal of EC funding for the eGovOS conference from the University of Maastricht's MERIT's FLOSSPOLS EC contract, the conference is now cancelled."

I prefer conspiracy theories, myself. MyNameIsFred writes "Slashdot recently discussed White House Website Limits Iraq-Related Crawling. It turns out The Dead Parrot Society got an explanation for their behavior. They used the unprecedented approach of asking someone at the White House. White House spokesman Jimmy Orr stated the blocking of search engines is not an attempt to ensure future revisions will remain undetected. Rather, he explained, they "have an Iraq section [of the website] with a different template than the main site." Thus, for example, a press release on a meeting between President Bush and Special Envoy Bremer is available in the Iraq template (blocked from being indexed by search engines) or the normal White House template (available for indexing by search engines). The attempt, Mr. Orr said, was that when people search, they should not get multiple copies of the same information. It was also reported that the White House recently asked the The Internet Archive to do a thorough scan of everything on its website."

My dad can beat up your burst of solar radiation. Earth survives solar storm. kurth writes "A major solar flare unleashed Tuesday punished Earth's protective magnetic field early Wednesday, but the planet and its high-tech communication systems appear to have weathered the worst of the storm."

eggfellow writes "here's an article in the WashPost about the geomagnetic storm that pounded Earth (with little disruption) [Tuesday]. What I want to know is why the predicted pounding-time was 12 hours later than actual. Can't these scientist do their math?"

Sounds like a nice feature. News.OSDir.com is reporting that Mandrake is re-releasing it's 9.2 ISOs and CDs after the unfortunate LG CD drive incident earlier this week. "The problem was that the kernel would send a FLUSH_CACHE command to the LG CD-ROM drive which would make the drive inoperable by overwriting its firmware....A new kernel (2.4.22-21mdk) has been released that fixes this problem in the kernel, although the CD-ROM devices are still not up to specification. New CDs and ISOs will be available shortly to correct these problems; they will come with the new kernel."

Maybe they should stick with safes and such. The work of the Swarthmore rebels is paying dividends, (they now have 17 mirrors of the Diebold memos set up). Meanwhile Scoop is reporting how one of the memos deals with an incident in which a single memory card from a precinct of just 600 voters managed to subtract 16022 votes from Al Gore in Florida, nearly lead to his concession of presidency. You can read more about this in Bev Harris's "Black Bov Voting" Chapter11 (PDF) also available here & here."

More on the Diebold front: cananian writes "Two students at MIT (I'm one of them) received cease-and-desist letters from Diebold today for mirroring Diebold's incriminating internal memos, which reveal (among other things) -16,000 votes being credited to Gore in Florida in the 2000 presidential election, how the vote could have been rigged by changing the audit logs or creating a manager card, etc. Students at Amherst also received cease-and-desist letters today. Diebold claims we are infringing its copyrights, but there is good precedent for the legality of the publication. The EFF has in is support: "Wendy Seltzer, an attorney for the Electronic Frontier Foundation [...] encouraged them to defy the Diebold cease-and-desist letters.""

... because making text cross-platform is Unamerican. David H. Rothman writes "Convert Lit, the program that lets you crack Microsoft Reader to make backups as part of Fair Use, has moved to a Polish host to escape the tyrannies of the new EU-style DMCAism in the United Kingdom and elsewhere. Meanwhile, in the wake of a new Copyright Office ruling on the DMCA, lawyer Robin Gross at IP Justice warns not to think that the DMCA peril has passed."

But how do you really feel? In reaction to our ealier review of Eclipse in Action, wobbet writes "I've started using Eclipse at work and consistently feel that there is more sophistication and power hiding underneath the obvious and wanted a book that would help me find and fine tune the goodies under the covers. I read a previous review of this book on Slashdot that prompted my purchase. If that review had not been as positive I probably would not have been so disappointed and moved to post my own review.

When I read a technical book I ask myself how well it stays on topic, how thoroughly it addresses the topic and whether it meets my expectations. In this instance I find that the book stays on topic about half of the time and that it is thorough about half of the time. Unfortunately that half of the time I really didn't care about and thereofre my expectations were unmet. To be honest - after reading the book and then re-reading the back cover I should have not even purchased the book because the objectives set forth on the back cover would have warned me that this book was not what I was looking for.

I found the first half of the book to be simply horrible. A supposed introduction to actually using Eclipse this section concentrates more on the "Agile" toolset that all competent, well-informed Java developers that care about the quality of their code, products and development process should already be using. Well, that's what all the books say anyway.

If I wanted a book on Agile tools for Java developers I would purchase Java Tools For Extreme Programming . Is it a great book? No, but it is honest about what it is - a survey of tools. Despite what Mr. Chappell says about Eclipse In Action, I did not find the authors' "...TDD evangelism, skillfully disguised as Eclipse usage instruction. ." Instead I found the first half of the book to be TDD Evangelism thinly disguised as poor Eclipse usage instructions. I did not learn a single thing about USING Eclipse that I hadn't already figured out from randomly selecting menu items over the past two months.

The second half of the book seemed to be a decent introduction to the development of Eclipse plug-ins. If I cared I probably would have found it interesting in its discussion of the API, the perspectives, views and even editors. Those of you that do care may find the second half of the book to be worth skipping the first half of the book."