dark matter surrealism hplc


Inside A U.S. Election Vote Counting Program
 By Bev Harris

Detailed Examination Of Diebold GEMS Voting Machine Security ( Part 1)

CAN THE VOTES BE CHANGED?

Here's what we're going to do: We'll go in and run a totals report, so you can see what the Election Supervisor sees. Then we'll tamper with the votes. I'll show you that our tampering appears in Table 2, but not Table 1. Then we'll go back and run another totals report, and you'll see that it contains the tampered votes from Table 2. Remember that there are two programs: The GEMS program, which the Election Supervisor sees, and the Microsoft Access database that stores the votes, which she cannot see.

Let's run a report on the Max Cleland/Saxby Chambliss race. (This is an example, and does not contain the real data.) Here is what the Totals Report will look like in GEMS:

As it stands, Cleland is stomping Chambliss. Let's make it more exciting.

The GEMS election file contains more than one "set of books." They are hidden from the person running the GEMS program, but you can see them if you go into Microsoft Access. You might look at it like this: Suppose you have votes on paper ballots, and you pile all the paper ballots in room one. Then, you make a copy of all the ballots and put the stack of copies in room 2.

You then leave the door open to room 2, so that people can come in and out, replacing some of the votes in the stack with their own.

You could have some sort of security device that would tell you if any of the copies of votes in room 2 have been changed, but you opt not to.

Now, suppose you want to count the votes. Should you count them from room 1 (original votes)? Or should you count them from room 2, where they may or may not be the same as room 1? What Diebold chose to do in the files we examined was to count the votes from "room2." Illustration:

If an intruder opens the GEMS program in Microsoft Access, they will find that each candidate has an assigned number:

One can then go see how many votes a candidate has by visiting "room 1" which is called the CandidateCounter:

In the above example, "454" represents Max Cleland and "455" represents Saxby Chambliss. Now let's visit Room2, which has copies of Room1. You can find it in an Access table called SumCandidateCounter:

0Now let's put our own votes in Room2. We'll put Chambliss ahead by a nose, by subtracting 100 from Cleland and adding 100 to Chambliss. Always add and delete the same number of votes, so the number of voters won't change.

Notice that we have only tampered with the votes in "Room 2." In Room 1, they remain the same. Room 1, after tampering with Room 2:

Now let's run a report again. Go into GEMS and run the totals report. Here's what it looks like now:

Now, the above example is for a simple race using just one precinct. If you run a detail report, you'll see that the precinct report pulls the untampered data, while the totals report pulls the tampered data. This would allow a precinct to pass a spot check.

<back ------------------------------------------ Can the Password be Bypassed?>