The Harri Hursti Hack And Its Importance To Our Nation

on the Dems to confront this issue! WHY do otherwise intelligent people insist on keeping their heads in the sand on this issue? By not it should be clear to EVERYONE that the neocons, and by extension their voting companies, cannot be trusted.

We've got to pull the plug on the neocon power supply, and fast!

Click here to ask Barbara Boxer to lead the fight for fair elections!

Everyone please sign the petition urging Senator Boxer to get out in front on Election Fraud. Diebold is currently rolling across America just in time for '06. Unless a prominent politician (NOT Kerry, ahem) speaks out and forces the mainstream media to address this issue, we're all in big, big trouble. Boxer was the only senator to stand up against the seating of the Ohio electors in the stolen 2004 election. I believe she can be swayed. Urge everyone you know who cares about the fate of America to sign this petition:

http://www.petitiononline.com/boxer123

I can perfectly understand why they felt the need to cry. I felt like it too.

Kick & Recommended!

Steven P. :kick:

But after I dried my eyes I re-read some of the article and I didn't see what is being regarded as prrof that the vulnerability was planned.

"However, the Hursti hack is individually significant because the flaw it exposed is a planned vulnerability in the system, not something that is accidentally there. It had to be PUT there (programmed) on purpose. For Diebold to claim innocence about this would be absurd. It would be like saying you didn't know your garage had a door while you were standing there holding the garage door opener. Or, because this security vulnerability is so huge, it would more accurately be like saying you didn't know your house had a garage at all!!"

Do you know what she's referring to?

This is old technology, and Diebold bought it many years ago. They have been programming the devices for election after election, and there is NO WAY they didn't know about the vulnerability.

Now, you could say 'planned' or 'known', but Diebold's KNOWLEDGE of the matter, coupled with their failure to fix it, is willful negligence at best. Given what else we know of the organization, it is not unreasonable to assume a malicious motive on their part.

In my experience with Diebold, they seem to have a lot of 'sloppy' practices, for a company that started out as a safe manufacturer. The manifold security lapses, errors, and holes could very well be a deliberate strategy by the company to hide crimes amid a forest of 'errors'.

I'm not defending Diebold, but what you and I and the others assume about Diebold won't serve as "proof" of them planning the vulnerability.

The author states, "It had to be PUT there (programmed) on purpose." And offered zero proof. That kind of language leaves the reform movement open to charges that we make unsubstantiated assertions.

The facts that we can substantiate serve us better than reasonable assumptions stated as absolute truth.

I've noted, with appreciation, the comments you've made down-thread explaining more about the hack.

Thanks, riqster.

There are entirely too many non-technical types making statements on technical matters.

when you quote this:

The author states, "It had to be PUT there (programmed) on purpose." And offered zero proof. That kind of language leaves the reform movement open to charges that we make unsubstantiated assertions

we should step back and think about the sixteen words in Bush's 2003 SOTU message that, it was later admitted, should not have been in the speech. You know, the lie about Britain finding out Saddam had shipped yellow cake from Niger.

In the above quote, the writer says, "It had to be PUT there (programmed) on purpose." I believe the same of those sixteen words.

And, regardless of zero proof, it is true in the case of the code, at least. Simply because code is created by human hands, it is done for a reason (on purpose), and the proof is that the code executes.

To type in random pieces of code would make a program fail to execute. It doesn't work. Just like having 100 monkeys try to edit Shakespeare. IMHO, the burden falls to doubters to explain how an executable program can be made unintentionally.

To argue otherwise is to make the same point as the Creationists who claim Intelligent Design by the Hand of God! If (the code) is there and, if we can't prove why, then it works because of a random act off a deity?

But we know that the code was written by some human, not a deity with an inscrutable purpose. I do believe in Intelligent design... in computer software... but not in the creation of the Universe.

Ergo, if a human did it, there was a reason to it.

But for legal reasons I really can't discuss the specifics, especially on this board. There are apparently a lot of people here who think this was all a "scam" and I don't want to start that up again. All I can say is that, although it's true that Harri wrote the Leon County hack in about 45 minutes sitting by the pool at his hotel, it actually took over eight months of planning and negotiations, five trans-atlantic trips, very expensive lawyers on both sides of the big puddle and a six figure budget to pull this off. Let me just say that we're all very lucky that this even happened. I hesitate to say more. :(

Steven P. :kick:

I'm not aware of any posts saying the test was a scam, though Bev's involvement did give rise to considerable commentary.

I also wasn't wondering how much time it took to arrange the test. I just wondered what the author was referring to as proof of a deliberate effort to make the machine vulnerable.

If you have the original 'tar ball' you can go through it and read the programmers comments in the source code for yourself. If you look carefully at the various changes that were made to the software over several different revisions, you can trace what 'broke' and who discovered that it was 'broken' and went ahead and 'fixed' the problem only to have the same person 'break' it again, but in a much less transparent way but to the same effect. I believe it took seven or so revisions over less than 2 weeks to have it ready for the 2000 election. :)

These weren't bugs, they were "features"! Suffice it to say that the case is still being put together even as we speak. ;-)

Steven P. :kick:

You mean source code. Correct?

It was among the seven gigs of stuff that Bev originally downloaded off of Diebold's server. It's still out there and the answers are still in it. They can't go back and change history now as much as they'd like to. :)

The Diebold system documentation is perfectly clear: access to the machines has to be limited. That said, the entire scenario has no relevance and is actually an insult to the election officials we want to convince.

It made a good stunt though.

According to EAC voting standards, there ain't supposed to be interpreter code in the system. And it appears that there is. And that's why it's being reevaluated by the ITA.

:popcorn:

The article I read claimed that because the ballot records were translated, that was interpreted code. That's not the plain meaning - the Diebold system I inspected was compiled ... VB, but compiled.

"access to the machines has to be limited" Thats not fair to ME is it.

Lets have a contest, Fredda Weinberg and Kster we both get four freinds, we each put $100.00 into a pot, we take a carboard box, we put all our names on a piece of paper and throw it into that box, then I take that box into another room by myself and reach in and pick the winner I come back and say I or one of my freinds won the thousand bucks.

Would you agree to these rules?

Elections officials, even incompetents, have staff - it's not easy to pull off the fraud you suspect, though I've seen some pretty egregious violations ... with paper ballots, btw.

My point is, the Diebold system couldn't be hacked remotely - it required exploiting a vulnerability that was fully disclosed. You can't reasonably interpret this as a deliberate weakness designed to enable tampering.

His expressed concerned was an attack from within.

He was one of the few county officials who refused to use the purge list before the 2000 debacle.

There was nothing wrong with setting up the experiment, but I challenge you to find a quote where he repeats the baseless accusations of deliberate fraud. He is quoted as saying, "It's not that uncommon to be that dependent on vendors" and notes that Florida elections officials were already aware of the system's vulnerabilities.

http://www.votersunite.org/article.asp?id=5611

You wrote, "I challenge you to find a quote where he repeats the baseless accusations of deliberate fraud."

Try this. I challenge you to find a quote where I made a baseless accusation of deliberate fraud.

How awful of you.

Again, I'm pointing out that Sancho's expressed concerned was an attack from within.

Here ya go.

"But Sancho found it ''very, very disquieting'' that one of his workers could steal an election."

http://www.miami.com/mld/miamiherald/13622609.htm


Here's another link for you. They're hiring!

http://www.diebold.com/careers/default.htm

Your wrote in response 9

"It had to be PUT there (programmed) on purpose."

http://www.democraticunderground.com/discuss/duboard.php?az=show_mesg&forum=203&topic_id=409859&mesg_id=409922

As I said, baseless accusation of deliberate fraud. I choose my words carefully - you didn't.

As for the employment ad, that's just bait ... nobody paid me to analyze the florida scrub file - or to bring the documentary, "Unprecedented" to the public's attention. Keeping both sides honest is an honorable position to take - your attitude is destructive to the cause you claim to support.

Pynchon's assertion is not substantiated in her article, as I agree and pointed out. I don't know, however, if it's baseless.

Pardon me if I'm taking us off topic, but it seems to me the issues are...

1. Sancho's expressed concerned about an attack from within

2. According to EAC voting standards, there ain't supposed to be interpreter code in the system. And it appears that there is. And that's why it's being reevaluated by the ITA.
Hence, :popcorn:

But we can make progress on that front without hyperbole.

As for interpreted code, I pointed out above the plain meaning and the accusation, which defies reason.

But I'm going to wait and see the actions of ITA/EAC/NASED, McPherson, PA, MD, and election reform experts as this unfolds.

You have to admit, the whole affair is interesting.

It took years to build up credibility on this issue - and painful to watch while others make us look foolish.

You should care whether or not you are promoting a truthful message.

But I'm going to wait and see the actions of ITA/EAC/NASED, McPherson, PA, MD, and election reform experts as this unfolds.

You've starting other threads on this same bogus accusation.

After all, in one thread you say you'll wait, then you go open new ones. That's not a violation of any rule I know, but should certainly reflect on your honesty.

...about you.

would you agree to these rules?

Who ever I am insulting I apologize I was just asking Fredda Weinberg a question.

But they're probably used to that by now.

to call it.

that they will not accept imagine that.

I burst into tears a couple of months back too, out the blue, thinking about how much we've already lost to these thieves. And the waste and opportunity costs of what we've lost.

I feel the need to find a Diebold representitive, duct tape him to a chair, and introduce him to my favorite power tools.

"This is not something that can be delayed until next year or until the next decade. Whatever investment has been made in DREs must be re-evaluated in the same way we re-evaluated the exploding gas tanks of Ford Pintos. Just as Ford knew, but never disclosed for years that people were dying from the exploding tanks, the voting machine companies know their machines are completely vulnerable. There is too much at stake to trust machines that have been proven to be untrustworthy. We must have paper ballots, and we must have them now. To do less, with the knowledge we have, would be to sacrifice our democracy for the sake of convenience. It is not important that our elections be convenient, but it is vital that they be accurate, secure and verifiable. Otherwise, why hold elections at all"?


Just for "Wilms" Just as Ford knew, but never disclosed for years that people were dying from the exploding tanks. Remember hearing that somewhere before? His analogy is brilliant, brilliant I tell ya :rofl:

...when I saw your post.

is that LHS, not Diebold, programs our memory cards, and LHS is "trustworthy."

I have asked if our memory cards have executable files on them and have not gotten a response.

My questions to you--

What is the stated purpose of the executable file? Does Diebold explain why it is there?

Is the hack scenario, that someone at Diebold (or LHS) would program something like Hursti did, on to the memory card? Or is that someone at the elections office would grab the memory card and program it?

Can you point to specific security regulations, in HAVA, from the FEC, or otherwise, that may be in direct violation as due to the results of this test? I need hard direct issues to discuss with my SOS.

By the way, although LHS programs our cards, we have the exact same system here in Vermont, 1.94

And our SOS is stonewalling when I ask about it.

But that is not precisely the case. What Diebold loads on the cards is a template that contains the candidates, contests, and such, and is supposed be set to zero for all contests. That is not necessarily 'executable code' (which is how they are trying to dodge the issue), depending on how one defines the term. Its purpose is to order the data on the card so that the voting device knows where to put the votes, and for the tabulator to know where to find them.

One hack that Harri did involved pre-loading some candidates with values greater than zero. (There is no way to detect the effects of this hack withour a full manual recount, and to find out which card was altered would be difficult or impossible after the fact, depending on how the system is configured, but in the case of optical scan systems, the vote itself could be saved and the election decided by the voters with a full manual recount.)

However, it IS possible to place executable code on the card, and given the sloppy chain of custody for these cards, it would be easy and undetectable. That is what Harri did with the "Are we having fun yet?" message hack. One could alsochange the oucome of an election with executable code on the card, by re-assigning votes to different candidates.
Anyone with an elementary knowledge of programming, or for that matter anyone who can follow a list of instructions, could hack one of the cards.

BTW, the chain of custody makes the question of 'who programs our cards' irrelevant. If they are not locked up tighter than a Minuteman silo; if there are insufficient controls or audits on the programming process; or if there is any network connectivity (wireless or wired) between the programming location and any other digital device, the cards are vulnerable, and so too is the election. During transportation, or if anyone else comes into the tabulation/voting area, integrity can be compormised.

It was my understanding that when Hursti first "opened up" one of those memory cards, he *found* executable code, not that he placed it there. ???????????

And in the recent article on VoteTrustUSA, it says that before they did the mock election, they did a zero count to ensure that the vote totals were all zero. In your reply you said that all hursti did was give the "candidate" some extra votes before the election started. Wouldn't that show up on the zero test?

For here in Vermont, our memory cards are programmed by a third party, LHS, which complicates things a bit.

Diebold is using a definition of "executable code" that is excessively narrow. What they claim is that the 'template' doesn't qualify as executable without being placed in the scanner or the tabulator-that only PART of the required code to execute is on the card, IOW. Sort of like saying that a nuclear bomb isn't a bomb unless it has been armed and is ready to drop. Disingenuous IMHO. To the vast majority of IT types, what is there is executable.

As to the adding votes to a particular candidate-One could add votes prior to an election, SUBTRACT votes prior to the election, (depending on how the zero count routine is written, a negative number might not get picked up-it is easy to write something like "If VoteCount >0, make VoteCount =0" which wouldn't pick up this fraud. Say we started John Kerry with -200 votes and Dubya with zero, let's say. That would spot Bush 200 votes, just on that one device), or embed some additional logic into the card to assign X% of votes cast to candidate A when the election is closed; every third vote for Candidate B would be switched to Candidate A; or lots of other tricks.


I don't know about every hack that HArri did, but if you'll get me a report, I can explain them more precisely.

Harri just replaced their code with his own to make the machine do what he wanted it to do. As far as the Zero Total Report is concerned, the way the system was designed allows you to count negative votes! All you need to do is place an equal amount of negative votes for the candidate you want to lose with the positive amount of votes your candidate starts out with and presto! Plus ten votes for candidate 'B' added to minus 10 votes for candidate 'K' equals '0' votes total in the machine at the start of the election!

Another problem is the fact that the machines are tested in a special 'test' mode! :crazy:

You run a 'test deck' through the machine where you know in advance what the totals are for each race and then you compare the total reports against the known numbers from the test deck. Easy! If they match, you set the machine into 'election mode' and conduct your election.

The obvious problem there is that any 'script kiddie' could write a routine that does one thing in test mode and quite another in election mode! Why they don't just test the machines in 'election' mode to see if it counts properly in an election and then reset the machine to zero is beyond me.

Steven P. :kick:

I am genuinely interested. I would love to know what kind of actual hack might be possible. For instance, as you may know, as so far I don't think that any machine hack hypothesis that I've looked at would have been undetectable in the exit poll data in the analyses I have seen and done so far (unless it was done in non NEP precincts). But I am constantly on the look out for doable schemes.

If you wanted to steal Ohio, what would you do (given the voting technology there)?
And if you wanted to steal the popular vote, what would you do?

Lizzie

(Elizabeth Liddle)

So what seems to have happened there was a combination of voter registration fraud, and tabulator hacks. These have all been covered in other threads.

Could you explain your premise more clearly, that a hack would be undetectable?

and I laid it out (and various posters made useful comments) here:

http://www.democraticunderground.com/discuss/duboard.php?az=show_topic&forum=203&topic_id=398267

but in short:

Bush's swing (change in vote relative to 2000, a year in which, ironically, the exit polls were fairly close to the counted result) is not significantly correlated with "redshift" in the poll. In other words, if vote-switching were responsible for both a greater boost to Bush in the poll and with redshift in the poll, the two effects should be correlated, and they aren't, not even close. If fraud was absolutely uniform across all precincts, then that would be compatible with the non-correlation finding, but that is hard to envisage. Alternatively, if an algorithm that only lifted Bush off the bottom of precincts where he was doing worse than predicted on the basis of 2000 (or generally worse than expected) but left well alone where he was managing fine on propaganda and gay marriage iniatives, and voter suppression, and, I suppose, incumbency benefits, then that might escape detection by such a correlation. But on my reckoning, only if it was pretty widespread. If there were a substantial proportion of precincts with no fraud, it would tend to show up. And if you didn't get it right, OTOH has demonstrated that you might get a correlation in the "wrong" direction,

One of the things I have been doing, as an exit poll geek, is trying to figure out forms of massive fraud that are compatible with the exit poll, which IMO, actually presents problems for the hypothesis of widespread fraud, although I know this sounds crazy to many. I actually don't think massive fraud IS compatible with that non-correlation, but I am perfectly prepared to concede that where electronic theft was easy, opportunistic theft occurred.

Can I ask you: what is your prior? Do you believe that the election was hacked:

a) because it could have been
b) because of the exit polls
c) because America couldn't have voted for Bush

And do you think that the popular vote was stolen, or just swing states?

(none of these are trick questions, but I am a declared exit-poll skeptic, and thus a declared massive hack skeptic).

In 2004, there was no way to conduct a massive, centralized, completely orchestrated theft. The technology was too diverse, the opposition was on the lookout, and the election workers insufficiently coooperative.

Instead, what was done was opportunistic, targeted fraud, utilizing weak spots and Reep loyalists, in the public and private sectors. I will speak from my experience in Ohio, and suggest you then adopt this approach in researching other states.

Cuyahoga County; DEEP Blue, with a Reep BOE boss (Michael Vu). They decided to switch to Diebold's voter registration system late in the election cycle, and never did get all of the new registrations entered. For this and other reasons,they had an unknown number of lost registrations. (Victoria Lovegren has done quite a bit of research on this matter, and IIRC it was discussed on DU a while back.) This had the effect of disenfranchising a predominantly Dem voter group, because a voter whose registration is suspect is made to vote a provisional ballot; these votes were, in the main, NEVER COUNTED in Ohio, and in Cuyahoga County there were a number of shady dealings in re eligibility. (Two BOE workers were indicted for activities relating to the performance of their duties). If you can't even get to cast your ballot, who needs to tamper with a tabulator? And who can prove fraud? FWIW, MY ballot was never counted due to a voter registration data issue in another county.

Warren County: Solid red, shut their tabulation room off in response to a bogus terror threat. No way of knowing what really happened there, to this day.

Franklin County-purple county, mostly dem but a Reep-controlled BOE. MANY problems with machine availabilty in Dem districts, none in Reep districts. Oooops, they said. Honest mistake. Uh-huh...

Stark County-Reep controlled BOE, Blue county. Went for Kerry, but funny, not by QUITE as much as you'd think...

Essentially, this was the pattern. Boost some red county Bush totals a bit, suppress some blue county Kerry totals a bit, have the Reep SOS suppress Dem voter turnout while enabling Reep voter turnout, and voila. Nothing massive required, and damned hard to prove in court. Also won't result in more than a few points' difference in exit poll numbers, because Ohio was a divided state; but, as in 2000, one divided state with a Reep government was all they needed.

I am prepared to buy the case that Ohio was stolen, just not on the basis of the exit poll. I am completely convinced that Kerry lost more votes than Bush to various forms of electoral injustice. I'm not yet convinced that it stacked up to a Kerry victory, but I'm open to offers, as long as the evidence offered isn't the exit poll.

I agree with you (if I'm reading you right) that there was not a hack on a scale to swing the popular vote. But this is frequently alleged. Do you think that the popular vote was also stolen by the diverse tactics?

I'll think about it. I have a dissertation to finish right now, hope to be done in a week or so.

Also, I have to recover from my outrage over the latest "virtually irrefutable evidence of fraud" exit poll story, which is junk science of the worst kind IMO.

I think the election was stolen. It seems the concerns expressed about the exit poll help bring attention to the election irregularities - no matter what you believe about the exit polls or exit polling.

If everyone agreed exit poll data show Kerry won, despite the Yugoslav model, we'd still have considerable legal burden, at minimum. (And since about a year ago no recourse with regard to the Oval Office.)

So where is the evidence?

A range of methods could have been deployed to steal votes not only in contested states, but uncontested ones, as well, to bolster popular totals. In fact, to help discredit exit polls, I'd consider the possibility that part of a schema included throwing votes to Kerry in safe red and/or blue states.

In addition, to evidence compiled (like in Conyers Report) and the 3(?) remaining court cases, might there be other evidence we might find if we use the exit poll data to target suspicious areas and then look at them more carefully? (ie: machine type, election administration, eirs (or whatever) data)

That would sure beat the pie-fighting, in my opinion. And that's why I'd love to see such a thread.


So once the dissertation is done we have a date?

PM me if I forget.

by the method I described above. I don't know much about polling, so I tend not to say a lot about it. My experience is in the election side.

The scale required to hack the popular vote was in fact quite small, given the manifold ways in which the Reeps were stealing the election. Voter suppression (machines, registration, intimidation, etc.) was the method of choice, requiring much less in the way of 'hacks'.

By "popular vote" I meant Bush's 3 mill margin.

And I agree that the "method of choice" was executed, whether through deliberate intent or culpable negligence. Not sure about the hack. I'll try and find your relevant post.

the coup de grâce: once they have achieved presumptive winner status then they take all possible measures, both legal and illegal, to shut down the proper procedures that are called for by law -- but may threaten their win. In other words, no need for any more counting of votes once they're the winner. If there are still piles of provisional ballots, no need to count those because they are already the winner. And absentee votes mailed in by the men and women serving in the military around the world, no need to count those because they are already the winner.

So in a sense they stole it twice. Once using the tactics you describe and then they had to cheat a second time (to avoid a real recount) in order to secure what they had stolen in the first count.

And they got away with it! Twice! Or should I say twice times twice! First count plus recount in 2000. And then the same again in 2004.

One of the biggest hurdles we have is the fact that even when it is out in the open and clear that lawful process was abandoned and illegal procedures used in their stead, there is still no remedy. So we can devise all the careful audits, chains of custody, citizen witnesses, local publishing of precinct results, and so on, that we want but they will not make a whit of difference if irregularities are discovered but then ignored by the courts and the press. This hurdle is aided by the long list of tactics they use. By applying a larger number of techniques, each one involving a smaller number of votes, they avoid the final problem of scrutiny by the courts and the press by claiming that whatever irregularity has been uncovered, it would not be enough to change the result. They force you to uncover a whole bunch of irregularities and to muster enough evidence to support each one of your multiple claims and to do it in an impossibly short amount of time. They raise this hurdle even higher by insisting that the evidence has to be hard proof -- that you have to prove each one of your claims with hard evidence and somehow do that before any investigation can be sanctioned.

Edit to add: I should have included Congress among those whose scrutiny is avoided but I forgot them. That's funny since they are the ones entrusted by the Constituion to scrutinize the Presidential election and finalize the result. I guess I forgot to include them because they forgot to fulfill their Constitutional duty.

Once you fail at the impossible task of assembling hard proof of a long list of cheats that will add up to enough to change the result before the clock runs out, then the gatekeepers slam the gate shut. The subject becomes taboo, both in the courts and in the press, because no one wants to allow our dirty laundry to be exposed. After all, we're the shining knights who are bringing our democracy to the rest of the world. It won't be helpful (they say) for the world to know that underneath the shining armour, we stink like sh*t.

To end on a more hopeful note, has a tipping point occurred? It seems that more and more the information is coming out in the media -- partly because the Internet media gain more ground on the corporate media every day and partly because the corporate media are being embarrassed into reporting some truth now and then. Also, courts seem to be gradually taking the issue seriously, at least here and there.

Truth is viral. Let's hope the rate of infection can overcome attempts to keep it bottled up and it is finally pandemic.

http://www.blackboxvoting.org/BBVreport.pdf

Also, as I've said on a number of occasions here, there are much easier ways to use Diebold equipment to alter election results.

Once again they're sending off techs to look for cancer and will likely come back and tell us the patient has no cavities.

We need the "Hursti Hack" conducted here an no substitute will suffice.

Consider:

There are a few states which have put the brakes on Diebold acquisitions saying that they're waiting to see what the ITA/EAC/NASED does. McPherson "punting" turned this into a national issue.

It's pointless to re-conduct the test. Everybody knows what it'll show. The best McPherson could get out of it is a threatening letter from Diebold's attorney.