Thursday, November 02, 2006

Hacking the Early Vote

We must bring to your attention possible vulnerabilities in our voting systems, especially as they relate to counties running Diebold Election Systems products.

There is a 1 hour window for a hacker to change the votes. The early ballots are an especially tempting target for manipulation.

Early ballots on paper are scanned and processed generally before 7:00pm on election day. A few “straggler ballots” trickle in after but the numbers are not generally very large.

The phone modems are turned on at 7:00pm on election day allowing the precincts to report totals. This phone communication method is fundamentally stupid. It opens the “crown jewels” (the central database of votes) to outside manipulation by anybody who has that phone number, often NOT changed between elections. Diebold's software protocols allow standard personal computers to make an incoming connection, not just voting machines. Elections officials would never know that this “rogue” slipped in and manipulated the database.

At 8:00 pm the totals are tabulated and the first report is generated and released.

The mail-in votes in a Diebold environment are a target because Diebold's “central count” scanners (firmware 2.0.12) do not keep an independent paper record of the vote. They have their own printer, but it is basically disabled. Diebold precinct optical scanners print a ticker-tape of vote totals. The “central count” scanners used to do the same thing; Diebold disabled this in late 2002. With no independent audit trail, anybody manipulating the central database of early votes would not be caught without massive hand-counting in excess of the counting available under SB1557.

In Pima County, literally 1 box of 900 ballot could hold over 400 different precincts in one box. This makes it impossible, per the laws of Arizona, to scrutinize that paper effectively unless the results of the race are within 1/10 of 1 percent (ARS 16-661). There is no other state that has this low of a recount threshhold in our country.

If this HACK was to happen, there is nothing we could do with out evidence!

We did not know until our “roadtrip” that Coconino and Mohave counties also have these scanners in addition to the Pima and Yavapai systems listed with this dangerous gear. There may be more Diebold counties that have these audit-crippled scanners.

Solution to protect votes by mail:

Before the phone modems are turn on the Election Director MUST DO two things:

1) Before phone modems are turn on backup the central database of votes to a non rewritable CD the data and call it the “6:59pm report”. NOTE: election officials regularly make backups of their data, so we're not asking for anything unusual or difficult.

2) Print a complete report that gives the totals of all early votes cast and also done by precincts and place in envelope and do not released till 8:00pm to media and political parties. (The date and time is on the top right of report.)

Together these steps preserve a record of the vote from just before the counties open their systems to outside interference. We have tried and failed to stop this practice; making an audit record specific to this issue is our only remaining hope of catching outside manipulation if it happens.

John Brakey
Jim March

Posted by Protect Democracy :: 11/02/2006 01:05:00 PM :: ---------------oOo---------------