We've now been able to gather a great deal of additional information concerning details about the story we first posted yesterday on the official Pennsylvania state warning issued about the new "security vulnerability" discovered in all Diebold touch-screen electronic voting machines.
That warning, which has now brought a lock-down on all Diebold systems in PA, where early absentee (non-machine) voting is about to begin prior to their upcoming May 16th primary election, was reported by the Morning Call yesterday. The warning says the serious security vulnerability could allow ''unauthorized software to be loaded on to the system."
Public details about the warning are still sketchy as those in the know have acknowledged that the problem is so serious, they are hoping to keep the info under wraps until mitigation steps can be taken to safeguard systems.
The BRAD BLOG has been told on the record, however, by one person involved in the matter, that the vulnerability is a "major national security risk."
We've been speaking to many sources today, and we've been able to get several first hand comments on the problem from top officials and analysts directly involved in both state and federal certification of the Diebold systems, as well as from those involved in the initial discovery of the problem.
What's clear is that Morning Call's reporting that it was Diebold who found the "glitch" are flat wrong. The discovery of the "glitch" (which is anything but) emanated from the examination of Diebold AccuVote TSx (touch-screen) machines recently in Emery County, UT.
A source has told The BRAD BLOG that Diebold was "cornered" into admitting to the problem, a far cry from them having "found" it, as the Morning Call characterized it.
What's also clear is that neither Diebold themselves, nor federal officials at the Elections Assistance Commission (EAC) have been notifying states about the serious problem which apparently affects all Diebold AccuVote touch-screen systems, including both their newer TSx models, and the older TS and TS6 models.
The Diebold TSx models, with the security vulnerability still intact, were apparently used in the primary election last Tuesday in Ohio.
A document at Diebold's website describes [PDF] the TSx models as featuring "Industry Leading Security."
In Utah's Emery County, state officials are attempting to force Bruce Funk, the 23-year elected County Clerk out of his job in the wake of his having allowed a security evaluation of the county's new Diebold touch-screen systems by both computer security firm Security Innovation and Finnish computer security expert Harri Hursti. According to several sources, that analysis revealed many new vulnerabilities and problems in the Diebold touch-screen systems, including the one that seems to be at the heart of the problem now being warned about by Pennsylvania officials.
Funk --- who has since been "vilified," as one source told us, by both Diebold and Utah state officials as high as the Lt. Governor --- was forced to implement the new Diebold touch-screen systems for the first time this year against his own objections. His prudent subsequent security evaluation of the systems was arranged by electronic voting watchdog organization, BlackBoxVoting.org. (We recently interviewed Funk on the radio concerning that evaluation, and his subsequent removal from office in its wake. Listen to that interview here [MP3].)
Here's some of what we've so far been able to learn from a number of officials, both on the record and off, in Pennsylvania, elsewhere around the country and at the federal level, as well as those involved in the initial Emery County discoveries...