User Menu

Home Page

«Mirror of the World»

Support the Site

Contacts

Iraq-War board rules

Articles

Iraq News

Around the World

Historical analysis & facts

Current analysis

Economics

Hot News

Rankings

Forums

RSS feeds

RSS feed for articles and news

Weather

Calendar-Filter

< Feb > < 2012 >

S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29

Today

Diebold [election rigging] in Florida [proved beyond doubt]
By: SUSAN PYNCHON on: 28.01.2006 [08:56 ] (2542 reads)

(13358 bytes) [nc]

"I Saw It Hacked"

Diebold [election rigging] in Florida

The Harri Hursti Hack

from: Counterpunch

By SUSAN PYNCHON January 23, 2006

I was one of ten people present at the "hack" of the Leon County, Florida voting system, which took place on Tuesday, December 13, 2005 around 4:30 in the afternoon at the county elections warehouse. Leon County's voting system is the Diebold Accu-Vote OS 1.94w (optical scan).

The Leon County Supervisor of Elections, Ion Sancho, authorized a "test" of his Diebold voting system to see if election results could be altered using only a memory card. Harri Hursti, a computer programmer from Finland facilitated the test and it has come to be known as the "Harri Hursti Hack."

What follows is my description of that hack and its significance for our nation, which I hope will correct much of the misinformation circulating regarding this event.

To select which voting machine to use for the test, Ion drew a serial number of one voting machine from a container holding all the serial numbers of all the Leon County machines.

Since the test took place at the elections warehouse, all the voting machines were already stored there and the one machine, whose serial number was selected, was located and brought into the warehouse office, where it was plugged into an electrical outlet (so it could operate!). It was not networked to any other machines. We checked the serial number of the machine against the serial number that Ion had randomly selected.

Earlier, Ion had given ONE Diebold memory card to Hursti. Bev Harris and Kathleen Wynne of Black Box Voting were also present at the test.

Harri had programmed the memory card that morning, in his hotel room, using an off-the-shelf crop scanner. I drove Harri in my car from the hotel to the warehouse. When we arrived, Harri was asked to stay outside the warehouse office where the central tabulator is located, so that there would be no question about whether he had had any access to the central tabulator. When the randomly-selected voting machine was brought into the warehouse office, all of us went into the warehouse office except Harri, whom we could see sitting in a chair on the other side of a plate glass window separating the office from the rest of the warehouse.

Ion ran a complete mock election. He had had actual paper ballots pre-printed with the following question:

"Can the votes on this Diebold system be hacked using the memory card?"

There were two possible answers: "Yes" or "No," with an oval to the left of each answer to be filled in by the voter.

Everything was conducted as in a normal election. Ion first printed a "zero tape" (a poll tape from the machine that is supposed to show that nothing has been altered before the election begins). This was the first step in the hack --the zero tape showed zero votes for both the "Yes" answer and the "No" answer, even though Harri had altered the memory card and votes had been subtracted from one answer and added to the other answer. Harri used the interpreted (executable) code to cover up the fact that he had changed the vote counters.

Then eight of us voted, filling in the oval on our paper ballot. Six of us voted "No," the election could not be hacked. Two of us voted "Yes," it could be hacked. Then, one by one, we inserted our ballots into the voting machine. Ion checked after each voter to make sure that the counter on the machine was counting properly as each ballot was inserted. So, we ended up with an accurate count of 8 ballots cast on the screen on the front of the voting machine. Then Ion placed an "ender card" in the machine to end the election and printed the poll tape.

Instead of two "Yes" votes, the poll tape showed seven "Yes" votes.

Instead of six "No" votes, the poll tape showed one "No" vote.

Harri did not just flip the votes, as he wanted to show how easy it was to change the totals completely.

At that point, Ion Sancho's technician, TJ, said, "Well, that doesn't prove anything because the printer template can be changed." (And that is true. The poll tape can be made to read anything at all, which was proved in an earlier test on a Leon County op-scan in May of 2005, when the poll-tape was made to say, at the bottom of the tape, "Is this real or is it Memorex?")

Ion responded to TJ that they were taking this to the next level and that he wanted TJ to upload the memory card to the central tabulator. TJ, who had quite apparently been talking to the Diebold reps, said he didn't want that to happen because he didn't know if Harri might have planted some kind of virus on the memory card that would infect the central tabulator. Ion then explained to TJ that, just an hour earlier, he had obtained permission from the Leon County Council to replace the Diebold system. That meant that the Leon County Diebold system would never be used in any election again, and thus Ion said it was all right to upload the memory card to the central tabulator. (The irony here, of course, is that Diebold would worry about a virus being planted on this particular memory card! What about all the thousands of people around the country who have access to memory cards...doesn't Diebold worry about one of them planting a virus? And the second irony is that ITA testing is supposed to catch these security vulnerabilities and yet Diebold claimed to be worried about a security exploitation by Harri Hursti AFTER all ITA testing had been completed).

So, TJ became convinced that it was all right to upload the memory card, which he did. And there, on the central tabulator screen, appeared the altered results: Seven "Yes" votes and one "No" vote, with absolutely no evidence that anything had been altered. It was a powerful moment and, I will admit, it had the unexpected result for me personally of causing me to break down and cry. Why did I cry? It was the last thing I thought I would do, but it happened for so many reasons. I cried because it was so clear that Diebold had been lying. I cried because there was proof, before my very eyes, that these machines were every bit as bad as we all had feared. I cried because we have been so unjustly attacked as "conspiracy theorists" and "technophobes" when Diebold knew full well that its voting system could alter election results. More than that, that Diebold planned to have a voting system that could alter results. And I cried because it suddenly hit me, like a Mack truck, that this was proof positive that our democracy is and has been, as we have all feared, truly at the mercy of unscrupulous vendors who are producing electronic voting machines that can change election results without detection.

Beyond this, however, what is the real significance of the "Harri Hursti hack?" There are several answers to that question.

First of all, the Hursti hack reveals only one vulnerability in an almost unlimited number of potential flaws or vulnerabilities in electronic voting systems (both op-scans and DREs). However, the Hursti hack is individually significant because the flaw it exposed is a planned vulnerability in the system, not something that is accidentally there. It had to be PUT there (programmed) on purpose. For Diebold to claim innocence about this would be absurd. It would be like saying you didn't know your garage had a door while you were standing there holding the garage door opener. Or, because this security vulnerability is so huge, it would more accurately be like saying you didn't know your house had a garage at all!!

Since something like 95% of computer scientists agree that electronic voting machines (op-scans and DREs) have an almost infinite number of potential flaws or vulnerabilities, the Hursti hack shows, above all, THE IMPORTANCE OF HAVING PAPER BALLOTS for an independent confirmation of machine results. The beauty of paper ballots is that they are completely independent of any machine, unlike the printer paper trail. Therefore, they provide a true independent, manual audit of machine results. Paper ballots are also the only electronic voting method that eliminates, almost completely, any question about voter intent because the ballots are voter-generated, filled in by the voter's own hand, thus eliminating the need for a voter to confirm his/her choices on any printer-issued receipt. Paper ballots are the only way to have a fail-safe election with any electronic voting machine. You must have paper ballots and you must manually audit (count) a portion or all of those ballots in every election.

The ONLY evidence in the Hursti hack that could discredit his alteration of results were the paper ballots themselves.But these ballots can only be useful if they are actually counted after an election to check against the machine count. The Hursti hack shows clearly that there must be an independent paper trail that can be manually audited to confirm (or discredit) machine results. The hack exposes a serious electronic voting flaw, but then, ironically, re-instates optical scan as the only electronic voting method that provides truly independent, manual audit capabilities.
Susan Pynchon is a member of Florida Coalition for Fair Elections, and can be reached through Vote Trust USA, where this piece originally appeared.

Mr. Harri Hursti's tasks as a board member include providing strategic level technical consulting and business support. Mr. Hursti has an exceptional combination of technical and managerial skills and experience as well as knowledge of international business-to-business and business-to-consumer information and communication technology ("ICT") markets. Starting his career as an entrepreneur already in High school, Mr. Hursti subsequently became a member of the management team of one of the multinational super companies within the ICT sector. Mr. Hursti is known in this field of business as one who really gets things going and done.

Devastating voting machine hack; Leon County dumps Diebold

BREAKING: Due to contractual non-performance and security design issues, Leon County (Florida) supervisor of elections Ion Sancho told Black Box Voting that he will never again use Diebold in an election. He has requested funds to replace the Diebold system from the county. He will issue a formal announcement to this effect shortly. This comes on the heels of the resignation of Diebold CEO Wally O'Dell, and the announcement that a stockholder's class action suit has been filed against Diebold by Scott & Scott.

Black Box Voting: http://www.blackboxvoting.org Leon County Election Supervisor Ion Sancho: http://www.leonfl.org/elect/MeetTheSupervisor.htm

Finnish security expert Harri Hursti proved that Diebold lied to Secretaries of State across the nation when Diebold claimed votes could not be changed on the memory card.

A test election was run in Leon County Tusday Dec. 13 with a total of eight ballots - six ballots voted "no" on a ballot question as to whether Diebold voting machines can be hacked or not. Two ballots, cast by Dr. Herbert Thompson and by Harri Hursti voted "yes" indicating a belief that the Diebold machines could be hacked.

At the beginning of the test election the memory card programmed by Harri Hursti was inserted into an Optical Scan Diebold voting machine. A "zero report" was run indicating zero votes on the memory card. In fact, however, Hursti had pre-loaded the memory card with plus and minus votes.

The eight ballots were run through the optical scan machine. The standard Diebold-supplied "ender card" was run through as is normal procedure ending the election. A results tape was run from the voting machine.

Correct results should have been:
Yes:2
No:6

However, just as Hursti had planned, the results tape read:
Yes:7
No:1

The results were then uploaded from the optical scan voting machine into the GEMS central tabulator. The central tabulator is the "mother ship" that pulls in all votes from voting machines. The results in the central tabulator read:
Yes:7
No:1

This exploit, accomplished without being given any password and with the same level of access given thousands of poll workers across the USA, showed that the votes themselves were changed in a one-step process. This hack would not be detected in any normal canvassing procedure, and it required only a single a credit-card sized memory card.

On Oct. 17, 2005 Diebold Elections Systems Research and Development chief Pat Green specifically told the Cuyahoga County (Ohio) board of elections that votes cannot be changed using only a memory card. Video of Pat Green, Cuyahoga County

According to Public Records responses obtained by Black Box Voting in response to our requests shows that Diebold promulgated this misrepresentation to as many as 800 state and local elections officials.

In other news, a stockholder suit was filed today against Diebold by the law offices of Scott and Scott: http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/12-13-2005/0004233556&EDATE=

Diebold CEO resigns: http://www.informationweek.com/news/showArticle.jhtml?articleID=175001748

1 comments

Off with their heads.
by BERNIE on 28.01.2006 [10:15 ]

I would like to read about all of these Diebold executives
to be sent to jail at hard labor, along with some of the
election officials. This would make me feel real good.

Page: 1/1

Posting comments:

You should be registered AND logged in user to post comments here.