Home page logo
/

interesting-people logo Interesting People mailing list archives

Re: Diebold Admits Audit Logs in ALL Versions of Their Software Fail to Record Ballot Deletions
From: David Farber <dave () farber net>
Date: Thu, 19 Mar 2009 18:13:30 -0400



Begin forwarded message:

From: "Michael O'Dell" <mo () ccr org>
Date: March 19, 2009 2:26:00 PM EDT
To: dave () farber net
Subject: Re: [IP] Diebold Admits Audit Logs in ALL Versions of Their Software Fail to Record Ballot Deletions

How much more is it going to take for there to be a requirement
for all voting system software be published for public scrutiny?
of course, there needs to be a chain-of-custody mechanism so
anyone can verify that the code published was the code compiled,
and that the code compiled was the code that ended up in the
voting machines.

makes an argument for voting machine code to load off a storage medium
that can be independently produced and handled by physical security
measures, of course with cryptographic checksums to validate the bits.

or we could just use paper.

D'OH!

        -mo



David Farber wrote:
Begin forwarded message:
*From: *Shannon McElyea <shannonm () gmail com <mailto:shannonm () gmail com>>
*Date: *March 18, 2009 10:06:57 PM EDT
*To: *David Farber <dave () farber net <mailto:dave () farber net>>, Dewayne Hendricks <dewayne () warpspeed com <mailto:dewayne () warpspeed com>>, Ted Selker <selker () media mit edu <mailto:selker () media mit edu >> *Subject: **Diebold Admits Audit Logs in ALL Versions of Their Software Fail to Record Ballot Deletions* *Subject: **Diebold Admits Audit Logs in ALL Versions of Their Software Fail to Record Ballot Deletions*
http://www.bradblog.com/?p=6995
Even the audit log system on /current/ versions of Premier Election Solutions' (formerly Diebold's) electronic voting and tabulating systems --- used in some 34 states across the nation --- fail to record the wholesale deletion of ballots. Even when ballots are deleted on the same day as an election. That's the shocking admission heard today from Justin Bales, Premier's Western Region manager, at a State of California public hearing on the possible decertification of Diebold/Premier's tabulator system, GEMS v. 1.18.19. An election system's audit logs are meant to record all activity during the system's actual counting of ballots, so that later examiners may determine, with certainty, whether any fraudulent or mistaken activity had occurred during the count. Diebold's software fails to do that, as has recently been discovered by Election Integrity advocates in Humboldt County, CA, and then confirmed by the CA Secretary of State. The flaws, built into the system for more than a decade, are in serious violation of federal voting system certification standards. The problems may lead to decertification of the company's voting systems, as well as an examination of voting systems made by other companies to determine if they too may have been able to sneak such violations past both federal and state testers... Today's hearing was a response to the startling discovery last December, by a volunteer group in Humboldt County that, under fairly common circumstances, the older version of GEMS used by the county, and several others in the state, dropped all votes from the ballots in the first deck of ballots run through GEMS. (See BRAD BLOG coverage: here <http://www.bradblog.com/?p=6722>, here <http://www.bradblog.com/?p=6733 > and here <http://www.bradblog.com/?p=6741>.) The Humboldt County Election Transparency Project, using the free and open source software program Ballot Browser, found that Diebold's GEMS system had eliminated all votes from 197 vote-by-mail ballots cast in a single precinct in Eureka, CA during last November's general election. [/DISCLOSURE: Mitch Trachtenberg, author of this article, was one of the HTP volunteers. He developed Ballot Browser, for use by the project./] The revelations were made just after Humboldt County Registrar of Voters Carolyn Crnich had certified the election results with the state, forcing her to recertify with new numbers after the discovery. Crnich, who helped found the Transparency Project, was present at today's hearing. Following the discovery of Diebold's dropped votes, and the equally disturbing revelation that Diebold had been aware of the problem for years <http://www.bradblog.com/?p=6733>, CA's Secretary of State Debra Bowen, initiated an investigation which confirmed [PDF] <http://www.sos.ca.gov/elections/voting_systems/sos-humboldt-report-to-eac-03-02-09.pdf > that, under common circumstances, the GEMS software would drop all votes from the first scanned deck of ballots, the so-called "deck zero." The investigation also revealed that the problems went far beyond the dropping of votes <http://www.bradblog.com/?p=6962>. GEMS v1.18.19, the version used in Humboldt County --- as well as versions 1.18.20, 1.18.21, 1.18.22 and 1.18.23 --- were discovered to have defective audit logs. In addition, the software was discovered to have a "Clear" button which, when pressed, would actually delete the contents of an audit log without even asking for confirmation from the user. That, despite repeated federal and state testing and certification of the software which failed to notice the egregious programming flaws in violation of federal voting system standards requiring indestructible logs to track all system events. The flaws should have kept the systems from receiving certification at all. "In terms of being able to track down the precise mechanism by which the problem had occurred in [the Humboldt] election, critical information was simply never recorded," in the audit logs, Deputy Sec. of State Lowell Finley said <http://blog.wired.com/27bstroke6/2009/03/diebold-admits.html > at today's hearing which was made available to the public via one- way audio teleconference. Today's hearing was meant to help determine whether or not GEMS v. 1.18.19, as used in Humboldt County, should now be decertified by the state. However, in response to a question, Premier representative Justin Bales admitted that even the most recent versions of GEMS, used in a number of other states, such as FL and TX, as well as CA, still fail to record the deletion of ballots in their audit logs. For a decade or more, e-vote system vendors have pointed to the audit logs as a way of ensuring that every operation performed by their software would be available for inspection in post-election examinations. As a result of today's hearing, it has become clear that even the most recent versions of Diebold/Premier's vote counting software do not actually record all system events. Bales admitted that his company had "not yet" corrected the problem, which was first implemented in the company's software more than a decade ago. Wired's Kim Zetter quotes Bales <http://blog.wired.com/27bstroke6/2009/03/diebold-admits.html > as noting "We never, again, intended for any malicious intent and not to log certain activities. ... It was just not in the initial program, but now we're taking a serious look at that."
CA SoS Bowen described the Diebold audit logs as "useless".
According to the Secretary of State's report, the four year old bug in Diebold/Premier's software triggered a problem in Humboldt's election as a result of a personnel change. Diebold had sent a memo, back in 2004, to elections managers still using GEMS 1.18.19. This memo, without going into details of the software bug, instructed elections officials to begin their elections by creating and deleting an empty "deck zero." However, Diebold never sent similar instructions to the federal body that had certified their software, never notified the California Secretary of State of the problem, and never modified their instruction manuals. In Humboldt County, the previous election manager left the county without alerting his successor or his superiors of Diebold's suggested "workaround", sent out as a single notice, via email, back in 2004 (their terse email is posted here <http://www.bradblog.com/?p=6733 >.) Although the California Secretary of State's report indicated that the problem was Premier's responsibility, Premier's representative attempted to tell the hearing that the blame should be shared, suggesting that Crnich, the Humboldt Registrar, should have somehow known to delete "deck zero" before using GEMS to count ballots, despite her having access to no such instructions.
   Humboldt Registrar Carolyn Crnich responded that she was "offended"
   by Diebold's attempt to shift blame, adding "if you are saying that
your system needs to be checked every damn time you turn it on, then
   I agree with you."
Crnich responded that she was "offended" by Diebold's attempt to shift blame, adding "if you are saying that your system needs to be checked every damn time you turn it on, then I agree with you." Tom Pinto, a staffer at Humboldt County's District Attorney's office and a volunteer with the Transparency Project, urged that the approach used in Humboldt --- independently scanning ballots with separately developed open source software and off-the-shelf hardware --- be expanded statewide. Pinto stated that the project had demonstrated the need for "100% audits." The question of whether similar problems exist in the audit logs of systems certified by other companies was also raised at today's hearing <http://www.scoop.co.nz/stories/HL0903/S00218.htm> by both Election Integrity advocates during the public comment period, and afterwards by Bowen herself. "Clearly, we're going to have to look at this," she told Wired. "That's one of the obvious next steps." /A transcript of today's hearing will be posted at this CA SoS webpage <http://www.sos.ca.gov/elections/elections_vs_premier.htm>/
------------------------------------------------------------------------
Archives <https://www.listbox.com/member/archive/247/=now> <https://www.listbox.com/member/archive/rss/247/ > [Powered by Listbox] <http://www.listbox.com>





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault