[I'm not in a position to vouch for the authenticity of this report but am forwarding it along because Alastair (an enthusiastic, splendid muckraker) has been a reliable source in the past. --Declan] --- From: "Scoop Editor - Alastair Thompson" <alastairat_private> To: alastairat_private Date: Tue, 8 Jul 2003 18:36:07 +1200 Subject: U.S. Election Security Scoop Of The Century.... VERY IMPORTANT Dear All, Apologies about the BCC, this is going out to a very select and very powerful list of individuals and I do not want the list distributed more widely. I am writing to you because you are either a reporter, columnist, list owner or website who has in the past dealt with Scoop.co.nz. You are our friends and we want your help. We have just broken probably the biggest story in the history of Scoop and possibly one of the biggest stories in the history of the Internet. We want your assistance and attention. To cut to the chase, working with Bev Harris we have just revealed a hole in the U.S. Electoral system through which you could drive a mack truck. The details follow below and are at the following two links… with pictures…. This story is extremely sensitive and potentially explosive. There can be no doubt whatsoever that powerful commercial interests will be acting swiftly to either put a lid on this story, neutralise it via misinformation or take legal action. It is vital therefore that it receive as much exposure as possible as quickly as possible. Here is what I want you to do. If you are a columnist or reporter: Please either write about this yourself – perhaps linking to our source materials – or bring this to the attention of your editor(s) and attempt to get your news organisation to carry a matching or followup story. If you are a webmaster: Please either repost the stories linked below and included at the foot of this email, or post links to them. If you are a list owner: Please post an item on this to your list and encourage your list members to further distribute this story; Finally, and I appreciate we are asking a lot here. Can I encourage you all to talk about this story with your colleagues and email it to friends and acquaintances, particularly politically active people in the United States. Thanks and regards Alastair Thompson Scoop Media New Zealand ARTICLES ATTACHED THESE ARE LOCATED AT Inside A U.S. Election Vote Counting Program <http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm>http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm & Sludge Report #154 – Bigger Than Watergate! <http://www.scoop.co.nz/mason/stories/HL0307/S00064.htm>http://www.scoop.co.nz/mason/stories/HL0307/S00064.htm Sludge Report #154 – Bigger Than Watergate! In This Edition: Bigger Than Watergate! - How To Rig An Election In The United States - Fantasy vs Reality - How We Discovered The Backdoor - Evidence Of Motive - Evidence Of Opportunity - Evidence Of Method - Evidence Of Prior Conduct - Consistent Unexplained Circumstantial Evidence IMPORTANT NOTE: Publication of this story marks a watershed in American political history. It is offered freely for publication in full or part on any and all internet forums, blogs and noticeboards. All other media are also encouraged to utilise material. Readers are encouraged to forward this to friends and acquaintances in the United States and elsewhere. [snip --see urls above --declan] --- From: "Scoop Editor - Alastair Thompson" <alastairat_private> To: alastairat_private Date: Thu, 10 Jul 2003 11:47:00 +1200 Dear All. A followup story on the Voting machine story. This article is useful as it fills in some of the gaps in the logic in the first one. Firstly it shows that Diebold is in the habit of lying about its systems to election supervisors. Secondly it shows - quoting people working on the Georgia election system installation programme - that the FTP site from which the data is now available was being used extensively in the run-up to the 2002 mid-term election. Thirdly it illustrates that "quality control" and "testing" are dirty words at Diebold Elections Systems. <http://www.scoop.co.nz/mason/stories/HL0307/S00078.htm>http://www.scoop.co.nz/mason/stories/HL0307/S00078.htm Bald-Faced Lies About Black Box Voting Machines and The Truth About the Rob-Georgia File By Bev Harris * The Full text is copied below. You know what to do... Post, inform, illuminate... Bald-Faced Lies About Black Box Voting Machines Bald-Faced Lies About Black Box Voting Machines and The Truth About the Rob-Georgia File By Bev Harris * * Bev Harris is the Author of the soon to be published book " Black Box Voting: Ballot Tampering In The 21st Century " Pre order at… <http://www.blackboxvoting.com>http://www.blackboxvoting.com Scoop.co.nz has now revealed for the first time the location of a complete online copy of the original data set. As we anticipate attempts to prevent the distribution of this information we encourage supporters of democracy to make copies of these files and to make them available on websites and file sharing networks. <http://users.actrix.co.nz/dolly/>http://users.actrix.co.nz/dolly/ Download the Diebold files (See also... <http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm>http://www.scoop.co.nz/mason/stories/HL0307/S00065.htm Inside A U.S. Election Vote Counting Program and <http://www.scoop.co.nz/mason/stories/HL0307/S00064.htm>http://www.scoop.co.nz/mason/stories/HL0307/S00064.htm Sludge Report #154 – Bigger Than Watergate!**) A Diebold touchscreen voting machine Makers of the walk right in, sit right down, replace ballot tallies with your own GEMS vote counting program. CONTENTS LIES TRUTH ABOUT ROB-GEORGIA Someone needs to get their story straight. Diebold voting machines are used in 37 states. The entire state of Ohio is considering dumping its old system to buy Diebold. Georgia already did. The Diebold files, supposedly secret voting machine files left on an unprotected web site for nearly six years, are unlocking the truth. Official stories about voting machine security, acceptance testing and last-minute program changes are beginning to slide around like hot grease on a Georgia griddle. What was the program patch known as rob-georgia.zip used for? What were they doing with that ftp site, anyway? Hang in for the first part of this article, the finger-pointing and obfuscating part, because it concludes with a straightforward explanation of what went on in Georgia that has never been made public before. ************** DO ANY OF THESE PEOPLE TELL THE TRUTH? "We protect the Bill of Rights, the Constitution and the Declaration of Independence. We protect the Hope Diamond," [Diebold CEO Wally] O'Dell told The Plain Dealer in May 2002. "Now, we protect the most sacred treasure we have, our secret ballot." If they can't tell us the truth about simple things like "does it connect to modems," can we really be confident that they are protecting our vote? CNBC asked Diebold CEO Wally O'Dell this question on election day, Nov. 5, 2002: "How tamper proof are these voting machines? That seems to be a concern of some who feel that it only takes one person, one hacker who can screw up an entire election. How valid is that criticism Mr. O`Dell?" "Well, there`s always risks," replied O'Dell, "but, you know, these things are not connected to the Internet. They`re individual precinct by precinct, location by location. They`re double checked before they`re sent out. We think the technology is fabulous and very bulletproof. (Come back here after reading rob-georgia, ask him to repeat this.) "The GEMS computers are not connected to any communication system, including the Internet, and contain no software other than the Windows operating system and the Global Election Management System object code," wrote Dr. Brit Williams on Apr. 23, 2003. He is the official voting machine certifier for the state of Georgia, and a key member of the panel that chooses national Independent Testing Labs for voting machines. Lies. "The central host system (GEMS Software) is generally a stand-alone system so that no physical access via network is allowed...This computer can download files for the Internet with dial-out only capability, but is generally not allowed to be linked to the Internet for obvious security concerns. This, in documents submitted during a purchasing decision, answering questions from Santa Clara County, California on Feb. 7, 2003. If the GEMS computer isn't connected to anything, why is the following diagram found in a file named GApresentation3-02.zip, found on the Diebold ftp site? This diagram depicts the GEMS computer connecting directly to the Internet on election night. CLICK IMAGE FOR BIG VERSION Not connected to any communication system are they, Dr. Williams? I spoke with James Rellinger, the technician who installed all 159 GEMS host computers in Georgia. Harris: "I understand that you worked for Diebold Election Systems in Georgia. Can you tell me what you did?" Rellinger: "They contracted us here in Georgia to basically follow a recipe book and we ran down and built these things." Harris: "By 'build these things' -- I think of build, like a hammer and a screwdriver -- What do you mean by build, what were you building?" Rellinger: "Oh, that's a good point. There were 159 of these servers that went out. All we did was run through a series of tests to make sure they could log on and communicate and make sure everything jived with the touch screen. "When you say build they were actually just a Dell server and we added some hardware to it for instance CD burners, a tape came in them already, but we'd add things to make them modem capable. "When you say build a server it's not physically assembling a hardware. We added a component or two to make it do what we needed to do, modems, we load the Windows 2000, put the software in then we test it against their touch-screen machines." Let's look at just how big a whopper Dr. Williams told when he said they aren't connected to anything: Sandy Baxter, Elections Supervisor for San Juan County, Washington, also says she had modems and Internet capability: "I think it was about 1999 we bought a new server. They gave us recommendations for servers, like Dell. They had Dell ship them to McKinney, Texas and they loaded the systems on and various modems, digiboards and stuff...The server can handle multiple PCs, but I only have one at this time, so my PC is also my server...I have two modems. I have a modem that is for going out and it is not connected to the GEMS system. So I can go to the web. I have what's called a digiboard on my server that allows multiple modem connections. I have a second modem on the GEMS system but its only for the AccuVote systems. My precincts modem me the results on that. The second modem is the only one that goes to my GEMS system. It doesn't have the capability to go in and out. I just plug it in when I use it." The User Manuals are filled with references to modems, ports, uploading, downloading, TCP/IP protocols, transmissions, and ways to use "JResults" to upload to the web continuously on election night. Technical specifications, including manufacturer's components lists, show that not only are there modems, but wireless communications. All right, so they lied to us about modem hook-ups. Shall we let this cloud our trust in everything else they are telling us? Consider this: Diebold's official spokesman, Joseph Richardson assures us that the open ftp site was inactive. In interviews with Salon.com and the Baltimore City Paper, he said the site was old and the files were out of date. Was this the truth? Not at all. The site was taken down on Jan. 29, 2003. The most recent file on the ftp site is dated Jan. 23, 2003. How much information was in the files? See for yourself by visiting the download site at the top of this article. Michael Barnes, of the elections division with the Georgia Secretary of State's office, said "That ftp site did not affect us in any way shape or form because we did not do any file transferring from it." Let's have Dr. Brit Williams weigh in. In Feb. 2003, he said "I'm not familiar with that site." On April 23, he wrote a letter that was a bit more precise: "Apparently, there was an FTP site that Diebold employees used to store and transfer versions of the system that were under development. The contents, or even existence, of the 'rob georgia' folder has not been established. However, for the sake of this discussion, we will assume that the FTP site existed... This would have had absolutely no effect on the election system as implemented in Georgia. The State does not obtain its election system code from an FTP site or even from Diebold." Dr. Williams went on to outline an elaborate scheme whereby he claimed that the program files are obtained solely from ITAs (Independent Testing Labs). What about the Secretary of State? A memo by Chris Riggall, spokesperson for Georgia Secretary of State Cathy Cox, stated that last minute "patches" were installed on all 22,000 voting machines in Georgia. Dr. Williams admitted to me that they were never examined -- not by a testing lab, not by him, not by anyone outside of Diebold. Suddenly, no one could get their stories straight on the patches either. The patch was from Microsoft and it was for Windows, said the Secretary of State's office. But wait -- Dr. Williams says it came directly from the ITA. What does Diebold say? Diebold says they have no indication there ever was a patch. We're going to meet one of the guys who actually installed that patch in a minute, but first let us observe the art of evasion from Diebold's Joe Richardson: Harris: "Did you say, when interviewed by Salon.com, in reference to whether patches were put on the machines in Georgia, "We have analyzed that situation and have no indication of that happening at all." Richardson: "Well, that is what I said at the time, however, we have continued to investigate the matter and … (very, very long pause) Yes that is what I said to Salon.com." Harris: "Do you stand by that now?" Richardson: "We have continued to look into the matter." Harris: "As you have continued to investigate this, do you have any new information as to whether patches were put on in Georgia?" Richardson: "No." Harris: "Has anyone thought to just call them up and ask? The Secretary of State's office?" Richardson: "I can't say." Harris: "What was the rob-georgia file? Who is responsible for it?" Richardson: "I'm not privy to that information." Harris: "Who would be able to answer that question?" Richardson: "I can't tell you. I can look into it." Harris: "Yes, could you do that please? In two publications, you are quoted as saying that the information on the open FTP site was old and out of date. Yet, I can tell you the most recent file on it was dated January 16, 2003. Did you do any checking to see whether the site had been used recently when you made that statement?" (A more recent file, dated Jan. 23, was later discovered.) Richardson: "The site had already been taken down." Harris: "Surely Diebold has access to its own site?" Richardson: "I'm saying I didn't have access." Harris: "Did you ask anybody?" Richardson: (sound of shuffling papers) "Our ongoing investigation has found no merit to the insinuations of security breaches in our election solutions." Harris: "So if there were up to 20,000 files including hardware, software specs, testing protocols, source code, you do not feel that is a security breach?" (more files have since been discovered inside a mammoth zipped directory, bringing the estimated total up to nearly 40,000 files) Richardson: "Our ongoing investigation has found no merit to the insinuations of security breaches in our election solutions." And now, Dr. Brit Williams on the Georgia patch: Harris: What was the security around the creation of the cards used to implement the patch? Williams: "That's a real good question. Like I say, we were in the heat of the election. Some of the things we did, we probably compromised security a little bit -- Let me emphasize we've gone back since the election and done extensive testing on all this." Dr. Williams latest 180 degree reversal (This link leads you to a forum discussing files from the ftp site, which contains several absurd statements from Dr. Williams). And now, Michael Barnes on the Georgia patch: Barnes: "Wyle said it did not affect the certification elements. So it did not need to be certified." (at the above-referenced link, you can also find information from a Freedom of Information Act request, in which officials admitted they did not have any certifying documents on the patch). Harris: "Where's the written report from Wyle on that? Can I have a copy?" Barnes: "I'd have to look for it I don't know if there was ever a written report by Wyle. It might have been by phone." ************** The Truth About Rob-Georgia Everyone assured me they knew of no one named Rob. Move along. But I received an e-mail: "I think I may be the Rob in rob-georgia," it said. And now I know why they didn't want us to interview him. I think you'll agree that his interview is worth the length, for the picture you get of what was really going on. If you prefer to skim, check the sections in blue. Citizens, meet Rob Behler, straight talker: Harris: What was the FTP site for? Behler:One of problems we had was an issue with the GEMS database. They had to do an update to it, so they just post the update to the web site. Harris: What was rob-georgia? Behler: I believe what that file was for, I did a -- well, there were a ton of holes with the programs on those machines. When they all came into the warehouse, I did a quality check, this was something I did on a Saturday. I found that 25% of the machines on the floor would fail KSU testing -- Harris: "What is KSU testing?" Behler: "Kennesaw State University. We knew basically what they would be testing and the trick was to make sure the machines would pass the testing. So I went and checked a pallet and found it was bad. And I checked another, and another, and I knew we had a problem." Harris: "Was that both you and James Rellinger?" Behler: "James dealt with the network, but I was dealing with the touchscreen machines themselves. Harris: "What kind of problems were you seeing?" Behler: "…One of the things we had wrong was the date wasn't sticking in the Windows CE. The real time clock would go to check the time on the motherboard, and it would have an invalid year in it, like 1974 or something, and basically the machine would continue to keep checking. Every time it checked, it saw that the date was not right and this put it into a loop. "They had to do an update in CE to fix all those dates. So the way we did that in the warehouse was, they would post whatever the update was on the FTP site. James would go get the file and put it on the [memory] cards. Because you load everything through the PCMCIA cards. You boot it up using the card and it loads the new software. "This was done in the warehouses -- once the machines were sent out to the county, these updates were done just to make sure the machines were running correctly. I went over to Dekalb [County]. We updated 1800 machines in basically a day and a half. I still remember ol' Rusty, down at the warehouse, we ended up touching every single machine off the pallet, booting 'em up, update it, we had a couple hundred machines done when in comes a new update over the phone. Harris: "You mean you used a modem or they called you on the phone?" Behler: "No. A phone call. They'd say 'Oh no no, the way we had you do, that's not going to work, here's another thing to do. Okay, we just did a few hundred machines, now we gotta do it this way -- But we got it done. Harris: "Did you personally ever download anything at all from the FTP site?" Behler: [it was] mostly James. Harris: "Did you work for Diebold, or James Rellinger?" Behler: "I worked for ABSS. So did James." Harris: "What about the rob-georgia file?" Behler: "I think they put it out there for me when we were doing the Dekalb thing, but I was busy managing the whole crew so, I had my laptop out, and one of the engineers used my laptop -- or maybe it was James -- one of them had to go in and get it from the FTP, put it on a card, make copies of the cards and then we used them to update the machines." Harris: "So one of the people downloaded the patch and then made copies of it?" Behler: "They use my laptop. It was not secure, either. They just used the laptop to repro the cards. Diebold never gave us anything with a PCMCIA slot, then they'd tell us, 'Go download this,' so we'd have to get out our own laptop to do it." Harris: "Who instructed you about the FTP site? Was it a Diebold employee?" Behler: "It was Diebold." Harris: "Was it the people in Ohio or the people in Texas?" Behler: "The people in McKinney [Texas]." Harris: "Who were some of the Diebold people? Do you remember any names?" Behler: "Ian. I remember one of the guys, Ian, I can't remember his last name. One of the main guys we dealt with was a guy named Ian. He was actually involved in the design of the motherboard. He was very much involved in trying to figure out how to fix the problems. So they sent us upgrades, but then after we did it KSU still failed a ton of machines." Harris: "As I understand it, they send the system to Wyle labs for certification, and also to Ciber to test the software. But from what you are describing, I can't understand how the machines got through what they are telling us is 'rigorous testing.'" Behler: "From what I understand they ended up figuring out that the cards that we were loading that fix that Diebold provided for us, well they were never tested, they just said 'Oh here's the problem, go ahead and fix it.' Harris: "So what is your opinion about the certification testing?" Behler: "No, it's not just that. NOBODY even tested it! When I found that out -- I mean you can't not test a fix -- I worked for a billing company, and if I'd put a fix on that wasn't tested I'd have gotten FIRED! You have to make sure whatever fix you did didn't break something else. But they didn't even TEST the fixes before they told us to install them. "Look, we're doing this and 50-60 percent of the machines are still freezing up! Turn it on, get one result. Turn it off and next time you turn it on you get a different result. Six times, you'd get six different results." Harris: "Can you give me an example of different results?" Behler: "Meaning the machine does something wrong different each time you boot it up. One time and it would freeze on you, next time it would load the GEMS program but have a completely different type of error, like there'd be a gray box sitting in the middle of it, or you couldn't use a field." Harris: "Was this all due to the clock?" Behler: "I don't know for sure. They [the machines] were not originally doing it. Then they fixed the real time clock, and it was supposed to make it work normal. It fixed the clock problem -- the clock problem had caused it to come up and not show the battery at one point. It was supposed to say either 'low battery,' 'high battery' or 'charging.' But when the real time clock was messed up, you'd boot the machine and it would say 'No battery!' I mean, you don't have the machine plugged in, you boot it up, and it starts, and says it 'has no battery.' That's like saying, 'this morning I got out of bed and I stood up and I had no brain.' "And that's how they ended up finding it, the problem. What it was doing was it was checking for the right time, and kept going back trying to get a better time, and while it was doing that, it was supposed to get the battery status but it was still busy trying to get the time. "And then when we loaded the software to fix that, the machines were still acting RIDICULOUS! "I was saying, 'This is not good! We need some people that know what this stuff is supposed to do, from McKinney, NOW! These machines, nobody knows what they're doing but Diebold, you need some people to fix them that know what's going on! They finally brought in guys, they ended up bringing in about 4 people. "When they left, they still did not know why it was still sporadic. My understanding is, after I was dismissed, they came back the following week. That's when they figured out what the real problem was. But they'd already had us do their 'upgrade' on thousands of machines by then." Harris: "How did this work? Did Dr. Brit Williams get the machines first and do acceptance testing, or did you guys get them first?" Behler: "When the machines came in, they came to us first. They were in the warehouse. We assembled them. They'd come in a box with a touchscreen, and another box with the booth. We assembled the machine and we ran it though series of tests. We'd check the power cord, boot up the machine, check the printer, bar code it, update Windows CE, then send it on to Brit. He did the KSU testing the L&A [Logic & Accuracy] was done at the county level, right before the election." Harris: "So…the L&A was not done at acceptance testing?" Behler: "It got so there wasn't time. They did it before the election." Harris: "How long does it take to do a Logic & Accuracy test? Doesn't it take like, 15 minutes per machine?" Behler: "When we did the updates in Dekalb, they kept saying it would take a really long time. But they don't think about the different overlapping things. You can update a bunch of machines simultaneously. Same thing with an L&A test. You have a whole group of cards, they have to touch every machine. What we had done before, we had 10 material handlers throw the machines up there, use the key to open it up, stick 10 cards in, boot 'em all up which installs the patch." Harris: "But what about the L&A testing?" Behler: "The L&A testing -- You would just enter, like, one vote and -- you just choose one -- you don't need to be specific on which one. When they did this L&A testing, that's when they did the FINAL update to the software." ... Harris: "So the touchscreens came and had to be assembled?" Behler: "Of course you have to have the touchscreens assembled in the warehouse, and do some testing. It turned out that there were a lot of problems that needed to be dealt with, and they simply weren't dealing with them." Harris: "How long did you work there?" Behler: "They let me go only one month into it. The Project Manager let me go. He didn't like my management style. I'm very matter of fact. If this is wrong, fix it. I'm a simple person -- if something is broke, do you stand around and talk about why its broke for a month, or do you solve the problem?" Harris: "After your experience with Diebold, how confident are you that the machines count votes accurately?" Behler: "If you were to ask me to tell you how accurate I thought the vote count was, I'd have to say 'no comment' because after what I saw, I have an inherent distrust of the machines. "I was absolutely astounded that they functioned at all in the election. Here's me, I'm at the polling place looking around, waiting for someone to get frustrated... "I took this because of James, who is my friend, and because I'm A-plus certified. But when I came in there was a bunch of internal bickering. They had no inventory control in the warehouse. I guarantee you that the state of Georgia can't accurately reflect where each machine is. "Diebold was impressed with what I accomplished, and asked me if I was available for some other states they'd be doing... "The problem, what they were doing with the inventory on the machine was this: Inside the case is the serial number. They would hand write the serial number on a post-it, stick it to the front of the machine, and there would be a sheet hand-written from that list. Now, you've got 20 machines sitting on a pallet. The guy making the list would look at the post-its and he'd record all the post-it numbers on a list. Look, if you're writing numbers by hand, twice, by two different people, there is a real good chance you'll transpose some numbers. Then, they used the list for bar codes, but I would say probably 1-2% of the machines are incorrectly bar coded. They couldn't track them in the Access database, because they'd punch in and it would say 'that number's already been used.' Then they'd check the machines, and they had the right number, so the wrong bar code was sitting on some machine that had already been shipped out to the counties. "Ironically, they would send a spreadsheet of all the numbers of the machines that they shipped straight from the factory. This was from the same computer that generated the labels. They had copies of it all along. I said, 'Hey guys, if you check these when they come in the door you'll never miss a label.'" "I was very down on Diebold, because they were very sluggish and didn't move well. I worked there from mid-june to mid-july. The whole time they were upgrading the software and doing some sort of fix to it. This was supposed to be prior to KSU testing." Harris: "What about the program patches begun in August?" Behler: "Aug 20, they started to put these teams together and go out and update the machines. You have to understand that the patching all started when I did the first quality check that Saturday. They'd never have done it. They had shipped us 6,000 machines and NO ONE had ever done a quality check. I'd come in on a Saturday, I had two of my sons with me, and I thought I'm going to just look. And it was bad. "Then first thing Monday morning I raised the question, I said, 'Hey guys, we've got a problem -- there's 20-25% of the machines that are palletized that are failing, and then they had a new update come out and I was doing an update, and then they sent a new one. I updated a whole bunch of machines. Then they finished about the time I left. But later they put in another one, I guess. In August. "You've gotta go take care of this JS [junk shit] equipment, I told them. Finally, I raised it as high as you go, I raised it to Bob Urosevich, he's the head of it. I told him personally, 'This is bad, I don't see us putting an election on with these machines!' "That's where they finally assembeld the teams. They got some big ol' vans we loaded up as many people as could fit in. "They were actually swapping parts out of these machines that were on site. They'd cannibalize a machine with a bad printer or whatever, they'd grab the screen off of that to put on another machine with a failing screen, they'd retest it. They were not just breaking them down, they were taking pieces off and putting it back together. "Even the machines that are updated, that had the right release of the software, exactly like the company wanted it, you'd boot it up and all kinds of crazy things would happen. That led to my belief that when voting took place, there would be problems." Harris: "Do you remember what release number it was? What version of GEMS?" Behler: "Release -- I don't remember the number because what they did was it was always the date. I had to take it to the level of these testers, they knew that the machine either did pass the test or didn't. We'd check the date to make sure it was the right version. "The date was…let me see…June 28. No, the last one, the date that was supposed to be on there was July 5. (Note: a patch labeled Georgia062802.zip is on the ftp site, and when you review it, you will see that it contains much more than just the "Windows updates" claimed by Georgia officials.) "There was about three updates, the CE software, the date that would come up would be the last. After that they came up with another fix, that's the August one at that point. "I told Darryl Graves, the Project Manager, I told everyone at Diebold, 'I have zero confidence in the ability of these machines to perform.' Harris: "I understand that they go through Wyle testing labs and so forth. How in the world do so many critical errors get through certification?" Behler: "When I was handling these machines, they were coming straight from a factory in North Carolina. That's where the actual touch screen was manufactured. Booths came out of California. We assembled the booth with the machine. That's all I know." Harris: "What do you know about the ROM chip, or whatever?" Behler: "There's the eprom, or the flash as they call it. A lot of the fixes they did they could do in the flash memory. "If they said they tested it I'm going to tell you right now the software that I installed on the machine myself, they found out that that was NEVER tested. Okay, I don't want to get other people involved, but you should talk to Rellinger. "Anyway, that they had never tested it, that made complete sense to me, watching what was going on. "This is an example we did: We would plug it in, boot it 3 times, unplug it, boot it three more times. I wrote a sheet on this. This guy came in from McKinney, he was about the second in command. He's a good friend of Bob Urosevich. About second to Bob, at least now, he got a promotion. Greg? Something like that. He flew in and I went to Dekalb and I tested and together we went through, and we wrote down every single error, and he booted them himself, and was looking at the results and seeing how sporadic they were. and we found out of the machines we tested, about 75% of the machines had different sporadic things. He was working with me and we were writing them down, we literally wrote everything down." Harris: "Do you have a copy of that?" Behler: "I don't think I have it. I have some email. I'd have to look. I know we came back and he copied it and he -- Greg Lowe (spelling?) is his name. I drove him out there. Brit was there, KSU was doing their testing. They were bombing these machines out left and right." "I'm telling him, 'They're all like this.' At this time I was working 150 hours in 2 weeks I was there all the time with these machines, that's the reality of it. The techs were working overtime trying to fix them. We couldn't get enough from the factory because so many were bad. You'd get a shipment of 300, but 75 were bad, they couldn't put them out fast enough to replace all the defects. "It was the software, not the hardware, that's where the problem was. "If they're telling you they tested that, well they did NOT test the fixes that they did to the windows CE software. Harris: "Do you know who was writing the fixes?" Behler: "He had a weird name. He came out of Canada." Harris: "Guy Lancaster? Josh …Talbot Iredale?" Behler: "That's it! Talbot Iredale would actually fix it and say, 'Oh, here's the problem,' and stick it on the FTP site we'd grab it stick it on the card and make a bunch of copies and use it." (NOTE: You'll see the initials "tri" in the source code files. Talbot R. Iredale is one of the main programmers, and has been a stockholder.) Harris: "So you took the patches right off the FTP site and installed them on the machines?" Behler: "That's what we did, he'd FTP it, and tell us to grab it, we'd put it on a laptop, copy it and when you boot the machine -- it's just like a computer that looks at the "A" drive -- these machines look at the card and then erase the flash, reprogram with whatever they said needed to be fixed -- I say, erase it and reprogram it with crap -- and then the whole thing would start all over again. "My understanding was that they figured out what was conflicting and James told me that Tab, well the team that came out after I left, they figured out what was going on, they figured out that when they fixed the real time clock problem they had never tested their fix. "The only people that that cost was Diebold, who had to pay all kinds of extra expenses. The rumor around the office was that Diebold lost maybe $10 million on the Georgia thing. I mean, they only sold the machines for what, $2,000, or $2,500, and then you have to build them and then you're paying people $30 an hour and you are out touching 22,000 machines FOUR TIMES -- there's no way they didn't lose money on this deal. Behler: "You know one of the main things that really just made me so upset, they were just like, 'This Brit guy, don't even speak to him, it's a political game, you've gotta play the politics.' Well, he walks in and says 'What are you guys doing?' I said, 'We're putting in an update.' He said, 'Will it change what it does?' We said, 'Just do your normal test, we're supposed to get the machines ready for you.' He tells someone at the office and they freaked out. They were like, 'What the heck are you doing???' "I wasn't supposed to talk to him at all, I guess. The guy had a flannel shirt on, he was kicking it and he was very genuine and open and there we are in the same room together, but because I actually spoke to him I got reprimanded. They said, 'If they ask you any question, you gotta say 'Talk to Norma, to one of us.'' "And then you know, ironically, later on right before I exited, they were scrambling for a date, they were trying to get us, the teams, into Fulton County to do Fulton County's 1,900 machines. "They were in the most horrific spot. The place they warehoused them was like 1900 machines in a little office space, there was no way we could get at them. The machines are like 58 pounds, and they had to bring them in unstack them off the pallet, restack on the pallet, talk about labor, talk about wasted money! It's like a warehouse and offices off 75, in Atlanta, I'm talking to this guy he's a great guy, he's from Fulton County. Him and I were scheduling this, figuring it out how to get to these machines and do the update before KSU has to test them. We cannot be doing this at same time as KSU because there was NO ROOM for that. Brit had been down there, he knew this. I'm talking to the Fulton County guy. He opens this one last door and here's this huge giant empty warehouse. Why didn't they put the machines out here? He says, 'Well you see over there's these boxes of county material, you can't be out here because there may be some sensitive stuff in these files. They don't want anybody near 'em. His name was Barney, the only Barney I've met who's black. He said, "Yeah, they were talking about putting a fence out here." "We could just get all the testing done at once, I thought. Whatever. Maybe someone could just get a security guard to watch us and make sure we don't get into the boxes. I go back to the office. Brit was there, and he says 'What's it look like for Fulton?' I said 'There's no way were going to able to get to Fulton County by Thursday.' I said we could probably be out there by Friday or Saturday. He said 'There's no way we can do it at the same time, you know that.' Behler: "I think a lot of the problems they had ---- I've worked in billing software, and it's common to have this little thing wrong -- a simple little hardware change, you have to put some little line of code in Windows CE to make it work better. But the thing that blew me away was when I'm told me they'd NEVER TESTED THE FIX. "They produced it and got it to us in 24-48 hours. If I'd known they hadn't tested it I simply wouldn't have installed it! My background tells me that's a no-no. "I went into this Diebold thing with no real knowledge of the voting industry. When I left, I not only had a complete grasp, but I had a complete disrespect for these machines. "And with the folks in the office who were so -- you know, 'I'm the political person, you have to know how the system works' -- they were so much more concerned about their own self importance, they were losing track of DO THE MACHINES COUNT THE VOTE PROPERLY! "Because that's what the people in Georgia need. And I'm one of them!" Harris: "Who are some of the names working in that office?" Behler: "Norma Lyons and Wes Craven -- they're from Diebold, and Keith Long. Norma and Wes live in George, Keith was in Maryland before, then here, I think. "They sat in the weekly meetings on Monday. Norma had been a county worker doing voting for 10 years. She knew all these people in several counties. She was the liason between Diebold and the counties. They [Diebold] would tell you something important, and she may or may not tell you because she wouldn't know how important it was. "Wes was the kind of guy who needs to work for Sprint or a big company..." Harris: "How secure were the machines, from what you saw?" Behler: "I'll tell you something else -- we didn't have badges -- people could just walk right in and get to the machines." Harris: "And that FTP site, anybody could walk right into it also. Even Diebold's competitors." Behler: "Anybody who's in voting, you leave one company you go over there. Ooh yeah, we'll take you on. Someone comes in and says, 'By the way, I uploaded the source code, want to grab it?'" Harris: "Were there any protections to keep you from duplicating memory cards, or to have them serial numbered or whatever?" Behler: "The memory cards, you can just duplicate them. You have to have the proper info on the card, for the machine to boot up, but you can just make copies of the cards." Harris: "Were there any passwords on those FTP files?" Behler: "No." Harris: "Any passwords on the files themselves? Or the site?" Behler: "What we got never had passwords. You just pick it up and use it." Harris: "Do you still have any records?" Behler: "Emails. And James downloaded to his personal laptop, it's probably still on his. And probably still on mine too. Diebold didn't provide us with anything with a PCMCIA slot so we had to use our own laptops to transfer the files when they told us to. Harris: "When I asked Diebold if there was anyone named Rob in Georgia, they said no. Did they know about you?" Behler: "They knew me and they knew me well. I met Bob Urosevich a couple different times, and Ian, and then Greg Lowe, he got promoted to like almost the DFO, he was basically Bob's right hand man." "If you would have realized the scolding I got for actually speaking to Brit. The whole quality control issue, I kept having to remind them, I'm the one that pointed this out -- we want this to be right -- my goal is to just get it fixed and move on. ... Harris: "Do you think anybody could have tampered with a machine, if they wanted to?" Behler: "Well, when we did the quality control check we'd open it up, they have a little box for the printer. We would find the key still in the printer. Someone could literally take that. We found cards left in the machine. I wondered what would happen if the wrong person got it." Harris: "I understand they did a big demonstration during the summer, with the machines." Behler: "I was there when they told me I needed 1100 machines for a demo. I thought, 'The trick is coming up with 1100 machines that actually work. # # ENDS # # <http://www.blackboxvoting.com>http://www.blackboxvoting.com ** The email version of this report was distributed on Scoop's Sludge Report list. ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. ------------------------------------------------------------------------- To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ Like Politech? Make a donation here: http://www.politechbot.com/donate/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Jul 10 2003 - 09:02:31 PDT