DIEB-THROAT : 'Diebold System One of Greatest Threats Democracy Has Ever Known'
Identifies U.S. Homeland Security 'Cyber Alert' Prior to '04 Election Warning Votes Can be 'Modified Remotely' via 'Undocumented Backdoor' in Central Tabulator Software!
By Brad Friedman on 9/15/2005, 11:05am PT  

In exclusive stunning admissions to The BRAD BLOG some 11 months after the 2004 Presidential Election, a "Diebold Insider" is now finally speaking out for the first time about the alarming security flaws within Diebold, Inc's electronic voting systems, software and machinery. The source is acknowledging that the company's "upper management" --- as well as "top government officials" --- were keenly aware of the "undocumented backdoor" in Diebold's main "GEM Central Tabulator" software well prior to the 2004 election. A branch of the Federal Government even posted a security warning on the Internet.

Pointing to a little-noticed "Cyber Security Alert" issued by the United States Computer Emergency Readiness Team (US-CERT), a division of the U.S. Department of Homeland Security, the source inside Diebold --- who "for the time being" is requesting anonymity due to a continuing sensitive relationship with the company --- is charging that Diebold's technicians, including at least one of its lead programmers, knew about the security flaw and that the company instructed them to keep quiet about it.

"Diebold threatened violators with immediate dismissal," the insider, who we'll call DIEB-THROAT, explained recently to The BRAD BLOG via email. "In 2005, after one newly hired member of Diebold's technical staff pointed out the security flaw, he was criticized and isolated."

In phone interviews, DIEB-THROAT confirmed that the matters were well known within the company, but that a "culture of fear" had been developed to assure that employees, including technicians, vendors and programmers kept those issues to themselves.

The "Cyber Security Alert" from US-CERT was issued in late August of 2004 and is still available online via the US-CERT website. The alert warns that "A vulnerability exists due to an undocumented backdoor account, which could [sic: allow] a local or remote authenticated malicious user [sic: to] modify votes."

The alert, assessed to be of "MEDIUM" risk on the US-CERT security bulletin, goes on to add that there is "No workaround or patch available at time of publishing."

"Diebold's upper management was aware of access to the voter file defect before the 2004 election - but did nothing to correct it," the source explained.

A "MEDIUM" risk vulnerability cyber alert is described on the US-CERT site as: "one that will allow an intruder immediate access to a system with less than privileged access. Such vulnerability will allow the intruder the opportunity to continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server configuration error that allows an intruder to capture the password file."

DIEB-THROAT claims that, though the Federal Government knew about this documented flaw, originally discovered and reported by BlackBoxVoting.org in August of 2004, they did nothing about it.

"I believe that top Government officials had an understanding with top Diebold officials to look the other way," the source explained, "because Diebold was their ace in the hole."...

But even DIEB-THROAT --- who says "we were brainwashed" by the company to believe such concerns about security were nonsense --- was surprised to learn that an arm of the U.S. Department of Homeland Security was well aware of this flaw, and concerned enough about it to issue a public alert prior to the election last year.

"I was aware of the Diebold security flaw and had heard about the Homeland Security Cyber Alert Threat Assessment website, so I went there and 'bingo,' there it was in black and white," the source wrote. "It blew me away because it showed that DHS, headed by a Cabinet level George Bush loyalist, was very aware of the 'threat' of someone changing votes in the Diebold Central Tabulator. The question is, why wasn't something done about it before the election?"

The CEO of North Canton, Ohio-based Diebold, Inc., Walden O'Dell has been oft-quoted for his 2003 Republican fund-raiser promise to help "Ohio deliver its electoral votes to the president next year." O'Dell himself was a high-level contributor to the Bush/Cheney '04 campaign as well as many other Republican causes.

"A very serious problem...one malicious person can change the outcome of any Diebold election"

The voting company insider, who has also served as a spokesperson for the company in various capacities over recent years, admits that the "real danger" of this security vulnerability could have easily been exploited by a malicious user or an insider through remote access.

"I have seen these systems connected to phone lines dozens of times with users gaining remote access," said DIEB-THROAT. "What I think we have here is a very serious problem. Remote access using phone lines eliminates any need for a conspiracy of hundreds to alter the outcome of an election. Diebold has held onto this theory [publicly] for years, but Diebold has lied and has put national elections at risk. Remote access using this backdoor means that one malicious person can change the outcome of any Diebold election."

The ability to connect to the system remotely by phone lines and the apparent lack of interest by Diebold to correct the serious security issue in a timely manner --- or at all --- would seem to be at odds with at least one of their Press Releases touting their voting hardware and software.

In an October 31, 2003 Press Release as part of a publicity blitz to "sell" the new voting machines to the voters in the state of Maryland, Diebold Election Systems President Thomas W. Swidarski is quoted as follows in a section titled "Security Is Key":

Diebold has fine-tuned its computerized system so that it meets stringent security requirements. "We have independent verification that the Diebold voting system provides an unprecedented level of election security. This is crucial to maintaining the integrity of the entire voting process," Swidarski added.

Attempts by The BRAD BLOG to get comment from Swidarski were passed to one of the Vice-Presidents at Diebold who has not returned our voice mail message.

We did, however, hear back from Diebold Spokesperson David Bear of the PR firm Public Strategies. He was referred to us by several different Diebold offices as "the man to discuss voting machine issues with."

Bear claimed to have never heard of the Cyber Alert issued by US-CERT and when told of it, refused to acknowledge it as anything more than "an unverified allegation."

"One of the greatest threats our democracy has ever known"

Our source expressed emphatically that future democratic elections in the United States are at stake and feels that the problem will not be corrected until Congressional action forces the company to do so.

"In my opinion Diebold's election system is one of the greatest threats our democracy has ever known, and the only way this will be exposed is with a Congressional investigation with subpoenas of not just Diebold officials but Diebold technicians."

If our experience in discussing the matter with Bear, the man Diebold referred us to for all matters concerning voting machines, is any indication, then DIEB-THROAT may be correct. Even a Cyber Alert Bulletin issued by an official arm of the U.S. Department of Homeland Security more than a year ago was not enough to phase Diebold. At least not enough to even inform their public spokesperson about the matter, apparently.

"I don't know anything about it," Bear claimed when we asked about the Cyber Alert, and he refused to acknowledge there were any security concerns about Diebold's Voting Machines or its GEMS Central Tabulator software.

Over and over, by rote, he repeated in response to our questions: "The GEMS software has been used in hundreds of elections and there's never been a security issue."

Bear says that "Diebold machines have never lost a single vote," but beyond that could not speak to the vulnerability issue since, he said, "I don't know what vulnerability they're referencing."

We sent the link to the US-CERT Cyber Alert to Bear, but have not yet heard back from about it. He did, however, send us a copy of the well-worn Caltech/Massachusetts Institute of Technology report [PDF] analyzing the 2004 Presidential Election which, Bear pointed out in his Email, "concludes that the most improvement [in vote-counting and integrity over 2000] occurred when counties/states changed to touch screen systems."

DIEB-THROAT was taken aback, but not wholly surprised, when we shared the comments from Bear denying knowledge of the "backdoor" security vulnerability in the GEMS software and his contention that there was nothing more than "allegations."

The vulnerability, and the ability to "manipulate votes" occurs because the GEMS software uses the public Microsoft Access database software to store vote totals in a separate data file. And, as DIEB-THROAT explained, Access is "full of holes. There are so many ways to get into it."

Because GEMS uses the Access database, "you can enter and manipulate the file without even entering into GEMS," our source said in response ot Bear's denials.

"GEMS sits on top of this database and it pretty much feeds information down to the database from GEMS. It's almost like you're on the first floor of your house and all of your operating equipment is in the basement so that anything that happens on the first floor ends up downstairs. Well, downstairs has a wide open door to it. So we're dumping all the votes downstairs and that's wide open to the rest of the computer system."

"A culture of fear"

In trying to understand why the U.S. Homeland Security Department's Cyber Alert didn't force Diebold to make fixes, patches or corrections quickly available for their software prior to --- or even since --- the '04 election, DIEB-THROAT repeated over and over that Diebold was simply "not concerned about security".

"They don't have security solutions. They don't want them...They leave security policy issues up to the states. They've known about this for some time. They don't really care," the source said, comparing the security flaw to "leaving the front door at Fort Knox open." It's just "blatant sloppiness and they don't care."

The versions of the GEMS Central Tabulation software listed on the US-CERT site are 1.17.7 and 1.18 and DIEB-THROAT says the same versions of the same software are still in use by States around the country and haven't had any fixes or patches applied to correct the problem.

Diebold spokesman, Bear, was unable to confirm whether or not Diebold had updated its GEMS software in any way since the US-CERT Cyber Alert was released telling us only that "There's different versions of the software for different needs" and that he didn't know if patches, fixes or corrections were ever released by the company.

"There's always an evolution," Bear said. "Before any software can be used it's federally qualified and then certified by the states...Where different versions are running, I just don't know."

"They're still at that same version number," DIEB-THROAT said. "A lot of our customers still have it and there's not been any patch....They really don't care about this sort of thing. They really don't. People may find it hard to believe...in other words [the company says] 'we'll give you a machine to vote on and the rest is up to you."

"This is a very profit motivated company," the source continued, "they don't care what happens after the sale. Once they have the contract they've got the customer tied up pretty good."

Initially DIEB-THROAT claims to have been "brainwashed" by the pervasive "company line" at Diebold, that all of the talk about security concerns and the possibility that someone could hack the vote was the talk of "conspiracy theorists". Apparently that was --- and is still is --- "the company line." But after one of Diebold's head technicians who works out of their McKinney, Texas facility confirmed the gaping security hole in the software to our source, it was understood that these concerns were for real.

"Up until his confirmation, I had heard it through the grapevine, as rumors and such, but he confirmed it for me. The lead technician who worked on the software, who has a Phd in mathematics and so forth, was saying that 'this problem exists!'"

So why hasn't that technician, or anyone else from within the company spoken out until now?

"This is a culture of fear. Really. Only because we were good friends did [the head technician] confide in me that these were problems that needed to be fixed," DIEB-THROAT said.

"They all knew..."

In regards to possible remote access to the GEMS Central Tabulator by modem via phone lines, a way that hackers could easily and simply change the vote total information in the Access database, Diebold's official spokesman seemed to be similarly in denial even today.

When we asked Bear whether or not the Central Tabulator is still accessible via modem in their machines, he first denied that it's even possible, telling us "the Central Tabulator isn't accessable via modem."

When we pressed about whether or not there are still modem capabilities in the machines and software they sell, Bear admitted, "There is a modem capability, but it's up to a jurisdiction whether they wish to use it or not...I don't know of any jurisdiction that does that."

"Oh, boy. Such lies," DIEB-THROAT said in response. "There are several jurisdications that use [the modem capabilities] in the machines...Probably one of the most robust users of modems is Prince Georges County in Maryland. They've used it in every election. I believe they started in 2000. And Baltimore County used them in the November election in 2004. Fulton County and Dekalb County in Georgia may have used them in 2004 as well."

While we were unable to hear back in response to messages left with Election Officials at several of those offices prior to the publication of this article, a review of "Lessons Learned" after the November 2004 Election conducted by the Maryland state Board of Elections obtained by The BRAD BLOG, confirms that modems were used to access the GEMS Central Tabulator to send in information from precincts on Election Night.

We are still reviewing the complete document, but amongst the findings in the report is that "the GEMS system froze several times during heavy modem transmitting periods requiring the system to be rebooted, which generated delays and prohibited BOE from receiving polling places' transmissions."

As well, the report concludes, "Modem lines testing in polling place still problematic; need better coordination with school system."

It also says that "7% of voting units deployed failed on Election Day" and that an additional 5% "were suspect based on the number of votes captured." The BRAD BLOG hopes to have a follow-up article in the coming days which looks in more detail at the full Maryland state Board of Elections report and the alarming rate of failure for Diebold Touch-Screen voting machines.

When we asked our source if they had any evidence to show that the security flaw described by the U.S. Dept. of Homeland Security was actually exploited in the 2004 election, DIEB-THROAT told us only: "I wouldn't say I have evidence that it was exploited....only that it was known. To the feds, to state officials and to Diebold. They all knew. In spite of the gap they moved forward as normal...As if it didn't exist."

UPDATE 9/18/05: Here's a quick update with some follow-up, reaction and additional info and links posted to the net since the above article was published a few days ago.

To help support more reporting along these lines, please consider a DONATION TO THE BRAD BLOG. This is how I make my living these days --- or try to --- so your generous support means the world and makes it possible for me to continue. Thanks! - BF