|
|
F2654hD4
This isn't really a local issue but it is, and it isn't. In his February
23rd Los Angeles Times column, Golden State, Michael Hiltzik, was a bit exercised about this –
… there's no excuse
for exposing the integrity of our election system to computer hackers. Yet that's what California Secretary of State Bruce
McPherson may have done last week by approving electronic voting machines from Diebold Election Systems for use in California
elections through the end of this year.
McPherson's approval was conditioned in part on local election officials keeping
the Diebold machines under tight security before polls open. Diebold will have to make significant changes to its software
and undergo further scrutiny from state and federal authorities for 2007. Given the rising panic among county registrars about
having machines ready for the June primary, it's hard to avoid the impression that McPherson's decision reflected expediency
more than confidence in Diebold's work.
Indeed, his ruling produced a statewide sigh of relief from county registrars,
who were squeezed between a federal law requiring them to install efficient new high-tech poll machines and a state law requiring
the machines to be formally certified. "This means I won't have to go to either Leavenworth or Folsom," San Diego registrar
Mikel Haas told me. His county, which will stage a primary on April 11 to replace the bribe-taking Rep. Randy "Duke" Cunningham,
bought 10,200 Diebold machines for $31 million in 2003, but hadn't been allowed to use them since 2004.
Well, they were in a jam
and spent over thirty million, so Bruce McPherson saved the day. Of note, just as Condoleezza Rice was appointed by George
Bush to be the Secretary of State at the federal level, so Bruce McPherson was appointed by Arnold Shwarzenegger to be California's
Secretary of State. Neither is an elected official. The respective legislative bodies advised (like it mattered) and consented
(what the heck). Approved.
Well, these are just staff people. They implement what the boss wants. And they want to
stay in power, and make sure their friends stay in power.
Now Rice has done some odd things recently. She testified
to congress that she needed to spend a whole lot of money, seventy-five million - to fund groups in Iran that would then,
being well-funded, rise up and overthrow the theocratic oddballs that run things there now and are building nuclear weapons.
But as anyone can see, this isn't exactly effective diplomacy, as now any anti-government group there will be mocked and rejected.
You may be against the ridiculous government here, but obviously you're a tool of the Americans fighting our brothers in Iraq
- you took their money to do this protesting and plotting - their own Secretary of State said she's funding you! (See this - "It's long been known that pro-democracy groups and their supporters in Iran would be discredited if they were publicly
linked to the Great Satan. Worse yet, that open linkage would give Iran's secret police agencies an excuse to crack down brutally
on them as enemies of the state, charging their leaders with subversion.")
It's hard to get good staff people these
days.
As for Bruce McPherson, he commissioned a panel of computer security experts to look into the Diebold systems
and tell him if they were secure. Could they be hacked? Could votes be altered? Well, they reported on February 14 that, yes,
they could. Not very clever folks could tamper with the removable memory cards and change the results and no one would be
the wiser. And by the way, there were sixteen other software problems that would, as the Times reports, cede "complete
control" of the system to hackers who might then "change vote totals, modify reports, change the names of candidates, change
the races being voted on." And there were ways to crash the machines, bringing an election to a halt. And hackers "wouldn't
need to know passwords or cryptographic keys, or have access to any other part of the system, to do their dirty work." Or
so said David Jefferson of Lawrence Livermore National Laboratory, David Wagner of Berkeley, and the assorted others on the
panel.
The biggest problem?
That would be this –
The bugs pale next to
another discovery by the panel. This is the presence of a cryptographic key written into the source code, or basic software,
of every Diebold touch-screen machine in the country. The researchers called this blunder tantamount to "a bank using the
same PIN code for every ATM card they issued; if this PIN code ever became known, the exposure could be tremendous."
Here's
the punch line: The Diebold key became known in 2003, when it was published by researchers at Johns Hopkins and Rice universities.
It can be found today via a Google search.
Three days later McPherson
- shrugging, one assumes - certified the machines.
Close enough? Scientific and technical folks worry too much?
That's
what they say at the national level about all those people who say there's this global warming going on. The president listens
to the to pop novelist Michael Crichton (see this), so who needs the scientists? (That last Crichton novel on the topic was lively, even if one sees here that Crichton has admitted to once plagiarizing a work by George Orwell and submitting it as his own.)
On the state
level? Michael Hiltzik adds more here, if you like detail - Diebold's defense (people do think we're accurate), the experts' report, the Secretary of State's announcement (PDF format) of conditional certification, the summary of the University of Iowa 1997 discovery of the coding problem, and more, including this –
A team including Avi
Rubin of Johns Hopkins uncovered the key - for the first time, they thought - in 2003, and they published it in his highly technical paper. (It's on page 14, but for those unwilling to wade through the technicalities, the key is F2654hD4.)
Ah, this cryptographic
key written into the source code of every Diebold voting machine used anywhere in the country - F2654hD4!
Cool.
And this is not just a California issue.
Diebold responded, three years ago, to the Johns Hopkins' paper, specifically,
here - this flaw and the other bug are "manageable by a reasonably careful combination of short-and long-term approaches" Just
be careful. Lock everything up, physically? Heck, why not go back to paper ballots?
The Johns Hopkins team responds
here - bad code, hack one machine and you can hack them all nationally, and the fix is easy. (Those of us who have been coding
since the eighties know you never embed the key to the whole system in the code itself, the code that you can see -
that's a rookie, bonehead mistake.)
The major-league commentator at the Washington Monthly, Kevin Drum, who
writes from down in Orange County (he used to write under the name CalPundit), covers the same ground here, and he seems a tad amazed –
Despite the fact that
the panel of experts concluded that Diebold could fix all the bugs in their machines in "only a few hours," the problem
with the hardcoded key has been known since 1997 and the key itself has been known since 2003 - but Diebold has done nothing
about it.
... There's simply no excuse for tolerating even the perception that the voting process is so easily open
to abuse. I'm no conspiracy monger, but the fact that Diebold hasn't corrected these problems despite the fact that they're
obvious, widely known, and easy to fix, does nothing except provoke suspicion - well deserved or not - that they're stonewalling
deliberately. I mean, why act so damn guilty unless they really are guilty?
Good question. But who
would rig the vote?
Well, it's easy to do. F2654hD4 It's in there, in each and every machine. Have fun. From
Kevin Drum - "And the 8-byte password used for Diebold's voter, administrator, and ender cards is ED 0A ED 0A ED 0A ED 0A.
(Aren't you glad this stuff is so easily found on the internet?)"
Yes indeed. But our side plays by the rules. We'd
never use this information to cheat.
And as all this above makes it way around the net - Drum has an incredibly wide
readership - this will be a problem that gets fixed. The code and password will be everywhere. Diebold will have to do their
job. Rove will weep. But that's the way things are these days.
On the other hand, Diebold may stonewall. Have fun,
if you have the chops.
As for what's over at the pesky national clearinghouse of information on such matters, Black Box Voting, some of the current items are these - someone accessed forty Palm Beach County voting machines November 2004 and the voting
machine logs contain approximately a hundred thousand errors, and convicted embezzler Jeff Dean, the Diebold head tech guy,
remotely accessed the voting machines in major California counties for 2000 election when you can't do that (so they say),
and on and on.
And our friend Doug Yeats sent is this local news story –
(February 24, 2006) The
Alaska Division of Elections has now officially refused to release the public records that would verify the results of the
2004 election.
The election totals differ from the district by district totals by more than 100,000 votes in some
races, while others show more votes than there are voters in the district.
The election was tabulated by the election
company Diebold Computer System. ...
And this –
A long-standing public
records request for the release of Election 2004 database files created by Diebold's voting system had been long delayed after
several odd twists and turns, including the revelation of a contract with the state claiming the information to be a "company
secret." But while it finally appeared as though the state had agreed to release the information (after reserving the
right to "manipulate the data" in consultation with Diebold before releasing it), the state's top Security Official has now
- at the last minute - stepped in to deny the request. The grounds for the denial: the release of the information poses a
"security risk" to the state of Alaska.
What?
California,
Florida, Alaska. It's not a local story. Pennsylvania and Ohio (this - Hearings On Ohio Voting Put 2004 Election In Doubt - is still unresolved). Diebold's CEO, Walden O'Dell, did say he was "committed to helping Ohio deliver its electoral votes for the president." It worked.
Maybe they just don't
want us to vote. Voting and thinking your vote counts? That's for chumps. That's for the Iraqis. We've moved on.
__
Clarification
A question from Rick, the News Guy in Atlanta –
What I'm missing from
this is how the "F2654hD4" key is used. Specifically, could a hacker access the machine from his home, or must an evil-doer
be on the scene, either to enter the key on a keyboard to change results, or to physically open up the machine to pull out
some cards and insert new cards or something?
Good Question. Yes,
the code is in each machine. But, except for isolated precincts at, say, Brokeback Mountain, the voting machines are networked.
The key is also hard-coded on the server software of course, so you can get physical access to a single machine somehow, or
remotely break into the server linking them (not impossible). Change results at a node, or change results being fed from any
of the nodes to the server, or change the tables on the server. Your choice. The usual scenario is one of the Diebold workers,
the tech support guy for example, doing routine maintenance, adjusts the votes. If he can, someone else, with a little hacking,
can too.
|
|
|