Wednesday, December 14, 2005

The Hursti Hack 

Via our distinguished colleague Brad Friedman of BradBlog, incontrivertible proof that your vote is shit:

Due to contractual non-performance and security design issues, Leon County (Florida) supervisor of elections Ion Sancho has announced that he will never again use Diebold in an election. He has requested funds to replace the Diebold system from the county. On Tuesday, the most serious “hack” demonstration to date took place in Leon County. The Diebold machines succumbed quickly to alteration of the votes. This comes on the heels of the resignation of Diebold CEO Wally O'Dell, and the announcement that a stockholder's class action suit has been filed against Diebold by Scott & Scott. Further “hack” testing on additional vulnerabilities is tentatively scheduled before Christmas in the state of California . . . .

At the beginning of the test election the memory card programmed by Harri Hursti was inserted into an Optical Scan Diebold voting machine. A "zero report" was run indicating zero votes on the memory card. In fact, however, Hursti had pre-loaded the memory card with plus and minus votes.

The eight ballots were run through the optical scan machine. The standard Diebold-supplied "ender card" was run through as is normal procedure ending the election. A results tape was run from the voting machine.

Correct results should have been: Yes: 2 ; No: 6

However, just as Hursti had planned, the results tape read: Yes: 7 ; No: 1

The results were then uploaded from the optical scan voting machine into the GEMS central tabulator, a step cited by Diebold as a protection against memory card hacking. The central tabulator is the "mother ship" that pulls in all votes from voting machines. However, the GEMS central tabulator failed to notice that the voting machines had been hacked.

The results in the central tabulator read:

Yes: 7 ; No: 1 . . . .

The Hursti Hack requires a moderate level of inside access. It is, however, accomplished without being given any password and with the same level of access given thousands of poll workers across the USA. It is a particularly dangerous exploit, because it changes votes in a one-step process that will not be detected in any normal canvassing procedure, it requires only a single a credit-card sized memory card, any single individual with access to the memory cards can do it, and it requires only a small piece of equipment which can be purchased off the Internet for a few hundred dollars.

One thousand two hundred locations in the U.S. and Canada use Diebold voting machines. In each of these locations, typically three people have a high level of inside access. Temporary employees also often have brief access to loose memory cards as machines are being prepared for elections. Poll workers sometimes have a very high level of inside access. National elections utilize up to two million poll workers, with hundreds or thousands in a single jurisdiction.

Many locations in the U.S. ask poll workers to take voting machines home with them with the memory cards inside. San Diego County (Calif) sent 713 voting machines/memory cards home with poll workers for its July 26 election, and King County (Wash.) sent over 500 voting machines home with poll workers before its Nov. 8 election.

And remember: the hack described above had nothing to do with a touchscreen system. It was performed on a Diebold machine that reads and counts paper ballots.

Your options:

A) Persuade yourself that all politicians and all poll workers are fundamentally honest people, deeply committed to the principles of participatory democracy, and that even though Diebold technology would allow them to doctor a tally simply and undetectably, no one has ever yielded to the temptation. And no one ever will;

B) Get over to Rush Holt's site and sign the petition backing HR 550, the Voter Confidence and Increased Accessibility Act, now. Now.

If you can't decide, allow us to remind you that Ohio Republicans are pushing legislation that would make it illegal to challenge a presidential vote count, and exempt electronic voting machines from recounts by random sampling, "even in close, disputed elections like those of 2000 and 2004." Remember those exit polls that were so far off the mark in November, 2004? A year later, with an additional 41 Ohio counties switching over to Diebold, the discrepancies were even worse:
On the Sunday before the Tuesday 2005 election, the [Columbus Dispatch poll] predicted Issue Two would pass by a vote of 59% to 33%, with about 8% undecided. But Tuesday's official vote count showed Issue Two failing with just 36.5% in favor and 63.5% opposed. For that to have happened, the Dispatch had to have been wrong on Issue Two's support by more than 20 points. Nearly half those who said they would support Issue Two would have had to vote against it, along with all the undecideds.

The numbers on Issue Three are equally startling. The Dispatch showed it winning with 61%, to just 25% opposed and some 14% undecided. Instead just 33% of the votes were counted in its favor, with 67% opposed, an almost inconceivable weekend turnaround.

No other numbers were comparable on November 8, 2005, or elsewhere in the recent history of Dispatch polling. The startling outcome has thus raised even more suspicion and doubt about the use of electronic voting and tabulating machines in Ohio, which account for virtually 100% of the state's vote count.
In case you're curious, Issue Two would have made it easier for Ohioans to vote. Issue Three would have instituted campaign finance reform.

| | Technorati Links | to Del.icio.us