Category: National

CA Software Reports Released – Diebold subtracts from democracy

Update: Talk of the Nation Interview – Red Team Leader    ” [relying on procedures] indicates a very high belief in human infalibility.”

Executive Summary:

Vulnerability to malicious software

The Diebold software contains vulnerabilities that could allow an attacker to install malicious software on voting machines or on the election management system. Malicious software could cause votes to be recorded incorrectly or to be miscounted, possibly altering election results. It could also prevent voting machines from accepting votes, potentially causing long lines or disenfranchising voters.

Susceptibility to viruses

The Diebold system is susceptible to computer viruses that propagate from voting machine to voting machine and between voting machines and the election management system. A virus could allow an attacker who only had access to a few machines or memory cards, or possibly to only one, to spread malicious software to most, if not all, of a county’s voting machines.
Thus, large-scale election fraud in the Diebold system does not necessarily require physical access to a large number of voting machines.

Vulnerability to malicious insiders

The Diebold system lacks adequate controls to ensure that county workers with access to the GEMS central election management system do not exceed their authority. Anyone with access to a county’s GEMS server could tamper with ballot definitions or election results and could also introduce malicious software into the GEMS server itself or into the county’s voting machines.

Continue reading “CA Software Reports Released – Diebold subtracts from democracy”

Likely that state’s largest election will go unaudited

The Norwich Bulletin reports concern in Plainfield because the ballot for a charter revision may reach three pages. No mention in the article that the state’s new audit law does not provide for random audits of ballot questions. Apparently huge concern in Norwich over cost of ballots, yet they have likely spent thousands on developing the charter revisions and will put it all at risk for a relatively small amount as at least that part of the election goes unaudited.

Read the full story

Is Diebold ineligible in NY?

Memo to Governor Spitzer:

New York State Law Prohibits State from Entering into Contract with Any of the Vendors under Consideration

New York State is enjoined from doing business with vendors who lack business integrity or whose past performance is wanting…none of the voting machine vendors New York is presently considering doing business with are eligible for contracts.

Not that the laws or lack thereof in Connecticut should preclude us from concern that each of our individual races, and precincts are programmed for each election in secret by Diebold employees.

Read the report

University of California Red Team Reports to the Secretary of State

This confirms earlier reports on Diebold Optical Scan equipment, including the University of Connecticut report.

The vulnerabilities identified in this report should be regarded as a minimal set of vulnerabilities. We have pursued the attack vectors that seemed most likely to be successful. Other attack vectors not described here may also be successful and worth pursuing. This work should be seen as a first step in the ongoing examination of the systems, All members of the team strongly believe that more remains to be done in this field and, more specifically, on these systems
The Red Team was able to verify the findings of some previous studies on the AV-OS unit; the impact of these was to alter vote totals in order to change the vote results on that machine
…the attacker launches a low-tech attack that can be discreetly executed at a Precinct Count AV-OS under the watch of a moderately attentive poll worker. The tools for completing the attack are small and easily concealed, and they can be obtained in a typical office
…we were able to discover attacks for the Diebold system that could compromise the accuracy, secrecy, and availability of the voting systems and their auditing mechanisms. That is, the Red Team has developed exploits that  absent procedural mitigation strategies can alter vote totals, violate the privacy of individual voters, make systems unavailable, and delete audit trails.

Read the full report

University of Connecticut, Security Assessment of the Diebold Optical Scan Voting Terminal

In July, 2007 a similar report was released on the Diebold TSX, which demonstrated that that the state’s choice of Diebold Optical Scan was far superior to the Diebold DRE option, however, the October 2006 report is the one that applies to our voting systems.

We identify a number of new vulnerabilities of this system which, if exploited maliciously, can invalidate the results of an election process utilizing the terminal. Furthermore, based on our findings an AV-OS can be compromised with off-the-shelf equipment in a matter of minutes even if the machine has its removable memory card sealed in place…Such vote tabulation corruptions can lay dormant until the election day, thus avoiding detection through pre-election tests
The vulnerability assessment provided in this paper is based only on experimentation with the system. At no point in time had we used, or had access to, internal documentation from the manufacturer we conclude that attackers with access to the components of the AV-OS
system can reverse-engineer it in ways that critically compromise its security, discover the vulnerabilities presented here in and develop the attacks that exploit them.

Unfortunately, presumably the secret programming of each election by Diebold allows access to the memory cards by those with all the documentation.

Read the full report

VerifiedVoting.org, Percentage-based vs. SAFE Vote Tabulation Auditing: A Graphic Comparison

This is a complete case for variable audit percentages.

Several pending electoral-integrity bills specify hand audits of 2% to 10% of all precincts. However, percentage-based audits are usually inefficient… Percentage based audits can also be ineffective, since close races may require auditing a large fraction of the total –even a 100% hand recount  to provide confidence in the outcome. This paper presents the SAFE (Statistically Accurate, Fair and Efficient) alternative¦based on the same statistical principles that inform audits in business and finance…However, SAFE audits ensure high confidence in all electoral outcomes by using auditing resources more efficiently and employing large samples only when necessary.

Read the full report