Computerized Voting???

UPDATED: Tuesday, November 2, 2004 10:53
VIEWED: 3376
PAGE 1 of 1

Monday, September 27, 2004 4:41 PM


Saw this on (yeah i's FOX, but for the record i did not go there on purpose),2933,133214,00.html


Touchscreen Hack Effort Called 'Monkey Business'

Critics of the Diebold touch-screen voting machines turned their attention Wednesday from the machines themselves to the computers that will tally the final vote, saying the outcome is so easy to manipulate that even a monkey could do it.

And they showed video of a monkey hacking the system to prove it.

In the minute-long video produced by Black Box Voting, Baxter the chimp is shown deleting the audit log that is supposed to keep track of changes in the Diebold central tabulator, the computer and program that keeps track of county vote totals.

Black Box Voting founder Bev Harris said the demonstration shows that the system — which will be used in more than 30 states, including Maryland — is dangerously inadequate when it comes to stopping election fraud.

But a Diebold spokesman insisted that the system is secure despite "incessant" criticism from organizations such as Black Box Voting.

"The fact of the matter is what you saw was a staged production ... analogous to a magic show," said David Bear, the Diebold spokesman.

Even if the system could be hacked, he said, it could only be done by a person with "unfettered access to the system." Bear noted that elections are not just the machines, but also the people who work the elections.

Am I the only one scared that the voting, and the outcome of elections will be put in the hands of computers???

If you want to see the video go here:
and click on Download: chimpanzee hacking Diebold audit log


Conquering the galaxy with terrifying space monkeys, one ship at a time...


Monday, September 27, 2004 9:58 PM


Thanks for posting this Stizo. I guess it fits in this heading but it could also be a candidate for the Real World Events Discussion set of threads. One of the problems I have with the headline and the lead paragraphs of this piece is that it could divert attention away from real problems with Diebold. The fact that it was a monkey sitting at a keyboard that happened to delete an audit file could indeed be construed as a freak accident that was gussied up into a publicity stunt. This is a simple problem with a simple fix. The truth of the matter is that there are much more serious problems with the Diebold software than just being able to delete an audit file. You can actually fool the auditing process into thinking there has been no tampering when, in fact, votes have been changed. The Fox article does go on to discuss the problem in more detail but the opening paragraphs are disappointing. That, and the video on Black Box Voting didn't show me what I think they thought they were showing me (huh? – okay, awkward sentence construction, it's late).

Wired News has a better article on the same material, datelined September 22 by Kim Zetter titled "Activists Find More E-Vote Flaws", highlighting problems with the Diebold software. The section I'll highlight is from page 2 of the article (couple of context items since this excerpt comes from the middle ... Harris is Bev Harris, identified as a "voting activist" in the article and this is probably the same Bev Harris who is affiliated with Black Box Voting. GEMS stands for Global Election Management System - "software that runs on a county's server and tallies votes after they come in from Diebold touch-screen and optical-scan machines in polling places."):


excerpted from,2645,65031,00.html?tw=wn_story_page_

But Harris said it's possible to change the voting summaries without using GEMS by writing a script in Visual Basic -- a simple, common programming language for Windows-based machines -- that tricks the system into thinking the votes haven't been changed. GEMS runs on the Windows operating system.

The trick was uncovered by Herbert Thompson, director of security technology at Security Innovation and a teacher of computer security at the Florida Institute of Technology. Thompson has authored several nonfiction books on computer security and co-authored a new novel about hacking electronic voting systems called The Mezonic Agenda: Hacking the Presidency.

After Harris met Thompson at the Defcon hacker conference this year, she asked him to examine the GEMS program. He found he could write a five-line script in the Notepad text editor that would change the vote summaries in GEMS without changing the raw precinct data. The auditing log in GEMS wouldn't record the change because it only tracks changes that occur within GEMS, not changes that occur on the computer outside of GEMS.

After writing the script, Thompson saved it as a Visual Basic file (.vbs) and double-clicked it to execute it.

The command happens in the background where no one can see it. To verify that the changes occurred, Thompson could write another script to display the vote data in a message box after the change. Once the scripts finished their work, they would go into the Recycle Bin, where Thompson could delete them.

When Harris demonstrated the vulnerability to officials in California, she opened the GEMS program to show that the votes changed as the script commanded them to.

Diebold has fought hard to keep the public from seeing the source code.* It takes a few lines of code written in Notepad to bypass the security. I now completely understand why they would want to keep people from seeing the source.

*Diebold has been hacked a number of times and their source code published. Wired News has a good summary of all the problems they have had:,1848,59925,00.html .

And, just to move off into the X-files realm... Is it a good idea for votes to be collected by private companies? Is it a problem that the CEO of Diebold is a member of Bush's Pioneers? Pioneers are people who have raised at least $100,000 for Bush's re-election.

There's a lot of noise about this topic and I haven't yet been able to determine what is signal and what is not. For some interesting reading you might want to check out "Machine Politics in the Digital Age" by Melanie Warner on the site written in November 2003 (Be advised, is an 501c4 organization. Make of that what you will):

excerpted from
In mid-August, Walden W. O'Dell, the chief executive of Diebold Inc., sat down at his computer to compose a letter inviting 100 wealthy and politically inclined friends to a Republican Party fund-raiser, to be held at his home in a suburb of Columbus, Ohio. "I am committed to helping Ohio deliver its electoral votes to the president next year," wrote Mr. O'Dell, whose company is based in Canton, Ohio.

Another interesting article is "Diebold's Political Machine" by Bob Fitrakis and Harvey Wasserman from the online version of Mother Jones (for those of you who believe in the myth of the liberal media, Mother Jones is what a liberal publication really looks like).

excerpted from
The rush to embrace computerized voting, of course, began with Florida. But, in fact, one of the Sunshine State's election-day disasters was the direct result of a malfunctioning computerized voting system; a system built by Diebold. The massive screwup in Volusia County was all but lost in all the furor over hanging chads and butterfly ballots in South Florida. In part that's because county election officials avoided a total disaster by quickly conducting a hand recount of the more than 184,000 paper ballots used to feed the computerized system. But the huge computer miscount led several networks to incorrectly call the race for Bush.

The first signs that the Diebold-made system in Volusia County was malfunctioning came early on election night, when the central ballot-counting computer showed a Socialist Party candidate receiving more than 9,000 votes and Vice President Al Gore getting minus 19,000. Another 4,000 votes poured into the plus column for Bush that didn't belong there. Taken together, the massive swing seemed to indicate that Bush, not Gore, had won Florida and thus the White House. Election officials restarted the machine, and expressed confidence in the eventual results, which showed Gore beating Bush by 97,063 votes to 82,214. After the recount, Gore picked up 250 votes, while Bush picked up 154. But the erroneous numbers had already been sent to the media.

Just some food for thought. There's a lot of articles in Wired News E-Vote ( ) section that I still have to work my way through.

By the way, I am aware of my repitition of the word "interesting" in describing articles. I am purposefully using this word to recommend an article without placing a value judement on the article itself.


There are three kinds of people: fighters, lovers, and screamers.


Thursday, September 30, 2004 3:48 AM


I read a book on almost one-hundred reasons my Computerized votes are bullsh*t , it would take far too long to get into it now. I'll try and post here again when I've got some time


Friday, October 1, 2004 5:15 PM


I have a vote and I'm not afraid to use it!

What I don't understand is why they just don't print receipts - exactly like you get from a grocery store. Top copy goes to the voter, rear copy gets scrolled safely away. Yes it is always possible to reprogram a machine to print and display differently than what is recorded, to hack the machine afterwards, or to hack the tabulation, BUT a hard copy (in duplicate) that the voter can examine right then and there for errors is a great back-up.

In my line of work, there is a great effort to obtain and retain hard copy data (each page signed and dated) for legal purposes, since electronic data can be at best volatile.


Friday, October 1, 2004 5:49 PM


And Diebold makes ATMs. So it's not like they have zero experience with receipts and therefore did not include that feature in a desire to minimize complexity. If they made their ATMs with the same level of security that they make their voting systems they would be out of business.

There are three kinds of people: fighters, lovers, and screamers.


Saturday, October 2, 2004 4:51 AM


Yes, but when comparing their ATMs to their voting machines, we have to think about the following:
- They have had many more years to work out the bugs of ATMs than they have the voting machines.
- The general IT attitude towards programming between the two inventions has changed, resulting in a generally sloppier attitude, resulting in programmers that don't fully understand the implications of their actions, less architectural understanding, etc. (I've been in IT for the past decade, and that's just my personal observation of the shift during that time - no personal attack intended. )
- ATMs involve money, something that everyone will be upset if you don't get it right, so they have more incentive to get it right. Voting machines will only upset those who: a) care about voting, b) care about politics, and c) don't get their way. (c) alone only covers about half the population in most cases, and there are far fewer people in the (a) and (b) categories than there should be...

Anyway, just some thoughts. As far as the chimp video goes, while I completely agree that there are seriuos issues with the computerized voting machines, that video was just a (in my opinion) poor attempt to scare people into joining their camp. They skipped a lot of things in that video, such as getting into that office, logging on with the appropriate password, etc. Yes, Diebold was a little overzealous with their statement that it can't be changed, but the chimp scenario was far from realistic. Also, the Diebold systems likely have logs of changes made like that, as they are made directly through the software. Making changes throught the software isn't the issue - it's making changes in ways the software can't control that are scary.

The real issues are those that have been raised in other areas. Don't let fear-mongering stuff like the video get you - look at the facts...

Just some thoughts from your friendly neighborhood rodent...



Monday, October 4, 2004 8:54 AM


I have a vote and I'm not afraid to use it!

But there have been many e-voting problems already documented in the real world. I'm sure you've read the numerous accounts. One can't reasonably ignore those actual and results-changing instances.
And those are just the voting problems that people stumbled over by accident.
So let's look at another (generic) software/OS problem - viruses, worms, trojan horses etc. Labs actually proactively look for vulnerabilities. Here is one recent example: condensed from Government Computing News "Exploits for JPEG vulnerability beginning to crop up" 'Exploits that take advantage of a vulnerability in the way software handles JPEG images are beginning to crop up, security analysts say. Some Trojan image files bearing malicious code have been posted to Internet news groups ... You have to go to the news group and look at an image to get infected,” Schrader said. More threatening is an instant message that contains a link to a an infected JPEG file. Clicking on the link downloads the image and can compromise an unprotected computer. FaceTime received a copy of the message from an antivirus researcher. “I don’t know if it’s in the wild right now,” he said of the instant message. “However, this is a very cool vulnerability” ... The vulnerability affects a wide range of Microsoft products ..."' (I also wanted to quickly point out that u-soft specifically has serious inherent problems that make hacking and cracking fun, easy, and profitable.)
In any case, groups not affiliated with any computer company do spent their time proactively seeking problems so they can be fixed, BEFORE someone with malicious intent exploits them. It's a generally useful and vetted approach. Why shouldn't it be used for e-voting?
Finally, I think requiring a simple voting receipt (in duplicate) is not beyond the means of Diebold, and would illuminate the e-vote problems that WILL occur.


Monday, October 4, 2004 2:31 PM


That's actually a very good idea; ensure that there's a hard copy of every ballot to match up with the digital version. If phyisical and digital match, it'll be one more step towards insuring the accuracy of the digital voting system.

Personally, I think the e-voting idea has a lot of potential, but it has to be handled very carefully, just like traditional ballots. But I definitely have that nagging feeling that something's bound to go wrong here. It always does


Tuesday, November 2, 2004 9:04 AM


if only it weren't so serious


Tuesday, November 2, 2004 10:53 AM


There are several issues with the idea of printing out a hard-copy receipt. The largest is the issue of running out of receipts and having to rely on non-tech-savvy volunteers like my 70 year old mother to maintain things. There is also the risk caused by the receipts coming out in linear order; i.e. they can be matched up with the order of who voted when if that is tracked. That leads to a possible corruption of secret ballots and has happened in other countries, I believe.

The issues with touch screens just get plain scary. One way of phreaking them that I have heard is to smear some vaseline over the place where the candidate of choice is on the screen. In some companies machines that is registered as the choice for every voter until it is cleaned off. Joy.

I'm in Florida. 'Nuff said.

Our county doesn't use touch screens. We have scan-tron style fill in the bubble ballots, which give the benefits of electronic voting and the benefits of paper. This morning the scantron machine at my polling place died. Apparently a battery in the machine. (CMOS? Something like that?) Since we have the paper ballots, those were collected in a secure ballot box and a count of the number of ballots was kept so that when the ballots are run through a machine this evening the election supervisor can be certain all votes were counted. Yes, I actually trust he will do that correctly; he's a bit of a crusader....

Now, if the touch screen machine lost its battery in the same manner BEFORE votes were submitted to the central computer, could those votes be regained? It just makes me nervous. Sometimes the highest tech option is NOT the best way to go.






What "They've" Done To Us, And Is It The Same As G-32 Paxilon Hydrochlorate?
Thu, October 26, 2023 15:05 - 73 posts
Cave Paintings From a Species Before Humans
Mon, October 9, 2023 14:27 - 15 posts
R.I.P. Shawna Trpcic
Mon, October 9, 2023 05:46 - 5 posts

Tue, March 7, 2023 16:14 - 1 posts
Georgia may approve public school Bible classes
Sat, February 25, 2023 09:36 - 22 posts
Joss Whedon fan site shuts down after ex-wife's critical essay
Wed, November 30, 2022 04:18 - 47 posts
WSJ: In the Philippines, Judge Consults Three Wee Friends
Tue, November 29, 2022 08:20 - 2 posts
Joss Whedon returning to TV with epic HBO sci-fi series
Tue, May 3, 2022 12:34 - 18 posts
Singer Meat Loaf dead at age 74
Mon, February 7, 2022 14:26 - 4 posts
The Serenity flies into Battlestar Galactica
Thu, January 6, 2022 14:26 - 35 posts
Keep Flyin': An Exclusive First Look at Firefly Online
Sun, December 19, 2021 13:59 - 22 posts
Self-Driving Uber Car Racks Up First Kill
Sun, November 7, 2021 19:37 - 61 posts