As usual, we scooped everyone yesterday with our scintillating coverage of noted computer security expert/programmer Harri Hursti’s agreement to accept the challenge thrown down by Riverside County, California, Supervisor Jeff Stone to allow someone to come in an attempt to “manipulate” the county’s electronic voting equipment made by Sequoia Voting Systems.
The local media in Southern California, however, have now been fairly quick to jump into the game as well with several articles on the matter so far today. Their reports reveal that both the County Board of Supervisors and Sequoia, both as expected, are beginning to try and create some wiggle room to back out from the “thousand to one” bet Stone made publicly last week to local Election Integrity advocates.
Several national Election Integrity individuals and watchdog organization VelvetRevolution.us (VR) have staked $1000 on the bet and have helped to facilitate the participation of Hursti. None of the press coverage dealt with that point. [DISCLOSURE: The BRAD BLOG is a co-founder of VelvetRevolution.us and would be more than willing to discuss that aspect with any such media, if they wish. We can be reached here.]
Stone’s video-taped shot-from-the-hip “bet” to local advocate Maxine Ewig, allowing that he would arrange with a programmer to “set up an appointment with one of our machines and…verify that they can manipulate that machine,” was issued during a public meeting of the Board of Supervisors last week. (Streaming video of the exchange can be seen here, a text transcript is here.)
Stone also added, “And maybe we should bring the media in and let’s see if your programmer can manipulate that machine. My guess is that it is not gonna happen, but I’m willing to take a chance on that.”
Well, the “media” are “in” for the moment. Yet reports in the news today already indicate that the rest of Riverside County’s all-Republican 5-person Board of Supervisors and the voting machine company, Sequoia, may be less confident than Stone that their equipment can stand up to any actual independent security analysis such as one that Hursti would be likely bring.
For the record, our call to Stone yesterday for comment has still gone unreturned.
Press reports today reveal that both the board, the company — and even Stone — are already laying the groundwork for several “outs” for themselves. Anyone surprised? Let’s take a look…
CBS2 News jumped in with a piece late yesterday as based on the press release issued earlier in the day by the Election Integrity advocates from the SAVE R VOTE project announcing their acceptance of the challenge. The name of the specific hacker had not yet been publicly released at the time of the CBS story, and neither the county nor the company commented in the article, headlined “Group Accepts Voting Machine Hacking Challenge.”
The Californian ran this article today on both the Supervisors convening of a “Blue Ribbon” panel to investigate the many reported problems during the county’s recent election cycle (a separate issue, though one running concurrently to this one — no citizen advocates from SAVE R VOTE were named to the panel) and several points where the other Supervisors, Sequoia — and even Stone — begin to go wobbly….
…
It isn’t clear whether the panel would oversee a challenge — issued last week — over the terminals’ vulnerability to hackers. Responding to a member of Save R Vote, Stone said at the board’s Dec. 5 meeting that he would bet “a thousand to one” a computer expert wouldn’t be able to manipulate vote totals on one of the machines. He invited the group to bring in such an expert. [SAVE R VOTE member Tom] Courbat said Harri Hursti, a Finnish computer scientist who reportedly hacked into another manufacturer’s voting machines, has agreed to attempt the same in Riverside County. [ed note: The other manufacturer is Diebold, and it wasn’t “reportedly hacked,” it was done on video tape, widely confirmed internationally and featured live as it happened in the HBO documentary Hacking Democracy.] It wasn’t immediately clear whether the conditions here would be the same as in Hursti’s previous demonstrations. Stone said he expected the would-be hacker to step up to a terminal as a voter would do in a real election, without any visible tools.
Here Stone makes a move to create unrealistic ground rules, which Dr. Herbert F. Thompson of Security Innovation, a partner with Hurtsi in his confirmed Diebold hacks, says are simply not the way such testing is done. Since Stone, and everyone else paying attention, knows full well that the greatest threat to such systems is from insiders and that it’s unlikely any would-be hacker would simply “step up to a terminal as a voter would” with the intention of committing an election fraud felony without any advance preparation.
In fact, as Stone also well knows, his county sends such voting machines home, pre-programmed and election-ready, with pollworkers on “sleepovers” for days prior to the election. The opportunity for unsupervised access with such systems has been the subject of much controversy, and regulations — issued, in fact, in light of Hursti’s original Diebold hack in Leon County, Florida, late last year — both the state of California and the federal oversight bodies ruled that such unsupervised access to such voting machines is a grave breach of security. Riverside carries out such “sleepovers” anyway.
Back to the Californian coverage…
Also unclear is whether a demonstration would violate the contract between the county and Sequoia, said Michelle Shafer, a spokeswoman for Sequoia. It would depend on the conditions of the test, Shafer said.
“Our software has been certified and has gone through numerous rigorous tests,” Shafer said. “We’re not going to put ourselves out there with a group that is purported to have an agenda and already knows what outcome it wants.”
Of course, the “outcome” that any legitimate security analyst “wants” is to determine whether or not the system in question is secure. The process occurs by attempting to exploit security holes in the system. Of the “numerous rigorous tests” that Shafer speaks of, none of them — none of them — are independent security tests. All such testing is done, if at all, by either the companies themselves or the so-called “Independent Testing Authority” (ITA), a group of three companies, selected and paid for by the voting machine vendors, who look only at the things the vendors ask them to. They do not release the results of such testing to anybody but the company.
As to Stone’s comment about seeking approval from the Secretary of State, Riverside’s Board of Supervisors had been very close to the outgoing, discredited SoS Bruce McPherson. The incoming SoS, Debra Bowen, actually seems to give a damn about voting system security, so Riverside may need some speedy action from McP before he leaves office if they hope he might save them.
Finally, lots of wiggle room created by the responses from the other Supervisors in this article from today’s Press Enterprise (NOTE: there is more in the article on this than just the stuff we’re quoting below)…
VOTING MACHINES: Other supervisors distance themselves from Jeff Stone’s proposal.
…
Some supervisors questioned whether opening up the machine to a hacker was the right way to test it.
“This is not the time for stunts. Stunts are not going to be very helpful,” said Bob Buster, chairman of the Board of Supervisors.
Perhaps Mr. Buster should have mentioned that to Stone before his “stunt” last week. That said, we hardly see an independent “red team” type of security analysis, or “hack test,” to be a stunt. We’d call it “prudence” and “due dilligence.” The same type of prudence would be displayed by any company spending millions of dollars on the same type of mission-critical, high-security equipment. If they didn’t, and there was a breach of security, they’d be held accountable in a court of law. Unfortunately, public officials seem to feel they’re above that sort of responsible behavior and that nobody will hold them accountable. So far, for the most part, they have been right. Thus, they think they can get away this sort of bullshit.
“This will demonstrate the county’s open-mindedness,” he said.
Buster said the county should rely on state experts to test the machines with the right set of controls and in the right conditions.
While Supervisor Roy Wilson said he supported a thorough review of the machines’ accuracy, he expressed doubts about turning one over to a hacker.
“There has been no dialogue among the board members about (Stone’s) idea. It was a personal challenge made by Supervisor Stone at a public meeting,” Wilson said.
Supervisor Marion Ashley said he supports Stone’s view that the machines will stand up to a hacker, but he agreed that the board may need to vote to decide whether Stone’s challenge should be carried out.
“If these machines are vulnerable, we need to know,” Ashley said.
So there you have it for today. The five member board, it would appear, will set up an opportunity for them to vote on Stone’s offer.
It may get them out of the deal, though in the bargain it would demonstrate, in fact, that all of their bluster at last week’s meeting — and much bluster in the years prior — about having confidence in the security of their systems is little more than empty posturing.
If they had confidence in their system, this would be a no-brainer for them. As it is, they seem to be working their brains big time to figure out how to slither out of the deal. Let’s hope they stand up for the voters, as one might suggest Stone — accidentally or not — seems to have done so far, and that they allow the challenge to go forward.
Anyone want to place “a thousand to one” bet on it?
Can a voter walk up to a machine and hack it? That’s the Supervisor’s bet. Anything else is something else.
Once again the question comes up as to how does a voting ballot get to the polling place? Does it Miracle itself there? Do robots deliver them? I know most reponders don’t want the machine in the first place so they sidestep or “wobble” away from that question. If security is in place, the pollworker won’t let the device get hacked or ballots stolen. Don’t think for a moment that touchscreens are different than ballots. If the numbers don’t add up at the end of the night, they don’t add up. Election admins don’t need voters to rig a vote so why even bother with hacking? Just fix the numbers and add in fake votes.
Sounds to me like the ‘wobble’ is coming from the anti-election side.
Howdy again “Howdy”!
You are, of course, under no obligation to provide transparency as to who you are and how your previous comments seemed to provide inside knowledge about your (unspecified) county. But again, it would give your thoughts a bit more weight. Of course, you know who I am, as I have nothing to hide.
That said, in response to your comments:
Actually, no. The Supervisor’s bet was as follows (full transcript here)
So, whoever you’re working for, Howdy, you may need to come up with a new strategy for this.
In any case, since the greatest threat to election security comes from election official insiders (as many studies have pointed out, let me know if you need to go find them for you), and as Riverside county allows for unsupervised voting machine “sleepovers” with poll workers, there are all sorts of ways — beyond walking in and voting as you and Stone are now trying to wobble — with to defeat the security on these systems for a person who would like to.
Then you tried to sell this:
Yes. And if the queen had balls, she’d be the king. Why would you be willing to trust a pollworker when a single one can hack an entire election (also shown in several studies) and billions of dollars are usually at stake?
With that in mind, and with the knowledge I’m certain you have that defrauding paper requires a large conspiracy and is easily discoverable (unlike with electronic voting), I’ll point only to Yolo County, California’s Registrar of Voters Freddie Oakley, who wisely said when the question first came up about the security breaches inherent in “sleepovers” with electronic voting machines:
Got anything else, Howdy? You’re welcome to try again, of course.
Or, you could just stand up for the voters and for the transparency, verifiability and confidence required for democracy to survive in America.
Stone said he would put the item on a board agenda for a vote.
And, will they be using DREs on THAT vote?
Just curious.
… Brad said…
Or, you could just stand up for the voters and for the transparency, verifiability and confidence required for democracy to survive in America.
I suspect that such things aren’t in Howdy’s job description…
This statement by Michelle Shafer could be changed to read “
We’reWe’ve alreadynot going toput ourselves out there with a group (bush administration) thatis purported to havehad an agenda and alreadyknowsknew what outcome itwantswanted.”Yeah ,Brad and his readers are “anti-election”,LOL It amazes me that a few come on this blog thinking they are so smart and Brad and his readers are dumb.
“Howdy”? Why am I picturing a wooden dummy on someones’ lap?
If we were “anti-election,” voting integrity advocates would just stay home and not vote like most Americans. But we are actually pro-election and insist on the accuracy, security and transparency of our election system. When supervisors make idiotic challenges they can’t honor, you know the decision-makers are clueless. Elections belong to the people, not private companies and not elected officials.
BTW, since “Howdy” refused to provide transparency here, I’ll offer a bit. “Howdy” works for Santa Cruz County. Where they use Sequoia voting systems as well. Just in case you’re wondering why she’s pointing towards the Santa Cruz links and jumping in to defend the use of Sequoia on these threads.
Wanna invite Hursti up to Santa Cruz, Howdy?
Howdy, say Howdy to Hursti…Hursti, say Howdy to Howdy.
Ah. Then such things as “the transparency, verifiability and confidence required for democracy to survive in America” are definitely not in Howdy’s job description…
Hot dang, I gotta figure out how to make money by puttin’ dumb arguments on Blogs. I missed the gravy train somewhere!
OT,
An opportunity to thank Bob Ney for the HAVA-ell-of-a mess we are in with these god forsaken EVM’s,
snip:
Write a letter on behalf of Bob Ney.Ney’s lawyers are encouraging the former lawmaker’s friends to write letters to Judge Ellen Segal Huvelle, letting her know “your feelings about Bob’s character, his work for his constituents in Ohio, his work on national issues, his integrity, his dedication to public service.” Ney has pleaded guilty to “performing official acts for lobbyists in exchange for campaign contributions, expensive meals, luxury travel and skybox sports tickets” and his sentencing hearing is set for Jan. 19.
:end snip
Source:Link
Info for a Bob Ney letter to sentencing judge attesting to Ney’s character to influence his jail sentencing term/duration,..
======
Judge:
Judge Ellen Segal Huvelle
Link
=====
mailing:
UNITED STATES DISTRICT COURT
FOR THE DISTRICT OF COLUMBIA
333 Constitution Ave., NW
Washington, DC 20001
Link
Howdy is just doing her Doody. 🙂
Truth Is All: Mr. stats man, please post how many states have a GOP gov/state house/state senate, AND a Dem senator. Then post, what are the odds that THAT Dem senator would be incapacitated by a “mysterious” ailment, and would have a GOP replacement senator fill out his term, giving CHENEY the tie-breaking senate vote AND taking away the Dem majority in congress…please post these numbers, if you can.
Now we all need to crank up the pressure on them. We have them on tape saying they are SO confident their machines are safe they are willing to take a chance. Now suddenly, their bluff has been called and they are making all kinds of excuses and questionnig the motives of others?
THey need to be called on what they are…liars. THe only reason to back down is that THEY KNOW these machines can be altered. Otherwise why would they be so cocky and then worried? Instead of rebutting their claims, which will take forever as new ones continually come out. We need to flat out say, if they are so certain the machines are secure, then why are they so afraid. If they were so certain as to issue a challenge, then why are they backing down and hiding when the challenge is answered?
Big Dan #13, I’m thinking the same way.
I wonder if the voting is the only thing to worry about? The dems are in danger of losing the majority because one of them has suddenly become gravely ill.
The cause is not known for sure … time for an investigation a la the poisoned russian spy?
If the dems lose power the hope for better machines is going to fade some.
Big Dan…not BiBiDan…sorry…
Now they’re saying that Tim Johnson did NOT have a stroke…then what was it??? Ever hear of someone getting incapacitated…mysteriously/immediately/instantly… NOT from a stroke? What was it, then?
Dredd: My point is, what are the odds, now that it’s not a stroke, that a DEM senator in a state with e GOP gov/senate/house…AND a 1 person Dem lead in the Senate…AND Cheney gets the tie breaking vote if this SD GOP-dominated state nominates a GOP replacement…WHAT ARE THE ODDS OF THAT??? CHRIST!!!
Here’s my point: We KNOW they are stealing elections in front of our faces. I, personally believe there’s more to 9/11 than the official govt story, we KNOW the media is in cahoots with all of this…THEN this happens? Wouldn’t this stop the Dems from chairing all the Senate committees? How convenient! I’m dying to know exactly what happened to Tim Johnson.
…while hijacking a thread…sorry Brad!
Watch out — you might soon realize that hijacking a blog thread is being redefined by Bushies as akin to terrorism and then find yourself on a direct, nonstop CIA rendition flight to the same ‘hotel’ where Sen. Johnson is staying.
Seriously though, the first thing I told someone after hearing of the ‘stroke’ was, ‘Did the Bush people do it? Did they have the capability and is the governor of his state a Republican’?
If Bush is involved in this in any way then it’s far beyond ‘hardball’ politics and well into criminality. Of course, many of us believe he’s working hard to be the century’s greatest criminal and has to get a lot under his belt because there’s so much time left for some other nut to try and outdo him.
Bush seems to be using political theory from the 1400s and follows policies of “Uncle Joe” Josef Stalin.
To make it short, yes: there are a variety of ways to induce “stroke-like” symptoms, including means direct, means indirect, and, theoretically, at a distance.
But… reality check: all of these means would leave traces, (yes, even the fabled radar projector) and these traces would not have been missed.
Second reality check: Aging senators have strokes… and the timing is never convenient from their point of view.
But it will be difficult forv folks to disconnect concerns for him from concern for the effects of this on his office at this time. Sadly, this includes me.
I do wish him a full recovery, both for his sake… and for the sake of this country.
Here’s the point: the point is that we do not trust anything we hear in the CMSM since the year 2000…that’s pretty damn bad state of things in this country!!! I question EVERYTHING I hear in the CMSM anymore, for the REST OF MY LIFE!!!!!!!!!
How about this funny little election? Ready?
Ohio House CD 02
Winner’s margin: 1.059%, 2,517 votes
*Jeannette H. “Jean” Schmidt (I) Republican 120,112 50.53% $2,084,984
Victoria Wells Wulsin Democratic 117,595 49.47% $1,085,800
Totals 237,707 100.00% $3,170,784
51% TO 49% AGAIN FOR SCHMIDT!!!!!!!!
HOW MANY 51%-49% CD-02-OH SCHMIDT VICTORIES BEFORE THEY START THROWING PEOPLE IN THE F***ING SLAMMER???? I ASK OF THEE?????????????????
I already have a bet in Vegas for the 2008 CD-02-OH election: READY???
SCHMIDT 51%, OPPONENT 49%…WHADDYA TINK ‘BOUT DEM APPLES?????????????? I’m at least going to make some steamers off this very predictable district!!!!!!!!!!!!
Uh, “Howdy”, you’re not supposed to need to trust pollworkers. In a paper ballot system, there are supposed to be pollworkers from at least two different parties (Republican and Democratic) observing the ballot box at all times: the idea is that if one tries to commit fraud, the other will catch and stop them. That’s why pollworkers can’t stuff the ballot box, and it’s the only reason.
Sending a voting machine home with a single pollworker is unconscionable — it’s just like sending the locked ballot box home with a single pollworker, and trusting them to bring back the ballot box back empty on election day (rather than *verifying* that the box is empty on election day). Obviously a dishonest poll worker would stuff the box first, and just as obviously a dishonest poll worker would hack the machine first.
If I were going to be the head of the ethics committee this year, I would probably have a stroke too just trying to keep things straight, but I can’t get over how many times the Republicans have things mysteriously go in their favor. And don’t tell me you aren’t delighted this guy is suffering, you thugs!