Diebold Audit Released, BlackBoxVoting.Org Shut Down

Chris Soghoian writes "The State of Maryland requested an audit of the Diebold electronic voting system by SAIC, after a report released by Johns Hopkins University and Rice Researchers (disclaimer: I'm one of Dr Rubin's students) noted several security issues. A condensed, from 200 to 40 pages, and censored version of the report has been released online (PDF link). The report notes that 'SAIC has identified several high-risk vulnerabilities that, if exploited, could have significant impact upon the AccuVote-TS voting system operation.'" However, Diebold says Maryland are moving forward with installation with "new security features" included, and elsewhere, Badgerman points out "Diebold has shut down blackboxvoting.org, apparently with copyright claims made to their ISP. But you can still go to the blackboxvoting.com site."

Another good article at Salon.com on this

[AaronW]

Salon had an excellent article a couple of days ago discussing this as well. See the article here.

Personal reply from Bev Harris....

[Mike+Nesmith]

I've been researching this stuff for three years now. VERY scary shit. About Diebold: http://www.bartcop.com/diebold.htm About ES&S: http://www.commondreams.org/views03/0131-01.htm A Diebold machine is hacked, step-by-step and an election rigged here: http://www.scoop.co.nz/mason/stories/HL0307/S00064 .htm Congressman Rush Holt's bill: http://holt.house.gov/display2.cfm?id=6282&type=Ho me Contact your Congressman here: http://action.eff.org/action/index.asp?step=2&item =2754 A personal letter from Bev Harris I just received: I like what I'm hearing. I'm not decided on what to do, but as far as mobilizing thousands, we need mirrors on the memos, and here is an update you may find interesting. Please, send, tell or distribute this as widely as possible, including to blogs, your email list, and the media: An update from Bev at Black Box Voting: Diebold, of course, demanded shut down of http://www.blackboxvoting.org (see London Inquirer article, "Diebold takes down blackboxvoting.org" http://www.theinquirer.net/?article=11743 ) because we published a link to another web site. More on this here http://www.blackboxvoting.com , and you'll find the letter from the Diebold attorney http://www.thoughtcrimes.org here -- and for a small hoot, please notice that the letter, which is not copyrighted, INCLUDES THE LINK (three times) which they object to, and therefore republishing the letter telling people not to publish the link actually serves to publish the link. We're working on replacing the site. Here's what I've been doing for two days now: REPORTER: Why is Diebold sending cease and desists? ME: Because they don't want anyone to see their memos REPORTER: Oh. What is in the memos? ME: Oh, admissions by their top programmers about security flaws and using uncertified software and using cell phones to intercept and transfer votes and discussions of how to fake things... REPORTER: Wow. Where can I download these? ME: At this web site http://211.117.160.48:8000/s/lists/index.html or this web site http://www.smashthetrifecta.com/diebold-memos-1.ht m REPORTER: Okay I'm going there now, okay, it's downloading, when I'm done will you give me a guided tour? ME: Sure. And also, go to this article for an easy-to-read primer: http://salon.com/tech/feature/2003/09/23/bev_harri s/index.html and also, here is a neat little web page http://new.globalfreepress.com/mnogosearch/search. cgi where you just enter any search term and it instantly searches and find you the Diebold memos that match REPORTER: What search terms should I start with? ME: Try "boogie man" and also "hack" "cel phone" "broken" "fake" "vaporware" and one of my personal favorites, "King County is famous for it" (I live in King County) REPORTER: Here's one: "What good are rules" -- Gosh, what is he doing? Is that legal? ME: No. And so it goes. Excellent plan, Diebold. Yes, shut down a web site, that'll help. Besides reporters, the memos have now been downloaded by the U.S. House of Representatives. Postscript: Today, the SAIC report came out evaluating Diebold. It summarizes: FAILURE TO MEET THE MINIMUM STANDARDS SET FORTH BY THE STATE OF MARYLAND Information Security Policy and Standards indicates that the system is vulnerable to exploitation. The results of a successful attack could result in voting results being released too soon, altered, or destroyed. The impact of exploitation could lead to a failure of the elections process by failing to elect to office, or decide in a ballot measure, according to the will of the people. The impact could be a loss of voter confidence, embarrassment to the State, or release of incomplete or inaccurate election results to the media. AND HERE IS THE DIEBOLD PRESS RELEASE, which doesn't match: "The thorough system assessment conducted by SAIC verifies that the Diebold voting station provides an unprecedented level of election security." If you see the above, it means your r

I call for massive Vote Fraud!

[teamhasnoi]

Two can play this game, Diebold. How would you like to see hackers and crackers go to town on your machines? I'm sure one can be obtained rather easily from a smaller voting district.

Distribute and arm 1,000 geeks with smart cards, Wi-Fi sniffers, and other tools and the landscape of politics may be slightly different the next day.

I'd love to see some *real* work get done at last. What better way than to get a Jolt-infused programmer who is used to doing 14 hour stretches who's tired of copyright, IP, DMCA, patent abuse. Guess what? Our canidate doesn't need to listen to your corporations! We can get him or her, or one just like them with the swipe of a card, or the sniff of a packet.

Be careful, kids. You don't want to fuck with the guys who can own you at the drop of a hat. We'll see how Diebold does without it's massive conflicts of interests holding it's hand.

See you in 2004!