Yeah, I remember that. Actually, the Nevada Secretary of State's office asked the Gaming Control Board to review the Diebold paperless touchscreens in particular. The Board spent about four pages if I recall right, saying basically "it sucks":).
Drop dead funny, taken from a "dumpster dive session" behind an elections department warehouse in Volusia County FL in which all sorts of real voting records (mainly the critical end-of-day polltapes) had been thrown out. Illegally.
("Poll tapes" are printed on older voting machines on "cash register rolls", they basically spit out about 3ft worth of "I took in 345 votes for Bush, 257 for Kerry" type stuff, keeping a "running tally". They're not as good as a voter verified paper trail, they can be "hacked" at least in Diebold's case, but that's not THAT easy and a cheating election official(s) with limited or no techie background would find it easier to just junk them.)
Paper trails are great so long as they're USED, at least for spot-checking.
Right now, California has one of the better laws on this, saying that 1% of the precincts need to be hand-counted once there's a paper trail in place. And paper trails are mandated beginning in '06.
Great.
But several counties don't assign their absentee ballots to precincts - they treat them as a distinct batch. And since they're not PRECINCTS, these counties claim they don't fall under the 1% manual recount rule.
Los Angeles County (population 12 MILLION) is among these.
So even though absentee voting *always* includes a paper trail (the part people mail in), in LA and elsewhere it doesn't get spot-checked. Hack just that portion of the vote, you're golden.
Sigh.
In six states it's ILLEGAL to recount paper ballots...danged if I know why. Most states don't have a spot-check rule.
Voter verifiable paper is a good start but it's only "part of this complete breakfrast" if you know what I mean...
Yeah, these concepts have been kicked around some.
The single nastiest:
Let's say that in order to avoid "specialty hardware" like this meant to beat such code-checks, we went with open-source software that runs on any reasonably standard PC, bought from Dell, a local clone shop, whatever Best Buy has on sale, etc.
But somebody REALLY wanted to hack elections, on a massive scale.
They find some piece of "motherboard guts chip" that nearly everybody uses, or they infiltrate Intel or something, and put something nasty in that gets called by the voting application software and nothing else. And the various source code reviewers (pro and amateur) all miss the trigger code.
How likely is this?
Well...something sorta similar did happen once before. Remember years ago when there was a speed war between various video card makers, and one of the big magazines (PC Mag?) had a video performance benchmark, and several video card makers were caught doing firmware that looked for that magazine's benchmark and when they found it, they stripped error checking and whatnot to the bare bones and ran balls-to-the-wall just to make pretty numbers on the benchmark?
Sorta similar. But it DID get caught and we even figured out exactly who did it. No crime was committed though.
I don't know...on the one hand, the leadership of the free world is at stake, on the other the penalties for getting caught are pretty nasty.
One thing we can do better (in addition to source code review) is better software test procedures in the elections biz.
Oh man. You're not going to believe this, but it's true: in the "logic and accuracy tests" before and after elections, you know what they do to the various voting machines?
As God is my witness: they set them to "test mode" instead of "election mode".
I mean, the first time I saw that, I knew something Dilbert's-boss-level-stupid was going on.
REAL testing would happen in "election mode", with the date/time set to the actual election(!) and with every other possible parameter same as the real deal, right?
Here's the manual for a real voting machine in use in California, from the SecState's site:
--- 4.3. Pre-Election Logic and Accuracy Test (Pre-LAT) The local election official shall have the entire system, both machines and central system, tested to ascertain that it will properly count the votes cast for all offices and all questions. The test shall be conducted by manually and/or electronically performing Vote Simulation Cartridge in the Pre-Election Logic and Accuracy Test mode of the voting machine. The test must utilize a pre-determined test script of at least one vote for each possible selection within an office of question. To test the central system, a number of results cartridges from the machines will be tallied. The printed results from the central system are compared to both the machine results and the test script. If a voting machine or the central system does not accurately count the test script or test vote, the cause for the error shall be ascertained and corrected and an errorless count shall be made before the system is approved for use of counting votes. ---
"I don't know what the right response is for you people, but clearly the state officials are being "handled" by Diebold here. You have to find some way expose or work against or break this down."
Well we've "handled" it back so far by proposing a much more reasonable test protocol. No response yet from them.
The thing about us doing the hack is, yes it'll be great if it's fair, but...OK, let's say the SecState's office does it, and it turns out later that what they tested was a classic "lab queen" Diebold Frankensteined up nice and special. Can you say "egg on face"? "Who does the hack" is connected to "who takes the political risk if it's done wrong"...noteworthy especially since state law (EC19202) says it's THEM that does the testing...
At the same moment we replied in EMail to the SecState's office, we put out a press release on this subject...we've had a fair number of responses so far and a few of hits in Google News just today:
It's not a lot...but it's had one comical effect: the various reporters we've talked to have all tried to call the guy at the SecState's office engineering this thing (Bruce McDannold, whose phone number we included in our press release) and they all say he hasn't answered phone calls. He also hasn't gotten back to us, which is odd because he's usually very good about returning EMails.
I refuse to speculate on what he's up to and I'll forego the snideness I'm thinking.
To answer your original question: we WILL do this thing even with at least some of their restrictions in place...but we want a basically fair shot here, and what was proposed...well y'all can decide for yourselves what sort of offer they made us.
---
Full disclosure: I helped Bev Harris decipher the massive pile of files she downloaded from a Diebold FTP site in January '03 starting around July '03 on my part. She founded Black Box Voting Inc. as a non-political non-profit (501(c)(3) tax status) in mid-2004, at which time I became a volunteer member of the BBV board of directors. In July I lost my day job and three weeks ago I joined the full-time staff at BBV, resigning from the board of directors and moving up to the Seattle area. BBV has a full-time staff of three, I make $2k a month. Bev and I were the two co-plaintiffs in a consumer protection lawsuit in California that netted the state of California a $2.6mil refund; Bev and I each collected a "bounty" of $76,000. That suit started prior to BBV's formation as a non-profit and was run without any of the non-profit's resources.
A variant of this for voting machines would involve the distribution of the MD5s or similar on the websites of the vendors, the county governments using it, the Federal Election Commission website and the like, along with a script that will check every file on the voting machine in question for accuracy.
A concerned voter or party rep or one of us at Black Box Voting or whatever can download all that, put it on CD-ROM.
The county can then test the CD you bring in and make sure it contains nothing but the "checker program", mark that CD "approved", you then stick it in the voting machine(s) and run it even with very limited "geek quotient". Now everybody can trust everybody.
--------------
Another big issue is that the data files need to be made public. As God is my witness, Diebold and other major vendors are claiming that the database files (MS-Access in Diebold's case, SQL in most others) are "proprietary trade secrets"(!) and cannot be released by the counties under various public records laws of each state.
This is utter BS. Hell, if you have just ONE set of Diebold data files you know their table layouts and whatnot, and many such have been published all over the net for literally years...with Diebold taking no legal action to make them go away since...well they gave up around Oct. of 2003. See also:
Diebold MS-Access data files *can* hold forensic traces of vote-hacking if the hack wasn't done very professionally. So why is Diebold fighting to make sure the data files don't end up in public hands, when this "trade secrets" argument is clearly horse manure?
Either they're messing with votes, or they're afraid some of the counties are because Diebold has made it so damned easy.
1) The Libertarian connection happened as a result of California Election Code 15004, which reads:
--- The county central committee of each qualified political party may employ, and may have present at the central counting place or places, not more than two qualified data processing specialists or engineers to check and review the preparation and operation of the tabulating devices, their programming and testing, and have the specialists or engineers in attendance at any or all phases of the election. ---
So we (Black Box Voting) approached the California Libertarian Party to team up and do up-close inspections of these voting machines, or at least explore what's possible under 15004. They hired us at a buck a day. The main result: we ended up with listings of installed software and drivers that make it obvious Diebold wasn't obeying a court order to shut down networking drivers that weren't necessary. We've complained to the California AG's office about this and Diebold's cross-connection of the San Diego central tabulator box to the Internet (also banned by both the same court order and state regulation). More details at:
This upcoming "test hack" at the California Secretary of State's office is another matter entirely.
This all started when we (Black Box Voting) hired Finnish security consultant Harri Hursti to help out in a "test hack" in Leon County FL where the county elections official (Ion Sancho) was worried about all this "Diebold" controversy.
What Hursti found was pretty wild. In short: before the election, all the precinct memory cards are prepped from the central vote count box with the ballot and candidate data...normal enough. But the cards are also prepped with interpreted BASIC code loaded into all the memory cards to control the output of the summary counter printer at each precinct. Worse, if you mess around with that code loaded first at the central tabulator, you can make that end-of-day-printout read whatever you want...put in a vote-skimming routine, false numbers, whatever. Nothing in the system at the central or precinct ends checks for hashes or whatever to see if the BASIC code is legit. Said code can be date/time sensitive so that the machines will still pass Logic&Accuracy testing before or after the election. With the paper trail at the precinct dickered with, you can use the other major hack available - altering the central database of votes to match the precinct report paper. Not hard - the central database of votes is written in MS-Access so either load a commercial copy of Access and tweak by hand, or load/type a Visual Basic script to monkey with the JET database engine (the "Access back end") on autopilot.
Since then, *nobody* has tried to duplicate the Hursti results. If they're true, Diebold would have to do a nationwide recall and the Federally approved testing labs (Ciber Inc. in Huntsville AL and a division of Wyle also in Huntsville) would need a visit by people with badges, guns and search warrants.
After the preliminary report on the Leon County hack was released but before the final report linked above, Bev Harris and I formally asked the California Secretary of State's office to check out the issues Hursti found, under yet another obscure clause of the California elections code, 19202:
--- Any person or corporation owning or being interested in any voting system or part of a voting system may apply to the Secretary of State to examine it and report on its accuracy and efficiency to fulfill its purpose. The Secretary of State shall complete his or her examination without undue delay
This crap is going to cripple their CD sales. The maliciousness of this is probably enough to get them out of their contract with Sony with *massive* damages. Nobody who hears about this will buy a Van Zant CD - this could very well kill off the band entirely because they'll be the band best known for a connection with this insanity, simply because Mark Russinovich happened to be a fan!
One advantage of being deep into political activism is that I have lots of friends with law degrees. So I was able to do the research necessary on this beforehand; that combined with being single and...well, physically large (6'4") made this a pretty safe process and necessary to point out the lack of observability in these systems.
I guess what I'm saying is, it wasn't really that risky on any level - legal, physical, financial. It was annoying as hell and the downside to being my size is, cuffed in a CRAMPT cop-car back seat cuffed with your hands behind for a couple hours flat-out hurts. But there was no damage:).
Late 1980s, a company called "Personics" figured out how to compress music by a factor of 8x onto CDs held in a large jukebox. They installed these into music stores where people could order cassette tapes burned from the jukebox catalog into multi-artist mix tapes at a price-per-song similar to itunes or the like today. At 8x compression a full 60min tape could be cut in 8 minutes or so while the customer waited. Music made it onto the jukebox by record company permission; each night the music-store machines were polled by modem for sales and royalties assigned.
So why did the music industry kill them off just as they were getting successful a couple years post-startup (and were beggining preparation for the switch to CD burning for the user vs. cassette)?
It wasn't just about money. It was about power.
The music industry is a "gatekeeper of culture". It costs money to retail package media. To get to where they'll do it for you, you need to kiss up to them (if you're a startup artist) and give them a killer contract.
Personics had the ability to change all that - some garage band could cut tracks themselves with the gear that was getting better and cheaper all the time, send the master to Personics, they include it on the latest jukebox set, and presto - no more middleman record executive parasites.
I-tunes has the same possibilities, multipled because the distribution system is even cheaper. If itunes gets big enough, artists could use them for distribution, cutting out the middlemen. If Steve Jobs ever does that, the music biz will unite to try and stomp him flat. As is, some are attacking in case he *might*.
The record companies HAD to put their feet down before itunes got so big it didn't need to worry about losing major labels. Itunes is in exactly the same position Personics was in...but they're FAR better financed and the fear of rampant piracy as an alternative means this time the entire music biz isn't united against them the way they were against Personics.
I think the US still has more potential in the long run. The Constitution and Bill Of Rights aren't quite dead YET, although they're damned well on life support!
Both the basic structure of the mainland Chinese government and it's actual practices are rotten to the core. And with dissent brutally and violently suppressed, there's no way in hell short of civil war it'll get any better.
You think we're aggressive? Watch China goes to war to get Siberian resources sometime soon, the last big untapped resource pool on the planet other than Antarctica and the seabeds.
Take a hard look at China and tell me Bush is in the same league. Ain't no WAY.
This is all going into the older motorhome I'm renovating:).
Every watt going into and out of that monster 650lb battery (all $1800 worth) will be measured by the Bogart Engineering "Trimetric" device. It sits in-line with the battery negative terminal.
The solar charge controller has it's own measuring system as does the inverter/charger but those can be mostly ignored - it's the Trimetric that matters.
Note: "inverters" take 12v DC (or 24v or whatever size battery bank you're running) and convert that to 110v wall juice. Good ones deliver "pure sine wave" power like a very clean electrical outlet. An "inverter charger with pass-through" like my Outback 2812 will take any amount of incoming AC (utility grid, generator, whatever) and pass it through while also charging the battery at 12v in my case. When the utility grid or generator is cut off, it works in reverse, delivering 110v from the battery bank.
My main inverter is this sort of inverter/charger. My secondary inverter is "just an inverter" and smaller at 1100watt, but it's completely isolated from what's going on at the other inverter - a major load like air conditioning or the washer/dryer combo can spectacularly puke and die over on the 2800w main inverter and it'll cause not a single glitchy on the 1100 inverter powering the computer gear, satellite internet, etc.
Anyways. If I wanted to monitor all this with a PC I'd get the Bogart "Pentametric" with PC interface:
I've been utterly unable to import Mozilla Mail data into Thunderbird. Until I can, how in hell am I supposed to transfer away from what they're "killing"?
I've got mail archives going back to...God, 1999 (originally OE, imported fine into Moz).
Does anybody else remember how Diebold Election Systems had to pay over six figures to a group of ISPs/webhosts who they sent fraudulent cease'n'desists to in order to shut down public debate?
http://www.eff.org/legal/ISP_liability/OPG_v_Die bo ld/
This strikes me as being VERY similar to both the Diebold case and various "SLAPP suits" (Strategic Lawsuits Against Public Participation). It's all about fraudulently using the courts or threats of same to halt public discussion and debate.
A piece of advice: OE is tolerable if you're doing relatively low volumes of mail and/or ruthlessly deleting spam. Once you get into archiving 20,000 messages every few months, OE's mailbox files WILL come unglued, you WILL start to lose old messages.
If you're politically active or really need your large old archives for any reason, I cannot recommend strongly enough avoiding OE.
It's really weird; Moz ate my old OE mail just fine (even though it was internally screwed up to where *OE* couldn't!) and now I've got scads of archived stuff in folders in Mozilla mail.
Loaded Thunderbird (.8), it wouldn't recognize my Moz mail (Mozilla 1.7.3) for love or money.
I'll get Moz 1.7.5 up first and once debugged grab the latest TBird and try again. But the ability to read mail files that closely related is...gawd, *basic*, no?
--- OFFICE OF INSPECTOR GENERAL ANNUAL REPORT FOR FISCAL YEAR 2002-2003 EMPLOYEE MISCONDUCT - REPRESENTATIVE CASE EXAMPLES
Georgalis - This investigation was initiated based on a complaint against Mavis R. Georgalis by Yang Enterprises, Inc. (YEI), a Florida corporation.
YEI provides information technology services and support under an eight-year (January 20, 1999 to January 20, 2007) and approximately eight million dollar contract for the Department, known as the Electronic Document Management System contract.
The investigation established that Georgalis received travel reimbursements from the Department based on false claims for lodging and meals already paid by YEI. It also disclosed Georgalis engaged in a pattern of misconduct, over several years, by accepting gifts and other gratuities from YEI. These gratuities included trips with YEI officials to Biloxi, Mississippi and Las Vegas, Nevada. Georgalis further created a conflict of interest by accepting gifts from another contractor whom she regulated. Lastly, it has been documented that Georgalis used her position and Department resources to seek other employment opportunities.
Summary of Findings/Resulting Actions
Mavis Georgalis resigned her position with the Florida Department of Transportation on April 1, 2002.
On March 6, 2003 Georgalis was charged with receipt of unlawful compensation (Section 838.016 F.S.) Georgalis surrendered to the Columbia County Sheriff's Office on March 12, 2003 and is awaiting a court date. ---
So wait...Yang doesn't like a particular gov't official, so THEY admit to having bribed said official, official gets fired and charged (based on paperwork Yang submits?) and nothing happens to Yang which has connections to Jeb Bush and an FL congressman?
OK, that's...kinda funky. Doesn't mean Clinton isn't full of it of course.
If there is ANYTHING to this story, it looks like this guy Clinton got royally pissed at Yang, enough so to blow the secrecy off a Qui Tam action? Or did the secrecy period on the Qui Tam action already expire? "Qui Tam" whistleblower suits start out "in secret"...I oughta know, Bev and I filed one on Diebold back in Nov. of '03, secrecy wasn't lifted until just a couple months ago.
Damned if I know what's up here. I'm going to wait for more data.
Bev Harris is even more skeptical and has published this:
~~~
Why the Feeney vote-rigging story sounds like disinformation
ABOUT DISINFORMATION: Like a good lie, it has elements of truth. Trouble is, the truth doesn't relate to the nuts and bolts of the story. For example in the Tom Feeney vote-manipulation story, people are documenting relationships between Tom Feeney and Yang, and between the writer of the story and other scandals, but so far the evidence presented does not back up the vote manipulation story itself.
DISINFORMATION IS DANGEROUS TO THE CLEAN VOTING MOVEMENT: Black Box Voting is finding real evidence consistent with fraud. We are even finding, in one of our investigations, evidence consistent with a systemic, or widespread breakdown in security, possibly exploited. Getting the facts is tedious, unexciting work, consisting of auditing and personal interviews, and it takes time. Many Americans want a magic bullet, a single shot that will blow the lid off everything at once.
That's risky. If the mainstream media continues to be bombarded with stories that sound credible, but aren't, when the real thing comes down the pike it will be ignored.
Whil
Just how screwed up is Diebold? Video download...
on
Buggy Voting Machines
·
· Score: 2, Interesting
Playing time is only 15 minutes. File size is that big because it's in 800x600.AVI:).
I "filmed" it with a screen record utility with audio commentary voice-over. Sound is a bit low, but crank the volume and it'll work. It uses the Intel Indeo codex which I understand is problematic on Macs...sorry. Windoze Media handles it and I would suspect there's some Linux player available?
If anybody here doesn't "get it" yet about how screwed up their "security" (ha!) is, this will do. Makes sense to most non-techies, too.
Slashdot Mirror
Yeah, I remember that. Actually, the Nevada Secretary of State's office asked the Gaming Control Board to review the Diebold paperless touchscreens in particular. The Board spent about four pages if I recall right, saying basically "it sucks" :).
Jim March
Black Box Voting
c title...
Definately a she, not on meds, has no use for Osama Yo Mama, ain't a commie :).
She has however been an action movie star:
http://www.bbvdocs.org/videos/volusia2.mpg
Drop dead funny, taken from a "dumpster dive session" behind an elections department warehouse in Volusia County FL in which all sorts of real voting records (mainly the critical end-of-day polltapes) had been thrown out. Illegally.
("Poll tapes" are printed on older voting machines on "cash register rolls", they basically spit out about 3ft worth of "I took in 345 votes for Bush, 257 for Kerry" type stuff, keeping a "running tally". They're not as good as a voter verified paper trail, they can be "hacked" at least in Diebold's case, but that's not THAT easy and a cheating election official(s) with limited or no techie background would find it easier to just junk them.)
Paper trails are great so long as they're USED, at least for spot-checking.
Right now, California has one of the better laws on this, saying that 1% of the precincts need to be hand-counted once there's a paper trail in place. And paper trails are mandated beginning in '06.
Great.
But several counties don't assign their absentee ballots to precincts - they treat them as a distinct batch. And since they're not PRECINCTS, these counties claim they don't fall under the 1% manual recount rule.
Los Angeles County (population 12 MILLION) is among these.
So even though absentee voting *always* includes a paper trail (the part people mail in), in LA and elsewhere it doesn't get spot-checked. Hack just that portion of the vote, you're golden.
Sigh.
In six states it's ILLEGAL to recount paper ballots...danged if I know why. Most states don't have a spot-check rule.
Voter verifiable paper is a good start but it's only "part of this complete breakfrast" if you know what I mean...
Jim March
Black Box Voting
Hmmmm.
Yeah, these concepts have been kicked around some.
The single nastiest:
Let's say that in order to avoid "specialty hardware" like this meant to beat such code-checks, we went with open-source software that runs on any reasonably standard PC, bought from Dell, a local clone shop, whatever Best Buy has on sale, etc.
But somebody REALLY wanted to hack elections, on a massive scale.
They find some piece of "motherboard guts chip" that nearly everybody uses, or they infiltrate Intel or something, and put something nasty in that gets called by the voting application software and nothing else. And the various source code reviewers (pro and amateur) all miss the trigger code.
How likely is this?
Well...something sorta similar did happen once before. Remember years ago when there was a speed war between various video card makers, and one of the big magazines (PC Mag?) had a video performance benchmark, and several video card makers were caught doing firmware that looked for that magazine's benchmark and when they found it, they stripped error checking and whatnot to the bare bones and ran balls-to-the-wall just to make pretty numbers on the benchmark?
Sorta similar. But it DID get caught and we even figured out exactly who did it. No crime was committed though.
I don't know...on the one hand, the leadership of the free world is at stake, on the other the penalties for getting caught are pretty nasty.
One thing we can do better (in addition to source code review) is better software test procedures in the elections biz.
Oh man. You're not going to believe this, but it's true: in the "logic and accuracy tests" before and after elections, you know what they do to the various voting machines?
As God is my witness: they set them to "test mode" instead of "election mode".
I mean, the first time I saw that, I knew something Dilbert's-boss-level-stupid was going on.
REAL testing would happen in "election mode", with the date/time set to the actual election(!) and with every other possible parameter same as the real deal, right?
Here's the manual for a real voting machine in use in California, from the SecState's site:
http://www.ss.ca.gov/elections/091404_5a_p.pdf
On page 9:
---
4.3. Pre-Election Logic and Accuracy Test (Pre-LAT)
The local election official shall have the entire system, both machines and central system, tested
to ascertain that it will properly count the votes cast for all offices and all questions. The test
shall be conducted by manually and/or electronically performing Vote Simulation Cartridge in
the Pre-Election Logic and Accuracy Test mode of the voting machine. The test must utilize a
pre-determined test script of at least one vote for each possible selection within an office of
question. To test the central system, a number of results cartridges from the machines will be
tallied. The printed results from the central system are compared to both the machine results
and the test script. If a voting machine or the central system does not accurately count the test
script or test vote, the cause for the error shall be ascertained and corrected and an errorless
count shall be made before the system is approved for use of counting votes.
---
Doh!
Quoting:
/ 97374
"I don't know what the right response is for you people, but clearly the state officials are being "handled" by Diebold here. You have to find some way expose or work against or break this down."
Well we've "handled" it back so far by proposing a much more reasonable test protocol. No response yet from them.
The thing about us doing the hack is, yes it'll be great if it's fair, but...OK, let's say the SecState's office does it, and it turns out later that what they tested was a classic "lab queen" Diebold Frankensteined up nice and special. Can you say "egg on face"? "Who does the hack" is connected to "who takes the political risk if it's done wrong"...noteworthy especially since state law (EC19202) says it's THEM that does the testing...
At the same moment we replied in EMail to the SecState's office, we put out a press release on this subject...we've had a fair number of responses so far and a few of hits in Google News just today:
http://www.govtech.net/magazine/channel_story.php
(and the same story above in another "government news site"...)
http://www.fcw.com/article91533-11-23-05-Web
It's not a lot...but it's had one comical effect: the various reporters we've talked to have all tried to call the guy at the SecState's office engineering this thing (Bruce McDannold, whose phone number we included in our press release) and they all say he hasn't answered phone calls. He also hasn't gotten back to us, which is odd because he's usually very good about returning EMails.
I refuse to speculate on what he's up to and I'll forego the snideness I'm thinking.
To answer your original question: we WILL do this thing even with at least some of their restrictions in place...but we want a basically fair shot here, and what was proposed...well y'all can decide for yourselves what sort of offer they made us.
---
Full disclosure: I helped Bev Harris decipher the massive pile of files she downloaded from a Diebold FTP site in January '03 starting around July '03 on my part. She founded Black Box Voting Inc. as a non-political non-profit (501(c)(3) tax status) in mid-2004, at which time I became a volunteer member of the BBV board of directors. In July I lost my day job and three weeks ago I joined the full-time staff at BBV, resigning from the board of directors and moving up to the Seattle area. BBV has a full-time staff of three, I make $2k a month. Bev and I were the two co-plaintiffs in a consumer protection lawsuit in California that netted the state of California a $2.6mil refund; Bev and I each collected a "bounty" of $76,000. That suit started prior to BBV's formation as a non-profit and was run without any of the non-profit's resources.
Exactly.
...for my personal collection and
...for a view of the first and last time they tried to have any of my stuff taken offline.
A variant of this for voting machines would involve the distribution of the MD5s or similar on the websites of the vendors, the county governments using it, the Federal Election Commission website and the like, along with a script that will check every file on the voting machine in question for accuracy.
A concerned voter or party rep or one of us at Black Box Voting or whatever can download all that, put it on CD-ROM.
The county can then test the CD you bring in and make sure it contains nothing but the "checker program", mark that CD "approved", you then stick it in the voting machine(s) and run it even with very limited "geek quotient". Now everybody can trust everybody.
--------------
Another big issue is that the data files need to be made public. As God is my witness, Diebold and other major vendors are claiming that the database files (MS-Access in Diebold's case, SQL in most others) are "proprietary trade secrets"(!) and cannot be released by the counties under various public records laws of each state.
This is utter BS. Hell, if you have just ONE set of Diebold data files you know their table layouts and whatnot, and many such have been published all over the net for literally years...with Diebold taking no legal action to make them go away since...well they gave up around Oct. of 2003. See also:
http://www.equalccw.com/dieboldtestnotes.html
http://www.equalccw.com/liebold.html
Diebold MS-Access data files *can* hold forensic traces of vote-hacking if the hack wasn't done very professionally. So why is Diebold fighting to make sure the data files don't end up in public hands, when this "trade secrets" argument is clearly horse manure?
Either they're messing with votes, or they're afraid some of the counties are because Diebold has made it so damned easy.
Jim March
BlackBoxVoting (.org)
Let's make a few points clear here.
.cgi?file=/1954/14325.html
1) The Libertarian connection happened as a result of California Election Code 15004, which reads:
---
The county central committee of each qualified political party may employ, and may have present at the central counting place or places, not more than two qualified data processing specialists or engineers to check and review the preparation and operation of the tabulating devices, their programming and testing, and have the specialists or engineers in attendance at any or all phases of the election.
---
So we (Black Box Voting) approached the California Libertarian Party to team up and do up-close inspections of these voting machines, or at least explore what's possible under 15004. They hired us at a buck a day. The main result: we ended up with listings of installed software and drivers that make it obvious Diebold wasn't obeying a court order to shut down networking drivers that weren't necessary. We've complained to the California AG's office about this and Diebold's cross-connection of the San Diego central tabulator box to the Internet (also banned by both the same court order and state regulation). More details at:
http://www.bbvforums.org/cgi-bin/forums/board-auth
This upcoming "test hack" at the California Secretary of State's office is another matter entirely.
This all started when we (Black Box Voting) hired Finnish security consultant Harri Hursti to help out in a "test hack" in Leon County FL where the county elections official (Ion Sancho) was worried about all this "Diebold" controversy.
What Hursti found was pretty wild. In short: before the election, all the precinct memory cards are prepped from the central vote count box with the ballot and candidate data...normal enough. But the cards are also prepped with interpreted BASIC code loaded into all the memory cards to control the output of the summary counter printer at each precinct. Worse, if you mess around with that code loaded first at the central tabulator, you can make that end-of-day-printout read whatever you want...put in a vote-skimming routine, false numbers, whatever. Nothing in the system at the central or precinct ends checks for hashes or whatever to see if the BASIC code is legit. Said code can be date/time sensitive so that the machines will still pass Logic&Accuracy testing before or after the election. With the paper trail at the precinct dickered with, you can use the other major hack available - altering the central database of votes to match the precinct report paper. Not hard - the central database of votes is written in MS-Access so either load a commercial copy of Access and tweak by hand, or load/type a Visual Basic script to monkey with the JET database engine (the "Access back end") on autopilot.
Net result: one thoroughly "pwned" election.
The full report:
http://www.blackboxvoting.org/BBVreport.pdf
Since then, *nobody* has tried to duplicate the Hursti results. If they're true, Diebold would have to do a nationwide recall and the Federally approved testing labs (Ciber Inc. in Huntsville AL and a division of Wyle also in Huntsville) would need a visit by people with badges, guns and search warrants.
After the preliminary report on the Leon County hack was released but before the final report linked above, Bev Harris and I formally asked the California Secretary of State's office to check out the issues Hursti found, under yet another obscure clause of the California elections code, 19202:
---
Any person or corporation owning or being interested in any voting system or part of a voting system may apply to the Secretary of State to examine it and report on its accuracy and efficiency to fulfill its purpose. The Secretary of State shall complete his or her examination without undue delay
...do you get a subwoofer?
This crap is going to cripple their CD sales. The maliciousness of this is probably enough to get them out of their contract with Sony with *massive* damages. Nobody who hears about this will buy a Van Zant CD - this could very well kill off the band entirely because they'll be the band best known for a connection with this insanity, simply because Mark Russinovich happened to be a fan!
Thanks for the kind words.
:).
One advantage of being deep into political activism is that I have lots of friends with law degrees. So I was able to do the research necessary on this beforehand; that combined with being single and...well, physically large (6'4") made this a pretty safe process and necessary to point out the lack of observability in these systems.
I guess what I'm saying is, it wasn't really that risky on any level - legal, physical, financial. It was annoying as hell and the downside to being my size is, cuffed in a CRAMPT cop-car back seat cuffed with your hands behind for a couple hours flat-out hurts. But there was no damage
http://www.bbvforums.org/forums/messages/1954/8556 .html?1122679073
8 .html?1122664155
:). And coming up with $10k in bail was a pain.
5 .html?1124737282 ...and I've taken the first step in suing 'em:
d f
http://www.bbvforums.org/forums/messages/1954/856
The good news is, it was only 18 hours. Still sucked
But the DA's office dropped all charges:
http://www.bbvforums.org/forums/messages/1954/942
http://www.equalccw.com/claimforcivildamagesnet.p
Anybody seen the Hari Hursti report yet?
http://www.blackboxvoting.org/BBVreport.pdf
OK, history lesson:
Late 1980s, a company called "Personics" figured out how to compress music by a factor of 8x onto CDs held in a large jukebox. They installed these into music stores where people could order cassette tapes burned from the jukebox catalog into multi-artist mix tapes at a price-per-song similar to itunes or the like today. At 8x compression a full 60min tape could be cut in 8 minutes or so while the customer waited. Music made it onto the jukebox by record company permission; each night the music-store machines were polled by modem for sales and royalties assigned.
So why did the music industry kill them off just as they were getting successful a couple years post-startup (and were beggining preparation for the switch to CD burning for the user vs. cassette)?
It wasn't just about money. It was about power.
The music industry is a "gatekeeper of culture". It costs money to retail package media. To get to where they'll do it for you, you need to kiss up to them (if you're a startup artist) and give them a killer contract.
Personics had the ability to change all that - some garage band could cut tracks themselves with the gear that was getting better and cheaper all the time, send the master to Personics, they include it on the latest jukebox set, and presto - no more middleman record executive parasites.
I-tunes has the same possibilities, multipled because the distribution system is even cheaper. If itunes gets big enough, artists could use them for distribution, cutting out the middlemen. If Steve Jobs ever does that, the music biz will unite to try and stomp him flat. As is, some are attacking in case he *might*.
The record companies HAD to put their feet down before itunes got so big it didn't need to worry about losing major labels. Itunes is in exactly the same position Personics was in...but they're FAR better financed and the fear of rampant piracy as an alternative means this time the entire music biz isn't united against them the way they were against Personics.
Gonna be a damned interesting fight indeed.
I think the US still has more potential in the long run. The Constitution and Bill Of Rights aren't quite dead YET, although they're damned well on life support!
Both the basic structure of the mainland Chinese government and it's actual practices are rotten to the core. And with dissent brutally and violently suppressed, there's no way in hell short of civil war it'll get any better.
You think we're aggressive? Watch China goes to war to get Siberian resources sometime soon, the last big untapped resource pool on the planet other than Antarctica and the seabeds.
Take a hard look at China and tell me Bush is in the same league. Ain't no WAY.
...can we all please remember that the current government of mainland China is comprised of some very not nice people?
China is presently a "Thugocracy". When something like that is in the neighborhood, you keep your guns oiled and loaded at all times.
Sigh...remove the "/" on the first link...sorry.
http://www.equalccw.com/wiringdiagram.gif
That's a whole 'nuther thing.
:).
...but...why? :)
http://www.equalccw.com/wiringdiagram.gif/
This is all going into the older motorhome I'm renovating
Every watt going into and out of that monster 650lb battery (all $1800 worth) will be measured by the Bogart Engineering "Trimetric" device. It sits in-line with the battery negative terminal.
http://bogartengineering.com/trimetric.htm/
The solar charge controller has it's own measuring system as does the inverter/charger but those can be mostly ignored - it's the Trimetric that matters.
Note: "inverters" take 12v DC (or 24v or whatever size battery bank you're running) and convert that to 110v wall juice. Good ones deliver "pure sine wave" power like a very clean electrical outlet. An "inverter charger with pass-through" like my Outback 2812 will take any amount of incoming AC (utility grid, generator, whatever) and pass it through while also charging the battery at 12v in my case. When the utility grid or generator is cut off, it works in reverse, delivering 110v from the battery bank.
My main inverter is this sort of inverter/charger. My secondary inverter is "just an inverter" and smaller at 1100watt, but it's completely isolated from what's going on at the other inverter - a major load like air conditioning or the washer/dryer combo can spectacularly puke and die over on the 2800w main inverter and it'll cause not a single glitchy on the 1100 inverter powering the computer gear, satellite internet, etc.
Anyways. If I wanted to monitor all this with a PC I'd get the Bogart "Pentametric" with PC interface:
http://bogartengineering.com/pentametric.htm/
I've been utterly unable to import Mozilla Mail data into Thunderbird. Until I can, how in hell am I supposed to transfer away from what they're "killing"?
I've got mail archives going back to...God, 1999 (originally OE, imported fine into Moz).
Jesus, this is just dumb.
Does anybody else remember how Diebold Election Systems had to pay over six figures to a group of ISPs/webhosts who they sent fraudulent cease'n'desists to in order to shut down public debate?
0 04 /10/11/online-policy-group-v-diebold-decision/
e bo ld/
http://blog.jimmywales.com/index.php/archives/2
http://www.eff.org/legal/ISP_liability/OPG_v_Di
This strikes me as being VERY similar to both the Diebold case and various "SLAPP suits" (Strategic Lawsuits Against Public Participation). It's all about fraudulently using the courts or threats of same to halt public discussion and debate.
The courts DO NOT like that shit at all.
A piece of advice: OE is tolerable if you're doing relatively low volumes of mail and/or ruthlessly deleting spam. Once you get into archiving 20,000 messages every few months, OE's mailbox files WILL come unglued, you WILL start to lose old messages.
If you're politically active or really need your large old archives for any reason, I cannot recommend strongly enough avoiding OE.
Huh. Yeah, that does look useful.
I'll get everything upgraded to the latest revs (Moz and TBird) before I try it.
Thanks!
It's really weird; Moz ate my old OE mail just fine (even though it was internally screwed up to where *OE* couldn't!) and now I've got scads of archived stuff in folders in Mozilla mail.
Loaded Thunderbird (.8), it wouldn't recognize my Moz mail (Mozilla 1.7.3) for love or money.
I'll get Moz 1.7.5 up first and once debugged grab the latest TBird and try again. But the ability to read mail files that closely related is...gawd, *basic*, no?
I did some googling. This guy Clinton has a serious beef with Yang Enterprises...him and some lady name of Mavis Georgalis.
Some of it does look kinda fishy "in his favor".
Example: the FL dept. of transportation's inspector general's report on the Georgalis case:
http://www.dot.state.fl.us/inspectorgeneral/Report s/AnnualReport2003.pdf
---
OFFICE OF INSPECTOR GENERAL
ANNUAL REPORT FOR FISCAL YEAR 2002-2003
EMPLOYEE MISCONDUCT - REPRESENTATIVE CASE EXAMPLES
Georgalis - This investigation was initiated based on a complaint against Mavis R. Georgalis by Yang Enterprises, Inc. (YEI), a Florida corporation.
YEI provides information technology services and support under an eight-year (January 20, 1999 to January 20, 2007) and approximately eight million dollar contract for the Department, known as the Electronic Document Management System contract.
The investigation established that Georgalis received travel reimbursements from the Department based on false claims for lodging and meals already paid by YEI. It also disclosed Georgalis engaged in a pattern of misconduct, over several years, by accepting gifts and other gratuities from YEI. These gratuities included trips with YEI officials to Biloxi, Mississippi and Las Vegas, Nevada. Georgalis further created a conflict of interest by accepting gifts from another contractor whom she regulated. Lastly, it has been documented that Georgalis used her position and Department resources to seek other employment opportunities.
Summary of Findings/Resulting Actions
Mavis Georgalis resigned her position with the Florida Department of Transportation on April 1, 2002.
On March 6, 2003 Georgalis was charged with receipt of unlawful compensation (Section 838.016 F.S.) Georgalis surrendered to the Columbia County Sheriff's Office on March 12, 2003 and is awaiting a court date.
---
So wait...Yang doesn't like a particular gov't official, so THEY admit to having bribed said official, official gets fired and charged (based on paperwork Yang submits?) and nothing happens to Yang which has connections to Jeb Bush and an FL congressman?
OK, that's...kinda funky. Doesn't mean Clinton isn't full of it of course.
If there is ANYTHING to this story, it looks like this guy Clinton got royally pissed at Yang, enough so to blow the secrecy off a Qui Tam action? Or did the secrecy period on the Qui Tam action already expire? "Qui Tam" whistleblower suits start out "in secret"...I oughta know, Bev and I filed one on Diebold back in Nov. of '03, secrecy wasn't lifted until just a couple months ago.
Damned if I know what's up here. I'm going to wait for more data.
Bev Harris is even more skeptical and has published this:
~~~
Why the Feeney vote-rigging story sounds like disinformation
ABOUT DISINFORMATION: Like a good lie, it has elements of truth. Trouble is, the truth doesn't relate to the nuts and bolts of the story. For example in the Tom Feeney vote-manipulation story, people are documenting relationships between Tom Feeney and Yang, and between the writer of the story and other scandals, but so far the evidence presented does not back up the vote manipulation story itself.
DISINFORMATION IS DANGEROUS TO THE CLEAN VOTING MOVEMENT: Black Box Voting is finding real evidence consistent with fraud. We are even finding, in one of our investigations, evidence consistent with a systemic, or widespread breakdown in security, possibly exploited. Getting the facts is tedious, unexciting work, consisting of auditing and personal interviews, and it takes time. Many Americans want a magic bullet, a single shot that will blow the lid off everything at once.
That's risky. If the mainstream media continues to be bombarded with stories that sound credible, but aren't, when the real thing comes down the pike it will be ignored.
Whil
http://thehighroad.org/attachment.php?attachmentid =18516
...it'll auto-start.
.AVI :).
It's a 158meg Bittorrent file (GEMSDEMO.avi.torrent) - if you have a client installed such as Azureus:
http://azureus.sourceforge.net/download.php
Playing time is only 15 minutes. File size is that big because it's in 800x600
I "filmed" it with a screen record utility with audio commentary voice-over. Sound is a bit low, but crank the volume and it'll work. It uses the Intel Indeo codex which I understand is problematic on Macs...sorry. Windoze Media handles it and I would suspect there's some Linux player available?
If anybody here doesn't "get it" yet about how screwed up their "security" (ha!) is, this will do. Makes sense to most non-techies, too.