Former Maryland delegate gets purported Diebold code

Baltimore Sun ^ | October 20, 2006 | Melissa Harris

[Cincinatus' Wife]

Diebold Election Systems Inc. expressed alarm and state election officials contacted the FBI yesterday after a former legislator received an anonymous package containing what appears to be the computer code that ran Maryland's polls in 2004.

Cheryl C. Kagan, a longtime critic of Maryland's elections chief, says the fact that the computer disks were sent to her - along with an unsigned note criticizing the management of the state elections board - demonstrates that Maryland's voting system faces grave security threats.

spokesman for Diebold, which manufactures the state's touch-screen voting machines, said the company is treating the software Kagan received as "stolen" and not as "picked up" at the State Board of Elections, as the anonymous note claimed. Lawyers for the company are seeking its return.

....Kagan, a former state Democratic delegate from Montgomery County who is now executive director of the Carl M. Freeman Foundation, said the disks were delivered to her office Wednesday.

An accompanying letter refers to the State Board of Elections and calls Kagan "the proud recipient of an 'abandoned baby Diebold source code' right from SBE accidentally picked up in this envelope, right in plain view at SBE. ... You have the software because you are a credible person who can save the state from itself. You must alert the media and save democracy."

[gb63]

"paper record of his own vote,"
That is exactly what I would like implemented. Vote with a secure electronic machine, which would produce one or more numbered written receipts. The voter would take away a receipt. If a particular election was legally protested, the judge could invite voters to bring in their copies for comparsion.

[doodad]

Wasn't it Democrats who demanded idiot proof voting machines?

Certainly was true here in Georgia.

[beezdotcom]

Who ever argues against having a paper record is either naive, or very intelligent and knows EXACTLY what he is doing.

But we sure got those lottery machines secured. Try going to the lottery office, and saying "I picked the winning numbers! Ticket? Oh, I don't have any sort of paper receipt...just trust me, I picked 'em!"

[cinives]

You are right, it does smell. I too wonder why the source ever left the testing centers; I smell 'Rat conspiracy.

[DBrow]

The linked video should not stand as proof that the hack can be done. Note that they boot the machine with, supposedly, a memory card that loads the software. The machine must be left powered for the new 'ware to run, and rebooting the machine with the correct card will load the real software when the machine is rebooted. Unless, of course, the felon has "simply" opened the machine and replaced the boot eeprom with a fake copy.

The report mentioned in the video does state that there are security seals on the memory cards, locks, boards, and so forth but references another report that says that these seals are not always checked.

So the simple solution is to check the seals before an election, and always assure that the machine is booted with the correct card, then have its port sealed with a new security seal.

If there are questions, the malware will stay installed on either the tampered card or in the boot eeprom (unless it is bright enough to know that it has been moved to an FBI Forensic Computer Lab and deletes itself), and the forensic examiner will find it (if the operating system can boot it, a human can find it too). At that point, a criminal investigation begins. If the malware can be decompiled, the vote shifting algorithm can be determined and the vote count corrected. At worst, the machine's count can be discarded like badly voted paper ballots.

As for a virus spreading from machine to machine through a LAN, why then, let's install firewalls and virus checkers in the lan! And let's ask a third party virus company to make a virus/malware checker memory card for the voting machine while we are at it.

Where I vote, with paper ballots, the boxes all have seals.

Another thought- the video images offer no proof whatsoever that the voiceover is correct.

[jiggyboy]

Indeed. Looking at two-year-old software of an active project is like looking at a photo album from the family vacation when you were six years old.

[DBrow]

"the judge could invite voters to bring in their copies for comparsion."

Union bosses, too. Plus, I can tell the homeless guy that he gets his carton of smokes AFTER he comes out of the booth, and a certain Reverend can offer the Poke Chop Dinner to certain receipt holders, day of or after the election.

Making reciepts mandatory would sure make your investment in a vote more secure!

And, of course, the little printer and roll of tape could NEVER be duplicated outside the voting precinct, so if there were 10,000 votes cast and they all responded to the judges call, only 10,000 receipts would show up, and they'd all be originals.

[mugs99]

Don't I remember someone in Florida (?) having a ballot box in his car? Could be wrong....

You don't swing an election with one ballot box in the trunk of a car. You also have to consider how many poll wotkers knew about the ballot box in the trunk of the car.

Bussing is the most common form of election fraud. Bussing requires hundreds being bussed from precinct to precinct. If they haven't been able to catch any of those being bussed, how are they going to catch a couple of computer geeks?
.

[gb63]

"could NEVER be duplicated outside"
It would be possible to print a PGP-type text at the bottom of each receipt, that would not be possible to generate outside the machine. It would be different for each receipt, but by court order could be de-encryted back to a known text verifying that it was an original from that machine at that time. There are many ways to secure electronic voting in the future that would eliminate dead and duplicate voters and other comman frauds. Of course, the examples of bribery you cited might remain.

[DBrow]

iirc it was a ballot box, plus a voting machine.

Maybe two separate issues, but for sure one of the election officials got caught with a punchcard machine without valid reason for having one.

(unless it's valid to take handfuls of already-voted ballots and gang-punch them for Gore, which at the very least removes a Bush vote through overvote and at best adds a Gore Chad for an undervote, no change if it's already a Gore Chad)

[longtermmemmory]

What about the princton professor that showed how to tamper a diebold machine

(had three George washington votes convert to 1 vote for Georges and two votes for Benedict Arnold)

On Fox and Friends, the professor said the malicious code was self erasing and undetectable.

[DBrow]

could be de-encryted back to a known text

Good idea. Very expensive to do a verification, but a good idea.

If we are to give reciepts, why not just abandon the concept of a secret vote? Like the Iowa Caucus, where you vote by standing with other supporters.

A ballot where you actually sign it, and maybe smear your thumbprint on the ballot too.

[DBrow]

the professor said the malicious code was self erasing

And how do you do that? Pretty neat trick, easy for a Princeton professor with an agenda to say, but let's see a real demo backed up by computer forensic experts and James Randi if he's available.

How does the malware know when to erase itself? Remember too, it was loaded from a bogus memory card. The card would need to know that it was about to be removed from the machine, signal the operating system, have sys delete the malware and correct CRC, then sys deletes the malware from within its own code space. Then does it recompile itself? Don't forget, it would have to secure-wipe the free space in memory too.

And if the malware resides in a eeprom on the motherboard, the motherboard would need to have an eeprom burner onboard for sys to instruct to reprogram the eeprom.

Sorry, the story borders on magic and does not pass the computer geek smell test.

[gb63]

"What about the princton professor"
I saw the demo. If you are carrying out any demonstration, and you are allowed to control all factors, as was true in that case, you can always determine the final outcome. In a real case, the possible outcomes would be limited by secure procedures verifying disks and recorded results. In the long-term future, I think we will see increased electronic voting, with the ultimate goal being voting from computers at home.

[ARealMothersSonForever]

let's install firewalls and virus checkers in the lan! And let's ask a third party virus company to make a virus/malware checker memory card for the voting machine while we are at it.

I am proud to introduce the *NEW* ARMSF anti-viral and malware suite! For a mere $1.6 Billion (per precinct license), you can trust me that your vote will count (for whoever I decide to make it count). But hey, a mans gotta make a living.

Seriously, I think that a paper receipt deposited into a locked and sealed container at the precinct would be a good start.

[gb63]

"a paper receipt deposited into a locked and sealed container"
That's why I mentioned earlier having one or more receipts. Deposit one in a locked box and keep the other. In a contested precinct, first test the contents of the locked box. If not resolved, the judge could ask for local voters to report to a desk at the courthouse for comparsion.

[roamer_1]

LOL! Probably Linux.

[longtermmemmory]

It is on YouTube.

You do a search of Princeton and Diebold and it comes up and you can hear and see him explain it himself.

[Suzy Quzy]

Here comes the CHAOS!!!

[DBrow]

I saw it, and read it too.

So it's true if it's on the news and YouTube? By that logic Bush had demolition charges planted in WTC! I saw it on YouTube and several college professors corroborated it!

Look at the video and look for visuals that prove what the voice is saying is true. The video stops and starts, while buttons are pressed, and after several more stops and starts, the paper tape comes up with numbers, that don't match the buttons that were pressed- but the stops and starts mean that the final result could be merely editing. Also, there are no visible security seals like a real fielded machine would have. The report is full of statements like "could be done", "may be done", "it is possible to..."

As for the magic code, find a description of any code that deletes itself without a trace, or human intervention. I know of no example, except for some LISP code, but deletion leaves a trace.