Navigation
Topics
Log In
Log Out
:
Special Search
New Today
New This Week
Advanced Search
Tree View
Your Account
Edit Profile
Register
Forgot Password
Tools
Help/Instructions
Policies
...
|
| 3-28-06: BBV EXCLUSIVE - Diebold atte... |
|
| Author |
Message |
    
Bev Harris
Board Administrator
Username: Admin
Post Number: 3890
Registered: 12-2004
Best of Black Box? 
Votes: 13 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 5:57 am: | 
|
On March 18, Black Box Voting released the first part of findings from an examination of the Diebold TSx touch-screen machines in Emery County, Utah.
Diebold has responded. Harri Hursti and also Security Innovation Inc. have rebutted Diebold's initial explanation. Diebold then came up with a new explanation, while trying to maneuver Emery County's elections chief into resigning.
Bruce Funk, the elected official who has run elections in Emery County for 23 years, noticed a critical shortage in flash memory/storage in seven of his 40 brand new Diebold machines. He arranged for an independent evaluation, a right granted to Utah county officials in the Diebold contract. Black Box Voting secured the services of Harri Hursti and also Security Innovation, Inc. for the Emery County evaluation.
The initial assessment was not encouraging: The memory was so low it appeared likely to compromise elections held on the affected machines, and the most likely explanations were all pretty bad: 1) Different programs on the machines 2) Data already residing on the machines from use elsewhere 3) Flash memory near the end of its life cycle.
PHOTO -- LOW MEMORY IN EMERY:
1. Diebold claims low memory due to a variation in fonts
According to the Deseret Morning News, Diebold spokesman David Bear claimed that the critical shortage in memory was due to different fonts loaded on certain machines.
"Spokesman David Bear said that some of the machines were programmed with more font options than other machines, which is accounting for most of the discrepancy in available memory, although the types of tests run on the machines before shipping could also take up memory.
Diebold has not explained why some machines would have different fonts than others.
Actually, the memory discrepancies were as large as 20MB, and the low memory triggered text on the TSx machine to flip to RED, clearly an alert that there was a problem. Hursti and Security Innovation cast doubt on the font explanation:
Hursti: "Fonts, which there are only few, can explain few 100 kilobytes [each] at the most, not 20 meg we have."
Security Innovation, Inc.: "I went into the tool that builds Windows CE and after adding ALL of the fonts that it contains they *totaled* to 4 megs. Harri is right in that each font individually was small with the largest being a meg but most being like 30k-60k. There exists the possibility that they created a custom font but I don't know why...The only one that's any where near big enough (22meg) is a UNICODE one that can represent things like Japanese characters, Chinese characters.
(Note that Emery County Utah does not have a Japanese/Chinese population sufficient to warrant such special fonts, and even if it did, if such fonts use up memory to the extent that machines experience critical storage problems, that is a significant defect. The existence of Asian language fonts on Utah machines would be consistent with taking delivery on machines previously used in California.)
2. New Diebold explanation: "There is an A, B, and C version"
On Monday Mar. 27, Diebold attended a meeting in Emery County and here they claimed there were actually several versions delivered to Utah. Now, bear in mind that all are the TSx 4.6.4, but in this tape recorded meeting, Diebold stated that within this there is an A, B, and C version.
The main question, of course, is:
Is it the A, B, or the C version that is the certified version?
In the mean time, Diebold is hoping Bruce Funk will hurry up and resign
Diebold's immediate response to Funk's decision to have his machines independently tested was to threaten to charge over $1,200 to check the machines tested to make sure they were suitable for elections.
This brings to mind the question -- why did Diebold deliver machines with memory so low they were not suitable for elections in the first place? The backup election file is 7.9 MB; Note in the photograph above, this "new" machine had only 4 MB of storage left.
And, if the Deseret News report above is correct, if some machines were "hosting illicit programs which could affect performance or in worst case, affect election results," why were they delivered in the first place and why should Emery County pay to have the defects corrected?
Nevermind that, Diebold has now upped the ante to $40,000. The testing involved only two machines, and at $1,200 per day, it is difficult to imagine how it can take 33 days to evaluate two machines, or even 40 machines, which is the total number of machines delivered to Emery County. In a county like San Diego with 10,000 machines, would it take 8,500 days for Diebold to evaluate the machines?
Black Box Voting has requested a copy of the itemization for this $40,000 threat from Diebold. The Emery County Commissioners are, understandably, experiencing some heartburn over Diebold's extortion. Their initial response was to encourage Bruce Funk to resign. A more appropriate response would be to wait for the findings in the upcoming report detailing the security problems found in Emery County machines.
Utah is a state where it is traditional to acquiesce to authority figures. Just how a for-profit vendor managed to gain "authority" over public elections and an ELECTED OFFICIAL is a question that deserves further examination.
This marks the second time that Diebold has attempted to control the actions of an official elected by the people. When Ion Sancho, elections supervisor of Leon County, Florida, opted to have his machines independently evaluated, Diebold refused to provide him with the HAVA-required upgrades that he had already paid for. A Diebold rep stated in a meeting with other Florida election officials that Diebold would honor its contract with Leon County if Ion Sancho [the official elected by the people of Leon County] would step down.
Stick-on dots mean defects
One of the things that prompted Bruce Funk to look at the memory on his machines was his observation that some of the machines were tagged with small yellow stick-on dots. Those machines were especially prone to problems like low memory and problems with the screens.
Black Box Voting has been interviewing other county officials who recently took delivery on Diebold TSx machines, and this is what we have learned: Diebold marks the machines that fail acceptance testing with stick-on dots.
Why Emery County was expected to go into an upcoming election with machines marked with defect dots has not been explained by Diebold.
Now is the time for all good men -- and women -- to wear dots on their foreheads
The Dot Protest
Suggest wearing stick-on dots on your forehead when attending meetings about Diebold.
Citizens forced to vote on Diebold machines: Wear a dot on your forehead when you go to vote.
When people ask about the dots, explain that Diebold marked its defective machines with dots, and you are marking its defective elections with dots.
County officials should examine their machines for stick-on dots. Contact Black Box Voting for non-invasive diagnostic tests which can be performed to evaluate whether you have received defective voting machines. The tests are simple, like booting up the machine and writing down specific information that appears. Keep records yourself of the serial numbers and defects.
NOTICE: During the course of interviews for this article, Black Box Voting has learned that Diebold has been traveling to various counties and swapping the motherboards in its voting machines. Why the entire motherboard would need to be replaced on brand new machines is a question that should be explored. Since this procedure enables a complete replacement of firmware and the insertion of hardware like wireless communications devices, any such actions need to be fully documented.
Activists are encouraged to ask questions locally as to any such changes.
(1) Secure? Vote is no; Deseret Morning News, 26 March 2006
WE ARE AWAITING MORE FORMAL REPORTS ON SIGNIFICANT SECURITY DEFECTS FOUND ON EMERY COUNTY'S TSx MACHINES. NOW THE QUESTION IS: WHICH VERSION WERE WE LOOKING AT -- THE A, THE B OR THE C?
Permission to reprint granted, with attribution to http://www.blackboxvoting.org
|
Marion Gayle Barbee, Jr.
Voting Rights Forum Participant
Username: Mbarbee
Post Number: 1
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 8:19 am: |
|
Diebold makes me sick. I live in Collin County (Plano, thank God, not McKinney!). Guess what kind of machines we have?
What can I do to expose these eeeeeeeeeeevvvvvvviiiiiiiiiiilllllllllllll acts in Diebold homeland??????????? |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 55
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 8:59 am: |
|
VErsion A, B and C? And people wonder why I harp on configuration management issues such as physical configuration audits and the like.
Without a PCA published how does anyone know which system was tested by the ITA, certified by the State, sold to the County, actually delivered to the county. Without system identification this could (and appears to) be four distinct and different systems. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3891
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 10:04 am: |
|
Marion,
Welcome to Black Box Voting. You have Diebold touch-screens if you are in Collin County, and there are a number of things you can do. Email crew@blackboxvoting.org for suggestions specific to your location.
John -- Can you think of any legitimate reason for a version A, B and C? Is there any plausible reason that allows different configuations?
|
Bruce Sims
Frequent Voting Rights Forum Participant
Username: Ubetchaiam
Post Number: 710
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 10:32 am: |
|
The ONLY reasonable explanation I can surmise is that 'A,B, and C' are actually differing verions of firmware/hardware configurations. which gets directly to John's well asked Q about which is the ITA 'approved' version and what is being delivered to the different states.
Really like the wear a dot on your forehead idea. Put it right above the 'third eye' decal/tattoo. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3892
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 10:40 am: |
|
The A, B and C refer to motherboard builds.
You can find the information on a white sticker on the back of the machine. When the machine is placed in the cradle holding the printer, you cannot see the sticker.
Jim's going to post a photo here. |
Jim March
Frequent Voting Rights Forum Participant
Username: Jimmarch
Post Number: 138
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 10:41 am: |
|
Here's a closeup of the back panel of the "core" TSx unit (the touchscreen pulled out of it's "cradle") showing the numbers in question. They're pretty much "dead center" to the right of a 9pin serial connector used for the disability keypad device.
We think the critical information is in the first line of the white tag area.
The yellow tag is probably specific to areas with the add-on VVPAT device, so you probably won't see that in Florida, Pennsylvania or a few others.
 |
Bruce Sims
Frequent Voting Rights Forum Participant
Username: Ubetchaiam
Post Number: 712
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 11:02 am: |
|
"The A, B and C refer to motherboard builds"; ok,that's what I was saying; question: is it a 'motherboard' or a 'systemboard'? And the white sticker references 'Rev.1' ;is that the same as 'A'?
It also would be good to know what the engineering change order("Ref EC#A5329) actually says. And what does the windows cert sticker reference,meaning Operating system? |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3893
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 11:29 am: |
|
We saw two machines where the "Rev." # was hand written in: "Rev 7" -- Those were both on version A machines.
The state of Utah is charging Emery County $40,000, reportedly to have the machines recertified. But how were they certified in the first place, since they are apparently different versions? NASED certification is required in Utah, and NASED does not have separate certifications for A, B, and C versions of the Diebold TSx 4.6.4 |
Bruce Sims
Frequent Voting Rights Forum Participant
Username: Ubetchaiam
Post Number: 713
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 11:55 am: |
|
Rev. 6 is ONLY 2002 approved system per NASED:
http://www.nased.org/NASED%20Qualified%20Voting%20Systems%20122205.pdf
It also looks like these machines only run winCE; is that what the windows certified software sticker shows? If so, which version??
Are they trying to pawn off 1990 'cert' machines to Utah? |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1980
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 11:56 am: |
|
Is it possible that A, B, and C versions also have further sub-variations (as per the Rev. #)? |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3894
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 11:59 am: |
|
-- By way of Jody Holder
A.4 Test Specifications
...Test hardware and software shall be identical to that designed to be used together in the voting system...
---
If the test machine has to be identical hardware and software with the final product, the machines in the field must then be identical with each other.
----
The question must be: What are the differences between A, B, and C?
Since these different versions are marked on each machine, the differences would appear to be at least significant enough to make a notation on the label. According to reports of yesterday's meeting, the differences lie in what is on a chip or the specific chip in use. What are the differences? |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1981
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 12:03 pm: |
|
And how will one ever know what the differences are, if Diebold is now pulling a quick switch on "motherboards"? |
Clifford Lyon
Voting Rights Forum Participant
Username: Clifflyon
Post Number: 1
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 12:18 pm: |
|
I've posted a diary at DailyKos about this story with links back here.
http://www.dailykos.com/story/2006/3/28/134521/609
It is critical that as many people as possible (who are registered there) go and recommend the diary so it get recommended.
There is also a very imformative post from Dow patten at www.OneUtah.org which goes into more detail about Utah's experience with the whole selection process. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3895
Registered: 12-2004
Best of Black Box? 
Votes: 2 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 12:21 pm: |
|
 - 
 - 
How to comment on your defective elections. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3896
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 12:32 pm: |
|
Clifford -- Excellent job. You also have some excellent strategic suggestions -- thanks for sharing those on the phone with us this morning.
Folks, please visit this Web site: http://oneutah.org/2006/03/28/showdown-in-emery-county/
for more information on this important story. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1985
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 1:56 pm: |
|
Good luck, Clifford, with getting good visibility for your excellent DKos Diary. It deserves to be widely appreciated and warmly recommended.
Since you're in touch with Bruce Funk, can you please let us know how we can be most effective in our support? What does he want and need?
I hope that all election reform folks in Utah are doing everything they can to be publicly outspoken in their support. Local support would probably mean a lot to him right now, particularly from anyone who can put some pressure on the people who can make the most difference (media, commissioners, county and state officials). |
Joycelynn Straight
Voting Rights Forum Participant
Username: Fairelections
Post Number: 12
Registered: 12-2005
Best of Black Box? 
Votes: 2 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 3:37 pm: |
|
Bev,
Love the yellow dots!!
The man in the top left photo is Andrew "Drew" Kahl. He was said to be employed by Diebold in August 2005. By October 2005, Pat Beckstead of Davis County Utah, said he was employed by Davis County. By Jan 3 2006, he stated he was employed by Diebold and, in fact, I saw him working at Diebold's office on Jan. 6.
So which is it -- All of the above?
I was poll watching at the Farmington City municipal elections in Nov 2006. "Drew" accompanied Pat Beckstead each time she went to one of the combined polling centers. He also was working with the tabulating machines and printers that night at the vote counting center in the Davis County Government Center.
Let's hope he was employed by the county on that day, because it would have been against Utah law for him to have been there otherwise.
Joycelynn |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1988
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 3:55 pm: |
|
Joycelynn - that's amazing. I've heard of revolving doors, but this takes the cake.
Diebold employee in August 2005
Davis County Utah employee in October 2005
Working for Diebold again in Jan. 2006
This sure seems strange.
"I was poll watching at the Farmington City municipal elections in Nov 2006." (I assume you mean Nov. 2005.)
This makes it look as if he somehow got employed by Davis County in order to be able to access the machines during the election, or in order to find out things about their election procedures from an "insider" perspective. I'm not saying that is what happened, but it does not create a good impression. It gives no confidence as to the independence of Davis County election staff. |
Joycelynn Straight
Voting Rights Forum Participant
Username: Fairelections
Post Number: 13
Registered: 12-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 5:41 pm: |
|
Hi Catherine,
Yes, that's "Nov. 2005."
Well, it's not looking too good for election integrity in Utah. The Davis County Personnel office has no record of an Andrew Kahl or any Kahl employed by the county at any time between Aug 2005 and Dec 2005.
I had to get a signed authorization from a candidate, in order to observe the election process last Nov in Farmington. And, even so, the first time I tried to go in to the tabulating room I wasn't allowed to, even when I showed the police officer my authorization paper. He had me wait, because he said he had to get authorization from county personnel before he could allow me in. During the ten minutes I wasn't allowed in, the county conducted the zero test on the machine. Hmmmmm
Even if Drew had a candidate authorization form, too, it would still have been illegal for him to be behind the observation line in the tabulating room and certainly illegal for him to have been touching the voting, tabulating, and printing machines -- which he did.
Didn't Jim March get arrested simply for getting too close to the machines? And he had a valid reason to do so.
If Drew was a sub-contractor for the county or a Diebold employee, his presence during the vote counting was absolutely illegal.
Not only that but, as the memory cards were arriving and being tabulated, there were at least two Diebold employees (David Applebaum and a woman sales rep -- I'll have to look up her name.) sitting in the observation part of the room, where I was. It's unlikely that they had written authorization from a candidate to be there, either.
The press is allowed to be present during the tabulation process and, as the results came in, at least two reporters were there. Those Diebold employees certainly were not reporters though, and I'm not aware of any other way they could have been there legally. |
Justin Moore
Voting Rights Forum Participant
Username: Jdmoore
Post Number: 5
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 6:18 pm: |
|
You could always have some fun with the dots. How easily do they peel off, and/or how easy would it be to find identical dots (office supply store, school supplies, etc)? Assuming the dots serve some purpose for Diebold, you could always mix-and-match some of the dots to throw off their recordkeeping. 
This is more tounge-in-cheek than serious. |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 84
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, March 28, 2006 - 7:46 pm: |
|
YELLOW DOTS!!!!
you aren't taking this stuff seriously are you?
everyone knows that red dots are the only indication of true farbsmanship.
i used to design postscript fonts. even an aleph bet and farsi. 20mb? nahhhh unless yer doing graphics, not likely.
and in another life i ran a printed circuit bd plant. if you've pictures of those motherboards post 'em. i might be able to help spot any special herbs and spices.
if you can get a shot of the test motherboard and then the field equiptment mb's i might be able to compare in photoshop.
you prolly already know to look at the bios. that's where i'd go to hide stuff. they mightn't be that far along yet. if they wanted to put code triggered by an improbbable seqence that'd be a good place for it. imho
you folks are great!
ed |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 85
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, March 29, 2006 - 8:49 am: |
|
when i say compare i mean distorting to line a translucent image of one bd over an opaque of the approved unit. any altered components or traces will show immediately.
that and the bios has to match.
even then it's a crapshoot.
my apologies if i'm restating the obvious.
ed |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3910
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 30, 2006 - 6:16 am: |
|
Hi, Ed.
quote:if you can get a shot of the test motherboard and then the field equiptment mb's i might be able to compare in photoshop.
Well, the problem with this is getting photographs of the test motherboard and the field equipment, isn't it?
Also, since we have now learned that there is an A, B, and C version of the motherboard (at least) photographs of the test and field versions of each would be needed.
The very core of this issue is secrecy. The vote-counting is secret, done inside a black box by secret software, often in a physical setting where people can't even watch the exterior of the black box. The motherboards are kept secret, both the test versions and the field versions. It's also a secret whether the field versions of the motherboards are the same as the test versions.
You don't need to be an expert in computers to know that the key components controlling our elections are now being kept secret. Until secrecy is eliminated, elections are not actually controlled by the citizenry, but by corporations and the politicians put in office by the secret vote-counting system.
As that pesky ol' Ross Perot used to say:
"It's just that simple!" |
Glen Sandberg
Voting Rights Forum Participant
Username: Glen_sandberg
Post Number: 2
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 30, 2006 - 7:08 am: |
|
Hello BBV!
We need a training course, or at least a manual, for prospective election workers to know what to expect in their state sponsored training sessions and in their access during elections.
Specifically the evidentiary chain-of-custody from certification through use and tally of election results, of precinct machines, data cards, and central computer programs and data.
Or has this kind of public witness been found impossible, logistically or logically, or because it can't touch proprietary features of vendors' machines?
Glen Sandberg <glens@ieee.org> 228-697-5195 |
Glen Sandberg
Voting Rights Forum Participant
Username: Glen_sandberg
Post Number: 3
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 30, 2006 - 7:12 am: |
|
Hello BBV!
We need a training course, or at least a manual, for prospective election workers to know what to expect in their state sponsored training sessions and in their access during elections.
Specifically the evidentiary chain of custody from certification through use and tally of election results, of precinct machines, data cards, and central computer programs and data.
Or has this kind of public witness been found impossible, logistically or logically, or because it can't touch proprietary features of vendors' machines?
Glen Sandberg <glens@ieee.org> 228-697-5195 |
ed hill
Voting Rights Forum Participant
Username: Ed_hill
Post Number: 90
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 30, 2006 - 12:28 pm: |
|
bev
just trying to figure out were i can best focus. looking like the 14th because everything ends up back there.
i suspect that given the shapes of argument and audience. aka; signified/sign/interperant. any legal wrangling will require expert testimony.
did'ja know that the founding fathers are alive;)?!
cambridge is an interesting town.
ed
(Message edited by ed_hill on March 30, 2006) |
Clifford Lyon
Voting Rights Forum Participant
Username: Clifflyon
Post Number: 3
Registered: 03-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, March 30, 2006 - 7:22 pm: |
|
On the bright side, there is a great deal of talk within the state democratic party establishment about an absentee voter movement. We have plenty of time to watch Diebold disasters unfold across the country.
Given the recent events in LA and elsewhere and those yet to come, by November, showing up at a polling place on election day may be akin to exposing oneself as an alien from another planet.
VOTE ABSENTEE! |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 487
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 31, 2006 - 10:08 am: |
|
You have A-D revisions of motherboards being delivered in 'new' units all at the same time? Awfully unlikely in a manufacturer that does any volume at all. Either a great indication that they're used or a great indication that their hardware is buggy and has to be fixed/modified/has compatibility issues. Whichever, none of them good. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3927
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, March 31, 2006 - 2:18 pm: |
|
They say it is an issue of "chip availability" that caused the A, B and C versions. Am I missing something? There's a D? |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 2013
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, April 1, 2006 - 2:33 pm: |
|
Bruce Funk has posted to a forum with an article about his situation. He's volunteered to answer any questions. (His son has also posted about why his dad has done what he did.)
Might be a good opportunity to voice your support.
http://www.zdnet.com/5208-10532-0.html?forumID=1&threadID=19386&messageID=374676 &start=-21 |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3937
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, April 1, 2006 - 10:50 pm: |
|
Thanks, Catherine. I encourage BBV-ers to go to the link and give them a piece of your mind. There is actually only one pro-Diebold guy in that forum, "Jose Torres." I've heard that name before...he spins the company line.
Clearly, the sentiments favor Bruce Funk. He's going to be even more of a hero when the report comes out. In the mean time, the hearing in California also vindicates Bruce Funk. In Emery County, Utah we proved that the Windows CE was altered by Diebold, and in the California hearing the testing labs admit that they are required to test it if it has been altered (but they didn't.) |
Joycelynn Straight
Voting Rights Forum Participant
Username: Fairelections
Post Number: 15
Registered: 12-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, April 2, 2006 - 1:16 pm: |
|
This is from a blog on Uncorrelated.com. There is more to this blog than the below. If you go there to read it, though, be warned that, instead of sticking to hard-core analysis of the problems with the Diebold machines in Emery County, the blogger engages in personal and political attacks. Not very professional behavior for someone whose "...business involves working with the same technologies that Diebold uses,..."
Joycelynn
---------------------------------------------
Diebold Dementia
Mar 30, 2006
Mick Stockinger
>snip<
I read Black Box Votings report on the issue. It might help for you to know that my own business involves working with the same technologies that Diebold uses, so even though I might not have the specifics of their design, I do know what is common practice in terms of design, deployment and support. BBV had the following "issues" with the Diebold TSx machines in Emery County.
Free memory not free. Store-and-forward technology like the Diebold TSx is using is common in all sorts of industrial applications as well. It generally uses two separate storage memories--one for the operating system which is generally read-only, and another to archive data (vote data in this case). This latter-type of memory is read/write and it will also be used to store the customizable aspects of the system like type-faces, drivers, templates, logs, etc... There are all sorts of valid reasons why actual free memory is less that the quoted specification, but I strongly suspect this has nothing to do with the technology and everything to do with the business processes at Diebold. There is a considerable difference in procedure between shipping an off-the-shelf product to an anonymous customer that must set-up and run the equipment themselves, and equipment that is set-up by the vendor. The same things happen, but they happen at different times. Its common practice to test a product before shipping, which could account for the existing data. There is little reason to take the extra step of purging the machines before shipping since Diebold personnel typically deploy these units on site, customizing them to the preferences of each state and conducting a validation process. Nothing about this appears out-of-the-ordinary for this type of equipment and type of customer-support
5% failure rate on delivered machines. This is also not unusual, especially with larger items of electronic equipment like voting machines. Transport wrecks havoc with sensitive equipment, even when its well packaged. Aside from this, its common for any new product to go through a "discovery" process about things that are likely to break. The first iPods we had each had to be replaced within a year. The minis we bought subsequently have been no problem at all. For any complex machine, it is virtually impossible to foresee every possible issue that can come up, and what EVERYONE does, is fix the problems as they occur, incorporating the new awareness into the manufacturing and pre-ship processes. The other reality is that when there is tremendous demand for a product within a certain time-frame, these small problems are magnified by the volume. Nothing particularly unusual here except if your a person who doesn't make things and thus doesn't understand that perfection is an illusion--its why companies have technical support departments.
Open network connection. This seems are rather silly concern to me--all Ethernet ports are active on any type of equipment. Typically equipment of this type with an Ethernet port will log any connections or disconnections. Of course, just having an open Ethernet connection isn't the same as having an open door into the system. Only certain "ports" will be enabled (You've undoubtedly seen a error message somewhere about port 80, through which http traffic is routed--block that port and no more web access...) the security in this case is two-fold; software restrictions of which ports are active as well as permission levels to access different parts of the system, and physical access to the machine. Security is a very different matter for a publicly accessible terminal than it is for a machine in a locked room on a local LAN. This is just scaremongering.
Exposed electrical terminals. Actually what the picture shows is a popped fixture which can be due to a variety of things. It could be, as BBV asserts, a mistake of the specification for either the terminal fixture or the cabinet wall gauge, or it may have been improperly seated in manufacture, or it may have been unseated during rough handling. Generally you know you have a specifications problem if it happens frequently. If it happens once, someone's generally been monkeying with it. Pop it back in or replace with a new one if damaged.
Is this extraordinary? By no means. Would I have serious concerns about the equipment if I discovered this? Only if I was a moron.
Security holes. BBV is very coy about this, saying only that they discovered security flaws without saying what they were. I haven't been very impressed with the analysis to this point, so I am dubious about their claims on this point as well. As I alluded to in the previous point, security always needs to be considered in context. I want a different kind of security for an ATM machine than I do for a piece of equipment under my control in a locked room. Security isn't free--there is always a trade off with flexibility.
>snip< |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3949
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, April 3, 2006 - 9:17 am: |
|
I posted this response over at that blog. It is awaiting approval by the mod.
quote:"I do know what is common practice in terms of design, deployment and support."
But Mick, "the specifics of the design" are everything. For example, common practice is certainly not to HARD-WIRE a password of 1111 into every unit in America, but Diebold did this. Wrote it into the code, in such a manner that no one could change it.
Without knowing the specifics of the design, you are making assumptions that don't hold up.
"
quote:It generally uses two separate storage memories--one for the operating system which is generally read-only"
You'll want to read the upcoming formal security report. The Win CE program proved not to be "read-only." Thank you, however, for underscoring just how badly the TSx is designed.
quote:"There are all sorts of valid reasons why actual free memory is less that the quoted specification"
Not just less. 4 KB in storage space on a machine that is supposed to have 25 KB or more is reduced by a factor of eighty percent.
The memory on the low-storage machines is displayed in RED text, the memory on the others in white text. Let's look at this quote from the Wyle voting machine testing lab (transcript in current lead story on BlackBoxVoting.org). Here, the independent testing authority attempts to explain discrepancies in North Carolina:
quote:"And the one in North Carolina where the screen said that the memory was full and it was ignored. I mean the machine was identifying that it was a condition outside its bounds but it wasn't being properly monitored."
Okay. Now we have Diebold machines, fresh out of the factory, and 20 percent of them are identifying that their memory has hit a critically low point. At the same time, in front of the California Senate Elections Committee hearing on voting machine certification, you have the testing lab pointing a finger at an elected official in North Carolina for running an election on a machine where the screen says "low memory." That election melted down. Now you have another elected official who spots a screen message indicating critically low memory on newly delivered machines.
Let me emphasize that we were unable to clear the storage on these machines using normal maintenance functions. So, if Emery County elections official Bruce Funk had ignored the messages, he would be committing a user error.
quote:"There is a considerable difference in procedure between shipping an off-the-shelf product to an anonymous customer that must set-up and run the equipment themselves, and equipment that is set-up by the vendor."
Except that there are public policy requirements when it comes to running elections. According to Utah election law, I believe it is illegal for the vendor to operate the equipment during an election.
Diebold had ALREADY come to Emery County to "set up the equipment." But back to public policy, as Florida election supervisor Ion Sancho emphasizes, it is important for the elections official to be able to run his own elections, and is definitely not good public policy to become dependent on a vendor to do so.
The vendor is not an elected official (both Sancho and Funk are).
The vendor is not certified or sworn to uphold the elections laws.
The vendor often doesn't even know elections law. (In fact, some of the people who have set up Diebold systems include a Hong Kong emigrant to Canada, a woman from Turkey, and temporary employees hired off of Hot-jobs.com and Monster.com, who were not background checked at all.)
But regardless, this vendor had already been in to "set up the machines" and the critical memory shortage was left on the machines after the vendor set them up.
quote:"There is little reason to take the extra step of purging the machines before shipping since Diebold personnel typically deploy these units on site, customizing them to the preferences of each state and conducting a validation process."
Except that Diebold had already conducted the "validation process" -- we reviewed the forms for the "validation process" which were filled out by Diebold before we got there.
quote:"Nothing about this appears out-of-the-ordinary for this type of equipment and type of customer-support"
Nothing about the erroneous assumptions seems out of the ordinary for deployment of an iPod. It is definitely out of the ordinary for deployment of a federal election.
quote:"5% failure rate on delivered machines."
The failure rate was closer to 33 percent, and that's not just in Emery County, that was also in other Utah counties. How did you come up with "5%"?
quote:"Aside from this, its common for any new product to go through a 'discovery' process about things that are likely to break."
The example of an iPod is not equivalent to the example of a national election which may control the fate of the free world. You don't have to listen to your iPod-cast on (and only on) the first Tuesday in November 2006 for precisely 12 hours, with no opportunity to redo or recover the information if it fails and a few billion dollars riding on the outcome.
quote:"For any complex machine, it is virtually impossible to foresee every possible issue that can come up, and what EVERYONE does, is fix the problems as they occur, incorporating the new awareness into the manufacturing and pre-ship processes."
Then let's do that with the space shuttle, just "fix it as it occurs." No biggie. Let's do that with the next Boeing aircraft, just let it crash and "fix it when it occurs."
There is a difference between a consumer product like an iPod and a mission critical application like a national election where Diebold machines will count one-third of all votes cast, and are deployed in 32 states.
quote:"The other reality is that when there is tremendous demand for a product within a certain time-frame, these small problems are magnified by the volume."
Exactly. Which is why it was idiotic to force HAVA purchasing of voting machines before the standards for the machines were in place and while the certification process is widely acknowledged to be broken and dysfunctional. This has already resulted in millions of taxpayer dollars being thrown in the toilet on systems that now must be replaced. To wit: Georgia. Maryland. Each state spent over $50 million on systems they have to replace, at taxpayer expense.
quote:"Nothing particularly unusual here except if your a person who doesn't make things and thus doesn't understand that perfection is an illusion--its why companies have technical support departments. "
From my perspective, you are an individual who understands consumer product manufacturing but does not have a very good understanding of public policy, the Constitution, or history.
We had an election system. The election system was not broken. We fixed something that was not broken and at the same time, privatized a function.
When a public official signs a contract with a private vendor which assigns rights to a VENDOR of privileges granted by the state constitution to CITIZENS, that public official has just, in effect, made changes in the constitution outside his legal right to do so. There is a process for changing the constitution. It's called an Amendment. By signing these contracts, public officials illegally amended their state constitutions. That issue is in litigation right now, by the way, in Washington State.
Trying to then force a United States federal election into the manufacturing parameters of the iPod product reveals a lot about how we got into this in the first place.
We turned critical parts of the most prominent democracy in the world over to a small subset of individuals who possess a peculiar tunnel vision skewed by their involvement in consumer electronics. This distorted the decision-making which controls democracy into a discussion of iPod quality control.
The best of the scientists seem to realize this, but the consumer products industry is on a gold rush. Since this is a consumer product, I would hope that consumer liability comes into play, but public officials have not yet come up to speed on how consumer liability law impacts their defective voting machines.
So far, the manufacturers have been charging the public officials for fixing the defects in their own product.
* * * * *
He goes on to assume that this is an issue of the Democrats or liberals. The blog he posts on is a mainly conservative and pro-gun blog, it looks like. I probably should have had Jim March, who has been a key advocate in the elections reform issue since 2003, respond. Jim is a Republican and a former gun lobbyist. There are other very prominent members of Black Box Voting who are Libertarians and/or conservatives as well.
There is a great disservice done to voting reform when we allow it to be framed as a partisan issue. It is not. Bruce Funk is a Republican. Ion Sancho is a Democrat.
Integrity is nonpartisan. |
|
|
